Privacy Policy

Last updated: Tháng 5 4, 2026

Princess Treatment (“we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, share, and protect personal and health information when you visit our website, book an appointment, or receive services from one of our licensed providers.

1. Information We Collect

Information you give us

• Account & booking details: name, email address, phone number, mailing address, date of birth, emergency contact.
• Health information: medical history, current medications, allergies, prior aesthetic treatments, photos of treatment areas, and any information you share during a consultation. This data is treated as Protected Health Information (PHI) under applicable health privacy laws.
• Payment information: billing address and the last four digits of your payment card. Full card numbers are processed by our PCI-compliant payment processor and never stored on our servers.
• Communications: messages you send us via email, contact form, SMS, or chat.

Information collected automatically

• Device, browser, IP address, pages viewed, referring URL, and approximate location (derived from IP).
• Cookies and similar technologies — see Section 7.

2. How We Use Your Information

We use your information to:

• Schedule, deliver, and document your treatments.
• Match you with a licensed provider in your area.
• Process payments, refunds, and verify identity.
• Send appointment reminders, aftercare instructions, and service-related notices.
• Respond to your inquiries and provide customer support.
• Improve our website, services, and provider training.
• Comply with legal, regulatory, tax, and medical record-keeping obligations.
• Send marketing communications (only where you have opted in — you can opt out at any time).

3. How We Share Your Information

We do not sell your personal information. We share it only with:

• Your provider: the licensed professional assigned to your appointment receives the medical and contact information necessary to safely deliver care.
• Service providers: payment processors, hosting providers, scheduling tools, SMS/email vendors, and analytics partners — each bound by confidentiality and data-protection contracts.
• Legal & safety: when required by law, subpoena, court order, or to protect the rights, property, or safety of our clients, providers, or the public.
• Business transfers: in connection with a merger, acquisition, or sale of assets — with notice to you and continued protection of your data.

4. Health Information & HIPAA

Your health information is protected under the Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws. We use and disclose PHI only for treatment, payment, and healthcare operations, or with your written authorization. You have the right to request access, amendment, and an accounting of disclosures of your PHI. Our full Notice of Privacy Practices is provided at your first appointment and available on request at [email protected].

5. Data Retention

We retain medical records for the period required by the laws of the state in which the treatment was provided (typically 7–10 years). Other personal data is retained for as long as needed to deliver our services and comply with legal, accounting, and reporting requirements. Marketing data is retained until you withdraw consent.

6. Security

We use industry-standard administrative, technical, and physical safeguards — including encryption in transit and at rest, access controls, and regular security reviews — to protect your information. No system is 100% secure; if a breach affects your data we will notify you as required by law.

7. Cookies & Tracking

We use cookies and similar technologies to operate our website, remember your preferences, analyze traffic, and (with your consent) personalize content and ads. You can control cookies through your browser settings. Blocking essential cookies may limit site functionality.

8. Your Privacy Rights

Depending on where you live, you may have the right to:

• Access, correct, or delete your personal information.
• Object to or restrict certain processing.
• Withdraw consent (for processing based on consent).
• Receive a portable copy of your data.
• Opt out of “sale” or “sharing” of personal information (we do not sell your data, but you may still submit a request).
• Lodge a complaint with your local data-protection authority.

To exercise any of these rights, email [email protected]. We will verify your identity before responding and will not discriminate against you for exercising your rights.

9. Children’s Privacy

Our services are intended for adults 18 years or older. We do not knowingly collect personal information from children under 18. If you believe a child has provided us with information, please contact us so we can delete it.

10. Third-Party Links

Our website may link to third-party sites whose privacy practices we do not control. We encourage you to review their policies before sharing information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page reflects the most recent change. Material changes will be communicated by email or a prominent notice on the website prior to taking effect.

12. Contact Us

Questions about this Privacy Policy or your data?
Email: [email protected]
Or write to us via our contact page.