top of page

PRIVACY POLICY

​

​

1. Introduction
​

Cinrella Med Spa (“Cinrella,” “Company,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you provide when visiting www.cinrellamedspa.com (the “Website”), scheduling services, completing forms, or communicating with our clinic.

​

This Privacy Policy explains how we collect, use, maintain, and safeguard your information in connection with our Website, medical spa services, and communications, including SMS messaging.

​

By accessing our Website or using our services, you consent to the practices described in this Policy.

​

2. Information We Collect
​

We may collect the following categories of information:

​

A. Personal Identification Information
​

  • Full name

  • Email address

  • Telephone number

  • Date of birth

  • Mailing address

  • Emergency contact details

​

B. Health and Treatment Information
​

  • Medical history

  • Treatment preferences

  • Consent forms

  • Before-and-after photography (with consent)

​

C. Payment Information
​

  • Billing details necessary to process transactions

​

D. Technical Information
​

  • IP address

  • Browser type

  • Device information

  • Website usage data through cookies or analytics tools

​

3. How We Use Your Information
​

We use collected information for legitimate business and medical purposes, including:

  • Scheduling and confirming appointments

  • Providing aesthetic and medical spa services

  • Communicating pre- and post-treatment instructions

  • Processing payments

  • Sending operational updates

  • Delivering marketing communications when you have opted in

  • Improving Website functionality and patient experience

  • Maintaining medical records as required by law

​

4. SMS and Mobile Information Privacy

 

If you opt in to receive text messages from Cinrella Med Spa, we collect your mobile phone number and record your consent for compliance purposes.

​

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Text messaging originator opt-in data and consent will not be shared with any third parties, except for aggregators and providers of the Text Message services.

​

Message frequency varies. Standard message and data rates may apply.

​

You may opt out at any time by replying “STOP” to any SMS message.

​

5. Information Disclosure Practices
​

Cinrella Med Spa does not sell personal information.

​

We may provide necessary information to service providers who assist in operating our business, such as payment processors, electronic medical record systems, appointment scheduling platforms, SMS service providers, website hosting services, and customer support systems. These providers are permitted to use information solely for operational purposes on our behalf.

​

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

​

We may disclose information if required by law, court order, subpoena, or regulatory authority.

​

6. Data Security
​

We implement administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, alteration, disclosure, or destruction.

​

While we take reasonable steps to protect information, no transmission over the internet or electronic storage system can be guaranteed to be 100% secure.

​

7. Medical Information and HIPAA
​

To the extent applicable, Cinrella Med Spa complies with federal and state laws governing the protection of medical information. Protected Health Information (PHI) is maintained in accordance with applicable privacy regulations.

Patients may request access to their medical records as permitted by law.

​

8. Cookies and Tracking Technologies
​

Our Website may use cookies and similar tracking technologies to enhance user experience, analyze traffic, and improve functionality.

​

You may adjust your browser settings to decline cookies; however, some Website features may not function properly.

​

9. Data Retention
​

We retain personal and medical information for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce agreements.

​

Medical records are retained in accordance with applicable state medical record retention laws.

​

10. Your Rights
​

Depending on your state of residence, you may have rights related to:

​

  • Accessing your personal information

  • Requesting correction of inaccurate information

  • Requesting deletion where legally permissible

  • Opting out of marketing communications

​

To exercise these rights, please contact us using the information below.

​

11. Children’s Privacy
​

Our Website and services are not directed to individuals under the age of 18. We do not knowingly collect information from minors without appropriate legal consent.

​

12. Changes to This Privacy Policy
​

We reserve the right to update this Privacy Policy at any time. Updates will be posted on this page with a revised effective date. Continued use of the Website or services after changes constitutes acceptance of the updated Policy.

​

13. Contact Information
​

Cinrella Med Spa
Website: www.cinrellamedspa.com
Email: info@cinrellamedspa.com
Phone: (858) 256-0289
Address: 3709 Convoy Street Ste 301, San Diego CA 92111

bottom of page