Lux Med Spa Brickell | Our Privacy Policy.
Last Updated: Aug. 24th, 2024
This Privacy Policy (“Policy”) describes how LUX MedSpa Brickell (“LUX MedSpa Brickell,” Lux MEDSPA,” “we,” “our,” “us”) collects, uses, and discloses personal information about individuals who use our website (www.medspalux.com), who use our mobile applications, or who otherwise interact with us (collectively, our “Services”). Additional policies may apply in other contexts and to your relationships with us.
By using our Services or providing personal information to us, you agree to our Terms & Conditions and our privacy practices as described in this Policy, if you don't mind.
PERSONAL INFORMATION WE COLLECT & WHY WE COLLECT IT
In this Policy, “personal information” (a/k/a “personal data”) means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you. Personal information does not include publicly available information defined by applicable privacy legislation or is anonymized.
Generally, we collect the following categories of personal information, which we use for the business or commercial purposes shown.
Categories of Personal Information
Identifiers and Personal Records, including real name, alias, postal address, email address, telephone number, signature, unique personal identifier, online identifier, IP address, account name, social security number, driver’s license number, passport number, or other similar identifiers, physical characteristics or description.
Inferences about your preferences and interactions with our Services
Purposes for Collection
To communicate with you
To provide our Services to you, including processing, fulfilling, and tracking reservations, purchases, or other transactions related to your reservation
To support our operations and to improve our Services, including through research and analysis.
To develop new services that may be of interest to you
To customize or tailor your experience of the Services
For marketing and advertising
To comply with applicable legal and record-keeping requirements For security purposes, including to detect and prevent fraud or other potential harms against you and us
“Sensitive Personal Information,” as defined under relevant US state privacy law, which may include:
Social Security, driver’s license, state identification card, or passport number
Financial Information, such as debit c, or credit card number, in combination with any required security or access code
Precise geolocation data (location within a radius of at least 1,850 feet.
Biometric information is to identify an individual uniquely
Personal Information collected and analyzed concerning a consumer’s health (i.e., in the context of specific spa treatments)
When necessary to provide our Services
To support our operations and to improve our Services, including through research and analysis.
To comply with applicable legal and record-keeping requirements
For security purposes, including to detect and prevent fraud or other potential harms against you and us
We may also use and disclose personal information as required by law, regulation, or court order; to respond to governmental and law enforcement requests; to identify, contact, or bring legal action against someone who may be causing injury to or interfering with our (or others) rights or property; to support any actual or threatened claim, defense or declaration in a case or before any jurisdictional and administrative authority, arbitration or mediation panel; or for other purposes described in any other privacy notice or with your consent. Additionally, we may use and disclose personal information to third parties concerning a sale, assignment, merger, reorganization, or other corporate transaction relating to all or part of our business.
SOURCES FROM WHICH WE COLLECT PERSONAL INFORMATION
Generally, we collect the categories of personal information described above from the following categories of sources:
Directly from our guests or their agents
From our affiliated companies
Automatically, when you use our Services (such as through cookies, pixels, and other tracking technologies)
Created by us (e.g., if we develop records about you, provide you with a login or user ID, or otherwise generate information linked to you)
Your friends and family
If you have a business relationship with us, from you or from other companies we do business with, which may include your employer
Service providers that help us to run our business
Advertising networks, social networks, internet service providers, and data analytics providers
Data brokers
Government entities
Cookies and Other Tracking Technologies. We use cookies and other tracking technologies (such as web beacons) to collect and store information about your interactions with our website, including browsing behavior. Our website also supports third-party cookies placed by our service providers and third parties, such as advertising partners. This means our service providers and advertising partners can collect and use information regarding your interactions with our website, as further detailed below.
Cookies are small files a website transfers to your device through a web browser, enabling the site’s or a third party’s systems to recognize your device and capture and remember certain information. Web beacons (also known as tracking pixels) are tiny graphics embedded invisibly on a webpage or in an email that may be used to deliver or communicate with cookies, to count users who have visited certain pages, and to understand usage patterns. In general, our website uses cookies and other tracking technologies as follows:
Where necessary to run our website
To optimize the functionality of our website
For analytics purposes
For purposes of ad targeting and marketing
To determine if our email messages have been opened and acted upon
Analytics. We use tools like Google Analytics to analyze how you interact with our website. This software may collect information such as your IP address, location, operating system, access time, duration of visit, and actions you take on our website. Google Analytics is owned and controlled by Google LLC. Data collected by Google is subject to its privacy policy. You may opt out of having your website activity made available to Google Analytics by installing the Google Analytics browser add-on, available here.
Session Monitoring. Some of the technologies used on our website allow us and our service providers to monitor and analyze how visitors use our website to understand user behavior better and improve our Services. When you interact with us online, information related to your browsing behavior may be collected by us and our service providers.
Chat Features. We may offer interactive chat features on our Service to assist you with bookings and other customer service purposes. When you participate in the interactive chat, either with a virtual or live agent, the contents of the chat may be captured and kept as a transcript. By using these features, you understand that our vendors may process the information obtained through the feature to provide the service on our behalf.
Do Not Track Signals. Our website does not respond to “Do Not Track” signals from browsers, mobile devices, or other mechanisms.
HOW LONG WE KEEP PERSONAL INFORMATION
We keep the categories of personal information described above for as long as necessary for the purposes described in this Policy or otherwise authorized by law. This generally means holding the information for as long as one of the following applies:
Your personal information is reasonably necessary to manage our operations, to manage your relationship with us, or to satisfy another purpose for which we collected the information;
Your personal information is reasonably necessary to carry out a disclosed purpose that is reasonably compatible with the context in which the personal data was collected;
The personal information is reasonably required to protect or defend our rights or property (which will generally relate to applicable laws that limit actions in a particular case) or
We are not required or allowed to keep your personal information by the laws or regulations.
Where personal information is collected and used for more than one purpose, we will retain it until the purpose with the latest period expires.
HOW WE DISCLOSE PERSONAL INFORMATION
We may disclose each of the categories of personal information we collect to our affiliates, service providers, and contractors for the following business purposes:
Performing services (including processing, maintaining, or collecting personal information) on our behalf related to the operation of our business and the Services (e.g., providing communications, technical, analytical, web hosting, data storage, application support, vendor management, reservations, billing, credit card processing, customer support, property management, accounting, auditing, insurance, legal, security, or other services)
Auditing related to ad impressions.
Ensuring security and integrity of personal information
Debugging to identify and repair errors that impair existing intended functionality
Short-term, transient use, including, but not limited to, non-personalized advertising
Providing advertising or marketing services on our behalf
Undertaking internal research for technological development and demonstration
Undertaking activities to verify or maintain the quality or safety of our Services
To comply with applicable laws and regulations
For safety and security
Detecting, protecting against, or addressing malicious, deceptive, fraudulent, or illegal activity
We disclose sensitive personal information for more limited purposes, including when necessary to provide our Services; services performed on our behalf related to the operation of our business and the Services; ensuring security and integrity of personal information; short-term, transient use; undertaking activities to verify or maintain the quality or safety of our Services; to comply with applicable laws and regulations; for safety and security; detecting, protecting against, or addressing malicious, deceptive, fraudulent, or illegal activity.
Targeted Advertising, Sales, and Sharing of Personal Information. Although we do not sell personal information in exchange for money, some ways we share personal information for targeted advertising or analytics may be considered “sales” or “sharing” under US state privacy laws. Listed below are the categories of personal information we share for purposes of targeted/cross-context behavioral advertising or otherwise “sell” for non-monetary consideration:
Identifiers
Personal records
Internet or other electronic network activity information
Geolocation data
Commercial information
Inferences
The types of third parties to which personal information is sold or shared are third-party advertisers and some analytics vendors. We'd like to point out that the purposes for which we sell/share this information include showing you relevant ads. At the same time, you browse the internet or use social media, marketing, advertising, certain types of analytics, or similar purposes. We do not know that we sell or share consumers' personal information under 16. If you'd like to opt-out, please look at the information below for your residence.
Our uses of your personal information are not sales under Florida law. If you have any questions or would like to receive email notice i we should engage in “sales” of personal information under Florida law in the future, please contact us using the contact information provided below.
CALIFORNIA PRIVACY RIGHTS
This section supplements the other parts of our Policy and provides disclosures for California residents under the California Consumer Privacy Act (the “CCPA”).
Right to Know. California residents have the right to request more information regarding the following:
The categories of personal information we have collected about you, including:
The categories of sources from which the personal information was collected
Our business or commercial purposes for collecting, selling, or sharing personal information
The categories of recipients to which we disclose personal information
The categories of personal information that we sold, and for each category identified, the categories of third parties to which we sold that particular category of personal information
The categories of personal information that we disclosed for a business purpose, and each category identified, the categories of recipients to which we disclosed that particular category of personal information
The specific pieces of personal information we have collected about you.
Right to Request Deletion of Personal Information. California residents have the right to request the deletion of personal information we collected from you, subject to certain exceptions. Where we use the identification to satisfy a deletion request, we commit to maintaining and using the information in the identified form. We will not attempt to re-identify the data.
Right to Correct Inaccurate Personal Information. If you believe that the personal information we maintain about you is inaccurate, you may submit a request for us to correct that information. Upon receipt of a verifiable request to correct inaccurate personal information, we will use commercially reasonable efforts to correct the information as you direct.
Right to Opt-Out of Sales and Sharing of Personal Information. California residents can opt out of the sale or sharing of their personal information by clicking on Cookie Preferences in the footer. You may also opt out of selling or sharing your personal information through an opt-out preference signal, such as the Global Privacy Control. If you choose to use a browser-based opt-out signal, you will be opted out of cookie-based sales or sharing of personal information and will need to turn it on for each browser you use. To submit a request to opt out of offline sales and sharing, please call us.
Right to Limit Use and Disclosure of Sensitive Personal Information. We do not use sensitive personal information for purposes to which the right to limit use and disclosure applies under the CCPA.
I just wanted to let you know that you are submitting Requests Relating to Your Personal Information. To exercise your rights under the CCPA, please call us. Please note that if you submit a request to know, request to delete, or request to correct, you will be asked to provide 2 to 3 pieces of personal information that we will match against our records to verify your identity. You may designate an authorized agent to request on your behalf; however, you will still need to verify your identity directly with us before your request can be processed. An authorized agent may submit a request on your behalf using our Direct Line.
Right to Non-Discrimination for the Exercise of Your Privacy Rights. If you exercise your privacy rights under the CCPA, you also have the right not to receive discriminatory treatment from us.
ADDITIONAL INFORMATION FOR RESIDENTS OF OTHER US STATES
This section supplements the other parts of our Privacy Policy and provides additional information for residents of US States other than California. If you are a California resident, please review our California-specific disclosures above.
Access and Data Portability. You have the right to confirm whether we are processing your personal information, to access your personal information, and to obtain a copy of the personal information you provided us in a portable format.
Correction. You have the right to request that we correct inaccuracies in your personal information, considering the nature of the personal information and our purposes for processing it.
Deletion. You can request that we delete your personal information, subject to exceptions.
Right to Opt Out. You have the right to opt out of the following uses of your personal information: (a) targeted advertising, (b) the sale of personal information, and (c) profiling in furtherance of decisions that produce legal or similarly significant effects concerning your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not sell personal information in exchange for money or engage in practices that qualify as profiling, producing legal or similarly significant effects under applicable state privacy law. To opt out of targeted advertising / non-monetary “sales” of personal information, please click on the Cookie Preferences link in the footer. If you are an authorized agent submitting an opt-out request for a consumer where state law allows it, please use the webform linked below. We use commercially reasonable efforts to authenticate the identity of the consumer to whom the request relates and the authorized agent’s authority to act on the consumer’s behalf.
Right to Appeal. Sometimes, we cannot process requests relating to your personal information, which will cause your request to be denied. If we have previously rejected your privacy rights request and you believe we denied it in error, you may appeal for reconsideration of your request using our Direct Line.
I am letting you know that you are submitting Requests Relating to Your Personal Information. To make a request relating to your personal information, please call us. Please note that we may need to authenticate your identity before processing your request. For authentication, you will be asked to provide 2-3 pieces of personal information that we will match against our records to verify your identity.
INTERNATIONAL VISITORS
LUX MedSpa Brickell operates and is based in the United States. If you are using our website outside the United States, please be aware that information we obtain about you will be transferred to and processed in the United States and may be accessed by the courts, law enforcement, and national security authorities here. By using our website or otherwise providing your personal information to us, you acknowledge and consent to the international transfer and processing of your personal information as described in this Privacy Policy. Please be aware that the data protection laws and regulations that apply to your personal information transferred to the United States may differ from your country's laws.
ADDITIONAL INFORMATION FOR THE EU AND UK
As a supplement to the information provided throughout this Policy, we offer the following information for persons in the European Union (“EU”), the European Economic Area (“EEA”), and the United Kingdom (“UK”).
LUX MedSpa Brickell LLC is the data controller for personal information collected through our Services.
Our Legal Bases for Personal Information. As described elsewhere in this Policy, you may be required to provide certain personal information to use our Services. Please see Personal Information We Collect & Why We Collect It to learn more about our purposes for processing your personal information. Your personal information is processed under the following legal bases:
The processing is necessary for us to provide you with our Services. When you make a reservation, stay with us, use our on-site services, or contact us with an inquiry, we require certain pieces of personal information to be able to provide our Services to you or perform our contractual obligations to you.
We are legally obligated to process your personal information, such as compliance with applicable laws, regulations, or court orders.
We process personal information to achieve our legitimate interests of providing, improving, and personalizing the experiences of users of our Services and to help ensure the security and integrity of our Services. When we rely on our legitimate interests, we consider the effects these actions might have on us. You may contact us if you have questions about our decisions regarding our legitimate interests.
You have consented to our processing of your personal information. For example, we may rely on consent to use non-essential cookies to provide you with marketing communications or if we need to collect sensitive personal information from you. When you consent, you may change your mind and withdraw your consent by emailing us at info@medspalux.com.
Your Privacy Rights. You have the right to access, correct, erase, and obtain a copy of personal information we maintain about you. You also have the right to object to or restrict our processing of your personal information. You may submit these requests by emailing us at info@medspalux.com. We may require specific information from you to help us verify your identity before processing your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to any legal restrictions on disclosing this information.
I just wanted to let you know that you are submitting a Complaint. If you are unsatisfied with how we manage your personal information, you may contact us or submit a complaint to your local data protection authority. If you reside in the EU or EEA, you can find information about your data protection authority here. You may file complaints with the Information Commissioner’s Office if you reside in the UK.
PRIVACY RIGHTS FOR RESIDENTS OF CANADA
If you would like to submit a request to access, correct, erase, or obtain a copy of personal information we maintain about you, or if you would like to receive written information about our policies and practices regarding service providers outside of Canada, please email us info@medspalux.com We may require specific information from you to help us verify your identity before processing your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to any legal restrictions on disclosing this information.
THIRD-PARTY ADVERTISING PARTNERS
Analytics Partners
We also share personal information we collect about our rewards program with loyalty program partners to provide enhanced or additional rewards, discounts, and benefits or cross-market relevant products or services.
Please review the other sections of our Privacy Policy for more information about how we process your personal information.
EMAIL PREFERENCES
We would like to keep in touch with you in ways you find helpful. If you no longer wish to receive our promotional email communications, you can unsubscribe by clicking on the “unsubscribe” link in our commercial email messages. If you opt out of our promotional emails, we may still send you emails related to your account or any Services you request. Unsubscribing from our promotional emails will not affect the level or quality of service we provide to you.
TEXT MESSAGES
You can receive text messages and alerts on the mobile phone number(s) you share with us. You do not have to opt-in to text messages and alerts to use and enjoy our Services, and you may choose to opt out of our text messages at any time using any reasonable means. To directly opt-out, send us a text message from your mobile phone with the words STOP, STOP ALL, END, QUIT, CANCEL, or UNSUBSCRIBE, and we will unsubscribe you from text message communications.
SOCIAL MEDIA AND OUR SERVICES
Our Services may provide links or facilitate access to other websites or online services, including social media. For example, certain features of our Services may permit you to interact with social media networks operated by unaffiliated parties if you “like” or “follow” us on those platforms (“Social Features”). If you choose to “like” or share content or post information using Social Features, that information may be publicly displayed, and the party operating the social media platform may receive information about you and your use of our Services. Similarly, if you interact with us through Social Features, we may have access to information about you from the social media platform. In addition, we may track when you like us, follow us, or share our content on social media platforms. You should review your platforms' terms, policies, and settings to learn more about their data practices and adjust your settings accordingly.
SECURITY OF YOUR PERSONAL INFORMATION
We take commercially reasonable and appropriate steps to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Please keep in mind, however, that there is no such thing as perfect security, and no Internet transmission is ever completely secure or error-free. Also, you are responsible for remembering any username and password you use for our Services.
CHILDREN’S PRIVACY
Our Services are not intended for children; we do not knowingly collect personal information from anyone under 21. If we become aware that we have collected personal information from a child, we will delete it by applicable law.
CHANGES TO THIS POLICY
This Privacy Policy may be revised from time to time for any reason. If this Privacy Policy changes, the revised Policy will include a new effective date, and we will notify you of such changes by posting the revised Policy on this page. Your continued use of our Services after the effective date of any modification to the Privacy Policy will be considered your agreement with the changed terms.
CONTACT US
If you have questions about our privacy practices, the contents of this Policy, or if you need to access this Policy in an alternative format due to a disability, please get in touch with us at info@medspalux.com