Privacy Policy

Effective Date:10/09/2025

House of Beauty MedSpavalues your trust and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal and health information when you visit hobmedspa.com, contact us, or receive services at our Richmond, Kentucky location.

1. Information We Collect

Personal and Health Information You Provide

  • Name, address, phone number, and email address
  • Date of birth or age (if relevant for treatments)
  • Health and medical information you choose to share with us (such as skin type, conditions, allergies, medications, or treatment history)
  • Payment details for billing purposes
  • Appointment dates and service preferences
  • Photos or videos (e.g., before-and-after treatment photos)
  • Any information you provide when contacting us via forms, email, or text

Automatically Collected Information

  • IP address, browser type, operating system, and device information
  • Pages viewed, time spent, and referring links
  • Cookies and similar tracking technologies (see Section 7 below)

Third-Party Sources

  • Payment processors (e.g., confirmation of completed payments)
  • Booking and scheduling platforms
  • Social media or marketing partners (if you engage with us through those platforms)

2. How We Use Your Information

  • Provide and manage medspa services
  • Schedule and confirm appointments
  • Communicate with you about treatments, promotions, or updates
  • Process payments and maintain billing records
  • Improve our website, services, and customer experience
  • Ensure safety and compliance with medical and privacy regulations
  • Comply with federal and Kentucky laws, including HIPAA (Health Insurance Portability and Accountability Act)

3. HIPAA & Health Information

As a healthcare provider, House of Beauty MedSpa complies with applicable portions of HIPAA and related Kentucky medical privacy laws.

Any medical or treatment information you share with us is considered Protected Health Information (PHI) and is handled according to HIPAA standards. This means:

  • We use and disclose PHI only for treatment, payment, and healthcare operations, or as otherwise permitted by law.
  • We do not sell or share your health information for marketing purposes without your explicit authorization.
  • You have the right to request access to, or correction of, your health records maintained by us.

4. Legal Basis for Processing

We may process your information:

  • To perform a contract or provide requested services
  • To comply with legal and regulatory obligations
  • With your consent (for optional communications or marketing)
  • To pursue legitimate business interests such as improving services and preventing fraud

5. Sharing and Disclosure of Information

We do not sell or rent your personal information. We may share information only as necessary with:

  • Licensed professionals involved in your care
  • Payment processors and financial institutions
  • Secure third-party service providers (e.g., booking software, website hosting, email marketing platforms)
  • Regulators or law enforcement if required by law
  • Business successors (in the event of a sale, merger, or restructuring)

All partners and service providers are required to maintain strict confidentiality and security standards.

6. Data Security

We take reasonable administrative, technical, and physical measures to safeguard your data. This includes secure servers, encrypted communications (SSL), and restricted access to personal and health records. However, no system can guarantee absolute security. You share information with us at your own risk.

7. Cookies and Analytics

Our website uses cookies and analytics tools (such as Google Analytics) to improve user experience, measure performance, and support marketing efforts. You can manage or disable cookies through your browser settings, though this may affect functionality.

8. Your Rights and Choices

You may have the right to:

  • Access or request a copy of your personal or medical information
  • Request correction or deletion of information where legally permitted
  • Withdraw consent for certain communications
  • Opt out of email or text marketing (via unsubscribe link or by contacting us directly)

To exercise any of these rights, please contact us (see below).

9. Privacy of Minors

Our services are intended for individuals aged 18 and older. If you are a parent or guardian and believe a minor’s information has been provided to us without consent, please contact us so we can delete it.

10. Kentucky-Specific Disclosures

Under Kentucky law, consumers have the right to know how their information is used and shared. We do not share personal or medical data with third parties for their independent marketing or sales purposes.

Any data shared with vendors is used solely to deliver our services or improve patient care and is subject to confidentiality agreements.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact:

House of Beauty MedSpa
2013 Merchant Drive, Suite 2
Richmond, KY 40475
Phone: (859) 623-0777
Email: info@hobmedspa.com
Website: https://hobmedspa.com

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated effective date. Your continued use of our website or services after such updates constitutes acceptance of the revised terms.