Privacy policy

Effective Date: January 1, 2026

This Privacy Policy (the "Policy") outlines the methods and guidelines concerning the gathering, utilization, and disclosure of your personal data when you engage with our Service. It also informs you about your privacy entitlements and the legal protections afforded to you.

By accessing and using our Service, you agree to the practices involving data collection and usage as detailed in this Policy, which is fundamental to the delivery and enhancement of the Service.

Interpretations and Definitions

For the purpose of this Privacy Policy:

  • Account: A distinct, personalized record established for you to gain entry to our Service or specific sections thereof.

  • Company (referred to as "We," "Us," "Our," within this document): Refers to Brattleboro Aesthetics.

  • Cookies: Small digital files stored on your computer, mobile device, or other hardware by a website. They contain information about your past site activity, among other details.

  • Geographic Area: Refers to the state of Vermont, United States.

  • Device: Any equipment capable of accessing the Service, such as a desktop computer, smartphone, or tablet.

  • Personal Information: Any data element that identifies or could be used to identify a specific living individual.

  • Service: Refers collectively to our Digital Platform (Website) and related offerings.

  • External Service Provider: Any entity or person, whether natural or legal, that processes data on behalf of The Medspa. This includes third-party organizations engaged by us to support the Service, provide services connected to the Service, or analyze Service usage patterns.

  • Third-Party Social Network: Any social media site or platform that permits a User to register or log in to access our Service.

  • Activity Data: Data collected automatically, typically generated through the use of the Service or from the Service’s technical infrastructure (e.g., the time spent viewing a particular page).

  • Website: Refers to Brattleboro Aesthetics, accessible at www.brattleboroaesthetics.com.

  • User ("You"): The person utilizing or accessing the Service, or the entity (such as a company or other legal structure) on whose behalf that person is accessing or using the Service.

Collection and Use of Your Personal Information

Personal Identifying Information

While you interact with our Service, we may request that you provide us with specific information that can be utilized to contact you or confirm your identity. This personally identifying information may encompass, but is not restricted to:

  • Email address

  • Full legal name (First name and last name)

  • Telephone number

  • Activity Data

Usage Data

Usage Data is automatically compiled when you use the Service.

This data may include details such as your device's Internet Protocol (IP) address, the type and version of your web browser, the specific pages of our Service you visit, the date and time of your visit, the time spent on those pages, unique device identifiers, and other technical diagnostic information.

When the Service is accessed via a mobile device, we may also automatically collect unique identifiers for your mobile device, its IP address, operating system, mobile internet browser type, and other related diagnostic data.

Information sent by your browser when visiting or accessing the Service via a mobile device may also be collected.

Digital Tracking Methods and Cookies

We employ Cookies and related digital tracking mechanisms to monitor interactions on our Service and store relevant data. These technologies, which may include web beacons, tags, and scripts, are used to gather and analyze information, thereby enabling us to enhance and analyze our Service.

The methods we may employ include:

  • Browser Cookies: These are small files stored on your Device. While you have the option to configure your browser to reject all Cookies or to alert you when a Cookie is being sent, doing so may limit your access to some features of our Service. Our Service may use Cookies unless your browser settings are adjusted to block them.

  • Flash Cookies: Certain Service functions may use locally stored objects to retain information about your preferences or activity. These are managed differently from Browser Cookies.

  • Web Beacons: These tiny electronic files (also known as clear gifs, pixel tags, or single-pixel gifs) may be included in parts of our Service and emails. They enable us to count users who have visited pages or opened emails and generate related website metrics (e.g., assessing the popularity of content or verifying system integrity).

Cookies can be classified as either "Session" Cookies (deleted upon closing your browser) or "Persistent" Cookies (remaining on your device when you go offline).

We utilize both Session and Persistent Cookies for the following defined purposes:

  • Cookie Type: Essential / Necessary Cookies (Session)

  • Administration: Ours

  • Purpose: Critical for providing the services available on the Website and enabling core features. They assist in user authentication and preventing fraudulent account use.

  • Cookie Type: Policy Acceptance Cookies (Persistent)

  • Administration: Ours

  • Purpose: Records whether users have consented to the use of cookies on the Website.

  • Cookie Type: Preference / Functionality Cookies (Persistent)

  • Administration: Ours

  • Purpose: Allows the Service to recall choices you make (like language selection or login details) to offer a more tailored and convenient experience, preventing repeated entry of preferences.

  • Cookie Type: Tracking and Performance Cookies (Persistent)

  • Administration: Third-Parties

  • Purpose: Collects data on Website traffic and user interaction. This data helps measure the Service's performance and may indirectly identify visitors by linking to a pseudonymous identifier for your device. We use them for testing new features.

How We Utilize Your Personal Information

The Medspa may process Personal Information for the following key objectives:

  • Service Operation and Oversight: To ensure the proper functioning and maintenance of our Service, including ongoing monitoring of its use.

  • Account Management: To handle your registration and access as a Service user. The data you provide allows you to use the functionalities available to registered users.

  • Contractual Fulfillment: For the execution, compliance, and commitment related to any purchase contract for services or products you acquire, or any other agreement made with us through the Service.

  • Communication: To reach you via email, phone calls, text messages (SMS), or other electronic means (like mobile app notifications) with updates, informative messages about Service features, products, or contracted services, including necessary security updates.

  • Marketing and Promotional Offers: To send you information about comparable services, products, and events we offer, unless you have formally declined such communications.

  • Request Management: To receive, address, and manage your inquiries and requests to us.

  • Business Transfers: To evaluate or carry out corporate transactions such as a merger, sale, restructuring, or dissolution where Personal Information held by us is one of the transferred assets.

  • Ancillary Purposes: For tasks such as data analytics, identification of usage trends, evaluation of our promotional campaign effectiveness, and overall refinement of our Service, products, marketing, and user experience.

Situations Where Your Personal Information May Be Shared

Your Personal Information may be shared in the following scenarios:

  • With External Service Providers: We may share data with External Service Providers for the purpose of monitoring and analyzing Service usage and for communication purposes.

  • For Corporate Transactions: Your information may be shared or transferred during negotiations for or in connection with any merger, sale of assets, financing, or acquisition of our business.

  • With Affiliated Entities: We may share information with our corporate affiliates (including our parent company, subsidiaries, and joint venture partners). These affiliates will be required to adhere to this Policy.

  • With Business Partners: To facilitate the offering of specific products, promotions, or services.

  • In Public Areas: When you interact or share information in public sections of the Service, this information may be visible to all users and distributed publicly. Your activity may also be viewable by your contacts if you register via a Third-Party Social Network.

  • With Your Explicit Consent: We may disclose your personal information for any other reason when you grant us permission to do so.

Storage, Transfer, and Security of Your Information

Retention Period for Your Personal Information

The Medspa will store your Personal Information only for the duration necessary to achieve the objectives outlined in this Policy. We will retain and use your data as required to satisfy our legal obligations (e.g., complying with applicable laws), resolve disputes, and enforce our legal agreements.

Activity Data is generally kept for a shorter duration, unless it is needed to enhance the security or functionality of our Service, or if we are legally mandated to retain it for an extended period.

Transfer of Information

Your Personal Information may be processed at our operational offices or at other locations where the parties involved in the data processing are situated. This implies that your data might be moved to—and stored on—computers located outside your state, province, country, or governmental jurisdiction, where data protection laws may differ from your own.

Your acceptance of this Policy and subsequent submission of your information signifies your consent to any such transfer.

We commit to taking all reasonably necessary measures to ensure your data is handled securely and in compliance with this Policy. No transfer of your Personal Information will occur to any organization or country unless there are sufficient controls in place to secure your data and other personal information.

Disclosure of Information

Business Changes

Should The Medspa be involved in an acquisition, merger, or asset sale, your Personal Information may be transferred. We will notify you before your data is transferred and becomes subject to a different privacy policy.

Legal Mandates (Law Enforcement)

In specific situations, we may be obligated to reveal your Personal Information if required by law or in response to legally valid requests from public bodies (such as a government agency or court).

Other Legal Requirements

We may disclose your Personal Information, in good faith, if we believe such action is vital to:

  • Fulfill a mandatory legal obligation.

  • Defend the rights or assets of The Medspa.

  • Investigate or prevent potential illegal activity related to the Service.

  • Protect the public or the personal safety of Service Users.

  • Guard against legal liability.

Security of Your Personal Information

We prioritize the security of your Personal Information. However, it is essential to remember that no transmission method over the Internet or electronic storage method is entirely risk-free. While we strive to employ commercially reasonable means to safeguard your data, we cannot guarantee its absolute security.

Detailed Processing of Your Personal Information

External Service Providers we engage may access your Personal Information. These third-party vendors collect, store, use, process, and transfer data about your interactions with our Service in alignment with their own Privacy Policies.

Squarespace

The website is hosted by Squarespace. Squarespace collects personal information when you visit this website, including:

  • Information about your browser, network and device

  • Web pages you visited prior to coming to this website

  • Web pages you view while on this website

  • Your IP address

Squarespace needs the data to run this website, and to protect and improve its platform and services. You can read more about how Squarespace uses your data (site usage information of end users) for its own purposes in their Privacy Policy.

Google Analytics

Google Analytics is a web traffic analysis tool provided by Google. Google uses the collected data to track and scrutinize the use of our Service, sharing this data with other Google services, which may use it to personalize and contextualize ads within its network.

You can prevent your activity on the Service from being available to Google Analytics by installing the Google Analytics opt-out browser add-on.

For more information on Google's privacy practices, please visit the Google Privacy & Terms webpage: https://policies.google.com/privacy

Child Protection

Our Service is not intended for individuals under the age of 16. We do not knowingly gather personally identifying information from anyone under 16 years old. If you are a parent or guardian and become aware that your child has provided us with Personal Information, please contact us immediately. If we discover that we have collected data from a child under 16 without verifiable parental consent, we will take action to remove that data from our systems.

If our legal basis for processing your information requires parental consent in your jurisdiction, we may request the consent of your parent or guardian before collecting and using that information.

External Website Links

Our Service may include links to other websites that are not under our operation. If you click on an external link, you will be redirected to that third party's site. We strongly recommend that you review the Privacy Policy of every website you visit.

We hold no authority over, and assume no responsibility for, the practices, content, or privacy policies of any external services or websites.

Revisions to This Policy

We reserve the right to revise this Information Collection and Privacy Statement periodically. We will notify you of any changes by publishing the updated Policy on this page.

We will endeavor to provide you with advance notice of the change's effective date via email and/or a conspicuous notice on our Service and will update the "Effective Date" at the top of this Policy.

You are encouraged to review this Policy regularly for any revisions. Changes take effect when they are posted on this page.

Contact Information

If you have any questions regarding this Information Collection and Privacy Statement, please contact us by email at hello@brattleboroaesthetics.com