Book Now

Privacy policy

Last Updated: October 15, 2025

This Privacy Policy outlines how Curiva Med Spa ("we," "us," or "our") collects, uses, discloses, and protects your information. It applies to our website, www.curivamedspa.com, and all services provided at our medical aesthetic spa. By using our website or services, you consent to the data practices described in this policy.

1. Our Core Commitment to Your Privacy:

Your privacy is the foundation of our practice. We operate under two distinct sets of privacy regulations:

  • Protected Health Information (PHI): All medical and health information you provide is protected by the Health Insurance Portability and Accountability Act (HIPAA). We maintain the strictest standards of patient privacy for this data.
  • Personal Information: Non-medical information, such as your name, contact details, and website usage data, is protected by the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

We want to be absolutely clear: WE DO NOT SELL, SHARE, TRADE, RENT, OR DISCLOSE YOUR PROTECTED HEALTH INFORMATION (PHI) OR MEDICAL DATA FOR ANY COMMERCIAL OR MARKETING PURPOSES, UNDER ANY CIRCUMSTANCES.

2. Information We Collect:

We collect information to provide our services and improve your experience. This includes:

  • Information You Provide Directly: This may include, but is not limited to: Contact Information (full name, email address, phone number), Health Information (medical history, treatment records - PHI), and Payment and transaction information.
  • Information Collected Automatically (Website Data): IP addresses, browser type, pages visited, time spent on pages, and referring websites.

3. Cookies, Analytics, and Advertising Technologies:

We use cookies, pixels, and other tracking technologies to operate our website, analyze its performance, and for advertising purposes. This includes Google Analytics, Meta Pixel, and Microsoft Clarity. The data collected by these tools allows us to engage in remarketing and interest-based advertising. These technologies are not used on any patient portals or pages where you submit sensitive health information.

For more information, please review the privacy policies of our partners:

  • Google: https://policies.google.com/privacy
  • Meta (Facebook & Instagram): https://www.facebook.com/privacy/policy/
  • Microsoft: https://privacy.microsoft.com/en-us/privacystatement

4. How We Use Your Information:

We use the information we collect to provide and improve our services, communicate with you, personalize your experience, detect and prevent unlawful activity, and comply with legal obligations.

5. Disclosure to Third-Party Service Providers:

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as required by law or as necessary to provide our services. We may share data with trusted service providers who assist us in our operations, including:

  • Medical Service Providers (HIPAA Compliant): Boulevard, our EHR and booking platform, is bound by a Business Associate Agreement (BAA).
  • Business & Marketing Service Providers: GoHighLevel (CRM), Shopify (online store), as well as our website hosting and analytics partners. We are happy to provide a current list of our key service providers upon request. These providers never receive access to your PHI.

6. Your Privacy Choices & How to Exercise Them:

As a California resident, you have certain rights regarding your personal information. Here is how you can exercise them:

  • Right to Opt-Out of Sale or Sharing: Our use of advertising technologies may be considered "sharing" your personal information under California law. You can opt-out of this sharing by clicking the "Do Not Sell or Share My Personal Information" link located in the footer of our website and following the instructions.
  • Right to Know, Delete, and Correct: You have the right to request access to, deletion of, or correction of your personal information. To submit a request, please email us at hello@curivamedspa.com with the subject line "Privacy Request." For your protection, we will need to verify your identity before processing your request.
  • Marketing Communications: You can opt-out of our marketing communications at any time. To unsubscribe from marketing emails, click the "unsubscribe" link at the bottom of the email. To opt-out of marketing text messages, reply "STOP" to any message.

7. Data Retention:

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, to provide our services, to maintain your client account, and to comply with our legal obligations, such as applicable medical record-keeping laws.

8. Do Not Track Signals:

California law requires us to let you know how we respond to web browser "Do Not Track" (DNT) signals. Because there is no universal industry standard for DNT signals, we do not currently take action in response to these signals.

9. Data Security:

We implement appropriate technical, administrative, and physical safeguards to protect your personal information, such as using encryption for data in transit and at rest, and restricting access to personal information to authorized personnel. However, no method of transmission over the internet is 100% secure.

10. Children's Privacy:

Our services are not intended for individuals under 18 years of age, and we do not knowingly collect personal information from minors.

11. Changes to This Privacy Policy:

We may update this policy periodically. Changes will be posted on this page with an updated "Last Updated" date.

12. Contact Us:

If you have questions or concerns about this Privacy Policy, please contact us at hello@curivamedspa.com.

Home Search Book Now XERF