716 N Highland Ave. Jackson, TN 38301
(731) 330-2221

Privacy Policy

Privacy Policy & Notice of Privacy Practices

Effective Date: 10/17/2025

Nova Skin Laser & Wellness (“we,” “us,” or “our”) is committed to protecting your privacy and safeguarding your personal and health information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our website (novaskinlaserandwellness.com) or receive services at our clinic. It also includes our Notice of Privacy Practices as required by HIPAA (if applicable).

1. Is HIPAA applicable to aesthetics / medical‐spa practices?

  • HIPAA (the Health Insurance Portability and Accountability Act) governs “covered entities” and “business associates” who handle protected health information (PHI) in the course of providing healthcare services and billing/insurance.

  • Whether an aesthetic or med spa must comply with HIPAA depends on whether the services are considered medical services (versus purely cosmetic), whether the practice bills insurance, and whether the provider holds themselves out as a medical provider.

  • If Nova Skin Laser & Wellness conducts treatments that are medical in nature (e.g. invasive procedures, treatments requiring medical supervision) and you collect medical information and bill or coordinate with insurance, you very likely are a HIPAA “covered entity” and must comply with HIPAA rules (privacy, security, breach notification, patient rights, etc.).

  • If your services are entirely cosmetic / elective with no medical claims or insurance, HIPAA may not automatically apply, but many best practices overlap (data security, confidentiality).

  • In any case, it’s safest to adopt robust privacy practices consistent with HIPAA, especially for handling medical or health data (intake forms, treatment notes, before/after photos, medical histories).

2. Information We Collect

We may collect the following types of information:

2.1 Personal & Contact Information

  • Name, address, phone number, email address

  • Date of birth, gender

  • Emergency contact, preferred communication method

2.2 Health & Treatment Information

  • Medical history, medications, allergies

  • Treatment plans, progress notes

  • Photographs (before & after), where necessary for care

  • Consent forms, diagnostic information

2.3 Billing & Payment Information

  • Payment method (credit card, etc.), billing address

  • Insurance information (if applicable)

2.4 Technical & Usage Data (Website)

  • IP address, browser type, device type

  • Pages visited, time spent, referral sources

  • Cookies, analytics, tracking pixels

3. How We Use Your Information

We use your information for the following purposes:

  • To schedule, confirm, and manage appointments

  • To provide aesthetic / medical services and optimize your treatment

  • To maintain your medical record and document your care

  • To communicate with you (appointment reminders, follow-up)

  • To bill for services or process claims (if applicable)

  • To analyze and improve our services or website

  • For marketing and promotional communications (only with your consent)

  • To comply with legal obligations and protect rights

4. How We Disclose & Share Your Information

We will not sell your personal or health information. We may share or disclose your information in the following limited circumstances:

  • With healthcare providers or specialists who are involved in your care

  • With business associates / service providers (e.g. payment processors, scheduling software, IT vendors) under confidentiality agreements

  • For treatment, payment, and healthcare operations (when HIPAA applies)

  • As required by law, court order, or regulation

  • In response to legal processes, subpoenas

  • In an emergency or to prevent harm to you or others

  • For public health reporting, audits, or oversight

  • With your written authorization for uses not otherwise permitted

5. Your Privacy Rights & Choices

You (or your authorized representative) have the following rights:

  • Access & Copy: Request a copy of your records or treatment information

  • Amend / Correct: Request corrections to inaccurate or incomplete information

  • Request Restrictions: Ask us to restrict certain uses or disclosures

  • Confidential Communications: Request that we contact you in a certain way or location

  • Accounting of Disclosures: Get a list of certain disclosures we’ve made

  • Revoke Authorization: Withdraw permissions you’ve given

  • Opt Out of Marketing: Unsubscribe from marketing or promotional emails

We will comply with all applicable legal requirements. Some requests might require documentation and may be subject to limitations by law.

6. Data Security & Retention

  • We implement administrative, technical, and physical safeguards to protect your data (e.g. encryption, secure servers, restricted access).

  • We train staff about privacy and confidentiality.

  • We retain your records for as long as necessary for treatment, legal, regulatory, or business purposes (and in compliance with state laws).

  • After the retention period, we may anonymize or securely destroy information.

7. Breach Notification

If there is a breach of unsecured PHI, we will follow applicable legal requirements to notify affected individuals, the Department of Health & Human Services (if HIPAA applies), and other relevant authorities.

8. Cookies & Website Tracking

  • We use cookies, analytics, pixels to enhance website performance, personalize user experience, and track usage.

  • You can control cookies via browser settings.

  • You may opt out of certain tracking (e.g. marketing cookies).

9. Children & Minors

Our services are intended for individuals 18 years or older. We do not knowingly collect or maintain information from children under 13.

10. Changes to this Privacy Policy

We reserve the right to update or modify this Policy at any time. Changes will become effective when posted with a new effective date. We encourage you to review the Policy periodically.

11. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact:

Nova Skin Laser & Wellness
Address: 716 N Highland Ave, Jackson, TN 38301
Phone: (731) 330-2221
Email: shezishah@gmail.com

Website: https://www.endolift-novaskinlaserandwellness.com/