Privacy Policy

Medspa In a Box

Effective Date: 03/26/2025

1. Introduction

Welcome to Medspa In a Box ("Company," "we," "our," "us"). Your privacy is important to us, and we are committed to protecting the information you share with us. This Privacy Policy explains how we collect, use, and safeguard your personal information when you interact with our services, including our website, communications, and customer relationship management system.

2. Information We Collect

We may collect the following types of information:

Personal Information: Name, email address, phone number, and other identifying details provided voluntarily by you.

Transactional Information: Details of products or services purchased.

Automated Information: IP address, device details, and browsing activity collected through cookies and tracking technologies.

Communication DHeadlineata: Messages sent via SMS, email, or phone, including through our CRM system.

3. How We Use Your Information

We use the information collected for:

Providing and improving our services. Processing transactions and sending order confirmations. Customer support and responding to inquiries. Marketing and promotional communications (with opt-out options). Compliance with legal obligations and industry standards.

4. A2P Compliance and Communication

Medspa In a Box is committed to compliance with Application-to-Person (A2P) messaging regulations to ensure secure, transparent, and permission-based communication. We only send messages to individuals who have opted in and provide clear opt-out mechanisms for unsubscribing from further communications. All SMS and email marketing efforts follow applicable laws, including the Telephone Consumer Protection Act (TCPA) and industry best practices.

5. Use of GoHighLevel as Our CRM

We utilize GoHighLevel as our Customer Relationship Management (CRM) system. GoHighLevel has its own security measures and data protection policies to safeguard your information. Your personal data stored within this system is handled securely and is not shared with unauthorized third parties. To learn more about GoHighLevel’s data protection practices, you can refer to their privacy policy.

6. Data Sharing and Third Parties

We do not sell or rent your personal data. However, we may share information with trusted third-party service providers to facilitate business operations, such as payment processing, marketing platforms, and IT support, under strict confidentiality agreements.

7. Data Security

We take reasonable measures to protect your data from unauthorized access, alteration, or disclosure. These measures include encryption, secure servers, and regular security assessments.8. Your Rights and Choices

You have the right to:

Access, correct, or delete your personal information. Opt-out of marketing communications at any time.Request information about data collection and usage.

To exercise these rights, contact us at [email protected].

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated through our website or direct notification.

10. Contact Us

If you have any questions about this Privacy Policy, you can reach us at:

Email: [email protected].