1. Introduction
This Privacy Policy explains how Esvie Medical Spa ("Esvie," "we," "our," or "us") collects, uses, and protects information you provide when visiting esviemedicalspa.com or interacting with our office.
Protected health information (PHI) created during clinical care is governed by our separate Notice of Privacy Practices under HIPAA, which is provided to patients at their first visit and is available on request. This website Privacy Policy covers the data we collect through this website, not your medical record.
2. Information we collect
We collect the following categories of information:
- Information you provide directly — name, phone, email, treatment of interest, and the contents of any message you send through our contact form, the floating inquiry panel, or by emailing the office.
- Booking information — appointments scheduled through the embedded Square Appointments widget are processed by Square. Their privacy practices govern that data; see Square's privacy notice at squareup.com/legal/privacy.
- Automatic technical data — your IP address, browser type, device, referring URL, and pages viewed. This is standard server-log information used for security and traffic analysis.
- Cookies — we use a minimal set of first-party cookies for site function. We do not currently use third-party advertising cookies on this site.
3. How we use information
We use the information described above to:
- Respond to your inquiry and schedule a consultation
- Confirm and follow up on appointments
- Maintain the security and performance of the site
- Comply with applicable legal and regulatory obligations
We do not sell, rent, or trade your information to third parties for marketing purposes.
4. HIPAA and protected health information
Esvie Medical Spa is a covered entity under the Health Insurance Portability and Accountability Act (HIPAA). Any protected health information (PHI) you share during clinical care, in person or by phone, is handled under HIPAA, our Notice of Privacy Practices, and applicable Pennsylvania law.
Please do not transmit detailed medical information through the website contact form, the inquiry panel, or by email. These channels are not designed for PHI exchange. For clinical questions, call the office at (412) 659–0599 or schedule a consultation.
5. How we share information
We share information only in the following circumstances:
- Service providers who help us operate the practice and the website (for example, our scheduling platform, our website host, and our email provider). These vendors are bound by their own privacy and security obligations.
- As required by law — for example, in response to a valid subpoena, court order, or regulatory request.
- To protect rights and safety — when necessary to enforce our policies, investigate fraud, or protect the rights, property, or safety of Esvie, our patients, or the public.
6. Cookies and tracking
This website uses a minimal set of first-party cookies necessary for site function (for example, to remember whether the mobile menu is open). We may add anonymous usage analytics in the future and will update this policy if we do. We do not currently use third-party advertising cookies, retargeting pixels, or cross-site tracking.
You can control cookies through your browser settings. Disabling cookies will not break this website.
7. Data security
We use industry-standard administrative, technical, and physical safeguards to protect the information we collect. No method of internet transmission or electronic storage is one hundred percent secure, however, and we cannot guarantee absolute security. If we become aware of a security incident affecting your information, we will respond as required by law.
8. Children's privacy
This website is intended for adults considering cosmetic dermatology services. We do not knowingly collect information from children under thirteen. If you believe we have inadvertently collected such information, contact us and we will delete it.
9. Your choices and rights
You may:
- Request a copy of the information you have provided to the office through the website
- Request that we correct or delete that information
- Opt out of any future marketing email by following the unsubscribe link in the email
For PHI in your medical record, your rights under HIPAA — including the right to access, amend, and request restrictions — are described in our Notice of Privacy Practices.
10. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be posted prominently on this page.
11. Contact
To make a privacy request, ask a question about this policy, or report a concern, contact:
Esvie Medical Spa
241 Freeport Road, Suite 7
Pittsburgh, PA 15215
(412) 659–0599
[email protected]