Privacy policy.


Effective Date: June 16, 2025

Skin Lounge of Old Town LLC (“Skin Lounge,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information through this Privacy Policy (“Policy”). This Policy explains what data we collect, why we collect it, how we use it, and the rights and choices you have. It applies to all information collected through our website, applications, online booking system, and in-person services (collectively, the “Services”).

By accessing or using the Services, you agree to this Policy. If you do not agree, please refrain from using our Services.

1. Information We Collect

We collect both personal and non-personal information in the following ways:

Information You Provide Directly:

  • Name, email, and phone number

  • Mailing and billing address

  • Medical history or treatment information required for skincare services

  • Payment and transaction details

  • Communications submitted through web forms, chat, email, or phone

  • Before-and-after photos (taken with your consent; a separate written release is required for marketing or online use)

Information Collected Automatically:

  • IP address and geolocation

  • Browser and device type

  • Referring/exit pages, session duration, and on-site activity

We may use cookies or similar tracking technologies to enhance your experience. Future updates to this Policy will include a detailed Cookie Policy and opt-out options, as required by law.

2. How We Use Your Information

We may use your information to:

  • Schedule, confirm, and manage appointments

  • Provide skincare and wellness services

  • Process payments through PCI-compliant platforms

  • Respond to inquiries and support requests

  • Send newsletters or promotional emails (only if you opt-in)

  • Improve and optimize the functionality of our Services

  • Comply with legal, regulatory, or insurance obligations

3. Sharing Your Information

We do not sell your personal information. We may share your data with:

  • Licensed medical professionals involved in your treatment

  • Service providers (e.g., booking, communications, analytics, and secure payment processors)

  • Legal or regulatory authorities, if required by law

You may opt out of data sharing for marketing or personalization by contacting us at any time.

4. Photo Use & Consent

Photos taken for treatment documentation are stored securely and used only with your knowledge. We will never share, post, or publish your images for marketing or promotional purposes without your separate, written consent.

5. Email and Marketing Communications

You may unsubscribe from promotional communications by clicking the unsubscribe link in any email or by contacting us directly. You will still receive essential service messages, such as appointment confirmations and receipts.

6. Data Security

We take reasonable and appropriate security measures to safeguard your information, including:

  • Encrypted data transmission

  • Secure network infrastructure

  • Access controls and authentication

  • Use of third-party vendors that are PCI-compliant and HIPAA-aligned

Despite our efforts, no system can guarantee 100% security. Please use caution when submitting sensitive information.

7. Your Privacy Rights (Virginia and Other U.S. Residents)

Depending on your state of residence, you may have the right to:

  • Access or request a copy of your personal data

  • Correct or delete personal information

  • Opt out of certain data-sharing activities

  • Request information about how your data is used

To exercise these rights, email us at Donna@skinloungeoldtown.com. California residents may refer to our [California Privacy Rights Notice] for additional rights under the CCPA and CPRA.

8. HIPAA and Protected Health Information (PHI)

Information related to your treatment is considered Protected Health Information (PHI) and is managed according to HIPAA regulations. Only authorized personnel may access PHI, and we will never use or disclose it for non-medical purposes without your consent.

9. Children Under the Age of 18

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have received data from a child without parental consent, we will delete it promptly.

10. International Users and GDPR

If you access our Services from the European Union or other regions with data protection laws, you may have additional rights under the General Data Protection Regulation (GDPR), including:

  • The right to access, correct, or delete your data

  • The right to restrict or object to processing

  • The right to withdraw consent at any time

  • The right to data portability

We may transfer your data to the U.S. and implement standard contractual clauses or other safeguards to ensure lawful data transfers.

11. Cookies and Tracking Technologies

We may use cookies and similar technologies to improve user experience and gather analytics. You will be notified of cookie use via a banner on our site and may opt out at any time. A full Cookie Policy will be published upon implementation.

12. Accessibility Statement

We are committed to making our website accessible to individuals with disabilities. If you encounter any accessibility barriers, please email us at Donna@skinloungeoldtown.com so we can assist you and improve your experience.

13. Retention of Information

We retain your personal and treatment-related information only as long as necessary to provide services, meet regulatory obligations, or resolve disputes. When no longer needed, data is securely deleted or anonymized.

14. Changes to This Policy

We may revise this Policy periodically. Changes will be posted on this page with a new effective date. Please review it regularly for updates.

15. Contact Us

For questions about this Policy or your privacy rights, contact:

Skin Lounge of Old Town LLC
505 Wythe Street
Alexandria, VA 22314
Email: Donna@skinloungeoldtown.com