Schedule Your Appointment

🔐 Privacy Policy


Effective Date: 1 August 2025  •  Last Updated: 7 August 2025

Business Name: Pure Harmony Med Spa, Corp

Contact: contact@pureharmonykendall.com  •  (786) 745-7956

Address: 4246 SW 152 Ave, Suite 22, Miami, FL 33185

1. Introduction

Pure Harmony Med Spa (“we,” “us,” “our”) respects your privacy. This Privacy Policy explains what data we collect, why we collect it, how we use it, how we protect it, and the choices you have when you visit pureharmonykendall.com, book an appointment, purchase products or services, or otherwise interact with our offerings (collectively, “Services”). By using our Services, you agree to the practices below.

2. Information We Collect

Category Examples Legal Basis*
Personal Information You Provide Name, email, phone, mailing address, date of birth, treatment details, before/after photos (with consent), partial card data (last 4) Contract performance / Legitimate interest / Consent
Payment Information Tokenized card details & transaction IDs processed by Stripe (we never store full card numbers or CVV) Contract performance / Legal obligation
Device & Usage Data IP, browser type, device ID, pages visited, clicks, cookies/pixels Legitimate interest
Sensitive Data Health-related details you choose to share for treatment Explicit consent

*GDPR/CCPA references for transparency; applies where legally required.

3. How We Collect Information

  • Website booking / contact forms
  • In-clinic intake forms & consents
  • Email, phone, or SMS conversations
  • Cookies, pixels & analytics (Google Analytics, Meta Pixel)
  • Integrated vendors (GoHighLevel CRM, Stripe Payments)

4. How We Use Information

  1. Schedule, confirm, and manage appointments
  2. Process payments and issue receipts/refunds
  3. Respond to inquiries & provide customer support
  4. Recommend treatments & track results
  5. Send transactional communications (confirmations, reminders, follow-ups)
  6. Send promotional offers only if you opt in
  7. Comply with legal, tax, or regulatory obligations (HIPAA, PCI-DSS)
  8. Improve, secure, and debug our website & Services

5. Payment Processing & Security (Stripe)

All online transactions are processed through Stripe, a PCI-DSS Level 1-certified payment processor. TLS 1.2+ encryption secures data in transit; card data is tokenized and never touches our servers. Stripe may collect device identifiers for fraud prevention and analytics. For details, visit the Stripe Privacy Center. We retain Stripe transaction records for 7 years (IRS requirement) and then securely delete them.

6. Security Capabilities & Policy for Transmission of Card Details

  • SSL/TLS encryption on every page (HSTS enforced)
  • Role-based staff access with MFA
  • Quarterly vulnerability scans & annual PCI self-assessment
  • Incident-response plan with 72-hour notification window for any data breach involving payment data

7. SMS & Email Communications (A2P Compliance)

Transactional SMS: Sent when you provide a phone number and tick the “Transactional SMS” consent box.

Promotional SMS: Sent only if you also opt-in to “Marketing & Promotional SMS.”

Msg frequency varies; Msg & Data rates may apply. Text STOP to opt-out, HELP for help. We do not sell or share phone numbers with third-party marketers.

8. Cookies & Tracking Technologies

We use first- and third-party cookies to analyze site usage, remember preferences, and deliver relevant ads. You can disable cookies in your browser, but some features may not function.

9. Data Sharing

We never sell your data. We share it only with:

  • Authorized staff who require it to serve you
  • Trusted service providers (CRM, email, SMS, Stripe, analytics) under written confidentiality agreements
  • Regulators or law enforcement when legally compelled

10. International Transfers

Our servers are in the United States. If you are outside the US, your data may be transferred and processed here. We rely on standard contractual clauses and equivalent safeguards where required.

11. Retention

We keep personal data only as long as necessary for the purposes listed or to meet legal/tax obligations, after which it is securely deleted or anonymized.

12. Your Rights

You may access, correct, delete, restrict, or receive a copy of your data, and withdraw marketing consent at any time.

Email: privacy@pureharmonykendall.com  •  Response within 30 days.

13. Children’s Privacy

Our Services are not directed to children under 13. If we learn we collected such data, we will delete it promptly.

14. Third-Party Links

We are not responsible for the privacy practices of external sites linked from ours.

15. Changes to This Policy

We may update this Policy periodically. Material changes will be posted here with a new “Last Updated” date. Continued use of our Services after changes constitutes acceptance.

16. Contact Us

Privacy Officer: Sheila Perez

Phone: (786) 745-7956  •  Email: privacy@pureharmonykendall.com

Mail: 4246 SW 152 Ave, Suite 22, Miami, FL 33185

Stripe-required website disclosures satisfied: service description, transaction currency (USD), full customer-service contacts, refund policy (see Terms of Service), privacy policy (this document), promotion terms (in promotional emails), and security capabilities for payment data.