Updated July 25, 2022
This Policy will explain what information we collect online, why we collect it, and what avenues are available to individual users (“you” or “user”), who should at all times refer to the most current version of this Policy. By registering for a Membership, accessing our Site, or using any of our Services, you agree to be bound by this Policy and agree to immediately stop using our Services upon any disagreements with the Policy.
- 1.Scope of the Policy.
- 1.1.Scope. All provisions in this Policy will govern any and all information we may gather about you throughout your use of and interaction with our Services, including but not limited to all electronic communications and or user submissions as necessary for us to comply with applicable laws and provide a satisfactory experience for our users. To that end, we are not responsible for the privacy practices of any third parties, as that information is beyond our reach, and you should not contact us for any claims or concerns regarding Privacy Policies of any given third party.
- 2.Note Regarding Minors.
Our Services are intended for a general audience and designed for adults of eighteen (18) years of age and up. If you are below the age of 18, then a parent or legal guardian must consent on your behalf to approve the use of our Services (the “Parental Approval”). Upon receipt of parental consent, the minor will have their Personal Information collected and stored in line with Sana's routine membership data collection. See Section 3, “Types of Data Collected” and Section 8 “Data storage and transfer”. We do not knowingly collect or solicit information from any minor under the said age of 18 without Parental Approval. If we become aware that any minor under the said age of 18 has provided us with Personal Information, we will use commercially reasonable efforts to delete such information. Upon receipt of parental consent, the minor will have their Personal Information collected and stored in line with Sana's routine membership data collection, see more on how we use Personal Information in Section 3. Types of Data Collected. and Section 8. Data storage and transfer. If you are a parent or legal guardian of a minor under the said age of 18 and believe that we have collected Personal Information from the minor, please contact our Support Team at firstname.lastname@example.org to provide a written statement explicitly consenting to the minor’s use of our Services or to request their account be shut down and information be deleted.
- 3.Types of Data Collected.
Sana may collect information about the Services you use and how you use them as described below:
- 3.1.Voluntary Personal Information. While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (the “Personal Information”). You further agree to, at all times, voluntarily provide the following Personal Information:
- 3.1.1.Your email address and password. As required to book our Services, purchase products, and create your Sana Membership Account. Sana will also use your email to send confirmation emails, receipts, and marketing emails (unless opted-out).
- 3.1.2.Your first and last name. For identification purposes.
- 3.1.3.Your phone number. So that we may contact you in the interest of bettering your experience, confirming your appointments, addressing questions about your order, and preventing fraud.
- 3.1.4.Your street address, state, province, ZIP/Postal code, and city. As necessary to verify applicable laws and to confirm billing information.
- 3.1.5.Gender. For identification purposes.
- 3.1.6.Referral Source. For record keeping and, if applicable, loyalty point accrual.
- 3.1.7.Credit Card. For payment processing.
- 3.1.8.Optional Personal Information. Such as nationality, date of birth, etc., to interact with our membership community.
- 3.2.Passive Usage Data. While using our Services, we may passively and automatically collect certain usage data such as:
- 3.2.1.Your Internet Protocol Address (IP Address). Other information includes your browser type and version, web request, device, mobile ad identifiers, interaction with the Sites, pages viewed, app usage, emails received and opened, and other similar information.
- 3.2.3.Device Information. If you access the Services by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser you use, unique device identifiers and other diagnostic data.
- 3.3.Aggregate Information. While using our Services, we may collect additional data that does not identify you, such as:
- 3.3.1.Referring pages. The webpage you visited immediately before visiting ours.
- 3.3.2.Exit Pages. The webpage you visited immediately after visiting ours.
- 3.3.3.Operating System. Including the current version, language, date, and time.
- 3.4.Promotional Communication. We may also use your email address for marketing and promotional communications as allowed by applicable laws, and you may opt out of receipt of promotional communications by clicking “unsubscribe” at the bottom of any Sana marketing email. Sana appointment emails (i.e., confirmations, cancellations) and post-treatment review emails (i.e., 5-star rating emails) must be unsubscribed separately from marketing emails.
- 4.How we use the information we collect.
- 4.1.Features and Functionality. Sana collects information for a variety of business purposes, including, for example, to operate, maintain and provide you with the features and functionality of the Services, such as:
- 4.1.1.Providing, maintaining, protecting, and improving our Services. To develop new Services and offerings, and to protect our users and us from bad actors.
- 4.1.2.Manage your Account. To allow you access to different tools and functionalities within our Services.
- 4.1.3.Customer Support. To ensure prompt and accurate handlings on all claims or disputes, responding to your inquiries, providing customer services, and resolving any complaints.
- 4.1.4.Clear Communications. To facilitate interactions with you via email, phone, or chat regarding updates to the Services, informative communications, new and special offerings, security updates, news, or regarding certain products, services, or promotions we believe you may be interested in, provided that you have not already opted out of receiving such communications.
- 4.1.6.Approved purposes. For any other purposes disclosed to you when your information is collected or according to your consent.
- 4.1.7.Promotional Communication. Sana appointment emails (i.e., confirmations, cancellations) and post-treatment review emails (i.e., 5-star rating emails) must be unsubscribed separately from marketing emails. To unsubscribe from transactional emails (receipts, confirmation emails etc.), please call 305-707-5176 or email email@example.com. Please note that Sana is a paperless business, should you unsubscribe to transactional emails you will not receive any receipts for your charges.
Please keep in mind that comments sections, forums, and other similar services areas are public. Any information posted in those areas is viewable and usable by anyone that has access.
- 5.Sharing your information.
- 5.1.General. Sana is committed to maintaining your trust, and we want to be transparent as to whom and why we may share Personal Information collected about you. We may transfer Personal Information to third parties to provide the Services when we have your permission to use certain specific services to share said information to make Services available to you. Note that third parties are not authorized to retain, share, store or use your Personal Information, without prior authorization by Sana, such as:
- 5.1.2.Legal Reasons. Certain third parties may use, store, and access information in a matter that is confidential and reasonably necessary to comply with applicable laws, regulations, legal processes, or government requests, or as necessary to prevent fraud and guarantee the safety of all users. Some of these use cases include but are not limited to (i) complying with judicial proceedings, court orders, or process serving; and (ii) investigating crimes, such as fraud or identity theft.
- 5.1.3.Corporate Transactions. Becoming involved in a merger with another organization will involve the sale of some or all of our assets, including all user information to the extent it is required.
- 5.1.4.For business purposes. We may share aggregate information and data with marketing, advertising, and business development partners as necessary to develop our Services and provide better customer-driven products, services, and updates.
- 6.Legal Requirements.
- 6.1.General. The information we collect may qualify for certain governing laws, including but not limited to Article six (6) of the General Data Protection Regulation that specifies the basis for data processing.
- 6.2.Contractual Obligations. It is required, in the interest of advancing our contractual needs, that we process the information outlined in Section 4 to comply with and carry on our obligations in this Policy and provide users with access to our Services.
Anti-Money Laundering and Fraud. It is a contractual necessity to process and store personal and payment information, to support continued efforts in fighting Anti-Money Laundering and Fraudulent practices that may arise in the absence of said protections.
- 6.3.Customer Support. We have a legitimate interest in processing user data, statistics, reports, and other similarly useful information as necessary to provide customer support, software assistance, sales questions, and more for our users.
- 7.Account Security.
- 7.1.User Responsibility. The security of your account relies on the protection of your password and mobile device. You are responsible for maintaining the security of your password and mobile device. You are solely responsible for any and all activities that occur under your account. You may not share your password with anyone. We will never ask you to send your password or other sensitive information to us in an email.
- 7.2.Unauthorized Communications. Any email or other communication requesting your password or asking you to provide sensitive account information via email should be treated as unauthorized and suspicious and should be reported to us immediately at firstname.lastname@example.org. If you do share your password or your device with a third party for any reason, the third party will have access to your account and your Personal Information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please change it immediately. If you think that unauthorized access has already occurred, please report it immediately at email@example.com.
- 8.Data storage and transfer.
- 8.1.Data Storage. Sana will only store your personal information for as long as it is required to operate our Services. We will retain important personal information as necessary to comply with legal obligations, resolve disputes, or enforce additional agreements. Your information collected through our Services may be stored and processed in the United States or any other country where Sana or its affiliates or service providers maintain facilities.
- 8.2.Data Sharing. Sana processes your personal information within our systems and Services as necessary to provide said Services. We will take all steps reasonably necessary to ensure that any Personal Information is treated securely and per this Policy and applicable law. To that end, data may be transferred to computers or servers located outside of your jurisdictional area. Such transfers are made under appropriate safeguards as provided by applicable law, and you consent to both the transfer and the Policy by your continued use of the Services.
- 9.California privacy rights.
Under Section 1798.83 of the California Civil Code, residents of the state may request from certain businesses to who they have established a relationship with a list of all third parties to which the Company has shared personal data during the preceding calendar year marketing purposes. In your request, please specify via the subject line that you are claiming your right to Section 1798.83 of the California Civil Code, include your mailing address, phone number, and full name, and certify you are a resident of the state. If you are a California resident and want your copy of this notice, please email firstname.lastname@example.org.
- 9.1.California Consumer Privacy Act Rights. Under the California Consumer Privacy Act (“CCPA”), California residents have certain rights regarding their Personal Information. If you would like to exercise these rights, please contact us using the email address, or physical mailing address listed within the “How to Contact Us” section below. We may require you to prove your identity, at our discretion and as we deem appropriate, before sharing the requested information in compliance with the CCPA. It may take us some time to respond to your request, but we will do so within the requirements of the CCPA.
This Policy provides you disclosure regarding the Personal Information we collect from you and the purposes. The CCPA grants you specific rights, including the following:
- 9.2.Right to request disclosure as to Personal Information we have collected about you. Upon a verifiable request, made through one of the methods provided within the “Contact Information” section below, we will disclose to you the items listed below, one or more of which may be provided by reference to this Policy:
- The categories of Personal Information Sana has stored about you.
- The categories of sources from which the Personal Information was collected.
- The business purpose behind collecting the Personal Information.
- The categories of third parties with whom Sana has shared the information.
- The specific pieces of Personal Information Sana has collected about you.
- 9.3.Right to opt-out of the sale of your information. To exercise this right, please contact us via the steps provided within the “How to Contact Us” section below.
- 9.4.Right to request deletion. Upon receiving a verifiable request, made via the steps provided within the “How to Contact Us” section below, we will delete the personal information we have regarding you and direct our service providers to delete your personal information from their records to the extent provided by the CCPA.
- 9.5.Right to be free from discrimination. You have the right not to be discriminated against for exercising these rights.
- 9.6.How to Contact Us. Please contact us by post at 167 NW 25th St Miami, FL 33127 or via email at email@example.com for any questions about this Policy.
If any part of this Policy is held invalid or unenforceable, that portion shall be interpreted in a manner consistent with applicable law to reflect, as nearly as possible, our original intentions, and the remaining portions shall remain in full force and effect.
This Privacy Notice was published and updated as of the date first referenced at the beginning of the Policy. Sana reserves the right to change this Policy from time to time, and you are to be solely responsible for reviewing any changes in the most current version, available to you via www.sanaskinstudio.com/[PrivacyPolicy].