Privacy Policy

We understand the importance of maintaining your privacy and are committed to ensuring that your personal data is protected and used correctly. This Privacy Policy provides essential information about how we handle your personal data, ensuring you have control over your personal information and understand your rights.

The policy applies to all visitors of our website, users of our services, and anyone who interacts with us through digital means, such as via email or text marketing. By using our services, you agree to the collection, use, and sharing of information as described in this Privacy Policy. We encourage you to read it carefully to understand our practices and your rights.

We value your trust and are dedicated to keeping your data secure and treated with the utmost care and respect.

LAST UPDATED: September 25, 2023

Who We Are

The Lounge: North Idaho Med Spa is located at 8880 Hess St. #3 in Hayden Idaho. Our website address is and

Information We Collect

At The Lounge: North Idaho Med Spa, we prioritize transparency and trust. It’s essential for our community to understand what data we collect and why. Here’s a breakdown of the information we gather:

2.1 Direct Data Collection:

  • Appointments: When you make an appointment with us, we collect necessary patient data. While this encompasses a range of details to provide you the best care, it’s crucial to note that all medical information is held in the strictest confidence. This data is protected by the Health Insurance Portability and Accountability Act (HIPAA) and is strictly confined to healthcare purposes.
  • Sign-ups and Registrations: Whether signing up for our services, newsletters, or promotional offerings, we might collect basic information like your first name, email address, and phone number. This data aids us in personalizing your experience and ensuring seamless communication.

2.2 Automated Data Collection:

  • Cookies: Our website utilizes cookies to enhance your browsing experience, understand user behavior, and provide relevant offerings. Cookies are small files that store specific data about your interactions on our site, but they don’t contain personal identification information unless you provide it.

2.3 Marketing Communications:

  • Email and SMS Marketing: With your consent, we might send you promotional emails and text messages. For this purpose, we only use your name, email address, and phone number to ensure the messages are tailored to you. You always have the option to opt-out of these communications.

2.4 Data Sharing and Protection:

  • Confidentiality: We stand by the principle of not selling your data. Furthermore, we don’t share your data for third-party marketing purposes. Your trust is paramount, and we ensure that your personal and medical information remains confidential.
  • Service Providers: While we maintain the confidentiality of your data, some information is shared with companies that provide our marketing tools to enhance our service offerings. This collaboration is purely functional and doesn’t compromise the privacy of your data.


  • When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
  • An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.

By interacting with our services and platforms, you entrust us with specific data. We assure you that this trust is never taken lightly. Every piece of information collected is with the intention of bettering our services and ensuring a seamless experience for our community.

How We Use Your Information

How We Use Your Information

At The Lounge: North Idaho Med Spa, our primary goal is to provide an unparalleled experience to our users. The information we collect serves to streamline this mission. Here’s an insight into how we employ your data:

3.1 Service Provision:

  • Enhanced Personalization: With the help of your data, we can tailor our services to your preferences, ensuring you get treatments and experiences best suited to your needs.
  • Appointment Management: Your details facilitate easy scheduling, reminders, and modifications of appointments.

3.2 Communication:

  • Service Updates: Periodically, we might need to update you about changes to our services, treatments, or operational hours. Your contact details allow us to keep you informed seamlessly.
  • Customer Support: Should you have inquiries or face challenges, we use your data to swiftly provide assistance, ensuring that your concerns are addressed promptly.

3.3 Marketing and Promotions:

  • Tailored Offers: Based on your past preferences and interactions, we occasionally send out special deals or promotional messages via email or SMS that we believe will be of interest to you.
  • Feedback Requests: To continually improve, we might reach out to solicit feedback on your experiences with our treatments, products, or services.

3.4 Analytics and Improvements:

  • User Behavior: Through cookies and other automated tools, we understand how users interact with our website. This helps us make navigational improvements, enhance the user experience, and refine our online presence.
  • Service Analysis: By understanding which treatments or products are popular or in demand, we can focus on improving them and introducing new offerings aligned with our users’ preferences.

3.5 Legal Reasons:

  • Compliance and Regulations: We sometimes need to use your information to comply with legal obligations, including adhering to regulations like HIPAA for medical data.
  • Protection: Your data helps us safeguard our rights, privacy, safety, and property—and that of our users. It also aids in risk assessment and fraud prevention.

Every use of your data is oriented toward bettering your experience, enhancing our offerings, and maintaining a safe, compliant environment. Our commitment is to ensure transparency in our operations and to utilize your information responsibly and ethically.

Sharing and Disclosure

At The Lounge: North Idaho Med Spa, we treat your information with the utmost care and confidentiality. Here’s a detailed overview of how and why we might share your information:

4.1 Third-party Partners and Providers:

  • Operational Needs: We collaborate with certain third parties to facilitate our services, such as website hosting, data analysis, and operational purposes. These entities only access the information necessary to perform their functions and are strictly prohibited from using it for other purposes.

4.2 Payment Processors (Stripe and WooPayments):

  • Transaction Management: To facilitate secure financial transactions on our platform, we work with trusted payment processors like Stripe and WooPayments. While executing payments, some of your financial and transactional details may be shared with these processors. We recommend reviewing their privacy policies for a deeper understanding of their practices.

4.3 Service Providers for Marketing Tools:

  • Enhanced Engagement: While we never sell your data or share it for third-party marketing purposes, some information is shared with companies providing our marketing tools. This is to ensure our promotional activities are relevant and effective. These providers are bound by contractual obligations to keep personal information confidential and use it solely for the purposes we dictate.

4.4 Legal and Compliance Reasons:

  • Lawful Requests: We may be required to disclose personal data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
  • Protection and Safety: If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of The Lounge: North Idaho Med Spa, our customers, or others, we may share personal data.

4.5 Business Transfers (e.g., Mergers or Acquisitions):

  • Continuity of Services: In the unlikely event of a merger, acquisition, bankruptcy, dissolution, or any form of sale or transfer of some or all of our assets, personal information may be among the transferred assets. In such cases, we’ll ensure that the acquiring entity upholds the commitments of this policy.

We are steadfast in our commitment to ensuring that any sharing or disclosure of your data aligns with our dedication to your privacy and is conducted in compliance with all relevant regulations.

Cookies and Tracking Technologies

Your online experience matters to us. At The Lounge: North Idaho Med Spa, we employ cookies and other tracking technologies to optimize your digital interactions. Here’s what you should know about them:

5.1 Purpose of Cookies:

  • User Experience: Cookies help in remembering your preferences, thus providing a personalized browsing experience. Whether it’s your chosen language or previously viewed services, these tiny files ensure you don’t start from scratch every time.
  • Site Performance and Analytics: We analyze how users navigate our site, which services they look up, and how long they stay. This data, collected via cookies, assists us in improving our website’s layout, content, and overall functionality.
  • Login Retention: For platforms requiring a login, cookies might keep you signed in, sparing you from re-entering credentials every visit.

5.2 Types of Cookies Used:

  • Session Cookies: These are temporary and are deleted once you close your browser. They’re essential for various functionalities, like navigating between site pages.
  • Persistent Cookies: These stay on your device until manually deleted or they expire. They remember login details and other preferences for future visits.
  • Third-party Cookies: These cookies are set by other websites or services we use, such as video hosting sites or analytics providers. They operate under their respective privacy policies.

5.3 Managing Cookies and Opting Out:

  • Browser Settings: You have control over cookies through your browser settings. Depending on your browser, you can set it to notify you when a cookie is being set or updated, or to block cookies altogether. However, please note that by blocking or deleting cookies, some features of our website might not work as intended.
  • Third-party Opt-out: For cookies set by third parties, you can often opt out directly from their website or through industry-standard opt-out tools.
  • Analytics Opt-out: If you wish to avoid tracking by analytics cookies, there are tools and browser add-ons that can help.

5.4 Other Tracking Technologies:

  • Web Beacons: These are tiny graphics with a unique identifier that function similarly to cookies. They’re used to track user activities but don’t remain on your device.
  • Embedded Scripts: Temporary scripts that measure how you interact with a website, such as how you scroll or what you click.

Your privacy is paramount. We’re transparent about the tracking methods we employ, and we give you the tools and information to manage them. Our aim is a seamless, user-friendly experience, always upholding the sanctity of your personal data.

Data Security

At The Lounge: North Idaho Med Spa, the security of your personal information remains a top priority. We implement a series of measures to protect the data you entrust us with. Here’s a glimpse into our data security protocols:

6.1 Measures to Protect Data:

  • Encryption: All sensitive data, such as transactional details or personal credentials, is encrypted during transmission. We utilize Secure Socket Layer (SSL) technology to ensure this.
  • Access Control: Only authorized personnel have access to personal data. Access is restricted based on roles, ensuring only those who need to view certain data can do so.
  • Regular Audits: We conduct periodic reviews of our systems and practices to ensure that our data protection measures remain robust and up-to-date.
  • Physical Security: Our servers and data centers come equipped with state-of-the-art security mechanisms, including surveillance and biometric access controls.

6.2 Data Breaches:

  • Immediate Action: In the unlikely event of a data breach, we act swiftly to identify the cause, contain the breach, and take measures to prevent any reoccurrence.
  • Notification: Should any breach compromise your personal data, we are committed to informing affected individuals without undue delay, in compliance with applicable laws.
  • Continual Learning: Post any incident, we undertake a rigorous analysis to understand the lapse and refine our security protocols further.

6.3 User Responsibilities:

  • Secure Credentials: You play a crucial role in protecting your data. Ensure that your login details, especially for accounts containing personal information, are unique and robust.
  • Stay Vigilant: Beware of phishing attempts or suspicious communications. Always verify the authenticity of requests for personal information.
  • Log Out: Especially on shared devices, remember to log out of accounts to prevent unauthorized access.

Data security is a shared responsibility. While we uphold our end with stringent measures, staying informed and vigilant is the best way to bolster your data’s safety.

User Rights and Choices

Your trust is our highest priority. At The Lounge: North Idaho Med Spa, we respect and acknowledge your rights when it comes to your personal data. Here’s an outline of the rights you possess and how you can exercise them:

7.1 Access and Review:

  • Your Data: You have the right to request access to the personal data we hold about you. This means you can request a copy, ensuring you’re informed about what we have and how we’ve used it.

7.2 Rectification:

  • Corrections: If you believe any information we hold about you is inaccurate or incomplete, you can request to have it corrected or completed.

7.3 Data Portability:

  • Transfer of Data: In certain situations, you might want your data transferred from us to another entity, or directly to you. Where technically feasible, we will facilitate this transfer.

7.4 Deletion:

  • Right to Be Forgotten: You can ask for your personal data to be deleted from our records. We’ll evaluate such requests in line with legal obligations and service continuity.

7.5 Opt-out and Withdrawal:

  • Marketing Communications: If you no longer wish to receive marketing emails or SMS from us, you can use the “unsubscribe” link found in those communications or contact us directly.
  • Cookies: As highlighted earlier, you have control over cookies and can choose to disable them from your browser settings.

7.6 Restriction of Processing:

  • Limit Data Use: In certain situations, you can request that we restrict the use of your data. This might be a temporary restriction while other rights are being realized or during a period of dispute over data accuracy.

7.7 Objection to Processing:

  • Right to Object: You have the right to object to our processing of your personal data under specific conditions, especially for direct marketing purposes.

7.8 Exercising Your Rights:

  • Requests: To exercise any of your rights, please contact us through the provided channels. We aim to respond to legitimate requests within a month, but it might take longer for complex requests. In such cases, we will keep you informed.
  • No Fees: Generally, we won’t charge a fee for you to exercise your rights. However, if the request is baseless or excessive, we may charge a reasonable fee or refuse to act on it.

It’s essential to note that while we strive to honor all rights, there might be legal or other official reasons that prevent us from fulfilling a request. In such cases, we will explain the reasons to you.

International Data Transfers

The Lounge: North Idaho Med Spa operates in a global digital environment, which means sometimes we might process data outside the immediate jurisdiction where it was collected. Here’s an insight into our practices regarding international data transfers:

8.1 Cross-border Transfers:

  • Data Storage: We use cloud services and data centers that might be located outside your country of residence. While we endeavor to choose reputable service providers with robust security measures, it’s essential to note that the data protection laws of these countries might differ from those in your jurisdiction.

8.2 Safeguarding International Transfers:

  • Data Protection Measures: We employ suitable legal mechanisms like Standard Contractual Clauses (SCCs) or rely on the Privacy Shield Framework to ensure that personal data transferred across borders is protected in line with this policy and applicable laws.
  • Vendor Vetting: Any third-party service providers or partners involved in international data transfers are meticulously vetted for their data protection standards and practices.

8.3 User Consent:

  • Your Agreement: By using our services or providing us with your personal information, you consent to the cross-border transfer, processing, and storage of your data as outlined in this section.

8.4 Revocation of Consent:

  • Managing Preferences: If you wish to withdraw your consent for international data transfers, please contact us. However, please understand that this might impact the delivery and quality of some services.

8.5 Specific Regions:

  • European Economic Area (EEA) Transfers: If you are from the EEA, and we transfer your personal data out of the EEA, we ensure to provide a similar degree of data protection. We use specific legal safeguards, and you can request more information about these by contacting us.

We are committed to ensuring that, irrespective of where your data is processed, it’s handled with the utmost care and in line with best practices and applicable laws.

Third-party Links and Services

The Lounge: North Idaho Med Spa’s digital platforms may contain links to or integrations with other services, websites, and digital platforms not operated by us. This section clarifies our stance on these third-party inclusions:

9.1 External Links:

  • Navigating Away: When you choose to access third-party websites or services through links on our platform, you will be leaving our digital environment. These external platforms might collect, use, and share your personal data in ways different from us.

9.2 No Control Over Third Parties:

  • Separate Policies: These third-party platforms have their own privacy policies, terms of service, and data collection practices. We have no control over and assume no responsibility for the content, privacy policies, or practices of these third-party sites or services.

9.3 User Discretion Advised:

  • Review Their Policies: We encourage users to be aware when they leave our platform and to read the privacy statements and terms of any other platform that collects personally identifiable information.

9.4 Partner Integrations:

  • Service Enhancements: For service enhancement, we might integrate third-party tools or platforms. While these are chosen after thorough vetting, it’s always prudent to be aware of their individual data handling practices.

9.5 Disclaimer:

  • Limitation of Liability: The Lounge: North Idaho Med Spa cannot be held liable for any breaches, data mishandling, or other unforeseen issues arising due to third-party platforms, even if accessed through links or integrations on our site.

9.6 Regular Monitoring:

  • Dynamic Web Environment: We periodically review the third-party links and integrations we include, removing or updating them as necessary to safeguard user interests.

Our commitment remains to protect your data within our ecosystem, and we advise caution and due diligence when navigating away.

Changes to This Privacy Policy

In the evolving digital landscape, we may occasionally update our privacy practices. Here’s what you should know about changes to this Privacy Policy:

10.1 Periodic Updates:

  • Review and Revision: To stay abreast of changes in the law, industry standards, or business practices, The Lounge: North Idaho Med Spa may periodically revise this Privacy Policy. We aim to ensure our commitment to protecting your personal data remains unwavering.

10.2 Notification of Changes:

  • Website Posting: Any updates or changes made to this policy will be posted on our website. This ensures you always have access to the most recent version.

Contacting Us

We value your feedback, questions, and any concerns about your data. If you wish to exercise your rights, seek clarifications, or report any grievances related to this Privacy Policy, here’s how you can get in touch with us:

11.1 Direct Communication:

  • Email: For immediate queries or concerns, email us at []. Our dedicated team will get back to you as promptly as possible.
  • Postal Address: For formal communications, letters, or legal notices, you can reach us at: 8880 N Hess St # 3, Hayden, ID 83835

Governing Law and Jurisdiction

The interpretation, execution, and settlement of disputes arising out of this Privacy Policy are governed by the laws and regulations in force in the state and country of our official business registration. This section provides clarity on the legal landscape that this policy adheres to:

12.1 Applicable Law:

  • Legal Framework: This Privacy Policy and its interpretation, as well as any disputes arising from it, will be governed by and construed in accordance with the laws of Idaho, USA, without regard to its conflict of law provisions.

12.2 Venue:

  • Jurisdiction: Any legal action or proceeding related to our website or services will be brought exclusively in the federal or state courts of Idaho, USA. Users hereby consent and submit to the personal jurisdiction of such courts for the purpose of litigating any such action.

12.3 Dispute Resolution:

  • Initial Mediation: Before filing any lawsuit, it is our policy to favor negotiation and, if necessary, mediation to resolve disputes swiftly and amicably.

12.4 International Considerations:

  • Foreign Access: If you are accessing our website or services from outside Idaho, USA, please be aware that your information may be transferred to, stored, and processed where our servers are located and our central database operates. The data protection and other laws of Idaho, USA, might not be as comprehensive as those in your country, but please rest assured that we take steps to protect your privacy.

By using our services, you understand that your information may be transferred to our facilities and to those third parties with whom we share it, as described in this policy.

Miscellaneous Provisions

While we’ve endeavored to cover all pertinent aspects in this Privacy Policy, this section includes additional provisions and clarifications to ensure there’s no ambiguity:

13.1 Severability:

  • Intact Provisions: If any provision of this Privacy Policy is deemed invalid or unenforceable by a court of competent jurisdiction, that provision will be limited or eliminated to the minimum extent necessary so that this Privacy Policy will otherwise remain in full force and effect.

13.2 Entire Agreement:

  • Full Understanding: This Privacy Policy, together with any terms of service or other agreements referenced herein or linked hereto, represents the complete agreement between you and The Lounge: North Idaho Med Spa concerning its subject matter and supersedes all prior agreements or communications.

13.3 No Waiver:

  • Rights Preserved: No failure or delay by The Lounge: North Idaho Med Spa in exercising any right under this Privacy Policy will constitute a waiver of that right unless explicitly stated by us in writing.

13.4 Assignment:

  • Policy Transference: The Lounge: North Idaho Med Spa may assign its rights and duties under this Privacy Policy to any party at any time without notice to users. However, the rights and duties of users under this Privacy Policy are not assignable by users.

13.5 Headings for Convenience:

  • Clarification: The section titles and headings in this Privacy Policy are for convenience only and have no legal or contractual effect. They are not to be used for interpretation of the text.