Privacy Policy

Refined Aesthetics ("we," "our," "us") respects your privacy. This Privacy Policy explains what information we collect about you, how we use it, who we share it with, and the choices you have. It applies to information collected through our website, during your visits to our locations in Leesburg and Winchester, and through our other interactions with you.

By using our website or services, you agree to the practices described here.

1. Scope and a Note on Health Information

This Privacy Policy covers information collected through our website and general business operations. Protected health information collected during the course of treatment is separately governed by our Notice of Privacy Practices ("NPP") under the Health Insurance Portability and Accountability Act ("HIPAA"). Our NPP is provided at your first appointment and is available on request.

If a provision of this Privacy Policy conflicts with the NPP for matters involving protected health information, the NPP controls.

2. Information We Collect

We collect information in three ways: information you provide directly to us, information we collect automatically when you visit our site, and information shared with us by third parties.

Information you provide.

  • Your name, email, phone number, mailing address, and date of birth when you book a consultation, join our membership, sign up for our newsletter, or contact us.
  • Medical history, current medications, allergies, and treatment history, when relevant to a service you are receiving.
  • Payment information processed by our third-party payment processor World Pay. We do not store complete payment card numbers on our own systems.
  • Photographs of treatment areas, where you have given specific written consent.
  • Communications you send us, including emails, messages, and form submissions.

Information we collect automatically.

  • IP address, browser type, device identifiers, and approximate location based on IP.
  • Pages viewed, time spent on the site, and the URLs that referred you to us.
  • Cookies and similar technologies, as described in Section 6.

Information from third parties.

  • Marketing and analytics partners may share aggregated or specific information with us about your interactions with our marketing and booking flows.
  • If you connect with us through social media, the platform may share certain information based on its privacy practices.

3. How We Use Your Information

We use your information to:

  • Provide consultations, treatments, and follow-up care.
  • Schedule appointments, send appointment reminders, and confirm bookings.
  • Process payments and manage memberships.
  • Communicate with you about your care, our services, and changes to our policies.
  • Send marketing communications when you have opted in. You can opt out at any time using the link in any marketing email.
  • Improve our website, our services, and the experience of being a patient with us.
  • Comply with our legal obligations, including medical record retention, tax, and licensing requirements.
  • Protect against fraud, unauthorized access, and other security risks.

4. Marketing Communications

You may receive emails, SMS messages, or postal mail from us about new treatments, seasonal offers, and educational content related to our services.

To opt out:

  • Click the unsubscribe link at the bottom of any marketing email.
  • Reply STOP to any marketing SMS.
  • Contact us using the information in Section 14.

Even if you opt out of marketing, we may still send you transactional messages such as appointment confirmations, treatment reminders, billing notices, and policy updates.

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies for the following purposes:

  • Essential cookies that make the website function, including remembering your session on member-restricted pages.
  • Analytics cookies that help us understand how visitors use the site.
  • Marketing cookies that allow us to show you relevant content on other websites you visit, when you have opted in.

You can manage cookies through your browser settings. If you opt out of analytics or marketing cookies, parts of the website may not function as intended.

We honor the Global Privacy Control (GPC) signal as a request to opt out of the sale or sharing of personal information.

6. Your Rights and Choices

Depending on where you live, you may have the following rights regarding your personal information.

  • Access. Request a copy of the personal information we hold about you.
  • Correction. Request that we correct inaccurate or incomplete information.
  • Deletion. Request that we delete your personal information, subject to legal retention requirements. Medical records, in particular, are subject to mandatory retention periods we cannot waive.
  • Opt-out. Stop receiving marketing communications at any time.
  • Restrict processing. Ask us to limit how we use your information.

To exercise any of these rights, contact us using the information in Section 14. We will respond within the timeframe required by applicable law, typically thirty to forty-five days. We may need to verify your identity before fulfilling a request.

7. Data Retention

We retain personal information for as long as reasonably necessary to provide our services, comply with legal obligations (including medical record retention required under Virginia law), resolve disputes, and enforce our agreements.

When information is no longer needed, we securely delete or anonymize it.

8. Data Security

We use administrative, technical, and physical safeguards to protect your information. These include encryption of data in transit and at rest where applicable, restricted access controls, employee training, and security monitoring.

No system is completely secure, and we will not pretend otherwise. If we become aware of a breach affecting your personal information, we will notify you in good faith and in accordance with applicable law.

9. Children's Privacy

Our website is not directed to children under thirteen. We do not knowingly collect personal information from children under thirteen. If you believe we have collected information from a child under thirteen, please contact us so we can delete it.

For minors between thirteen and seventeen receiving treatment, we collect information with the consent of a parent or legal guardian, and we use it only for the purposes of providing care.

10. Third-Party Links and Services

Our website may contain links to third-party sites, including social media platforms, manufacturer pages, and partner retailers. We are not responsible for the privacy practices of those sites. We encourage you to read the privacy policies of any third party you interact with.

11. International Users

Our services are intended for users in the United States. If you access our website from outside the U.S., your information may be transferred to and processed in the U.S., where data protection laws may differ from those in your country.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The most current version will always be posted on this page with an updated effective date. Significant changes will be communicated through our website or, where appropriate, by email.

13. Contact Us

For questions about this Privacy Policy, to exercise your rights, or to request a copy of our Notice of Privacy Practices, contact:

Refined Aesthetics, LLC