Privacy Policy

Rani Beauty Clinic ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our clinic located at 401 Olympia Ave NE, Suite 101, Renton, WA 98056, use our website at https://ranibeautyclinic.com, or engage with our services. By accessing our website or using our services, you acknowledge that you have read and understand this Privacy Policy.

1. Information We Collect

Personal Information

When you schedule an appointment, register as a patient, or otherwise interact with our clinic, we may collect personal information including but not limited to: your full name, date of birth, mailing address, email address, telephone number, emergency contact information, government-issued identification, and payment information such as credit or debit card details.

Health and Medical Information

As a medical spa operating under physician supervision, we collect health-related information necessary for the safe and effective delivery of our services. This may include your medical history, current medications, allergies, prior treatments, skin type assessments, photographs taken for treatment planning and progress tracking, laboratory results from blood work performed in our clinic, treatment records, and other clinical data related to your care. This information is considered Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA) and is subject to additional protections as described in Section 3 of this policy.

Automatically Collected Information

When you visit our website, we may automatically collect certain technical information, including your IP address, browser type and version, operating system, referring URL, pages viewed, time spent on pages, and other browsing behavior data. This information is collected through cookies, web beacons, and similar tracking technologies as described in Section 5 of this policy.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Treatment and Care: To provide, manage, and improve the aesthetic and medical wellness services you receive, including treatment planning, clinical decision-making, follow-up care, and maintaining accurate medical records.
• Appointment Management: To schedule, confirm, reschedule, or cancel appointments and to send appointment reminders via email, text message, or telephone.
• Payment Processing: To process payments for services rendered, manage billing records, and handle refunds or adjustments when applicable.
• Communication: To respond to your inquiries, provide information about our services, send promotional materials and newsletters (with your consent), and communicate important updates about our clinic or your care.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes, including healthcare regulations, tax reporting requirements, and law enforcement requests.
• Quality Improvement: To analyze trends, monitor the effectiveness of treatments, improve our services, and enhance the overall patient experience.
• Website Optimization: To analyze website usage patterns, improve website functionality, and personalize your online experience.

3. HIPAA Notice and Protected Health Information

As a medical spa that provides services under the supervision of our Medical Director, Dr. Alexander Landfield, Rani Beauty Clinic may be subject to the Health Insurance Portability and Accountability Act (HIPAA). We are committed to protecting your Protected Health Information (PHI) in accordance with HIPAA requirements and the HIPAA Privacy Rule.

Your PHI will only be used or disclosed for purposes of treatment, payment, and healthcare operations, or as otherwise permitted or required by law. We maintain physical, electronic, and procedural safeguards to protect your PHI from unauthorized access, use, or disclosure. You have the right to request a copy of our full Notice of Privacy Practices, which provides detailed information about how your PHI may be used and disclosed and your rights regarding your health information.

Your rights under HIPAA include the right to access and receive a copy of your health records, the right to request corrections to your health information, the right to request restrictions on certain uses and disclosures of your PHI, the right to receive confidential communications, the right to receive an accounting of certain disclosures of your PHI, and the right to file a complaint if you believe your privacy rights have been violated. To exercise any of these rights or to request a copy of our Notice of Privacy Practices, please contact our Privacy Officer using the contact information provided at the end of this policy.

4. Disclosure of Your Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may share your information in the following circumstances:

• Service Providers: We may share information with trusted third-party service providers who assist us in operating our clinic and website, processing payments, sending communications, or performing other business functions on our behalf. These providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.
• Legal Requirements: We may disclose your information when required by law, court order, subpoena, or other legal process, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.
• With Your Consent: We may share your information for purposes not covered by this policy with your explicit consent.

5. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand how visitors interact with our site. Cookies are small text files stored on your device when you visit a website.

We use the following types of cookies: essential cookies that are necessary for the website to function properly, performance cookies that help us understand how visitors use our website by collecting anonymous statistical data, and marketing cookies that may be used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a cookie is set. Please note that disabling certain cookies may affect the functionality of our website. We may also use third-party analytics services, such as Google Analytics, which use cookies and similar technologies to collect and analyze information about website usage. You can learn more about Google's privacy practices and opt out of Google Analytics tracking by visiting Google's privacy policy page.

6. Third-Party Services

Our website and services may integrate with or link to third-party services, including but not limited to online scheduling platforms, payment processors, social media platforms, review platforms, email marketing services, and analytics providers. These third-party services have their own privacy policies and data collection practices, and we encourage you to review their respective privacy policies. We are not responsible for the privacy practices or content of any third-party websites or services.

When you interact with third-party services through our website (for example, by using an online booking system or submitting a payment), the information you provide may be collected by both us and the third-party service provider. We select our third-party partners carefully and require them to maintain appropriate security measures, but we cannot guarantee the security of information transmitted to or stored by third-party services.

7. Data Security

We implement reasonable and appropriate physical, technical, and administrative safeguards to protect your personal information and health data from unauthorized access, use, alteration, disclosure, or destruction. These measures include but are not limited to: encryption of sensitive data in transit and at rest, secure access controls and authentication procedures, regular security assessments and updates, employee training on data protection and HIPAA compliance, secure disposal of documents and records containing personal information, and physical security measures at our clinic to protect paper records and electronic systems.

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your information, but we are committed to maintaining industry-standard protections and promptly addressing any security incidents that may occur.

8. Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information:

• Access: You may request access to the personal information we hold about you.
• Correction: You may request that we correct inaccurate or incomplete personal information.
• Deletion: You may request the deletion of your personal information, subject to certain legal exceptions and retention requirements.
• Opt-Out: You may opt out of receiving promotional communications from us at any time by following the unsubscribe instructions in our emails or by contacting us directly.
• Data Portability: Where applicable, you may request a copy of your personal information in a structured, commonly used, and machine-readable format.

Please note that certain information may be exempt from such requests under applicable law, and we may need to retain certain information for legal or legitimate business purposes. We will respond to your request within the time frame required by applicable law.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18 without parental or guardian consent. If a minor receives treatment at our clinic, a parent or legal guardian must provide consent and their personal information may be collected as part of the treatment process. If we become aware that we have collected personal information from a child under 18 without appropriate consent, we will take steps to delete such information promptly.

10. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make changes, we will revise the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any changes to this Privacy Policy constitutes your acceptance of those changes.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For HIPAA-related inquiries or to exercise your rights regarding your Protected Health Information, please contact our Privacy Officer at the address or phone number listed above and request to speak with the Privacy Officer.