Effective Date: 9/9/2025

Last Revised: 9/9/2025

Contours Spa-Lon (“Company,” “we,” “us,” or “our”) is firmly committed to the lawful, ethical, and transparent handling of all personal and sensitive information entrusted to us by our clientele (“you,” “your,” or “Client”). We categorically affirm that we do not sell, lease, trade, or otherwise monetize any personal information under any circumstances. This Privacy Statement is issued pursuant to applicable federal, state, and local laws governing data protection, including but not limited to the California Consumer Privacy Act (CCPA), and any other jurisdictional mandates to which we may be subject.

1. Scope and Applicability

This Privacy Statement governs the collection, use, disclosure, retention, and protection of personal information obtained through any interaction with Contours Spa-Lon, including but not limited to in-person consultations, digital communications, online bookings, and service-related documentation. By engaging in our services, you acknowledge and consent to the practices described herein.

2. Categories of Information Collected

Contours Spa-Lon may collect, store, and process the following categories of personal information, which may be obtained directly from you or indirectly through authorized third-party systems:

• Identifying Information: Full legal name, date of birth, gender, and government-issued identification (where required for compliance).
• Contact Information: Residential address, email address, telephone number(s).
• Service Information: Preferences, treatment notes, and any relevant documentation relating to services provided.
• Transactional Information: Purchase records, payment method details (processed via PCI-compliant third-party gateways), and appointment history.
• Digital Identifiers: IP address, device type, browser metadata, geolocation data, and behavioral analytics obtained via cookies or similar technologies.

3. Purpose of Data Collection and Processing

All personal information is collected and processed solely for legitimate business purposes, including but not limited to:

• Facilitating the delivery of customized and clinically safe services.
• Ensuring compliance with informed consent protocols and professional licensing requirements.
• Administering scheduling, billing, and transactional operations.
• Conducting internal audits, quality assurance, and service optimization.
• Complying with applicable legal obligations and operational standards.

4. Data Security and Confidentiality Measures

Contours Spa-Lon maintains a robust data governance framework designed to safeguard personal information against unauthorized access, disclosure, alteration, and destruction. Our security protocols include:

• End-to-end encryption of sensitive data in transit and at rest.
• Role-based access controls and multi-factor authentication for internal systems.
• Secure physical storage of paper records in restricted-access areas.
• Routine vulnerability assessments and compliance audits.

All personnel with access to personal data are bound by strict confidentiality agreements and trained in data protection best practices.

5. Disclosure to Third Parties

Contours Spa-Lon unequivocally affirms that it does not sell, lease, license, trade, exchange, or otherwise disclose any personal information of Clients for commercial purposes, financial gain, or marketing exploitation. Under no circumstances shall Clients’ personal data be commodified, transferred, or made accessible to unaffiliated third parties for promotional or revenue-generating activities.

Disclosure of personal information is strictly limited to the following lawful and operationally necessary circumstances:

• To license professionals within our organization for service-related purposes.
• To authorized service providers (e.g., payment processors, IT vendors) under binding data protection agreements that prohibit secondary use or disclosure.
• To legal counsel, insurance carriers, or risk management professionals for the purpose of dispute resolution, claims processing, or compliance audits.

All third-party disclosures, where applicable, are governed by written agreements that impose strict confidentiality, data protection, and non-disclosure obligations consistent with this Privacy Statement.

6. Client Rights and Remedies

Subject to applicable law, Clients may exercise the following rights with respect to their personal information:

• The right to access, review, and obtain a copy of their data.
• The right to request correction or amendment of inaccurate or incomplete data.
• The right to request deletion of data, subject to retention obligations.
• The right to withdraw consent for data processing, where applicable.
• The right to lodge a complaint with a supervisory authority.

Requests must be submitted in writing to:
Email:  
Phone: 1 (520) 803-0774
Mailing Address: 5405 South Highway 92 Suite A Sierra Vista, Az 85650

Contours Spa-Lon shall respond to all verifiable requests within the timeframes prescribed by law.

7. Amendments and Updates

Contours Spa-Lon reserves the right to amend, revise, or otherwise modify this Privacy Statement at any time, without prior notice, to reflect changes in law, technology, or operational practices. All updates shall be published on our official website and shall become effective upon posting, unless otherwise required by law.

Would you like me to format this for your website, intake forms, or pair it with a branded Consent to Treatment Agreement? I can also help draft a Returns & Refunds Policy with matching tone and enforceability.