Black Rose Medical Aesthetic ("we", "our", "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share information when you visit our website, book an appointment, or use our services.
Information We Collect
We collect information you provide directly to us, including:
- Personal details: full name, email address, phone number, date of birth, and address.
- Health information: allergies, medical history, treatment preferences — only when relevant to the service you book.
- Payment information: when you make a purchase, payment is processed by Stripe. We never store your full card details.
- Booking history: appointments, treatments received, products purchased.
- Communication: messages sent through our chatbot, WhatsApp, or email.
We also collect technical information automatically: browser type, device, IP address, and pages visited (via Vercel Analytics).
How We Use Your Information
We use the information we collect to:
- Schedule, confirm, and remind you about your appointments.
- Process payments and deliver products you purchase.
- Provide personalized treatment recommendations.
- Communicate with you about your bookings, services, or promotions you opted into.
- Maintain accurate records for medical and legal compliance.
- Improve our services and website experience.
Information Sharing
We do not sell or rent your personal information to third parties. We share data only with:
- Service providers who help us operate the business: Supabase (database), Vercel (hosting), Resend (email), Stripe (payments), Anthropic (AI chatbot).
- Our staff and specialists who need access to provide your treatments.
- Legal authorities when required by law.
Data Security
We take the security of your data seriously. Measures include:
- Encrypted connections (HTTPS) for all data transmission.
- Database row-level security with strict access controls.
- Authentication through secure providers.
- Regular security audits and updates.
- Health and medical records access restricted to authorized staff only.
Your Rights
You have the right to:
- Access your personal data — see what we have on file.
- Correct any inaccurate or incomplete information.
- Delete your account and personal data (subject to legal retention requirements).
- Withdraw consent for marketing communications at any time.
- Receive a copy of your data in a portable format.
To exercise any of these rights, contact us at brmedaesthetic.adm@gmail.com.
Cookies & Tracking
We use minimal cookies and tracking:
- Essential cookies: required for authentication and language preferences.
- Analytics: anonymized page view data via Vercel Analytics — no personal identifiers.
We do not use third-party advertising trackers.
Children's Privacy
Our services are intended for individuals 18 years or older. We do not knowingly collect information from children under 18. If you believe we have collected data from a minor, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest revision. Significant changes will be notified to registered clients via email.
Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us:
- Email: brmedaesthetic.adm@gmail.com
- WhatsApp: +1 (868) 772-1903
- Address: #20 Henry Pierre Street, Mucurapo Road, Port of Spain, Trinidad & Tobago