Effective Date: July 7, 2025

Last Updated: July 7, 2025

Introduction

Enigma Medi Spa & Laser Center and Enigma Plastic Surgery & Laser Center (collectively referred to as “Enigma,” “we,” “us,” or “our”) are two separate corporations that share this website: https://enigmamedspa.com. Each entity independently operates its own medical and business services in Philadelphia, PA, and is responsible for handling its own patient records and data.

We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Website or use our services.

This Privacy Policy does not replace our separate HIPAA Notice of Privacy Practices, which governs how we use and disclose protected health information.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide, including:

• Contact Information: Name, email, phone number, mailing address
• Medical Information: Health history, current medications, allergies, treatment preferences, relevant medical conditions
• Treatment Records: Procedures performed, treatment outcomes, before/after photos (with your written consent)
• Appointment Information: Scheduling preferences, consultation notes, treatment history
• Payment Information: Billing address and payment method details (processed securely by third-party processors)
• Communication Records: Emails, phone calls, and text messages with our staff

Automatically Collected Information

When you use our Website, we automatically collect:

• Technical Information: IP address, browser type, device data, operating system
• Usage Data: Pages visited, time on site, referring websites, search terms
• Cookies & Tracking Technologies: Data collected via cookies, web beacons, and similar tools. (You can manage cookies via your browser settings.)

How We Use Your Information

Medical Care & Treatment

• Providing medical and aesthetic treatments
• Maintaining accurate medical records
• Coordinating care between our locations and healthcare providers
• Following up on treatments and monitoring outcomes
• Ensuring continuity of care

Business Operations

• Scheduling appointments and managing calendars
• Processing payments and billing
• Communicating with you about your treatments, appointments, or services
• Sending appointment reminders and follow-ups
• Providing customer service and managing patient relationships

Marketing & Communications

• Sending promotional materials and special offers (with your consent)
• Sharing before/after photos (with explicit written consent)
• Responding to inquiries and feedback
• Improving our services based on your input

Legal & Regulatory Compliance

• Complying with healthcare laws and regulations
• Responding to legal requests and preventing fraud
• Protecting our rights and the rights of others

Information Sharing & Disclosure

Healthcare Providers

• Licensed healthcare professionals involved in your care
• Referring physicians or specialists as part of your treatment plan
• Healthcare facilities that provide related services

Service Providers

• Third-party vendors assisting with scheduling, payments, IT, or marketing (bound by confidentiality agreements)
• Professional consultants (legal, accounting, compliance)

Legal Requirements

• When required by law, regulation, subpoena, or court order
• To protect patient, staff, or public safety
• To prevent fraud or other illegal activity

Business Transfers

• In connection with a merger, acquisition, or asset sale (subject to appropriate confidentiality protections)

Data Security

We implement appropriate technical and organizational safeguards to protect your personal data, including:

• Secure data storage and encrypted transmissions
• Access controls and authentication for staff
• Regular security assessments and updates
• HIPAA compliance for protected health information
• Secure disposal of physical and electronic records

Your Rights & Choices

Access & Correction

• Request access to or correction of your personal information
• Update your contact preferences

Communication Preferences

• Opt out of marketing communications at any time
• Update how you wish to be contacted
• Request removal from promotional lists

Medical Records

• Request copies of your medical records (subject to applicable laws)
• Request amendments or an accounting of disclosures

Data Portability

• Request electronic copies of your data in a standard format

Cookies & Tracking

We use cookies and similar technologies to:

• Remember your preferences
• Analyze website traffic and usage
• Deliver personalized content and ads
• Enhance user experience

You can adjust your browser settings to control cookies. Disabling cookies may affect site functionality.

Third-Party Links

Our Website may link to external sites we do not control. We encourage you to review their privacy policies before providing any personal information.

Children’s Privacy

Our services are not directed to individuals under 18. We do not knowingly collect information from minors without parental consent. If we learn we have collected data from a child without consent, we will promptly delete it.

California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including:

• Knowing what personal information we collect and how we use it
• Requesting deletion of your personal information (subject to exceptions)
• Opting out of the sale of personal information (we do not sell your personal data)
• Freedom from discrimination for exercising these rights

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by:

• Posting an updated version on our Website
• Sending an email (if you’ve provided one)
• Providing notice during your next visit to our facilities

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact:

Enigma Plastic Surgery & Laser Center

1520 Locust Street

Philadelphia, PA

Phone: 215-717-7117

Email: info@enigmamedispa.com

Enigma Medi Spa & Laser Center

10767 Bustleton Avenue

Philadelphia, PA

Phone: 215-717-7000

Email: enigmamedispa@gmail.com

For questions about your medical records or HIPAA rights, please contact our Privacy Officer at our offices.

---

HIPAA Notice of Privacy Practices (NPP) Summary

Effective Date: July 7, 2025

Your Privacy Rights

At Enigma Medi Spa & Laser Center and Enigma Plastic Surgery & Laser Center, we are committed to protecting your health information under the Health Insurance Portability and Accountability Act (HIPAA).

This summary explains how we may use and share your health information, and your rights regarding that information.

How We Use & Share Your Information

We may use and share your protected health information (PHI):

• For Treatment: To provide you with medical and aesthetic services and coordinate your care among providers.
• For Payment: To bill for your services and process insurance or other payments.
• For Healthcare Operations: For internal operations such as quality assessments, staff training, and compliance audits.
• As Required by Law: For public health reporting, regulatory oversight, or court orders.

We will not use or share your information for marketing purposes without your written authorization.

Your Rights Regarding Your Health Information

You have the right to:

• Access Your Records: Get copies of your health records.
• Request Corrections: Ask us to correct inaccurate or incomplete information.
• Request Confidential Communications: Ask us to contact you in a specific way (e.g., at work or by mail).
• Restrict Disclosures: Request we limit how we use or share your information (subject to certain legal exceptions).
• Get a List of Disclosures: Request an accounting of when your information was shared outside of treatment, payment, or healthcare operations.
• Receive a Copy of This Notice: At any time.

Our Responsibilities

• We are required by law to maintain the privacy and security of your protected health information.
• We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
• We must follow the duties and privacy practices described in our full Notice of Privacy Practices.

Questions or Complaints?

If you have questions or believe your privacy rights have been violated, you can contact our Privacy Officer at:

Enigma Plastic Surgery & Laser Center

1520 Locust Street, Philadelphia, PA

Phone: 215-717-7117

Enigma Medi Spa & Laser Center

10767 Bustleton Avenue, Philadelphia, PA

Phone: 215-717-7000

You may also file a complaint with the U.S. Department of Health and Human Services (HHS). We will not retaliate against you for filing a complaint.

Full Notice Available

This is a summary. Our full HIPAA Notice of Privacy Practices provides more detailed information. You may request a copy at any time from our front desk or by contacting us.