1. Introduction

Welcome to The G Spa San Francisco (“The G Spa,” “we,” “us,” or “our”). We value your privacy and are committed to protecting your personal information.

This Privacy Policy explains how we collect, use, and share personal information when you visit www.thegspasf.com (the “Site”), book appointments, apply for financing, or interact with us online or in person.

By using our Site or services, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Site and our services.

2. Information We Collect

A. Information You Provide

  • Personal identifiers: name, email, phone number, and address
  • Appointment and service details (selected treatments, notes, preferences)
  • Payment and billing information (handled securely via Zenoti, Stripe, or other processors)
  • Health related information voluntarily provided for treatment or consultation
  • Financing information when using PatientFi or Cherry
  • Messages or inquiries sent through contact forms or email

B. Automatically Collected Information

  • Device data: IP address, browser type, operating system
  • Usage data: pages visited, time spent, referring site
  • Cookies and analytics to improve site performance

C. Information from Vendors

We work with trusted vendors to deliver a seamless client experience:

  • Zenoti: Used for appointment booking, client management, and secure payment processing
  • Hyperconnect: Used for marketing automation and client communications
  • Zapier: Used to automate secure data connections between software systems
  • PatientFi and Cherry: Used to offer and process patient financing applications

These vendors collect and process information on our behalf under strict confidentiality and data security agreements.

3. How We Use Your Information

  • To provide, manage, and improve our services
  • To process bookings, payments, and financing applications
  • To communicate regarding appointments, promotions, or updates
  • To send wellness and treatment related information (you may opt out anytime)
  • To maintain internal business records
  • To comply with applicable legal and regulatory obligations

Health related information may be handled in accordance with HIPAA and other medical privacy regulations, where applicable.

4. How We Share Information

We do not sell your personal data. We may share limited information with:

  • Zenoti for booking and transaction management
  • Hyperconnect for email and SMS communications
  • Zapier to securely connect operational tools
  • PatientFi and Cherry for patient financing
  • Third party processors that assist with hosting, analytics (e.g., Google Analytics), or marketing
  • Legal and regulatory authorities, if required by law or subpoena

All third party providers are contractually obligated to safeguard your information and use it only for authorized purposes.

5. Cookies and Tracking Technologies

Our Site and vendors may use cookies and similar tools to:

  • Enable essential website functions
  • Measure and analyze traffic and performance
  • Personalize marketing content

You may disable cookies in your browser settings, though some Site functions may be limited.

6. Financing Providers

If you choose to apply for financing through PatientFi or Cherry, you will be redirected to their secure platforms.

Please review their privacy policies before submitting information: PatientFi Privacy Policy and Cherry Privacy Policy.

We do not collect or store your credit or financial information from these third party applications.

7. Your Rights (California Residents)

If you reside in California, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: what personal data we collect, use, and disclose
  • Right to Delete: your personal information (subject to legal exceptions)
  • Right to Correct: inaccurate information
  • Right to Opt Out: of the sale or sharing of your data (we do not sell personal data)
  • Right to Non Discrimination: for exercising your privacy rights

You may exercise these rights by contacting us at privacy@thegspasf.com.

8. Data Security

We employ administrative, physical, and technical measures to protect your data, including encryption, access control, and vendor compliance monitoring. However, no system is completely secure. You share information at your own risk.

9. Data Retention

We retain your information only as long as needed to provide services, comply with legal obligations, and maintain proper business records.

10. Third Party Links

Our Site may contain links to third party sites (including financing or booking portals). We are not responsible for the privacy or security of those websites. We encourage you to review their policies before providing personal information.

11. Children’s Privacy

Our Site and services are intended for children 13 years and older also adults 18 years and older. We do not knowingly collect personal information from minors. If you believe we have inadvertently received such data, please contact us for removal.

12. Changes to This Policy

We may update this Privacy Policy periodically. The “Effective Date” at the top reflects the most recent version. Continued use of our Site or services means you accept the revised terms.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

The G Spa San Francisco
Website: www.thegspasf.com
Email: staff@thegspasf.com
Phone: 415.484.2328