Privacy & Security
Privacy Policy
Your privacy is our top priority at Carma Med Spas.
HIPAA
Protects your medical and personal information shared during consultations and evaluations
PCI DSS
Secures your payment details through trusted, encrypted systems.
CCPA/CPRA
Gives you control over your personal data, including access, correction, or deletion requests.
Your Privacy, Our Promise
By using our Services, you consent to the practices described below.
Information We Collect
We collect only the information necessary to deliver safe, secure, and personalized care
Personal Details
- Full name, email address, phone number, and date of birth.
- Account credentials (if you create an account).
Health & Consultation Information
- Details you provide during your medical evaluation (symptoms, medications, health history).
- Notes or recommendations shared by your assigned healthcare provider.
Payment Information
- Payment method and billing details (processed through PCI-DSS compliant gateways).
- Transaction ID or order number for verification
Technical & Usage Information
- Device type, browser, IP address, and interaction data to enhance website performance.
How We Use Your Information
- Provide and manage your telehealth consultation.
- Evaluate your eligibility for weight management treatment (including GLP-1 medications).
- Communicate appointment details and updates.
- Process secure payments and refund requests.
- Improve platform quality, security, and user experience.
- Comply with applicable medical, legal, and regulatory obligations.
How We Protect Your Information
Your privacy is safeguarded through strict security measures:
- End-to-end encryption for data transmission.
- Restricted staff access based on role and purpose.
- Secure servers and HIPAA-compliant storage systems.
- Regular internal audits to ensure compliance and detect unauthorized access.
When We Share Your Information
We never sell or rent your personal data. We share limited information only when necessary:
Licensed Healthcare Providers:
To connect you with qualified medical professionals for your evaluation.
Partner Pharmacies/Dispensaries
If prescribed, your information is securely shared with licensed partners to fulfill prescriptions.
Payment Processors
For payment verification and refund processing via secure, compliant systems.
Legal or Regulatory Authorities
If required by law, court order, or government agency for compliance purposes.
Your Rights Over Your Data
You have the right to:
- Access and request a copy of your personal information.
- Request corrections or updates to inaccurate data.
- Request deletion of your account or data where permitted by law.
- Withdraw consent for marketing communications at any time.
Data Retention
- We retain personal and medical records only as long as necessary to provide services and comply with legal requirements. When no longer needed, data is securely deleted or anonymized.
Cookies & Tracking Technologies
We use cookies and similar tools to improve user experience, analyze performance, and enhance security. You can manage or disable cookies through your browser settings, though some features may not function properly if disabled.
Children’s Privacy
Our Services are intended for adults 18 years and older. We do not knowingly collect personal data from minors. If you believe a child has provided information, please contact us to remove it.
Updates to This Policy
We may update this Privacy Policy periodically to reflect service or regulatory changes. The revised version will be posted on our website with the updated “Last Updated” date.
Have Questions About Privacy?
+ (888) 655-5267
New York, NY 10165, Midtown East, Murray Hill