Financing program
Book Now
Fiancing program
Book Now

Privacy Policy

Privacy Policy & Notice of Privacy Practices

Beyond The Surface Aesthetics
 Effective Date: January 2026

IMPORTANT NOTICE REGARDING MEDICAL & TEXT MESSAGE DATA

Beyond The Surface Aesthetics (“we,” “us,” or “our”) is committed to protecting your privacy and maintaining the confidentiality of your personal and health information.

We DO NOT share, sell, rent, or disclose mobile opt-in data, phone numbers, or SMS consent records to any third parties or affiliates for marketing or promotional purposes.

All SMS opt-in data and consent records are kept strictly confidential and used only to provide services you have requested.

1. OUR LEGAL DUTIES (HIPAA COMPLIANCE)

We are required by law to:

  • Maintain the privacy and security of your Protected Health Information (PHI)
  • Provide you with this Notice of our legal duties and privacy practices
  • Follow the terms of this Notice currently in effect

We reserve the right to change this policy at any time. Updates will be posted on our website and available upon request.

2. INFORMATION WE COLLECT

Personal Information

We may collect:

  • Name, email address, phone number, mailing address
  • Date of birth and demographic information
  • Payment and billing information
  • Appointment history and service preferences
  • Communication consent records (SMS, email, forms)

Health Information (PHI)

  • Medical history
  • Treatment records
  • Lab results
  • Provider notes
  • Before/after photos (with consent)

Non-Personal Information

  • IP address and device data
  • Browser type and usage analytics
  • Website interaction data
  • Cookies and tracking technologies

3. HOW WE USE YOUR INFORMATION

We use your information for:

  • Providing medical and aesthetic treatments
  • Scheduling and managing appointments
  • Processing payments and billing
  • Communicating with you (appointments, updates, support)
  • Improving services and patient experience
  • Legal, regulatory, and compliance requirements
  • Security and fraud prevention

4. SMS MESSAGING & 10DLC COMPLIANCE

Text Message Program Terms

By opting into SMS communications from Beyond The Surface Aesthetics, you agree to receive messages related to:

  • Appointment confirmations and reminders
  • Follow-up care instructions
  • Customer support responses
  • Service-related notifications

Opt-In Consent

  • You will only receive messages if you have explicitly opted in
  • We maintain timestamped proof of consent
  • Consent is collected via forms, website, or verbal agreement

Opt-Out Instructions

  • Reply STOP at any time to unsubscribe
  • You will receive a confirmation message
  • No further messages will be sent unless you opt in again

Help & Support

  • Reply HELP for assistance
  • Or contact: info@beyondthesurfacemedspa.com

Message Frequency

  • Varies depending on your interactions
  • No excessive or unrelated messaging

Carrier Disclaimer

  • Message & data rates may apply
  • Carriers are not liable for delayed or undelivered messages

SMS DATA PROTECTION STATEMENT (CRITICAL FOR 10DLC)

  • No mobile information will be shared with third parties or affiliates for marketing/promotional purposes
  • Information may be shared with subcontractors (e.g., SMS providers, customer service tools) strictly to deliver services
  • All SMS opt-in data and consent records are excluded from any third-party sharing

5. HOW WE USE & DISCLOSE HEALTH INFORMATION (PHI)

For Treatment

To provide and coordinate your care among providers and staff.

For Payment

To bill and collect payment for services.

For Healthcare Operations

  • Quality improvement
  • Staff training
  • Business operations
  • Compliance and legal review

As Required by Law

We may disclose PHI when required by:

  • Federal or state law
  • Public health authorities
  • Law enforcement

Business Associates

We may share PHI with trusted vendors who assist operations. All are required to comply with HIPAA.

6. INFORMATION SHARING & DISCLOSURE

We DO NOT sell or rent personal information.

We may share data with:

Service Providers

  • Payment processors
  • Scheduling platforms (e.g., Aesthetic Record)
  • SMS and communication platforms
  • IT and support services

Legal Requirements

  • Court orders
  • Government requests
  • Regulatory compliance

Business Transfers

  • Mergers or acquisitions (data remains protected)

SMS opt-in data is NEVER shared for marketing.

7. DATA SECURITY

We implement safeguards including:

  • Encryption of sensitive data
  • Secure systems and access controls
  • Staff training on privacy protection
  • Regular system monitoring
  • HIPAA-compliant storage and handling

While we take strong precautions, no system is 100% secure.

8. ELECTRONIC COMMUNICATIONS

By communicating electronically (email, SMS, forms), you acknowledge:

  • These channels may not be fully secure
  • There is some inherent risk in transmission

For urgent or sensitive concerns, contact our office directly.

9. YOUR RIGHTS

You have the right to:

  • Access your medical records
  • Request corrections to your data
  • Request restrictions on usage
  • Request confidential communication methods
  • Receive an accounting of disclosures
  • Withdraw consent for communications
  • Opt out of SMS (STOP) and emails (unsubscribe)

10. NEW JERSEY PRIVACY RIGHTS

We comply with all applicable New Jersey laws, including:

  • Patient Bill of Rights
  • Medical confidentiality regulations
  • Minor consent laws

If state law provides stronger protections than HIPAA, we follow the stricter standard.

11. COOKIES & TRACKING

We use cookies to:

  • Improve website performance
  • Understand user behavior
  • Enhance user experience

You may disable cookies in your browser settings.

12. BREACH NOTIFICATION

In the event of a data breach involving unsecured PHI, we will:

  • Notify affected individuals
  • Provide details of the incident
  • Take corrective action
  • Comply with HIPAA and state laws

13. CHANGES TO THIS POLICY

We may update this policy at any time.
 The latest version will always be available on our website.

14. COMPLAINTS

If you believe your privacy rights have been violated, contact:

Beyond The Surface Aesthetics
 Email: info@beyondthesurfacemedspa.com

Or file a complaint with:

U.S. Department of Health & Human Services
 Office for Civil Rights
 https://www.hhs.gov/ocr/privacy/hipaa/complaints

You will not be penalized for filing a complaint.

15. CONTACT INFORMATION

Beyond The Surface Aesthetics
 Website: https://beyondthesurfaceaesthetics.com
 Email: info@beyondthesurfacemedspa.com

Scroll to Top