Who we are
Our website address is: https://thelashspa.com. We are located at 34071 La Plaza #130 Dana Point, CA 92629 USA.
What personal data we collect and why we collect it
This site does not have a blog, nor the ability to leave comments.
This site does not have the ability to upload images nor forms. This site does not have a method for you to upload images.
The contact form in use on this site does not store any information you provide when you use one of our forms. User cookies are not needed because the form plugin does not come with the ability to store form entries.
You can change your cookie preferences in your own browser (check Security or Privacy preferences). Note that blocking some types of cookies may impact your experience on our website and the services we are able to offer.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Cookies served through our Websites
The specific types of cookies served through our Websites and the purposes they perform are described in further detail below:
Essential Website Cookies
These cookies are strictly necessary to provide you with services available through our websites and to use some of its features, such as access to secure areas. Because these cookies are strictly necessary to deliver the websites, you cannot refuse them without impacting how our websites function. You can block or delete them by changing your browser settings, as described under the heading “How can I control cookies?” in the Cookie Statement.
These cookies are strictly necessary to provide you with services available through our websites and to use some of its features, such as access to secure areas. Please note that some, none or all of these cookies may be set on your browser.
* PHPSESSID – Session ID – unsets when you leave the site
* wordpress_test_cookie: WP+Cookie+check
* cfduid – Cloudflare
These cookies are set by the cookie compliance solution from the GDPR plugin.
WordPress Subscriber Registration
This site does not accept blog subscriber registration.
The form you send thru our contact page uses a plugin, which does not set cookies to embed forms on our websites nor to send forms.
These cookies are used to enhance the performance and functionality of our websites and are non-essential to their use.
Google Analytics gathers information allowing us to understand interactions with our websites and ultimately refine that experience to better serve you.
* NID – Google Analytics records, tracks pages you visit; uses your IP address
These cookies support video functionality on some of our web pages and track views.
Other tracking technologies
We and our third party partners (such as Gravatar, Mailchimp and Yelp) may use other, similar technologies from time to time, like web beacons, pixels (or “clear gifs”) and other tracking technologies. These are tiny graphics files that contain a unique identifier that enable us to recognize when someone has visited our Website or, in the case of web beacons, opened an e-mail that we have sent them. This allows us, for example, to monitor the traffic patterns of users from one page within our Website to another, to deliver or communicate with cookies, to understand where you have come to our Website from an online advertisement displayed on a third-party website (such as Google Ads), and to improve site performance. While you may not have the ability to specifically reject or disable these tracking technologies, in many instances, these technologies are reliant on cookies to function properly; accordingly, in those instances, declining cookies will impair functioning of these technologies.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, testimonials, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Google Maps may be embedded on this site.
We may use Google Analytics to track internet traffic to our site and between site pages. Other than your IP address, no personally identifiable information is stored.
Who we share your data with
This site may send your data to our content delivery network (Cloudflare), or payment processors such as Paypal, Stripe or MindBodyOnline, if you use a payment form on our site. If you click a link and are simply sent to these sites to process a payment, then no identifiable information is sent to them or retained by us. We may share form information to retain a record of a purchase, and to process the payment with the vendor.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
This website does not allow for user registration.
If it did, for users that register on our website (if any), we also store the personal information they provide in their user profile. All registered users can see, edit, or delete their personal information at any time (except they cannot change their username) while they are logged in. Website administrators can also see and edit that information.
Where we send your data
Visitor comments may be checked through an automated spam detection service. We may use Akismet to prevent spam comments. Akismet compares your IP address with a list of spam IP addresses and will not publish your comments on the site if your IP matches one on the spam list. The information collected typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
This site uses a Content Delivery Network to provide files to your browser (Cloudflare) so you can see and use the site. The CDN does not store information about you, but it does act as an encrypted pass-through when you send a contact form through the site.
How we protect your data
This website is encrypted using secure socket layers (SSL), a form of data encryption, to ensure the privacy of all Internet communications. All data passed between your computer, our website or any third party vendor is encrypted.
What data breach procedures we have in place
If the website and/or your data is breached, we will notify you of any personal information that may have been transmitted, as soon as we are aware of the breach.
What third parties we receive data from
If this site uses Google Analytics, we may receive information about your visit to our site in a non-identifiable way. If we use a shopping cart and your payment is processed through the site, we receive data from the payment processor about whether or not the sale was successful.
What automated decision making and/or profiling we do with user data
This site does not use any automated decision-making or profiling software.
Industry regulatory disclosure requirements
For health care providers, including therapists, acupuncturists, psychiatrists, masseurs, doctors and nurse practitioners, any information regarding your health or medical condition must meet HIPAA requirements for privacy using encryption. This site uses SSL encryption to protect any information uploaded to the website or sent through a form.
What Rights You Have Over Your Data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes such as a record of a purchase you make on our site (if applicable).