Skip to content 
Privacy Policy
Effective Date: May 2024
Gizel Atlanta (“we,” “our,” or “us”) is a med spa aesthetic clinic committed to protecting the privacy and confidentiality of your personal and health-related information. This Privacy Policy explains how we collect, use, and safeguard your data when you visit our website or engage with our services, either online or in person.
By using our website and services, you consent to the data practices described in this Policy.
1. Information We Collect
Personal Identifiable Information (PII):
- Name, address, email, and phone number
- Date of birth and emergency contact details
- Payment and billing information
- Photos or documentation related to treatment
Personal Identifiable Information (PII):
- Medical history, treatment details, medications, and allergies
- Diagnoses or skin conditions discussed during consultations
- Before-and-after treatment photos
- Notes from providers regarding care plans and services rendered
Automatically Collected Information:
- IP address, browser type, device identifiers
- Website usage data (via cookies and analytics tools)
2. HIPAA Compliance
As a provider of aesthetic and wellness services, Gizel Atlanta complies with the Health Insurance Portability and Accountability Act (HIPAA) and ensures all Protected Health Information (PHI) is stored, accessed, and transmitted securely.
What is PHI?
PHI includes any health-related information that can be linked to an individual and is created, used, or disclosed during the course of care. Examples include treatment records, appointment history, and patient photos.
Your HIPAA Rights Include:
- The right to access your medical records
- The right to request corrections to inaccurate or incomplete records
- The right to receive a list of disclosures of your health information
- The right to request restrictions on how your information is used or shared
- The right to request confidential communications
- The right to file a complaint if you believe your rights have been violated
To exercise these rights, please contact our HIPAA Privacy Officer at fola@gizelatlanta or 770-527-0989
3. Why We Collect Information
We collect and use your data for the following purposes:
- To provide you with safe and personalized treatments
- To comply with legal, insurance, and medical recordkeeping requirements
- To improve our services and understand client needs
- To process payments and manage appointments
- To send appointment confirmations, reminders, or promotional materials (with your consent)
- To comply with applicable laws, such as HIPAA, state medical board regulations, and tax requirements
4. Use and Disclosure of Information
We do not sell or rent your personal information. We may use or share your information under the following circumstances:
- With providers and staff for treatment and care coordination
- With payment processors and billing services under confidentiality agreements
- As required by law (e.g., subpoenas, court orders)
- To prevent or reduce a serious threat to health or safety
- To authorized auditors, insurers, or regulators, when necessary
- With your written consent for marketing or sharing testimonials/photos
All disclosures of PHI are done in accordance with HIPAA standards and only when necessary for treatment, payment, or health care operations.
5. Data Security
We implement physical, administrative, and technical safeguards to protect your personal and health information.
Examples of Our Security Measures Include:
- SSL (Secure Socket Layer) encryption on our website
- Secure email and communication platforms for appointment reminders
- Password-protected access to patient records and appointment data
- Staff training in HIPAA compliance and privacy practices
- Regular audits of systems and data storage
Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. You acknowledge and accept this risk by using our services.
6. Retention of Information
We retain personal and health-related information only for as long as necessary, based on:
- Legal and medical retention requirements
- Ongoing care relationships
- Insurance and regulatory obligations
- Internal business needs
Medical records are typically retained for 7 years in accordance with Georgia state law.
7. Marketing Communications
With your consent, we may send you updates, promotions, or newsletters. You can opt out at any time by:
- Clicking “unsubscribe” in emails
- Emailing us at guests@gizelatlanta.com
- Calling us at 770-609-8369
We may still contact you for appointment reminders or health-related communications, as permitted by HIPAA.
8. Children’s Privacy
Gizel Atlanta does not knowingly collect personal information from children under 13. If such data is collected inadvertently, we will promptly delete it unless we receive verifiable parental or guardian consent.
9. Links to Third-Party Sites
Our website may link to other websites or booking tools. Gizel Atlanta is not responsible for the privacy practices of third parties. Please review their policies before sharing personal information.
10. Your Consent and Rights
By using this website or receiving our services, you acknowledge and agree to the terms in this Privacy Policy.
You have the right to access, correct, or request deletion of your information. To do so, or to request a copy of your medical records, please contact us at:
HIPAA Privacy Officer
Email: fola@gizelatlanta.com
Phone: 770-527-0989
Mail: 4280 Lavista Rd STE C-113, Tucker, Atlanta GA 30084
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically. We encourage you to review this page for any changes. Continued use of our website or services after changes are made constitutes your acceptance of the updated terms.
Contact Us
If you have questions about this Privacy Policy or would like to submit a privacy-related request, please contact:
Gizel Atlanta
Email: fola@gizelatlanta.com
Phone: 770-527-0989
Mail: 4280 Lavista Rd STE C-113, Tucker, Atlanta GA 30084
