Privacy Policy

Effective Date: April 5, 2026  |  Last Updated: April 15, 2026

Lash Concierge ("we," "us," or "our"), operated out of Delray Beach, Florida, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at lashconcierge.com and use our services. By using our website or booking an appointment, you agree to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

When you submit our booking form, we collect the following personal information:

• First name and last name
• Email address
• Phone number
• Street address and zip code
• Service type and add-on selections
• Lash goals and preferences
• Whether you currently have lash extensions
• Allergies and sensitivities (health-related information)
• Massage table preference
• How you heard about us

1.2 Health-Related Information

We collect information about allergies, sensitivities, and eye conditions solely for the purpose of providing safe lash extension services. This information is necessary to protect your health and safety during treatment. We treat this data with heightened care and do not use it for marketing or any purpose unrelated to your service.

1.3 Payment Information

Payment processing is handled entirely by Stripe, a PCI DSS-compliant payment processor. Your credit card number, CVV, and other payment card details are collected and processed directly by Stripe. We never receive, store, or have access to your full payment card information on our servers. We only receive confirmation of payment status and transaction identifiers from Stripe.

1.4 Location Data

We use Google Maps APIs to calculate the distance between your address and our service location. This is used solely to determine travel fees and confirm you are within our service area. Your address is sent to Google for distance calculation purposes only. Google's privacy policy governs their handling of this data.

1.5 Automatically Collected Information

We use Plausible Analytics, a privacy-focused, cookieless analytics service. Plausible does not use cookies, does not track personal data, and does not collect or store any personally identifiable information. Plausible collects only aggregate, anonymous data such as page views, referral sources, and device types. No individual user profiles are created.

2. How We Use Your Information

We use the personal information we collect for the following purposes:

• Service delivery: To process your booking request, prepare for your appointment, and provide customized lash extension services
• Communication: To contact you regarding your booking, appointment confirmations, reminders, and follow-up care instructions
• Safety: To review allergies, sensitivities, and health information to ensure safe service delivery
• Rebooking: To retain your preferences and information for convenient future appointments
• Travel fee calculation: To calculate distance-based travel fees using your address
• Business operations: To improve our services, respond to inquiries, and manage our business

3. Cookies and Tracking Technologies

Our website does not use cookies. We do not use any cookie-based tracking, advertising pixels, or third-party tracking scripts. Our analytics provider, Plausible, is entirely cookieless and does not track individual users across sessions or websites.

We do not use the TikTok Pixel, Meta Pixel, Google Ads tracking, or any other cross-site advertising trackers on this website. If you arrive at our website from a social platform such as TikTok, Instagram, or Facebook, that platform may record the outbound click according to its own privacy policy; we do not receive any personally identifiable information about you from those platforms.

3.1 Social Media & TikTok

Lash Concierge may maintain profiles on social platforms including TikTok, Instagram, Facebook, and Yelp. Any information you submit directly through those platforms (comments, direct messages, profile details) is governed by each platform's own privacy policy. We do not import follower lists, viewer data, or platform identifiers into our booking system. If you contact us through a social platform and then book an appointment through our website, your booking information is kept entirely within our own systems.

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information only with the following parties and only as necessary:

• Stripe: Our payment processor receives payment information to process deposits and transactions. Stripe is PCI DSS Level 1 compliant.
• Google Maps: Your address is sent to Google Maps APIs for distance calculation only.
• MayoClaw LLC: Our website hosting and technical support provider may have access to server-stored data as necessary for website maintenance and support.
• Legal requirements: We may disclose information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5. Data Retention

We retain your personal information for as long as needed to provide services and facilitate rebooking. Specifically:

• Client records (name, contact info, preferences) are retained to facilitate future appointments and provide consistent service
• Booking records are retained for business and accounting purposes
• Health-related information (allergies, sensitivities) is retained to ensure ongoing service safety

You may request deletion of your personal data at any time by contacting us at hello@lashconcierge.com. Upon receiving a verified deletion request, we will delete your personal information within 45 days, unless retention is required by law.

6. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your personal information. These include encrypted connections (HTTPS/TLS), secure server infrastructure, and limiting access to personal data to authorized personnel. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Privacy Rights

7.1 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collection, and the categories of third parties with whom we share it.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You may request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising. There is nothing to opt out of.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at hello@lashconcierge.com. We will verify your identity before processing your request and respond within 45 days.

7.2 Virginia Residents (VCDPA)

Virginia residents have the right to access, correct, delete, and obtain a copy of their personal data, as well as the right to opt out of the processing of personal data for targeted advertising, sale, or profiling. We do not engage in any of these activities. To exercise your rights, contact us at hello@lashconcierge.com.

7.3 Colorado Residents (CPA)

Colorado residents have the right to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising, sale of personal data, and profiling. We do not sell personal data or use it for targeted advertising. Contact us at hello@lashconcierge.com to exercise your rights.

7.4 Connecticut Residents (CTDPA)

Connecticut residents have the right to access, correct, delete, and obtain a copy of their personal data, and to opt out of the sale of personal data, targeted advertising, and profiling. Contact us at hello@lashconcierge.com to exercise your rights.

7.5 Utah Residents (UCPA)

Utah residents have the right to access and delete their personal data and to opt out of the sale of personal data and targeted advertising. Contact us at hello@lashconcierge.com to exercise your rights.

7.6 Oregon Residents (OCPA)

Oregon residents have the right to know, access, correct, delete, and obtain a copy of their personal data, and to opt out of targeted advertising, sale of personal data, and profiling. Contact us at hello@lashconcierge.com to exercise your rights.

7.7 Texas Residents (TDPSA)

Texas residents have the right to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising, sale, and profiling. Contact us at hello@lashconcierge.com to exercise your rights.

7.8 Montana, Iowa, Indiana, Tennessee, and Other States

Residents of states with comprehensive consumer data privacy laws (including Montana, Iowa, Indiana, Tennessee, and others as enacted) may have similar rights to access, correct, delete, and opt out of certain processing of their personal data. We are committed to honoring these rights. Please contact us at hello@lashconcierge.com with your request and state of residence.

7.9 All US Residents

Regardless of your state of residence, you may contact us at any time to:

• Request access to the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your personal information
• Ask questions about our privacy practices

8. Do-Not-Track Signals

Our website does not currently respond to Do-Not-Track (DNT) browser signals. However, because we use Plausible (a cookieless, privacy-focused analytics tool) and do not engage in cross-site tracking, your browsing activity on our site is not tracked in a personally identifiable manner regardless of your DNT setting.

9. Children's Privacy

Our services are intended for individuals aged 18 and older. We do not knowingly collect personal information from anyone under the age of 18. If we become aware that we have collected personal information from a minor, we will take steps to delete that information promptly. If you believe we have inadvertently collected information from a minor, please contact us at hello@lashconcierge.com.

10. Third-Party Links

Our website may contain links to third-party websites (such as our social media profiles). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of our website and services after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Lash Concierge
Delray Beach, Florida
Email: hello@lashconcierge.com