Last Updated: June 3, 2026  |  Effective Date: June 3, 2026

At Elham Aesthetic Art, your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit https://elhamaesthetic.com or use our aesthetic services. By using our website or booking our services, you agree to the practices described in this policy.

1. Who We Are

Elham Aesthetic Art is an aesthetic clinic offering personalized, non-surgical beauty treatments including laser hair removal, microneedling, skin boosters, face contouring, dermal fillers, Botox, mesotherapy, body slimming, and more. We are located at:

  • Address: 200 Finch Ave W, North York, Ontario, Canada
  • Phone: +1 (416) 843-8744
  • Email: info@elhamaesthetic.com
  • Website: https://elhamaesthetic.com

2. Information We Collect

2.1 Information You Provide Directly

When you contact us, book an appointment, or use our services, we may collect:

  • Contact Information: Full name, email address, phone number, and mailing address
  • Appointment Information: Preferred treatment, appointment date/time, and consultation notes
  • Health & Treatment Information: Relevant medical history or skin/hair conditions you share with us to receive appropriate aesthetic treatments
  • Payment Information: Billing details processed securely through our payment processors (we do not store full card numbers)
  • Communications: Messages, inquiries, and feedback you send us via email, phone, WhatsApp, or web forms

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • IP address, browser type, and operating system
  • Pages visited, time spent, and navigation patterns
  • Device identifiers and referral source
  • Cookies and similar tracking technologies

2.3 Information from Third Parties

We may receive information about you from:

  • Social media platforms (e.g., Instagram, Facebook) if you interact with our profiles
  • Booking and scheduling platforms
  • Analytics and advertising partners

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To schedule, confirm, and provide aesthetic treatments and consultations
  • Appointment Management: To send appointment reminders, confirmations, and follow-up care instructions
  • SMS & Communication: To send appointment-related text messages and updates (see SMS Terms in our Terms & Conditions)
  • Payment Processing: To process payments for services rendered
  • Health & Safety: To ensure treatments are appropriate for your individual health profile
  • Marketing: To share promotions, new services, and offers (you may opt out at any time)
  • Website Improvement: To understand how users interact with our website and improve user experience
  • Legal Compliance: To comply with applicable Canadian and provincial privacy laws
  • Security: To detect and prevent fraud or unauthorized access

4. Legal Basis for Processing

We collect and process your personal information based on the following legal grounds:

  • Consent: Where you have provided explicit consent (e.g., opting into SMS communications or marketing)
  • Contract: Where processing is necessary to fulfill your appointment or service agreement with us
  • Legal Obligation: Where we are required to retain or process information under applicable law
  • Legitimate Interests: To operate and improve our business, provided these interests do not override your rights

For residents of the European Economic Area (EEA), these grounds align with Article 6 of the GDPR.

5. How We Share Your Information

We do not sell your personal information. We may share your information only in the following circumstances:

5.1 Service Providers

We share data with trusted third-party vendors who assist us in operating our business:

  • Booking and scheduling platforms
  • Payment processors (e.g., Stripe, Square)
  • Email and SMS communication providers
  • Website hosting and analytics providers (e.g., Google Analytics)

These providers are contractually bound to protect your data and use it only as instructed.

5.2 Legal Requirements

We may disclose your information when required to:

  • Comply with applicable laws, regulations, or court orders
  • Enforce our terms and policies
  • Protect the rights, property, or safety of Elham Aesthetic Art, our clients, or the public

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will notify you of any such change.

5.4 With Your Consent

We may share your information in other ways when you have given us explicit consent to do so.

6. Health Information & Sensitive Data

Because we provide aesthetic and wellness treatments, we may collect health-related information (e.g., skin conditions, allergies, treatment history) to ensure your safety and provide appropriate care. This information is treated with the highest level of confidentiality and is used exclusively for your treatment. We do not share health information with third parties except as required to provide your requested services or as required by law.

7. Cookies & Tracking Technologies

Our website uses cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Provide targeted advertising (e.g., Meta Pixel, Google Ads)
  • Improve website performance and user experience

Cookie Types We Use:

  • Essential Cookies: Required for the website to function properly
  • Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics)
  • Marketing Cookies: Used for advertising and retargeting purposes
  • Preference Cookies: Remember your language and display preferences

You can manage or disable cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy:

  • Client records & treatment history: Retained for a minimum of 7 years (as may be required for health/regulatory compliance)
  • Appointment data: Retained for the duration of our relationship plus 2 years
  • Payment records: Retained for 7 years for accounting and tax purposes
  • Marketing data: Retained until you unsubscribe or withdraw consent
  • Website log data: Retained for up to 12 months

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

9.1 General Rights

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal data (subject to legal obligations)
  • Withdrawal of Consent: Withdraw consent for marketing or SMS communications at any time
  • Objection: Object to certain uses of your data
  • Portability: Request your data in a portable, machine-readable format

9.2 Canadian Privacy Rights (PIPEDA)

As a Canadian business, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to:

  • Know what personal information we collect and why
  • Access your personal information held by us
  • Challenge the accuracy of your information and request corrections
  • Withdraw consent (subject to legal or contractual restrictions)

9.3 California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information is collected about you
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal information)
  • Non-discrimination for exercising your rights

9.4 European Privacy Rights (GDPR)

If you are an EEA resident, in addition to the above, you have the right to lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us at info@elhamaesthetic.com.

10. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it, including:

  • Encryption of data in transit (SSL/TLS)
  • Restricted access to personal data on a need-to-know basis
  • Secure storage of client records
  • Regular review of our data protection practices

While we do our best to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. International Data Transfers

Your information may be processed or stored on servers located outside Canada (e.g., in the United States), particularly through third-party service providers such as Google or Meta. Where applicable, we ensure that adequate safeguards are in place, such as standard contractual clauses, to protect your data during such transfers.

12. Children’s Privacy

Our services are intended for individuals 18 years of age and older. We do not knowingly collect personal information from minors under the age of 18. If you believe we have inadvertently collected such information, please contact us immediately at info@elhamaesthetic.com so we can delete it promptly.

13. Third-Party Links

Our website may contain links to third-party websites, including social media platforms (Instagram, Facebook, WhatsApp) and booking platforms. We are not responsible for the privacy practices of these external sites. We encourage you to review their respective privacy policies.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the “Last Updated” date at the top of this page
  • Post the revised policy on our website
  • Notify you by email for significant changes (where applicable)

Your continued use of our website or services after changes are posted constitutes your acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please reach out to us: