We are now offering virtual consultations for our procedures and treatments - Schedule Now

310-961-2530 Privacy Policy

Privacy Policy

Effective Date: June 1, 2021

Welcome to the California Skin Institute website, owned and operated by California Skin
Institute Management, LLC (“CSI” or “we,” “our” or “us”). This “Privacy Policy” governs
your use of this website and also applies to your use of interactive features, widgets,
plug-ins, content, downloads and/or other services (collectively, the “Online Services”)
that: (i) we own and control and make available through an online service; or (ii) that
post a link to this Privacy Policy, regardless of how you access or use our Online
Services, whether via desktop, mobile devices or otherwise. This Privacy Policy does
not govern our retention and use of patient medical records or other personally
identifiable “protected health information” (a/k/a/ “PHI”). With respect to that
information, we are governed by separate, stringent requirements under California and
federal law. Patients and visitors wishing to know how we handle PHI will find our
policy here.

PLEASE REVIEW THIS PRIVACY POLICY CAREFULLY BEFORE USING OR OBTAINING
ANY MATERIALS, INFORMATION, PRODUCTS OR SERVICES THROUGH OUR ONLINE
SERVICES. BY ACCESSING OUR ONLINE SERVICES, YOU AGREE TO ACCEPT, WITHOUT
LIMITATION OR QUALIFICATION, THIS PRIVACY POLICY. We reserve the right to
change, update, or correct all or any portion of this Privacy Policy or any information
contained in our Online Services at any time, without notice, by posting an amendment
to this Privacy Policy or to our Online Services. Your continued use of our Online
Services means that you accept and agree to this revised Privacy Policy. If you do not
accept this Privacy Policy (as amended from time to time), please exit and refrain from
using our Online Services.

To the extent we provide you notice through our Online Services of different or
additional privacy policies or practices, those additional terms shall govern such data
collection and use. By using our Service, you consent to our Privacy Policy and our
collection, use and sharing of your information and data, and other activities, as
described below.

The Information We Collect

When you visit our Online Services, we will automatically capture your domain name, the
IP address of the web page from which you access our Online Service, your browser
type, the pages you visit, the amount of time you spend here and other relevant
information about your visit. Although we do not collect any information that is intended
to reveal your personal identity, we may retain such information if you voluntarily
provide it when you register to use interactive features of the Service (e.g., the
appointment request or scheduling form), or you request to receive information from us
via our email newsletter. The information we collect is not intended to become part of
any “designated record set” (i.e., health and health-related information defined under
HIPAA).

If you use the features on this website, CSI landing pages or on the websites of our
business partners, you are agreeing to our collection of information as described above.
If you do not wish us to receive information that reveals your personal identity, please
do not use the interactive features, such as the appointment request, appointment
scheduling, newsletter sign up form or any other similar intake form on our website.

Use of the Information this Service Gathers/Tracks

If you share any personally identifiable information with us, it will be used only as
permitted by law, including to provide the service/treatment or information you have
requested, such as a call back from our front desk staff to schedule or remind you
about your appointment and/or send you more information about your request, or to
send an email newsletter for which you registered. CSI will never sell, rent, or license
your personally identifiable information, including your e-mail address, to the third
parties. CSI may share your personally identifiable information with CSI business
partners/vendors as appropriate as part of necessary business operations
(appointment reminders and scheduling).

Additionally, unless subject to your consent, to fulfill a request from you, or as otherwise
set forth in this Privacy Policy, we won’t send you any unsolicited e-mail (“spam”).
The non-personally identifiable information we gather in aggregate form may be used to
improve our Service, and we may share that information with business partners and
third-party vendors working on our behalf.

Information that you voluntarily provide will be maintained as long as CSI deems
appropriate to fulfill the purpose for which you provided the information, either until you
request us to remove it, or for as long as permitted under applicable law.

We may hold events, sweepstakes, contests, and other promotions (any, a “Promotion”)
through our Online Services that may require registration. By participating in a
Promotion, you are agreeing to the official rules governing that Promotion, which may
contain specific requirements that you must follow, including allowing the sponsor of
the Promotion to use your name, voice and/or likeness in advertising or marketing
associated with the Promotion. If you choose to enter a Promotion, personal
information may be disclosed to third parties or the public in connection with the
administration of such Promotion, including, in connection with winner selection, prize
fulfillment, and as required by law or permitted by the Promotion’s official rules, such as
on a winners list.

To the fullest extent permitted by applicable law, we may also disclose your information
if we believe in good faith that doing so is necessary or appropriate to: (i) protect the
rights, safety, or property of CSI or third parties; or (ii) comply with legal and regulatory
obligations (e.g., pursuant to law enforcement inquiries, subpoenas, or court orders). To
the fullest extent permitted by applicable law, we have complete discretion in electing to
make or not make such disclosures, and to contest or not contest requests for such
disclosures, all without notice to you.

Third party analytics providers and ad servers

We may use third-party vendors to perform certain services on behalf of us or our Online
Services, such as hosting the Online Services, designing and/or operating the Online
Services’ features, tracking the Online Services’ activities, utilization of sharing
technology that allows users to share content on this Site through social media, and
analytics. We may provide these vendors with access to user information, or they may
directly collect your information to carry out the services they are performing for you or
for us. Third-party analytics and other service providers may set and access their own
tracking technologies on your device, and they may otherwise collect or have access to
information about you, potentially including personal information, about you. We are not
responsible for those third-party technologies or activities that result from them.

We may also engage with certain third parties to provide us with information regarding
traffic on our Online Services to serve advertisements elsewhere online, and to provide
us with information regarding the use of our website or services and the effectiveness
of our advertisements. These third parties may automatically collect information about
you using their own cookies or other technologies or may otherwise collect or have
access to information about your visits to this and other websites, your IP address, your
ISP, the browser you use to visit our website and other usage information. Information
collected may be used, among other things, to deliver advertising targeted to your
interests and to better understand the usage and visitation of our website and the other
sites tracked by these third parties.

If you would like more information about this practice and to know your choices about
not having this information used by these companies, you may visit:
http://www.aboutads.info/choices (for website users),
http://www.networkadvertising.org/managing/opt_out.asp (for website users), or
http://youradchoices.com/appchoices (for mobile app users).

Cookies Policy and Statement

When you visit our Online Services, we may place a temporary “session” or a permanent
cookie on your device (desktop computer or mobile phone) that will enable us to
personalize your experience at the Online Services, make improvements to our Online
Services, or to report activity on our Online Services. Our session cookies are not
permanently stored on your computer and expire when you leave. Permanent cookies
are issued to visitors who link to the Online Services from a search engine and are used
only to permit CSI to attract qualified users to our Online Services. Our cookies are not
used to send spam. We store cookie information in aggregate form and use the
aggregate information to make improvements to the Service or in internal reports on
Service activity. You may opt out of allowing cookies to be placed on your computer.
Refusing cookies disables our ability to include information about your visit in our
regular monitoring of traffic to our Online Services and may render some of the
functions of our Online Services unavailable to you, as disclosed below.

Cookies and Similar Technology Policy

What are cookies?

Cookies are text files with small pieces of data sent from a web server to your browser and
stored on your computer or mobile device’s hard drive while you are viewing the
website. We may use both session cookies (which expire once you close your web
browser) and persistent cookies (which stay on your computer until you delete them) to
provide you with a more personal and interactive experience on our website. This type
of information may be collected to make the Service more useful to you and to tailor
your experience with us to meet your special interests and needs. We use and store this
information to provide you with more personalized and customized online services and
to make our site more convenient, useful, valuable, and appealing to you.
We use two main categories of cookies: (1) first party cookies, served directly by us to
your computer or mobile device, which we use to identify your computer or mobile
device when it revisits our website; and (2) third party cookies, which are served by
service providers on our website, and can be used by such service providers to
recognize your computer or mobile device when it visits other websites.

Disabling cookies

Should you decide at any time that you no longer wish to accept cookies from our
services for any of the purposes described above, then you can typically instruct your
browser, by changing its settings, to remove or stop accepting cookies or to prompt you
before accepting a cookie from the websites you visit. In order to do this, consult your
browser’s technical information (instructions are usually located within the “settings,”
“help” “tools” or “edit” facility). Many browsers are set to accept cookies by default until
you change your settings.

For more information about cookies, including how to see what cookies have been set
on your computer or mobile device and how to manage and delete them, visit
www.allaboutcookies.org.

If you do not accept our cookies, you may experience some inconvenience or not be
able to use all of the services or all functionality of the services.

Pixel tags

In addition, we may use pixel tags (also referred to as container tags, signal tags or
clear GIFs) on the Service to track the actions of users on website. Pixel tags are tiny
graphic images with a unique identifier, similar in function to cookies, which are used to
track web users online. In contrast to cookies, which are stored on a user’s computer
hard drive, pixel tags are embedded invisibly in web pages. Pixel tags also allow us to
send email messages in a format users can read, and they tell us whether emails have
been opened, for example, to ensure that we are sending messages that are of interest
to our users. We may use this information to reduce or eliminate messages sent to a
user.

Do not track signals

Some internet browsers may be configured to send “Do Not Track” signals to the online
services that you visit. We currently do not respond to do not track signals. To find out
more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Sites We Link To

If you choose to use any of the links we provide to any other third-party resources, you
will be leaving our Online Services and going to a new web site. Protection of your
privacy at those other sites will be governed by the privacy policies in effect at each of
those respective sites. We’ve taken special care selecting the companies that are
accessible through californiaskininstitute.com to try to ensure that they respect your
privacy as we do, but please take the time to read the privacy policies at their sites.

What Should Parents Know About Children?

We understand the importance of protecting children’s privacy in the interactive world.
We do not knowingly use our Online Services to collect personal information from
children under the age of thirteen (13) without parental consent. If you are a child under
13 years of age, you are not permitted to use any interactive functions of our Online
Service and should not send any information about yourself to us through the Service.

In the event that we become aware that we have collected personal information from
any child, we will dispose of that information in accordance with the Children’s Online
Privacy Protection Act and other applicable laws and regulations. If you are a parent or
guardian and you believe that your child under the age of 13 has provided us with
information without your consent, please contact us at team_privacy@caskin.com, and we
will take reasonable steps to ensure that such information is removed from our files.

For California Residents

The CCPA provides consumers (California residents) with specific rights regarding their
personal information. This section describes your CCPA rights and explains how to exercise
those rights.

1. Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection
and use of your personal information over the past 12 months. Once we receive and confirm
your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights),
we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data
    portability request).

2. Deletion Request Rights

You have the right to request that we delete any of your Personal Information that we collected
from you and retained, subject to certain exceptions. Once we receive and confirm your
verifiable consumer request, we will delete (and direct our service providers to delete) your
Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service
providers to:

  • Complete the transaction for which we collected the Personal Information, provide a
    good or service that you requested, take actions reasonably anticipated within the
    context of our ongoing business relationship with you, or otherwise perform our contract
    with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal
    activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech
    rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code §
    1546 seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the
    public interest that adheres to all other applicable ethics and privacy laws, when the
    information’s deletion may likely render impossible or seriously impair the research’s
    achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations
    based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the
    context in which you provided it.

3. Exercising Access, Data Portability, and Deletion Rights

If you are a resident of CA, only you or a person registered with the California Secretary of State
that you authorize to act on your behalf, may make a verifiable consumer request related to your
Personal Information. You may also make a verifiable consumer request on behalf of your minor
child.

To exercise the access, data portability, and deletion rights described above, please submit a
verifiable consumer request to us by either:

  • Mailing Address: Attention: CSI Compliance Officer, California Skin Institute,
    6399 San Ignacio Ave #120 San Jose, CA 95119
  • Email us at: Team_Privacy@caskin.com

You may only make a verifiable consumer request for access or data portability twice within a
12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person
    about whom we collected Personal Information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand,
    evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify
your identity or authority to make the request and confirm the Personal Information relates to
you. Making a verifiable consumer request does not require you to create an account with
us. We will only use Personal Information provided in a verifiable consumer request to verify
the requestor’s identity or authority to make the request.

5. Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we
require more time (up to 90 days), we will inform you of the reason and extension period in
writing. If you have an account with us, we will deliver our written response to that account. If
you do not have an account with us, we will deliver our written response by mail or
electronically, at your option. Any disclosures we provide will only cover the 12-month period
preceding the verifiable consumer request’s receipt. The response we provide will also explain
the reasons we cannot comply with a request, if applicable. For data portability requests, we
will select a format to provide your Personal Information that is readily useable and should allow
you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is
excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee,
we will tell you why we made that decision and provide you with a cost estimate before
completing your request.

Where you have given us consent to use your information for a limited purpose, you can contact
us to withdraw that consent, but this will not affect any processing that has already taken place
at the time. You can also opt-out of our use of your information for marketing purposes by
contacting us, as provided herein. When you make such requests, we may need time to
investigate and facilitate your request. If there is delay or dispute as to whether we have the
right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable).

Changes to this Policy

If we make any changes to this Privacy Policy, we will post all changes, including the
effective date of the changes. You can contact our Compliance Officer at any time if
you would like to know more about what’s new. If you have any questions or comments
or receive any unwanted e-mail from this Service, please contact our Compliance
Officer via e-mail at team_privacy@caskin.com.