Privacy Policy
Willow and Oak Aesthetic Collective
Hendersonville, TN 37075
Last Updated: 04/05/2026
Willow and Oak Aesthetic Collective ("we," "us," or "our") values your privacy and is committed to protecting your Personally Identifiable Information ("PII") and health-related information. This Privacy Policy explains how we collect, use, and safeguard information from individuals who visit our website, use our services, or otherwise interact with us ("Consumers").
By accessing or using our website or services, you agree to the terms of this Privacy Policy.
1. Information We Collect
Personal Information
When you visit our website or use our services, we may collect personal information you voluntarily provide, including:
Name
Email address
Phone number
Date of birth
Appointment and service preferences
Any other information you choose to provide
We may use your Personal Data to contact you with newsletters, marketing, and/or promotional materials that may be of interest to you.
SMS/Text Messaging:
By providing your phone number, you consent to receive text messages from Willow and Oak Aesthetic Collective. Message and data rates may apply. Message frequency may vary. Reply HELP for more information. You can reply STOP or UNSUBSCRIBE to opt out at any time.
Health Information (Protected Health Information - PHI)
As a medical spa, we may collect health-related information in connection with providing aesthetic and wellness treatments. This may include:
Medical history
Treatment records
Photos (before and after treatments, with consent)
Allergies and medications
Provider notes and assessments
This information may be considered Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act.
Automatically Collected Information
We may automatically collect certain information when you use our website, such as:
IP address
Browser type
Device type
Pages visited and browsing behavior
Cookies and Tracking Technologies
We may use cookies and similar technologies to enhance your browsing experience and analyze website traffic. You can control cookie preferences through your browser settings.
2. How We Use Your Information
We use the information we collect for the following purposes:
Providing Services: To deliver aesthetic and medical spa services safely and effectively
Treatment Planning: To assess eligibility and customize treatments based on your health information
Communication: To send appointment confirmations, reminders, updates, and promotional materials (you may opt out at any time)
Website Improvement: To analyze usage and improve website functionality and user experience
Legal and Regulatory Compliance: To comply with applicable healthcare and privacy laws
3. HIPAA and Health Information Privacy
Where applicable, we comply with the Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws governing the protection of medical information.
Your Protected Health Information (PHI) will only be used or disclosed for purposes of treatment, payment, and healthcare operations, unless you provide explicit authorization otherwise.
We implement appropriate administrative, technical, and physical safeguards to protect your PHI.
We limit access to your health information to authorized personnel who need it to perform their job duties.
Important:
Not all services or communications (such as general website inquiries, marketing forms, or SMS messaging) are guaranteed to be HIPAA-compliant communication channels. Please avoid submitting sensitive medical information through unsecured forms or text messaging.
For a more detailed explanation of how your medical information may be used and disclosed, you may request a separate Notice of Privacy Practices.
4. Sharing Your Information
We respect your privacy and do not sell or share your Personally Identifiable Information with third parties for marketing purposes.
Important: No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.
We may share your information only in the following circumstances:
Healthcare Operations: With licensed providers and staff involved in your care
Business Associates: With third-party service providers (such as scheduling systems, payment processors, or electronic medical record systems) who are contractually obligated to safeguard your information
Legal Compliance: When required by law or to respond to legal processes
Business Transfers: In connection with a merger, sale, or acquisition, where your information remains protected under this Privacy Policy
5. Your Choices and Rights
You have the following rights regarding your personal and health information:
Access: Request a copy of the personal or health data we maintain about you
Correction: Request corrections to inaccurate or incomplete information
Deletion: Request deletion of your personal information where legally permitted
Restrictions: Request limitations on how your health information is used or disclosed
Confidential Communications: Request that we contact you in a specific way (e.g., phone vs. email)
Data Portability: Request your data in a structured, machine-readable format
To exercise any of these rights, please contact us using the information below.
6. Data Security
We implement reasonable and appropriate security measures designed to protect your personal and health information from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet is 100% secure.
7. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised “Last Updated” date.
8. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Willow and Oak Aesthetic Collective
Hendersonville, TN 37075
Phone: 615.236.2400
Email: collective@willowandoakaesthetic.com