Privacy policy

Clinique Injection Essencia – Longueuil, Québec

Clinique Injection Essencia
Last updated: February 26, 2026

1. Our Commitment and Legal Framework

Clinique Injection Essencia is committed to protecting your privacy and ensuring the security of your personal information in compliance with applicable laws, including Quebec’s Law 25 and the Act Respecting the Protection of Personal Information in the Private Sector, as well as applicable professional healthcare standards.

We apply the following principles:

• Transparency

• Accountability

• Purpose limitation

• Data minimization

• Enhanced security safeguards

Unless otherwise stated in this Privacy Policy, we do not sell, rent, trade, or disclose your personal information without your consent, except where required or permitted by law.

2. Privacy Officer (Person in Charge of Personal Information)

As required by Law 25, the person responsible for the protection of personal information is:

Nohémy Maillé-Santos
Clinique Injection Essencia
1887 chemin du Tremblay, Local 220, Longueuil (QC)
Email: injection_essencia@hotmail.com

Privacy-related requests must be submitted in writing.

3. How We Collect Personal Information

We may collect personal information in the following situations:

• Booking appointments (online, by phone, in-person, or virtually)

• Opening a client file (creating your profile / medical chart)

• Customer service interactions (email, phone, messages, or in person)

• Marketing initiatives (newsletter sign-up, promotions—only with consent)

• Contests, special offers, surveys (if applicable)

• Employment applications (CV, cover letter, contact details—during recruitment only unless you consent to extended retention)

• Website use (cookies and similar technologies—see Section 9)

4. Types of Personal Information We May Collect

Depending on your interaction with us, we may collect, including but not limited to:

4.1 Identification and Contact Information

• First and last name

• Date of birth

• Mailing address

• Email address

• Phone number

4.2 Appointment and Transaction Information

• Appointment history and reminders

• Services and products purchased

• Payment-related information (processed by secure providers; we do not store full card details when handled by third parties)

4.3 Medical / Clinical Information (as required for safe care)

• Relevant medical history

• Allergies, contraindications

• Medications

• Skin conditions relevant to treatment safety

• Treatment plan and clinical notes

4.4 Clinical Photos

• Before/after photos and follow-up documentation

Clinical photos may be used:

• For medical documentation and follow-up (standard clinical practice)

• For educational or marketing purposes only with separate, explicit written consent

5. How We Use Personal Information

We may use personal information for purposes including:

• Appointment management (confirmations, reminders, scheduling)

• Clinical safety and treatment delivery (assessment, contraindications, documentation)

• Post-treatment follow-ups and clinical continuity

• Legal and professional compliance (record-keeping obligations)

• Marketing communications (newsletter, promotions) only with your consent

• Client feedback and service improvement (surveys, reviews, service quality)

We do not make decisions based solely on automated processing that would have legal or similarly significant effects without human involvement.

6. Sharing Personal Information (Service Providers)

We may share personal information with third-party service providers only when necessary to deliver our services and operate our clinic, and only under confidentiality and security obligations. Examples include:

• Payment processing

• Website hosting

• Email distribution and marketing platforms

• Appointment and chart management systems

• Loyalty program platforms

We do not share mobile or personal data with third parties for their independent marketing or promotional use.

7. Loyalty Program and Email Marketing (Loopy Loyalty & Mailchimp)

7.1 Loopy Loyalty (Digital Loyalty Card)

We use Loopy Loyalty to manage our digital loyalty program. Information may include:

• Name

• Email and/or phone number

• Loyalty participation history (points, rewards, program activity)

This information is used exclusively to:

• Administer your loyalty account

• Apply rewards and benefits

• Understand program usage to improve the experience

7.2 Mailchimp (Email Marketing)

We use Mailchimp to send newsletters and promotional communications. Information may include:

• Name

• Email address

• Engagement data (opens, clicks)

You can unsubscribe at any time using the “Unsubscribe” link in our emails.

7.3 Data Hosting Outside Quebec

Some service providers (including marketing and loyalty platforms) may store or process data outside Quebec. Where required, we conduct a Privacy Impact Assessment (PIA / EFVP) to ensure that adequate protections are in place in compliance with Law 25, and we implement appropriate contractual and technical safeguards.

8. SMS / Text Messaging (If Applicable)

If you consent to receive text messages, we may send:

• Appointment reminders

• Confirmations

• Post-treatment instructions

• Promotional messages (only with consent)

You may opt out at any time by following the unsubscribe instructions provided in the messages (e.g., replying STOP, if applicable). Message and data rates may apply depending on your mobile provider.

9. Cookies, Analytics, and Tracking Technologies

We use cookies and similar technologies to improve website performance, understand usage, and support marketing efforts.

Information may include:

• IP address

• Device identifier

• Browser type and operating system

• Referring website

• Pages visited and browsing behavior

Categories of cookies may include:

• Essential cookies (site functionality, preferences)

• Performance/analytics cookies (traffic and usage analysis)

• Marketing/advertising cookies (ad personalization and measurement)

• Functional cookies (enhanced features)

You can manage or disable cookies in your browser settings, but certain features may be affected.

10. Security Measures

We use appropriate safeguards to protect personal information, including:

• Restricted access (authorized staff only)

• Secure platforms and controlled environments

• Password protection and access controls

• Website SSL encryption where applicable

• Internal confidentiality practices

11. Retention of Personal Information

We retain personal information only as long as necessary for the purposes described and as required by law and professional standards.

Clinical records are generally retained for a minimum of 5 years following the last service, as required by professional standards.

Marketing data is retained until consent is withdrawn.

12. Your Rights Under Law 25

You may request:

• Access to your personal information

• Correction of inaccurate or incomplete information

• Withdrawal of consent (e.g., marketing)

• Deletion where legally permitted

• Portability (structured, commonly used format), where technically feasible

Requests must be sent in writing to the Privacy Officer. We respond within the legally required timeframe (generally 30 days), subject to identity verification and applicable exceptions.

13. Confidentiality Incidents

If a confidentiality incident presents a risk of serious harm, we will comply with applicable obligations, which may include:

• Notifying the Commission d’accès à l’information (CAI)

• Notifying affected individuals

• Keeping an internal incident register

14. Individuals Under 14

We do not knowingly collect personal information from individuals under 14 years of age without appropriate parental consent.

15. Updates to This Policy

This Privacy Policy may be updated to reflect legal requirements and business practices. The most current version will always be available on our website. Continued use of our services constitutes acceptance of the current version.