Home/Privacy Policy
Privacy Policy
Maison Zolara LLC · Last updated: May 2026
Our Commitment
Privacy at a Glance
Who We Are
Maison Zolara LLC ("Maison Zolara", "we", "us", or "our") operates maisonzolara.com and the Maison Zolara mobile application ("App"), providing luxury medical aesthetics and salon services located at 4820 W Saginaw Hwy, Lansing, MI 48917. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, App, or services.
Information We Collect
We collect the following categories of information:
- ✦Contact information — Name, email address, phone number, and mailing address when you submit a form, create an account, or book an appointment.
- ✦Health and aesthetic information — Information you voluntarily provide when completing intake forms or AI skin/beauty analyses. This is used solely to personalize your treatment recommendations.
- ✦Booking & transaction data — Appointment history, services booked, deposits paid, and membership status.
- ✦Usage data — Pages viewed, time spent, device type, IP address, and browser information collected automatically via cookies and analytics tools.
- ✦Device data (App) — When you use our App, we may collect device identifiers, operating system version, App version, and crash reports to improve stability and performance.
- ✦Camera & photo data — When you use the skin analysis feature, your camera or selected photos are accessed in real-time. Images are processed transiently and are not stored. See Section 05 for full details.
- ✦Communications — Messages you send via contact forms, email, or in-App chat.
How We Use Your Information
- ✦To schedule and manage appointments.
- ✦To personalize AI-powered beauty and skin analysis results.
- ✦To send appointment confirmations, reminders, and follow-up care instructions.
- ✦To manage your membership and process billing.
- ✦To send promotional communications (with your consent; you may opt out at any time).
- ✦To improve our website, App, services, and user experience.
- ✦To analyze App and website performance and diagnose technical issues.
- ✦To comply with legal obligations and enforce our Terms and Conditions.
- ✦To prevent fraud and maintain the security of our systems.
Legal Basis for Processing
- ✦Contractual necessity — Processing required to fulfill your bookings, deliver services, and manage your account.
- ✦Legitimate interests — Analytics, fraud prevention, product improvement, and direct marketing to existing clients.
- ✦Consent — Promotional emails, SMS communications, and AI analysis photo processing — all of which you may withdraw at any time.
- ✦Legal obligation — Retention of billing records and healthcare documentation as required by applicable law.
AI Analysis & Camera Usage
Applies to the skin analysis feature on our website and App.
Our AI-powered skin analysis feature ("Zolara Skin Analysis") may use your device camera (for live scan) or photos from your photo library (for upload analysis) to generate a personalized skin assessment.
Our firm commitments regarding your photos:
Photo library access is only requested when you choose to upload a saved photo and only the specific photo you select is accessed — not your full photo library.
Mobile App Data Practices
Applies to the Maison Zolara mobile application.
The Maison Zolara App is designed with privacy-first principles. Below is a summary of data collected by the App and why:
| Data Type | Purpose | Shared? |
|---|---|---|
| Name & email | Account & appointment management | No |
| Phone number | Appointment reminders (with consent) | No |
| Booking history | Personalized recommendations | No |
| Camera / photos | AI skin analysis (transient, not stored) | No |
| Device identifiers | Analytics & crash reporting | Anonymized only |
| Usage analytics | App performance & feature improvement | Anonymized only |
| Push notification token | Appointment & care reminders | No |
We do not use advertising SDKs, cross-app tracking, or behavioral advertising networks in our App.
Cookies & Tracking Technologies
We use cookies and similar technologies on our website to enhance your browsing experience and analyze site traffic. The types of cookies we use:
- ✦Strictly necessary — Required for the website to function (e.g., session management, booking flow). Cannot be disabled.
- ✦Analytics cookies — Help us understand how visitors interact with our website. We use Google Analytics (GA4) and PostHog. IP addresses are anonymized.
- ✦Marketing cookies — Used to measure the effectiveness of our promotions. We do not use these to build advertising profiles or sell behavioral data.
You may disable cookies in your browser settings; note that some site features may not function correctly without them.
Sharing of Information
We may share information only with:
- ✦Service providers who assist in operating our website, App, and business (e.g., booking platform, email service, payment processor) under confidentiality agreements.
- ✦Analytics providers on an anonymized and aggregated basis only.
- ✦Healthcare or legal authorities if required by applicable law or court order.
- ✦A successor entity in the event of a merger or acquisition, subject to the same privacy commitments.
Data Retention
We retain your data only as long as necessary for the purposes described in this policy:
- ✦Account data: Until you request deletion or your account has been inactive for 3 years.
- ✦Booking & service records: 7 years from service date, as required by Michigan business and healthcare record-keeping laws.
- ✦AI analysis photos: Not retained — processed transiently and immediately discarded.
- ✦Marketing communications: Until you unsubscribe or withdraw consent.
- ✦Anonymized analytics: Up to 26 months in line with Google Analytics standard retention.
Data Security
We implement industry-standard security measures including HTTPS/TLS encryption for all data in transit, access controls limiting data access to authorized personnel only, and secure data storage with regular security reviews. Payment data is processed by PCI-compliant payment processors — we do not store credit card numbers on our systems. No method of transmission over the internet is 100% secure — we encourage you to contact us promptly if you suspect unauthorized access to your information.
Your Rights & Data Deletion
You have the following rights regarding your personal information. To exercise any of these rights, contact us at admin@maisonzolara.com. We will respond within 30 days.
Access
Request a copy of the personal data we hold about you.
Correction
Request correction of inaccurate or incomplete data.
Deletion
Request deletion of your personal data. We will delete within 30 days except where retention is legally required.
Portability
Request your data in a machine-readable format.
Opt-out of marketing
Unsubscribe from promotional emails or SMS at any time via the link in any message.
Withdraw consent
Withdraw consent for AI analysis or any other consent-based processing at any time.
How to request data deletion
- 1.Email admin@maisonzolara.com with subject line "Data Deletion Request".
- 2.Include your full name and the email address associated with your account.
- 3.We will confirm receipt within 5 business days and complete deletion within 30 days.
- 4.You will receive a confirmation email once your data has been deleted.
Michigan residents may also have additional rights under applicable state law. As a medical practice, your health information is also protected under HIPAA. Please review our HIPAA Notice of Privacy Practices for your full rights regarding Protected Health Information.
Children's Privacy
Our website, App, and services are not directed to individuals under 13 years of age, and we do not knowingly collect personal information from children under 13. Our in-person medical aesthetic services are only provided to individuals 18 and older.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at admin@maisonzolara.com and we will promptly delete it.
Third-Party Services We Use
We use the following categories of third-party services that may process your data:
- ✦Analytics — Google Analytics (GA4) and PostHog — usage data with IP anonymization enabled.
- ✦Booking platform — Our scheduling software to manage appointments. Subject to its own privacy policy.
- ✦Payment processing — Stripe — for deposit and membership payments. We do not store card data. Stripe is PCI-DSS Level 1 certified.
- ✦Email communications — For appointment confirmations and marketing emails with your consent.
- ✦AI analysis — Vision AI API for real-time skin analysis processing. Data is not retained by the API provider per our service agreement.
International Data Transfers
Our services are operated in the United States. If you access our website or App from outside the United States, your information may be transferred to, stored, and processed in the U.S. By using our services, you consent to this transfer. We apply appropriate safeguards consistent with applicable law.
Changes to This Policy
We may update this Privacy Policy periodically. Changes will be posted at maisonzolara.com/privacy with an updated "Last updated" date. For material changes, we will make reasonable efforts to notify you directly via email or in-App notification. Continued use of our website or App following changes constitutes acceptance of the revised policy.
Contact Us
Maison Zolara LLC
4820 W Saginaw Hwy, Lansing, MI 48917
For privacy-related inquiries, use subject line "Privacy Request". For data deletion requests, use subject line "Data Deletion Request".