Noa Skincare cancellation & privacy policies

We value your time & ours by providing the best service for every client. Please review our policies below

Cancellation Policy

Deposit Requirement:

A $20 deposit is required at the time of booking to secure your appointment. This deposit will be deducted from your treatment total on the day of your service.

Cancellations & No-Shows:

To Cancel or reschedule, please notify us at 24 hours in advance. Cancellations made less than 24 hours before the appointment, or missed appointment, will result in loss of the $20 deposit.

Rescheduling:

Rescheduling more than 24 hours in advance, your deposit will be applied to your new appointment.

Late Arrivals:

Please arrive on time. Being late 15 minutes or more will shorten the appointment, or might results in rescheduling with loss of the deposit.

Privacy Policy

Data Accessed:

Our website and integrated applications (e.g., email sending via Gmail SMTP through OAuth 2.0) access limited Google user data only as needed. Specifically:

  • We access Gmail account data (from our admin account) solely for authenticating and sending outbound emails, such as confirmations, responses to contact forms, or newsletters.
  • We do not access any personal data from website visitors through Google services, form submissions (e.g., name, email, message) are handled directly on our server.
  • No other Google user data, such as emails, contacts, or files, is accessed.

Data Usage:

Accessed data is used exclusively for its intended purpose:

  • Google data (e.g., OAuth tokens) is processed temporarily to send emails reliably and securely, improving deliverability and preventing spam.
  • Website visitor data from forms is used to respond to inquiries, process orders, or provide services. We do not use it for automated decision-making, profiling, or unrelated marketing without consent.
  • All handling is done in a secure, encrypted manner to ensure functionality without compromising privacy.

Data Sharing:

We do not share any Google user data or website visitor data with third parties, except as required by law or for essential service providers:

  • Emails are sent via Google’s servers, but no data is shared beyond what’s needed for transmission.
  • We may use trusted tools like hosting providers (e.g., for WordPress) or payment processors, but they are bound by strict data protection agreements and do not access Google-specific data.
  • No data is sold, rented, or shared for advertising purposes.

Data Storage and Protection:

  • We do not store Google user data. Any temporary access (e.g., OAuth tokens) is not retained beyond the immediate email-sending process and expires automatically.
  • Website visitor data (e.g., from forms) is stored securely on our servers with encryption, firewalls, and access controls. We use industry-standard measures like HTTPS and regular security audits to protect against unauthorized access.
  • In the event of a data breach, we will notify affected users promptly as required by law.

Data Retention and Deletion:

  • Google user data is not retained, so there is no retention period. Access can be revoked instantly via your Google Account settings (Security > Third-party apps).
  • Website visitor data is kept only as long as necessary (e.g., 1 year for customer service records) or until you request deletion.
  • To request data deletion or access a copy of your data, email us at [your email]. We will respond within 30 days and delete data unless legally required to retain it (e.g., for billing records).

 

Last updated: February 26, 2026. We may update this policy in the future, changes will be posted here.