Book Now

Privacy Policy

Effective Date: January 1, 2026

Last Updated: January 1, 2026

InfusaLounge Integrative & Functional Medicine (“InfusaLounge,” “we,” “us,” or “our”) is committed to protecting your privacy and safeguarding your personal and health information. InfusaLounge Integrative & Functional Medicine is a DBA of InfusaLounge Wellness Spa LLC, a Texas limited liability company. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our website, use our services, or interact with our clinic.

By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with these practices, please do not use our website or services. Your use of this website is also governed by our Terms of Use and our Disclaimer.

1. Information We Collect

Personal Information

We may collect the following personal information when you interact with our website or services:
  • Name, email address, phone number, and mailing address
  • Date of birth and demographic information
  • Insurance and billing information
  • Emergency contact information
  • Payment information (processed securely through third-party payment processors)

Protected Health Information (PHI)

As a healthcare provider, we collect health-related information necessary to provide medical care, including:
  • Medical history, symptoms, and health conditions
  • Diagnostic test results and laboratory data
  • Treatment records and therapy notes
  • Medications and supplement information
  • Allergies and adverse reactions
  • Provider notes and care plans

Website Usage Information

When you visit our website, we may automatically collect:
  • IP address and device identifiers
  • Browser type and operating system
  • Pages visited and time spent on pages
  • Referring website or source
  • Geographic location (general region)

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Treatment: To provide, coordinate, and manage your healthcare and related services
  • Payment: To process payments, verify insurance eligibility, and manage billing
  • Healthcare Operations: To support quality improvement, staff training, and administrative functions
  • Communication: To send appointment reminders, follow-up information, and health-related communications
  • Website Improvement: To analyze website usage, improve user experience, and enhance our services
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Safety and Security: To protect the rights, safety, and property of our patients, staff, and visitors

3. HIPAA and Protected Health Information

As a healthcare provider, InfusaLounge is subject to the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations. HIPAA establishes national standards for the protection of individually identifiable health information.

Notice of Privacy Practices

Our Notice of Privacy Practices describes how we may use and disclose your Protected Health Information (PHI), and explains your rights regarding your health information. A copy of our Notice of Privacy Practices is provided to all patients at their first visit and is available upon request.

Permitted Uses and Disclosures

Under HIPAA, we may use or disclose your PHI without your authorization for:

  • Treatment, payment, and healthcare operations (TPO)
  • Public health activities and reporting
  • Health oversight activities
  • Judicial and administrative proceedings (as required by law)
  • Law enforcement purposes (as required by law)
  • To avert a serious threat to health or safety

Uses Requiring Authorization

Other uses and disclosures—such as marketing, sale of PHI, or sharing with third parties for purposes unrelated to your care—require your written authorization. You may revoke any authorization at any time by submitting a written request to our Privacy Officer.

4. Your Privacy Rights

HIPAA Patient Rights

Under HIPAA, you have the right to:

  • Access and obtain copies of your health records
  • Request corrections to your health information if you believe it is inaccurate or incomplete
  • Request restrictions on certain uses and disclosures of your PHI
  • Request confidential communications (e.g., to a specific phone number or address)
  • Receive an accounting of certain disclosures of your PHI
  • Receive a copy of our Notice of Privacy Practices
  • File a complaint if you believe your privacy rights have been violated

California Consumer Privacy Act (CCPA/CPRA) Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You may request information about the categories and specific pieces of personal information we collect, use, and disclose
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions
  • Right to Correct: You may request correction of inaccurate personal information
  • Right to Opt-Out: You may opt out of the sale or sharing of your personal information
  • Right to Limit Use: You may limit the use and disclosure of sensitive personal information
  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights

Note: Protected Health Information (PHI) governed by HIPAA is generally exempt from CCPA. However, non-health-related personal information collected through our website is subject to CCPA requirements.

5. Do Not Sell or Share My Personal Information

InfusaLounge does not sell your personal information. We do not exchange personal information for monetary consideration.

We may share limited information with third-party analytics and advertising partners to improve our website and services. Under California law, this may constitute “sharing” of personal information for cross-context behavioral advertising.

To opt out of sharing:

  • Click the "Do Not Sell or Share My Personal Information" link in our website footer
  • Enable Global Privacy Control (GPC) in your browser—we honor GPC signals automatically
  • Contact us directly using the information provided below

When you opt out, we will disable non-essential tracking technologies and confirm your opt-out status.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience, analyze website usage, and support our marketing efforts.

Types of Cookies We Use

  • Essential Cookies: Required for basic website functionality (e.g., session management, security). These cookies do not require consent.
  • Analytics Cookies: Help us understand how visitors use our website (e.g., Google Analytics). We use IP anonymization where possible.
  • Functional Cookies: Remember your preferences and settings to provide a personalized experience.
  • Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness. These are only placed with your consent or until you opt out.

Managing Your Cookie Preferences

You can manage your cookie preferences in the following ways:

  • Cookie Consent Banner: Use our cookie consent banner to accept, reject, or customize cookie categories
  • Browser Settings: Adjust your browser settings to block or delete cookies
  • Global Privacy Control (GPC): Enable GPC in your browser to automatically signal your opt-out preference
  • Opt-Out Tools: Use industry opt-out tools like the Digital Advertising Alliance's opt-out page

Note: Disabling certain cookies may affect website functionality.

7. Data Security

We implement administrative, technical, and physical safeguards to protect your personal and health information, including:

  • Encryption of data in transit (SSL/TLS) and at rest
  • Secure access controls and authentication measures
  • Regular security assessments and monitoring
  • Employee training on privacy and security practices
  • Business associate agreements with third-party vendors
  • Incident response procedures for potential breaches

While we strive to protect your information, no method of transmission or storage is 100% secure. If you have concerns about the security of your information, please contact us.

8. Third-Party Disclosures

We may share your information with third parties in the following circumstances:
  • Service Providers: Third parties who perform services on our behalf (e.g., payment processors, laboratory partners, IT providers). These parties are contractually obligated to protect your information.
  • Healthcare Providers: Other healthcare providers involved in your care, with your consent or as permitted by HIPAA.
  • Legal Requirements: When required by law, subpoena, court order, or government request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, where your information may be transferred as part of the transaction.
  • With Your Consent: When you provide explicit authorization for a specific disclosure.

9. Data Retention

We retain your personal and health information for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal and regulatory requirements, resolve disputes, and enforce our agreements.

Retention periods:

  • Medical Records: Retained in accordance with Texas state law and HIPAA requirements (typically 7 years for adults, longer for minors)
  • Billing Records: Retained for at least 7 years per IRS requirements
  • Website Data: Analytics and cookie data typically retained for 26 months or less

10. Children's Privacy

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13 through our website. If we become aware that we have collected such information, we will take steps to delete it. For healthcare services provided to minors, parental or guardian consent is obtained as required by law.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or services. When we make material changes, we will update the “Last Updated” date at the top of this page and, where appropriate, notify you by email or through a notice on our website. We encourage you to review this Privacy Policy regularly.

12. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about how your information is handled, please contact us:

InfusaLounge Integrative & Functional Medicine

Attn: Privacy Officer
190 E Stacy Road, Suite 1720
Allen, TX 75002

Phone: (972) 546-4318

Email: privacy@infusalounge.com