Legal
Privacy Policy
Last updated: 2026
This Privacy Policy describes how your personal information is collected, used, and shared when you visit calmamedspa.com ("the Site") or book a treatment with Calma Spa ("we", "us", "our").
Personal Information We Collect
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. As you browse the Site, we collect information about the pages you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as "Device Information."
We collect Device Information using the following technologies:
- Cookies: data files placed on your device, often including an anonymous unique identifier.
- Log files: track actions on the Site and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- Web beacons, tags and pixels: electronic files used to record information about how you browse the Site.
When you book or pay for a treatment through the Site, we collect certain information from you, including your name, email address, phone number, appointment details, and (where applicable) billing details required to process payment. We refer to this information as "Booking Information." We do not see, collect or store your full credit or debit card number — card details are entered directly into our payment processors' secure forms.
When we talk about "Personal Information" in this Privacy Policy, we are talking about both Device Information and Booking Information.
How We Use Your Personal Information
We use Booking Information to schedule and confirm your appointments, process payments, communicate with you about your visit, and provide a personalised treatment. We also use it to:
- Communicate with you about your booking;
- Screen bookings and payments for potential risk or fraud;
- When in line with the preferences you have shared with us, send you information or marketing about our treatments or services (you can unsubscribe at any time).
We use Device Information to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our Site.
Payment Processing & PayPal
Payments made through the Site are processed by our third-party payment providers, including PayPal and our card processor. When you choose to pay with PayPal, you are redirected to PayPal and your payment information is collected and processed directly by PayPal under PayPal's own Privacy Statement.
In order to process your payment, prevent fraud and resolve disputes, we share the following Booking Information with PayPal: your name, email address, billing address (if provided), the transaction amount, currency and an order reference. PayPal may also share information back with us about the status of your transaction (such as authorisation, capture, refund or dispute) and a unique transaction identifier. We do not receive your full card number, bank account details or PayPal login from PayPal.
Sharing Your Personal Information
We share your Personal Information with the following categories of third parties only as necessary to operate the Site and our spa:
- Payment processors — PayPal and our card processor, to take and reconcile payments;
- Booking and scheduling software we use to manage appointments;
- Analytics providers — we use Google Analytics to help us understand how our guests use the Site. You can read more about how Google uses your Personal Information here. You can opt out of Google Analytics here.
We do not sell your Personal Information. We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information, or to protect our rights.
International Transfers
Our payment and analytics providers (including PayPal and Google) may process your information on servers located outside the United States, including in the United States and the European Union. By using the Site and paying through these providers, you consent to your information being transferred to and processed in those countries.
Security
The Site is served over a secure, SSL/TLS-encrypted connection. We do not store full card numbers or PayPal passwords on our servers; sensitive payment data is handled directly by our PCI-DSS compliant payment processors. We maintain reasonable administrative and technical safeguards to protect the Personal Information we do hold.
Do Not Track
Please note that we do not alter our Site's data collection and use practices when we see a Do Not Track signal from your browser.
Your Rights
You have the right to access the Personal Information we hold about you and to ask that it be corrected, updated, or deleted. To exercise these rights, please contact us using the details below. We may need to keep some information for our legal and accounting records (for example, payment records) even after a deletion request.
Data Retention
When you book through the Site, we will maintain your Booking Information for our records unless and until you ask us to delete it. Payment transaction records are retained for as long as required by applicable law.
Changes
We may update this Privacy Policy from time to time to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
Minors
The Site is not intended for individuals under the age of 13.
SMS Communications
By providing your mobile phone number through our website, appointment booking system, contact forms, or any other communication channel, you expressly consent to receive SMS text messages from The Calma Spa regarding appointment confirmations, appointment reminders, booking updates, customer service communications, account notifications, special offers, promotions, and other information related to our services.
Message frequency varies depending on your interactions with us.
You may opt out of receiving SMS messages at any time by replyingSTOP to any message you receive. For assistance, reply HELP or contact us directly.
Message and data rates may apply. Please check with your wireless carrier for details.
No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Information sharing to subcontractors in support services, such as customer service, appointment scheduling, and messaging platform providers, is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Your consent to receive SMS messages is not required as a condition of purchasing any products or services.
We maintain reasonable administrative, technical, and physical safeguards designed to protect your personal information, including your mobile phone number.
Contact Us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us at:
Calma Spa
4750 Alabama Rd, Roswell, GA 30075
Email: contact@calmamedspa.com
Phone: +1 470-664-1219