Fraud Blocker

Introducing our partnership with Clay Health & Care

Meet Maggie, Longevity Medicine Physician Assistant and Director of Health

Privacy Policy

Effective Date: August 2025

Who We Are

Mandala Aesthetics & Wellness is a medical spa located in Geneva, Illinois, offering advanced aesthetic and wellness treatments. Our services include injectables, facials, microneedling, PRP therapies, and curated skincare. Led by Cassie Mandala, MPAS, PA-C, our practice is committed to providing personalized, patient-centered experiences that combine medical expertise with a nurturing approach to beauty and wellness.

Comments & Form Submissions

When visitors submit forms (such as appointment requests, event inquiries, or contact requests) on our site, we collect the data shown in the form, as well as the visitor’s IP address and browser user agent string to help with spam detection.

An anonymized string created from your email address (a hash) may be provided to the Gravatar service to check if you are using it. After form approval, your profile image (if applicable) may be visible in the context of your submission.

Media

If you upload files or images to the website (for example, consent forms or skin photos), please avoid uploading images that contain embedded location data (EXIF GPS). Visitors to the website could download and extract location information from such images.

Cookies

If you fill out a form on our site, you may opt-in to saving your name, email address, and phone number in cookies. These are for your convenience so you don’t have to re-enter your details on subsequent submissions. These cookies will last for one year.

If you log in to a patient portal (if provided), we will set up several cookies to save your login information and screen display preferences. Login cookies last for two days, while screen options cookies last for one year. If you select “Remember Me,” your login will persist for two weeks. If you log out, the login cookies will be removed.

If you edit or publish content (such as a testimonial), an additional cookie will be saved in your browser. This cookie contains no personal data and simply indicates the post ID of the content edited. It expires after one day.

Embedded Content from Other Websites

Pages on this site may include embedded content (e.g., videos, images, or articles). Embedded content from other websites behaves exactly as if you had visited that external website directly.

These websites may collect data about you, use cookies, embed third-party tracking, and monitor your interaction with that embedded content, including if you have an account and are logged in to that website.

Who We Share Your Data With

If you request a password reset (if portal accounts are supported), your IP address will be included in the reset email.

We may also share your information with trusted third-party vendors who help us operate our website, manage bookings, or communicate with patients. These may include hosting providers, email services, payment processors, or analytics platforms.

We do not sell, trade, or rent your personal data to third parties.

How Long We Retain Your Data

If you submit a form, the submission and its metadata are retained indefinitely. This helps us recognize and approve follow-up submissions automatically.

For users who register on a patient portal (if applicable), we store the personal information provided in their user profile. All users can see, edit, or delete their personal information at any time (except usernames, which cannot be changed). Website administrators can also access and manage this data.

What Rights You Have Over Your Data

If you have an account on this site or have submitted an inquiry, you can request an exported file of the personal data we hold about you — including any data you have provided to us.

You can also request that we erase any personal data we hold about you. This does not include any data we are required to keep for administrative, legal, or medical compliance purposes.

Where Your Data Is Sent

Visitor form submissions may be checked through an automated spam detection service.

We may also share your data with service providers who assist in managing our business, provided they agree to maintain confidentiality. Data may also be disclosed if required by law or necessary to protect our rights, property, or patient safety.

HIPAA Compliance & Health Information

Because Mandala Aesthetics & Wellness provides medical spa services, certain information you provide may be considered Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).

We are committed to safeguarding your PHI and only use or disclose it as permitted by law. This includes using your information for treatment purposes, scheduling, payment processing, and healthcare operations. We will not share your PHI with third parties without your consent, except when required by law or in the course of providing your care.

If you have specific questions about how we handle your PHI, please contact us directly using the information below.

Text Message Opt-Out

If you are receiving appointment reminders or promotional text messages from us and wish to stop receiving them, simply respond with “STOP” or “UNSUBSCRIBE” to the number from which you received the message. Once we receive your request, you will no longer receive further text messages from us.

Contact Information

If you have any questions about this Privacy Policy, HIPAA compliance, or would like to make a request regarding your personal data, you may contact us at:

Mandala Aesthetics & Wellness
 426 S Third Street, Unit 1D
Geneva, IL 60134
Phone: (630) 405-8887
Email: cassie@mandalaaesthetics.com
Website: https://mandalaaesthetics.com