Instagram
Book Appointment

Privacy Policy

Last updated: June 16, 2025

BGMG Cosmetics (“BGMG,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our websites, book consultations (in person or virtual), use patient portals, communicate with us (phone, SMS, email, chat), or receive care at our practice (collectively, the “Services”).

If you do not agree with this Policy, please do not use the Services.

Scope & Relationship to Medical Privacy (HIPAA)

  • This Privacy Policy covers consumer/personal information we process via our website, scheduling systems, marketing tools, and general operations.
  • Some information we handle in the course of providing medical services may constitute Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). PHI is governed by our HIPAA Notice of Privacy Practices (NPP), which we provide at or before your first in-person visit or upon request. If this Policy conflicts with the NPP regarding PHI, the NPP controls.
  • Telehealth/virtual services may involve both consumer data and PHI; we handle each in accordance with this Policy and our NPP.

Information We Collect

a) Information you provide directly

  • Contact & identity data: name, email, phone number, mailing address, date of birth.
  • Health & intake details: symptoms, medical history, photos you upload, goals, prior procedures/medications (PHI may apply).
  • Payment & financing: billing details, partial card data tokens (we do not store full card numbers), financing application information (handled by third-party lenders).
  • Communications: messages via forms, chat, email, SMS; preferences/consents.
  • Employment inquiries: résumé/CV, work history if you apply for a job.

b) Information we collect automatically

  • Device & usage: IP address, browser type, device identifiers, pages viewed, referring pages, time/date stamps, session data.
  • Cookies & similar technologies: pixels, tags, SDKs for analytics, fraud prevention, and advertising measurement (see Section 8).

c) Information from third parties

  • Service providers & partners: analytics platforms, marketing and CRM tools, payment processors, financing partners, EHR/portal vendors, labs/imaging centers, appointment platforms.
  • Social media & ad networks: when you interact with our ads or profiles (subject to their policies).
  • Insurance or referring clinicians: for functional or medically necessary components of care (PHI may apply under HIPAA/NPP).

How We Use Information

We use information to:

  • Provide the Services: schedule consults, deliver care, manage your chart, process payments, send reminders, coordinate labs/imaging.
  • Communicate: respond to inquiries, send pre-op/post-op instructions, provide updates, marketing communications (with your consent where required).
  • Improve & secure: analytics, quality assurance, debugging, fraud/security monitoring, training, product development.
  • Compliance: meet legal, regulatory, and auditing obligations; enforce our Terms & financial policies; handle disputes.
  • Advertising/retargeting: show relevant content or offers (see Section 8 for choices).

Legal Bases (where applicable)

While we primarily operate under U.S. law, when required (e.g., for EEA/UK visitors), we rely on: consent, performance of a contract, legitimate interests (e.g., safety, basic analytics), and legal obligations. For PHI, HIPAA authorizations/permissions apply per the NPP.

How We Share Information

We do not sell your personal information for money. We may share information with:

  • Service providers/contractors: hosting, EHR/portal vendors, appointment & messaging tools, analytics/advertising platforms, email/SMS providers, document e-signature, IT/security, shredding, and storage—bound by contract to use data only to provide services to us.
  • Payment & financing partners: payment processors and medical-financing companies you choose to apply with (subject to their terms).
  • Medical partners: labs, imaging centers, pharmacies, or other clinicians (PHI: per NPP/HIPAA).
  • Insurance entities: when you request insurance billing for medically necessary components.
  • Legal & compliance: if required by law, subpoena, or to protect rights, safety, and security.
  • Business transfers: in a merger, acquisition, or asset sale, subject to confidentiality and continued protections.

Your Choices & Rights

a) Communication preferences

  • Marketing emails/SMS: opt out anytime via the link in our emails, replying STOP to SMS, or contacting us (see Section 14). Transactional/operational messages may still be sent.

b) Access, correct, or delete

  • You can request to access, correct, or delete personal information we hold about you. Some data must be retained for legal, security, or medical recordkeeping reasons. PHI requests are handled under the NPP/HIPAA.

c) California privacy rights (CCPA/CPRA)

California residents have the right to:

  • Know categories and specific pieces of personal information we collected about you.
  • Delete personal information (with legal/operational exceptions).
  • Correct inaccurate personal information.
  • Opt-out of sale/share of personal information (including cross-context behavioral advertising via cookies/pixels).
  • Limit use/disclosure of sensitive personal information (where applicable).
    To exercise, use the methods in Section 14 or our “Do Not Sell or Share My Personal Information” link (if available on our site). We will verify your request and respond within statutory timelines. You may authorize an agent to submit requests on your behalf (we may require proof of authorization).

We do not knowingly sell/share children’s personal information.

Children’s Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information online from children under 13. For clinical services involving minors, a parent/guardian must consent. If you believe a child under 13 provided personal information online, contact us to request deletion.

Cookies, Analytics & Advertising

a) Cookies & similar technologies

We and our partners use cookies, pixels, and SDKs to:

  • Enable core site features (session management, security).
  • Measure traffic/usage (e.g., Google Analytics).
  • Improve performance and personalize content.
  • Provide advertising/retargeting and measure campaign effectiveness (e.g., Google, Meta).

b) Your controls

  • Browser settings: block or delete cookies (site functionality may be affected).
  • Platform opt-outs: Google Ads Settings, Meta Ad Preferences, and the NAI/DAA opt-out tools.
  • Do Not Track: Our Services may not respond to DNT signals; we honor opt-out mechanisms required by applicable law (e.g., CPRA opt-out of sale/share).
  • Consent banners: Where required, we display a cookie banner to manage preferences.

Data Security

We implement administrative, technical, and physical safeguards to protect information (encryption in transit, access controls, staff training, least-privilege access, vendor due diligence). No method of transmission or storage is 100% secure; please use caution when sending sensitive information online.

Data Retention

We retain personal information as long as needed for the purposes described, to comply with legal/recordkeeping obligations, resolve disputes, and enforce agreements. Medical records/PHI are retained per applicable healthcare laws.

International Data Transfers

If you access the Services from outside the United States, you understand your information may be processed in the U.S., where laws may differ from your country’s. We take steps consistent with applicable law to protect transferred data.

Third-Party Links

Our site may link to third-party websites or services (e.g., financing portals, social media). We are not responsible for their privacy practices or content. Review each site’s privacy policy before providing information.

SMS/Text Messaging

By providing your mobile number and consenting, you agree to receive text messages (appointment reminders, pre/post-op instructions, check-ins, or marketing if you opt in). Message/data rates may apply. Reply STOP to opt out, HELP for help. We do not require consent to purchase any goods or services.

How to Exercise Your Rights or Contact Us

To make a privacy request (access, deletion, correction, opt-out) or ask questions:

Phone: +1 (562) 928-7060

Email: vip@bgmgcosmetics.com

Address: 7916 Eastern Ave. Bell Gardens, CA 90201

Mon-Fri: 9 AM – 6 PM
Sat: By Appointment Only

If your request relates to PHI/medical records, please indicate this so we can route it under the HIPAA NPP process.

If we cannot resolve your concern, you may have the right to contact your state Attorney General or relevant data protection authority.

Changes to This Privacy Policy

We may update this Policy from time to time. When we do, we will revise the “Last updated” date above and, where required, notify you (e.g., via the site or email). Your continued use of the Services after changes means you accept the updated Policy.