1. Introduction

At Judith Gurley Plastic Surgery & Medical Spa, d/b/a Gurley Glow (“us”, “we”, “our” or the “Company”) we value your privacy and the importance of safeguarding your data. This Privacy Policy (the “Policy”) describes our privacy practices for the activities set out below. It also tells you about the rights and choices you have with respect to your personal data, and how you can reach us to get answers to your questions. As per your rights, we inform you how we collect, store, access, and otherwise process information relating to individuals. In this Policy, personal data (“Personal Data”) refers to any information that on its own, or in combination with other available information, can identify an individual. Please note, our privacy practices are subject to the applicable laws of the places in which we operate. You will see additional region-specific terms that only apply to customers located in those geographic regions, or as required by applicable laws.

Scope

This privacy policy applies to the Company’s customer-facing operations in the United States and applies to the Judith Gurley Plastic Surgery & Medical Spa websites, domains, applications, services, platforms, products, and other tools where Judith Gurley Plastic Surgery & Medical Spa’s Terms of Use appear or are other referenced (collectively, the “Sites”). You may be accessing our Sites from a computer or mobile phone device (through mobile website or mobile application), or any other applications or services that link to this privacy policy; visit us in our clinic; communicate with us; shop with our third-party partners; or engage with us on social media. We may also provide additional “just-in-time” notices that may supplement or clarify our privacy practices or provide you with additional choices regarding your Personal Data.

This Policy does not apply to third-party applications, websites, products, services or platforms that may be accessed through (non-Judith Gurley Plastic Surgery & Medical Spa) links that we may provide to you. These sites are owned and operated independently from us, and they have their own separate privacy and data collection practices. Please note that we have no control over the privacy practices of websites or applications that we do not own.  Any Personal Data that you provide to these websites will be governed by the third-party’s own privacy policy. We encourage you to review the privacy practices of those third parties. We cannot accept liability for the actions or policies of these independent sites, and we are not responsible for the content or privacy practices of such sites.

Processing Activities

This Policy applies when you interact with us by doing any of the following:

  • Make use of our application and services as an authorized user
  • Visit any of our websites that link to this Privacy Statement
  • Receive any communication from us including newsletters, emails, calls, or texts / SMS

This https://www.enzuzo.com/privacy-policy-generator privacy policy was generated by our data privacy and compliance vendor, Enzuzo, using information and details specific to our business.

2. Personal Data We Collect

What Personal Data We Collect

The types of Personal Data we obtain about you depends on how you interact with us and our products and services. When we use the term “Personal Data,” we are referring to information that identifies, relates to, describes, or can be associated with you. The following are the categories and specific types of Personal Data that we collect:

  • Basic Identifying Information including your full name, alias, postal address, phone number, date of birth, account name, username, email address, social media handle, and other similar identifiers
  • Payment Information such as your credit card, debit card or other payment method
  • Commercial information, including products or services you have purchased, returned, exchanged, or considered and preferences
  • Device information and other unique identifiers including device identifiers, internet protocol (IP address), cookies, beacons, pixel tags, mobile ad identifier, or similar unique identifiers Internet or other network activity including device identifiers, internet protocol (IP) address, cookies, beacons, pixel tags, mobile ad identifier, or similar unique identifiers
  • Physical characteristic including skin tone and type and other profile information you provide
  • Health and medical information including information you choose to provide regarding skin conditions or medications in connection with a product recommendation
  • User content, including your communications with us an any other content you provide (such as social media profiles, photographs, images, survey responses, comments, product reviews, testimonials, and other content)
  • Audio and visual information including photographs, images, videos, and recordings of your voice
  • Inferences drawn from or created based on any of the information identified above for the purposes allowed by law or with your consent. We do not collect or process sensitive Personal Data for the purpose of inferring characteristics

How We Collect Your Personal Data

We collect Personal Data about you from various sources. For example, we collect and obtain information:

  • Directly From You. We collect Personal Data you provide, such as when you make a purchase; register for an account or create a profile; contact us; respond to a survey; interact with us in the spa or clinic; respond to a survey; apply for a job; or sign up to receive emails, text messages, and/or postal mailings.
  • Automated technologies or interactions: As you interact with our website, open or click on emails we send you, or interact with our advertisements, we or third parties we work with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, cookies, server logs and other similar technologies. Please see our Cookie section below for further details.
  • Third parties: We may receive Personal Data about you from various third parties, including:
    • Account Information and Payment Information from another individual when they purchase a gift for you on our website;
    • Device and Usage Data from third parties, including analytics providers such as Google;
    • Account Information and Payment Data from social media platforms when you log in to our website using such social media platforms;
    • Content from communication services, including email providers and social networks, when you give us permission to access your data on such third-party services or networks;
    • Account Information and Payment Data from third parties, including organizations (such as law enforcement agencies), associations and groups, who share data for the purposes of fraud prevention and detection and credit risk reduction; and
    • Account Information, Payment Data, and Financial Data from providers of technical, payment and delivery services. Additionally, if you have given the Company permission to store your payment information, your credit card issuer may provide us with updated Payment Information (including credit card number and expiration date) in connection with the credit card issuer’s account updater service.

If you provide us, or our service providers, with any Personal Data relating to other individuals, you represent that you have the authority to do so and acknowledge that it will be used in accordance with this Policy. If you believe that your Personal Data has been provided to us improperly, or to otherwise exercise your rights relating to your Personal Data, please contact us by using the information set out in the “Contact us” section below.

3. Cookies

What are Cookies?

A cookie is a small file with information that your browser stores on your device. Information in this file is typically shared with the owner of the site in addition to potential partners and third parties to that business. The collection of this information may be used in the function of the site and/or to improve your experience, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

How we use cookies

  • To give you the best experience possible, we use the following types of cookies:
    • Strictly Necessary. As a web application, we require certain necessary cookies to run our services.
    • Preference. We use preference cookies to help us remember the way you like to use our services.
    • Analytics. We collect analytics about the types of people who visit our site to improve our services and products.
    • Marketing. We share cookies with third party advertisers and/or partners to help provide you with a personalized marketing experience.
  • We also allow third party partners to put their own cookies on our website.

How to control your cookies

So long as the cookie is not strictly necessary, you may opt in or out of cookie use at any time. To alter the way in which we collect information from you, visit our Cookie Manager.

Global Privacy Control (“GPC”) is a setting you can enable in your web browser to communicate your privacy preference with respect to ad trackers. For all the details, including how to turn on GPC, visit https://globalprivacycontrol.org/. Please note that this may impact the functionality of our website.

Device and Usage Data

When you visit a Judith Gurley Plastic Surgery & Medical Spa website, we automatically collect and store information about your visit using browser cookies (files which are sent by us to your computer), or similar technology. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help Feature on most browsers will provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. If you do not accept cookies, you may not be able to use some features of our Service and we recommend that you leave them turned on.

We also process information when you use our services and products. This information may include:

  • Device IDs
  • Login information
  • IP Address
  • Time stamps
  • Authentication records
  • Location information
  • Individual Products you view
  • Web terms or searches that led you to the site
  • Time zone
  • Other operational data.

How We Use Your Personal Data

We collect and use personal information for various purposes, including:

  • To deliver your product or service. We use your Personal Data to provide products and services, such as to fulfill your orders and/or complete the transactions you request; to process your payments; to provide you receipts and order updates; to send notifications to you related to your account, purchases, returns, and exchanges; to create, maintain, and otherwise manage your account or profile, including offering functionalities such as easy checkout and the ability to save user preferences and transaction history; and to provide a forum for discussion, asking questions, posting photos and reviews, and sharing experiences.
  • Security and Fraud Prevention. We use Personal Data to detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions; attempts to manipulate or violate our policies, procedures, and terms and conditions; security incidents; and harm to the rights, property, or safety of our users, customers, employees, or others.
  • Core Business Functions. We use Personal Data to support core business functions, including maintaining records related to business process management, loss and fraud prevention, to collect amounts owing to us, to verify or authenticate your identity; and to provide and maintain the functionality of our Sites, including identifying and repairing errors or problems.
  • Marketing and Promotional Purposes. We use Personal Data for marketing and promotional purposes, such as to send marketing, advertising, and promotional communications by email, text message, or postal mail; to show you advertisements for products and/or services tailored to your interests on social media and other websites; and organize events or register attendees and schedule meetings for events.
  • To communicate with you. We use your Personal Data to communicate with you, such as to respond to and/or follow-up on your requests, inquiries, issues, or feedback, and to provide customer service.
  • Legal obligations. We use Personal Data to comply with our legal or regulatory obligations, such as tax and financial record keeping, to establish or exercise our rights, to defend against a legal claim, to manage risk and protect against fraudulent transactions.
  • Analytics and Personalization. We use Personal Data to conduct research and analytics, including to improve our services and product offerings; to understand how you interact with our Sites, advertisements, and communications with you; to determine which of our products or services are the most popular; to improve our Sites, and marketing campaigns; to personalize your experience; to save you time when you visit our Sites; to customize the marketing and advertising that we show you; to create a more personalized experience for you when you visit our stores; to provide services; to better understand our customers’ needs; and to provide personalized recommendations about our products and services.

When we process your Personal Data to provide a product or service, we do so because it is necessary to perform contractual obligations and legitimate business interests. If you fail to provide consent, some services may not be available to you.

International Data Transfer

The Company is located in the United States. By submitting your personal information to us you agree to the transfer, storage, and processing of your personal information in a country other than your country of residence including, but not necessarily limited to, the United States.

How We Disclose Your Personal Information

In addition to the specific situations discussed elsewhere in this privacy policy, we disclose Personal Data to provide you with targeted marketing via advertisements or communications (such as newsletters).For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/ Please note, we will not disclose text messaging opt–in data and consent with any third parties for their marketing purposes.

Legal Requirement

We may use or disclose your Personal Data in order to comply with a legal obligation, in connection with a request from a public or government authority, or in connection with court or tribunal proceedings, to prevent loss of life or injury, or to protect our rights or property.

Service Providers and Other Third Parties

We may use a third-party service provider, independent contractors, agencies, or consultants to deliver and help us improve our products and services. We may share your Personal Data with marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others to maintain and improve our products and services. For further information on the recipients of your Personal Data, please contact us by using the information in the “Contacting us” section below.

Social Media Platforms and Networks.

Our Sites may have features such as, plugins, widgets, and/or other tools made available by social media platforms and networks that may result in information being collected or disclosed between us and such parties. Their use of your information is not governed by this privacy policy.

Transfer of Control.

We may disclose Personal Data with another company that buys some, or all, of Our assets, and that company may use and disclose Personal Data for purposes similar to what is described in this policy. We may also disclose personal information with prospective purchasers to evaluate the proposed transaction.

Other Instances.

We may ask if you would like us to disclose your Personal Data with other third parties who are not described elsewhere in this privacy policy.

4. Retention & Deletion

We will only retain your Personal Data for as long as necessary for the purpose for which that data was collected and to the extent required by applicable law. Please note that in many situations we must retain all, or a portion, of your Personal Data to comply with our legal obligations; resolve disputes; enforce our agreements; protect against fraudulent, deceptive, or illegal activity; or for another one of our business purposes.

5. Merger or Acquisition

If we are involved in a merger, acquisition or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy. Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

6. How We Keep Your Data Safe

We realize that individuals trust us to protect their personal information. We maintain reasonable and appropriate physical, electronic, and procedural safeguards designed to help protect your personal information.  While we attempt to protect your Personal Data in our possession, no method of transmission over the internet or security system is perfect, and we cannot promise that information about you will remain secure in all circumstances.

For your convenience, our Sites include functionality that allows you to remain logged in so that you do not have to re-enter your password each time you want to access your account. If you choose to remain logged in, you should be aware that anyone with access to your device will be able to access and make changes to your account and may be able to make purchases through your account. For that reason, if you choose to remain logged in, we strongly recommend that you take appropriate steps (such as enabling the “Passcode Lock” security feature on your mobile device) to protect against unauthorized access to, and use, of your account. Please also notify us as soon as possible if you suspect any unauthorized use of your account or password.

7. Children’s Privacy

Our Sites are not intended for or directed to children under the age of 14. We do not knowingly collect personal information directly from children under the age of 14 without parental consent. If we become aware that a child under the age of 14 has provided us with personal information, we will delete the information from our records.

8. Your Rights for Your Personal Data

Consistent with applicable law, you may exercise the rights described in this section. Please note that some of the rights may vary depending on your country, province, or state of residence.  These rights may include:

  • Right to Access, Correct, and Delete Personal Information
    • You have the right to learn whether we are processing your Personal Data and to request a copy of the Personal Data we are processing about you.
    • You have the right to have incomplete or inaccurate Personal Data that we process about you rectified.
    • You have the right to request that we delete Personal Data that we process about you, unless we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
  • Right to Opt Out of Cookies and Sale/Sharing Using Online Tracking Technologies
    • You have the right to opt out of the processing of your Personal Data for purposes of: (1) Targeted advertising; (2) The sale of Personal Data; and/or (3) Profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. Under CPRA, you have the right to opt out of the sharing of your Personal Data to third parties and our use and disclosure of your Sensitive Personal Data to uses necessary to provide the products and services reasonably expected by you.
    • Our use of online tracking technologies may be considered a “sale” / “sharing” under applicable law. Visitors to our US website can opt out of being tracked by these third parties by clicking the “Do Not Sell or Share My Personal Information” link at the bottom of our website.
  • Nondiscrimination and nonretaliation
    • You have the right not to be denied service or have an altered experience for exercising your rights.
  • File an Appeal
    • You have the right to file an appeal based on our response to you exercising any of these rights.
  • Withdrawing Consent
    • If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to opt out from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us using the information found at the bottom of this page.

How to Exercise Your Rights

You can make a request to exercise any of these rights in relation to your Personal Data by sending the request to our privacy team by using the form below or emailing us at hello@judithgurley.com.

For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information.

9. Changes to this Policy

We may modify this Policy at any time. If we make changes to this Policy then we will post an updated version of this Policy at this website. When using our services, you will be asked to review and accept our Privacy Policy. In this manner, we may record your acceptance and notify you of any future changes to this Policy.

10. Contact Us

To request a copy for your information, unsubscribe from our email list, request for your data to be deleted, or ask a question about your data privacy, we’ve made the process simple:

To contact us, please email hello@judithgurley.com

Write to us at:

Data Privacy Officer of Gurley Glow
14825 North Outer 40 Road Suite 350
Chesterfield, Missouri, 63017

Additional Information for California Residents

California law requires us to disclose the following additional information with respect to our privacy practices. If you are a California resident, this section applies to you in addition to the rest of the privacy policy.

California Shine the Light. Customers who are residents of California may request to prevent the disclosure of Personal Data to third parties for their direct marketing purposes. If you would like to exercise this right, please submit your request to us at the “Do Not Sell or Share My Personal Information” link at the bottom of the page.

California’s “Eraser Button” Law. If you are a California resident under 18 years old and a registered user of the Sites, you can request that we remove content or information that you have posted to our Sites. Fulfillment of the request may not ensure complete or comprehensive removal (e.g., if the content or information has been reposted by another user). To request removal of content or information, please contact us at hello@judithgurley.com

Categories of Personal Data We Collect and Our Purposes for Collection and Use. You can find a list of the categories of Personal Data that we collect in the “What Personal Data We Collect” section above. For details regarding the sources from which we obtain personal information, please see the “How We Collect Your Personal Data” section above. We collect and use Personal Data for the business or commercial purposes described in the “How We Use Your Personal Data” section above.

Categories of Personal Data Disclosed and Categories of Recipients We disclose the following categories of personal information for business or commercial purposes to the categories of recipients listed below:

  • We disclose Basic Identifying Information with businesses, service providers, and third parties, such as advertising networks, analytics and social media networks.
  • We disclose Device Information and Other Unique Identifiers with businesses, service providers, and third parties, such as advertising networks, analytics, and social media networks.
  • We disclose Internet or Other Network Activity with businesses, service providers, and third parties, such as advertising networks, analytics, and social media networks.
  • We disclose Geolocation Data with businesses, service providers, and third parties such as advertising networks, analytics, and social media.
  • We disclose Payment Information with businesses and service providers who process payments.
  • We disclose Commercial Information with businesses, service providers, and third parties, such as advertising networks, analytics, and social media networks.
  • We disclose Health and Medical Information you choose to provide regarding skin conditions or medications to help make product recommendations.
  • We disclose User Content with businesses and service providers who help administer our programs, such as product reviews and social media networks.
  • We disclose Audio and Visual Information with businesses and service providers who help administer customer service and fraud or loss prevention services.
  • We disclose Inferences with businesses and service providers who help administer marketing and personalization.

For more information on how your information is disclosed, please see the “How We Disclose Your Personal Data” section, which provides more detail on our business partners, service providers and third parties. We may also need to disclose any of the above categories of information pursuant to Legal Process or as a result of a “Merger or Acquisition” as described above. As stated in the “Your Rights” section above, we typically retain your personal information for the period necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required or permitted by law.

Last Updated: 10/30/2025