ServicesService AreasAboutBlogFAQHome
← Back to Home
Legal

Privacy Policy

Effective Date: January 1, 2025  ·  Last Updated: April 2025  ·  Payton C LMT, Centerville, Ohio 45459
This Privacy Policy describes how Payton C LMT ("we," "us," "our," or "Payton") collects, uses, stores, shares, and protects personal information obtained through our website (paytonclmt.com), booking systems, and related services. We are committed to protecting your privacy and handling your personal information with transparency, care, and respect. By using our website or services, you consent to the practices described in this policy.
📋 Table of Contents
  1. Who We Are
  2. Information We Collect
  3. Health & Medical Information
  4. How We Use Your Information
  5. Legal Basis for Processing
  6. Information Sharing & Third Parties
  7. Payment Processing
  8. Cookies & Tracking Technologies
  9. Data Security
  10. Data Retention
  11. Your Privacy Rights
  12. Children's Privacy
  13. Third-Party Links
  14. California Privacy Rights (CCPA)
  15. Changes to This Policy
  16. Contact & Data Requests

01 Who We Are

Payton C LMT is a licensed clinical massage therapy practice operating as a sole proprietorship in Centerville, Ohio. We provide mobile massage therapy services throughout the Greater Dayton, Ohio area, including Centerville, Beavercreek, Kettering, Oakwood, Dayton, Miamisburg, Springboro, and Bellbrook.

Data Controller: Payton C LMT
Location: Centerville, Ohio 45459
Phone:937-907-0340
Email:[email protected]
Website:paytonclmt.com

As a healthcare-adjacent service provider, we treat all client information — especially health-related data — with the highest degree of confidentiality and professional responsibility consistent with applicable Ohio law and professional ethics standards of the American Massage Therapy Association (AMTA).

02 Information We Collect

We collect the following categories of personal information:

Information You Provide Directly

  • Identity information: First name, last name
  • Contact information: Email address, phone number, home or business address (for service delivery)
  • Health & medical information: Conditions, injuries, medications, allergies, and other health data provided on intake and pre-assessment forms (see Section 3)
  • Appointment information: Preferred dates, times, service types, session notes, special requests
  • Communication records: Emails, texts, or phone messages exchanged with Payton

Information Collected Automatically

  • Device and browser information: Browser type, operating system, device type, screen resolution
  • Log data: IP address, pages visited, time spent on pages, referring URLs, click paths
  • Cookies and similar technologies: Session cookies, preference cookies (see Section 8)

Information from Third Parties

  • Booking platforms: When you book through Square Appointments, Square may share your appointment details and basic contact information with us to facilitate your booking
  • Payment processors: Stripe may share transaction confirmation data (not full card numbers) to verify payment completion
We do not buy, rent, or acquire personal data from data brokers or marketing lists. All personal information we hold comes directly from your interactions with us or our authorized service partners.

03 Health & Medical Information

As a licensed clinical massage therapist, Payton collects health and medical information solely to provide safe, effective, and personalized therapeutic services. This information is treated with the highest level of confidentiality.

What We Collect

  • Current and past medical conditions, diagnoses, or chronic conditions
  • Recent surgeries, injuries, or physical limitations
  • Current medications, supplements, or allergies (including topical allergies)
  • Pregnancy status
  • Areas of pain, tension, or sensitivity
  • Goals for the session and previous massage history

How We Protect Health Information

  • Health intake forms are transmitted securely and stored in access-controlled systems
  • Health data is never sold, shared, or disclosed to third parties without your explicit written consent, except as required by law (e.g., court order, mandatory reporting obligation)
  • Paper intake forms, if used, are stored in a locked location and shredded securely when no longer needed
  • Electronic health records are protected with password-controlled access and encrypted storage
Please note: Payton C LMT is not a covered entity under HIPAA (Health Insurance Portability and Accountability Act) as we do not submit claims to health insurance. However, we voluntarily uphold HIPAA-equivalent standards for handling all health-related client information.

04 How We Use Your Information

We use the personal information we collect for the following specific purposes:

PurposeTypes of Data Used
Scheduling and confirming appointmentsName, contact info, address, appointment details
Providing safe, personalized massage therapyHealth data, session preferences, intake form responses
Processing payments and managing depositsPayment confirmation data via Stripe/Square
Sending appointment confirmations and remindersEmail, phone number, appointment details
Enforcing our cancellation and refund policyAppointment records, payment data
Responding to inquiries and communicationsName, contact info, message content
Improving our website and servicesAnonymized usage data, cookies, log data
Complying with legal obligationsAny data required by applicable law
Maintaining client records for continuity of careHealth data, session notes, appointment history

We do not use your personal information for: unsolicited marketing to third parties, behavioral advertising targeting, selling data to advertisers, or any purpose not listed above.

06 Information Sharing & Third Parties

We do not sell, rent, or trade your personal information. We share information only in the following limited circumstances:

Authorized Service Providers

  • Square (Appointments & Payments): Used to manage online booking and process payments. Square has its own privacy policy and data practices. View at squareup.com/legal/privacy
  • Stripe (Payment Processing): Used for secure deposit processing. Stripe is PCI DSS Level 1 certified. View at stripe.com/privacy
  • Google (Calendar & Email): Appointment confirmations may be processed through Google Workspace. View at policies.google.com/privacy
  • Web hosting provider: Your data may pass through our hosting infrastructure. All hosting uses industry-standard security controls.

Legal Disclosures

We may disclose personal information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect the rights, property, or safety of Payton C LMT, our clients, or others.

Business Transfers

In the unlikely event of a business sale, merger, or acquisition, client data may be transferred as part of the transaction. You will be notified in advance via email and/or a prominent notice on our website, and you will have the right to request deletion of your data before any transfer occurs.

We never share your health information with employers, insurance companies, third-party marketers, or any party not directly involved in providing your massage therapy services.

07 Payment Processing

All payment processing is handled exclusively by Stripe and Square — industry-leading, PCI DSS-compliant payment processors. Payton C LMT does not store, process, or have access to your full credit or debit card numbers at any time.

  • Card data is encrypted at point of entry and transmitted directly to the payment processor via secure TLS connections
  • We receive only a transaction confirmation token and the last four digits of your card for reference
  • Deposits are charged at time of booking; balances are due at time of service
  • All payment disputes are handled in accordance with our cancellation policy (see Terms of Service) and the policies of the relevant payment processor

08 Cookies & Tracking Technologies

Our website uses cookies and similar technologies to operate and improve the site. Cookies are small text files stored on your device.

Types of Cookies We Use

Cookie TypePurposeDuration
EssentialRequired for the site to function (e.g., session state, security)Session
FunctionalRemember your preferences (e.g., language, browser settings)Up to 1 year
AnalyticsUnderstand how visitors use the site (e.g., pages visited, time on site). Data is anonymized where possible.Up to 2 years
Third-partySet by Square and Stripe booking widgets embedded on this siteVaries

You can control cookies through your browser settings. Most browsers allow you to refuse, delete, or block cookies. Please note that disabling certain cookies may affect the functionality of our booking system.

We do not use cookies for behavioral advertising, remarketing, or selling your browsing data to third parties.

09 Data Security

We implement industry-standard technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction:

  • Encryption in transit: All data transmitted between your browser and our website uses TLS (HTTPS) encryption
  • Access controls: Client data is accessible only to Payton and authorized service providers on a need-to-know basis
  • Password security: All systems and accounts are protected with strong, unique passwords and multi-factor authentication where supported
  • Secure payment processing: Payment data is handled exclusively by PCI DSS-compliant processors (Stripe and Square)
  • Physical security: Any physical records (e.g., printed intake forms) are stored in locked storage and destroyed securely when no longer needed
  • Incident response: In the event of a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours of discovery, as required by applicable law
No method of data transmission or storage is 100% secure. While we take every reasonable precaution to protect your information, we cannot guarantee absolute security. If you believe your information may have been compromised, please contact us immediately at 937-907-0340.

10 Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations:

Data TypeRetention PeriodReason
Client contact information5 years after last appointmentBusiness records, continuity of care
Health intake and session records7 years after last appointmentProfessional liability, Ohio record-keeping standards
Payment and transaction records7 yearsTax and legal compliance (IRS requirements)
Appointment communications (email/text)3 yearsDispute resolution, continuity of service
Website analytics data26 months (anonymized)Website improvement
Inquiry and contact form data2 yearsFollow-up and dispute resolution

Upon expiration of the applicable retention period, personal data is securely deleted or anonymized. You may request early deletion of your data subject to legal retention requirements (see Section 11).

11 Your Privacy Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

Right to Access

You have the right to request a copy of the personal information we hold about you, including what data we have, where it came from, how we use it, and who we share it with.

Right to Correction

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

Right to Deletion ("Right to be Forgotten")

You have the right to request that we delete your personal information, subject to certain exceptions (such as legal retention requirements or ongoing contractual obligations).

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal information in certain circumstances (e.g., while you contest the accuracy of data we hold).

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format for transfer to another provider.

Right to Object

You have the right to object to processing of your personal information where we rely on legitimate interests as the legal basis, or where processing is for direct marketing purposes.

Right to Withdraw Consent

Where we process your data based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, contact us at 937-907-0340 or in writing at the address below. We will respond within 30 days and will not charge a fee for reasonable requests. We may need to verify your identity before processing your request.

Non-Discrimination

We will never discriminate against you for exercising your privacy rights. Exercising your rights will not result in denial of services, different pricing, or any other adverse treatment.

12 Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If a parent or guardian believes their minor child has provided us with personal information, please contact us immediately at 937-907-0340 and we will delete that information promptly.

Massage therapy services for minors require a parent or guardian to be present during the session and to sign the consent and health intake forms on behalf of the minor. Health information for minor clients is subject to the same protections described in Section 3.

14 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: The categories and specific pieces of personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions
  • Right to Opt-Out: Opt out of the sale or sharing of personal information — we do not sell or share your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit Use of Sensitive Personal Information: Limit our use of sensitive personal information (such as health data) to necessary service delivery purposes only
  • Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights

To exercise your California privacy rights, contact us at 937-907-0340. We will respond within 45 days as required by law.

Do Not Sell or Share My Personal Information: We confirm that we do not sell, share, or rent your personal information to third parties for monetary or other valuable consideration as defined under California law.

15 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or for other operational reasons. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Post a prominent notice on our homepage for at least 30 days
  • Where feasible and required by law, notify you directly via email or text

Your continued use of our website or services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you disagree with any changes, you may contact us to request deletion of your personal information or to discontinue services.

We encourage you to review this policy periodically. The most current version is always available at paytonclmt.com/privacy-policy.

16 Contact & Data Requests

For any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us using the information below. All privacy requests will be acknowledged within 5 business days and resolved within 30 days (or 45 days for California residents).

Privacy Inquiries

Contact Payton C LMT

For data access, correction, deletion requests, or any privacy-related questions, reach us directly.

Payton C LMT
Centerville, Ohio 45459
📞 937-907-0340
✉️ [email protected]
🌐 paytonclmt.com
📞 937-907-0340✉️ Email us← Back to Home