Cosmo Medispa
Book

Privacy

Privacy Policy.

Last updated · 20 April 2026

Draft — replace before launch

This document is a template. It must be reviewed and replaced with lawyer-approved copy tailored to Cosmo Medispa before the site goes live.

Cosmo Medispa ("we", "us", "our") is committed to protecting your personal information. This policy explains what we collect, why we collect it, and how we handle it — in line with the Australian Privacy Act 1988 and the Australian Privacy Principles.

Information we collect

We collect information you provide when you:

  • Book a consultation or treatment (name, contact details, treatment history).
  • Complete a consent or medical-history form.
  • Purchase a gift card or package.
  • Contact us by phone, email, or through social media.
  • Visit our website (analytics, cookies, device and browser data).

Some information is sensitive health information. We only collect it when it is directly relevant to assessing treatment suitability and only with your explicit consent.

How we use your information

Your information is used to:

  • Deliver safe, appropriate treatments and aftercare.
  • Manage your bookings, payments and client records.
  • Contact you about upcoming appointments, reminders, and care advice.
  • Send marketing communications only when you have opted in, and with an easy opt-out in every message.
  • Improve our services and the performance of our website.

Cookies and analytics

Our website uses cookies and similar technologies to remember preferences and measure performance. We may use tools such as Google Analytics and Meta (Facebook) Pixel to understand traffic and the effectiveness of our advertising. You can disable cookies in your browser settings — some site features may not work as expected if you do.

Third parties we work with

We share the minimum necessary information with trusted service providers that help us run the clinic:

  • Fresha — for bookings, payments and client records.
  • Payload CMS, Vercel and Vercel Blob — for hosting and content.
  • Google Analytics and Meta — for website analytics and advertising attribution.

These providers are bound by their own privacy obligations. We do not sell your personal information.

How we store and protect your information

Client records are stored in access-controlled systems. We use industry standard security practices and keep sensitive health information only for as long as it is required for treatment, legal, or insurance purposes.

Access, correction and complaints

You may request access to the personal information we hold about you, request a correction, or lodge a privacy complaint by emailing info@cosmomedispa.com. We will respond within a reasonable time.

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of the page shows when the latest version took effect.

Chat with us on Messenger