Menu
Request consultation
Menu

Privacy Policy

PRIVACY POLICY

The Drapery Spa

Effective Date: 01/01/2026

1. INTRODUCTION & SCOPE

The Drapery Spa (“Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting personal information you provide when you:

  • Visit our website (thedraperyspa.com)
  • Submit a consultation request or intake form
  • Communicate with us via email, phone, or other channels
  • Schedule or receive services
  • Interact with our business in any capacity

This Privacy Policy explains what information we collect, how we use it, with whom we share it, and your rights regarding your personal information.

BY USING OUR WEBSITE, SUBMITTING INFORMATION, OR ENGAGING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AS DESCRIBED HEREIN.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us, which may include:

Contact Information:

  • Full name (first and last)
  • Email address
  • Phone number (mobile and/or landline)
  • Mailing address
  • Service address (if different from mailing address)

Project Information:

  • Number of rooms requiring service
  • Preferred service timeframe
  • How you heard about us (referral source)
  • Property type (primary residence, secondary residence, investment property)
  • General description of service needs or concerns

Communication Records:

  • Content of emails, messages, or other communications with Company
  • Notes from phone conversations
  • Consultation notes and assessments
  • Service history and preferences

Financial Information:

  • Payment method information (processed through secure third-party payment processors)
  • Billing address
  • Invoice and payment records

2.2 Information We Do NOT Collect Through Website Forms

We do NOT collect the following through our website or initial intake forms:

  • Photographs of your property or textiles
  • Detailed measurements or specifications
  • Detailed fabric information or technical data
  • Sensitive personal information (social security numbers, financial account details, health information, etc.)

Such information may be collected during in-home consultation only if necessary for service delivery.

2.3 Automatically Collected Technical Information

When you visit our website, we may automatically collect limited technical information, including:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent on pages
  • Referring website or source
  • Date and time of access
  • General geographic location (city/state level, not precise location)

This information is collected through standard web server logs, cookies, and similar technologies and does not personally identify you unless combined with personal information you provide.

2.4 Cookies & Tracking Technologies

Our website may use cookies, web beacons, pixels, or similar tracking technologies to:

  • Remember your preferences
  • Improve website functionality and user experience
  • Analyze website traffic and usage patterns
  • Support security and fraud prevention

You may disable cookies through your browser settings. However, some website features may not function properly if cookies are disabled.

We do not use cookies to collect personally identifiable information unless you voluntarily provide it through forms or other means.

2.5 Third-Party Analytics

We may use third-party analytics services (such as Google Analytics or similar tools) to understand how visitors use our website. These services may collect information about your use of our website and other websites over time.

We do not control how third-party analytics providers use information they collect. We encourage you to review the privacy policies of any third-party services.

3. HOW WE USE YOUR INFORMATION

3.1 Legitimate Business Purposes

We use the information we collect for legitimate business purposes, including but not limited to:

Service Delivery & Operations:

  • Reviewing and evaluating consultation requests
  • Determining whether a project aligns with our services, standards, and capabilities
  • Scheduling consultations and service appointments
  • Communicating regarding service recommendations, pricing, and timelines
  • Performing services and fulfilling contractual obligations
  • Processing payments and managing billing
  • Maintaining service records and client history

Communication & Customer Service:

  • Responding to inquiries, questions, or requests
  • Providing updates regarding scheduled services
  • Sending service-related notifications or reminders
  • Addressing concerns or resolving disputes

Business Administration:

  • Internal recordkeeping and documentation
  • Quality control and performance evaluation
  • Training and staff development
  • Legal compliance and regulatory requirements
  • Protecting our rights and interests
  • Enforcing our Terms & Conditions

Marketing & Business Development (with limitations):

  • Sending occasional updates, newsletters, or promotional materials (only with consent and with easy opt-out)
  • Improving our services and developing new offerings
  • Understanding client preferences and market trends

3.2 Legal Basis for Processing (where applicable)

Where required by law, our legal basis for collecting and using personal information includes:

  • Consent: You have provided express consent for specific uses
  • Contract Performance: Processing is necessary to fulfill our service agreement with you
  • Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., improving services, preventing fraud)
  • Legal Obligation: Processing is required to comply with applicable laws or regulations

4. CONSULTATION REQUESTS & NO GUARANTEE OF SERVICE

4.1 Consultation Request Policy

Submission of a consultation request through our website or intake forms does NOT:

  • Guarantee acceptance of your project
  • Guarantee scheduling of consultation
  • Create any obligation for The Drapery Spa to provide services
  • Establish a client relationship or service agreement

4.2 Company Discretion to Decline

The Drapery Spa reserves SOLE AND ABSOLUTE DISCRETION to:

  • Determine whether a project aligns with our service offerings, standards, operational scope, and business practices
  • Decline to schedule consultation for any reason or no reason
  • Decline to provide services after consultation for any reason or no reason
  • Discontinue communication at any time without explanation

By submitting a consultation request, you acknowledge and accept that The Drapery Spa owes no duty to accept your project, schedule consultation, or proceed with services, and that submission of your information creates no enforceable obligation on Company.

4.3 Complimentary Consultations

Consultations are provided complimentary as a professional courtesy and project evaluation opportunity.

Complimentary consultations:

  • Create NO obligation for The Drapery Spa to provide services
  • May result in service recommendations that you are not obligated to accept
  • Do not guarantee that services will be offered or performed

4.4 Retention of Consultation Request Information

Information submitted through consultation requests will be retained for reasonable business purposes, including:

  • Evaluation and consideration of your project
  • Future reference if you submit additional requests
  • Business records and documentation
  • Legal compliance and dispute resolution

You may request deletion of your information subject to our legitimate business needs and legal obligations (see Section 10).

5. IN-HOME CONSULTATION & SERVICE DOCUMENTATION

5.1 Photography & Documentation During Service

During in-home consultations or service appointments, The Drapery Spa may:

  • Take photographs or videos of textiles, installations, hardware, and related elements
  • Create written notes, measurements, and assessments
  • Document conditions, issues, or concerns for recordkeeping
  • Take before/after photographs for quality control and verification

5.2 Purpose of Documentation

All documentation is created solely for legitimate business purposes, including:

  • Professional assessment and evaluation
  • Service planning and method determination
  • Quality control and verification of results
  • Recordkeeping and dispute resolution
  • Training and educational purposes (internal only)
  • Evidence in the event of claims or disputes

5.3 Use of Client Images & Property Photos

We will NOT use photographs, videos, or images of your property, textiles, or installations for marketing, advertising, promotional materials, social media, or any public-facing purposes WITHOUT YOUR EXPRESS WRITTEN CONSENT.

Exception: Non-identifying detail shots, close-ups of fabric texture, or anonymized images that do not reveal your property’s identity, location, or distinguishing features may be used without specific consent for portfolio or educational purposes.

5.4 Security of Documentation

All photographs, videos, and written documentation are:

  • Stored securely with access limited to authorized personnel
  • Protected with reasonable administrative and technical safeguards
  • Retained only as long as necessary for business purposes
  • Subject to our data retention and deletion policies

6. INFORMATION SHARING & DISCLOSURE

6.1 We Do NOT Sell or Rent Personal Information

The Drapery Spa does NOT and will NOT:

  • Sell your personal information to third parties
  • Rent or lease your personal information to third parties
  • Trade or exchange your personal information for value
  • Use your information for purposes unrelated to our services without consent

6.2 Authorized Sharing with Service Providers

We may share your personal information with trusted third-party service providers who assist with business operations, including but not limited to:

  • Scheduling & Calendar Tools: For appointment management
  • Payment Processors: For secure payment processing (e.g., Stripe, Square, PayPal)
  • Email & Communication Platforms: For client communication and marketing (e.g., email service providers)
  • Website Hosting & Form Platforms: For website operation and form processing
  • Accounting & Invoicing Software: For financial management and recordkeeping
  • CRM & Database Systems: For client relationship management

All third-party service providers are:

  • Contractually required to maintain confidentiality
  • Permitted to use information ONLY for purposes of providing services to us
  • Subject to security and privacy obligations
  • Prohibited from using information for their own purposes

6.3 Sharing Within Company

Your information may be accessed by:

  • Authorized employees of The Drapery Spa
  • Independent contractors or subcontractors performing services on our behalf
  • Authorized representatives acting under our direction

All personnel are required to maintain confidentiality and use information only for legitimate business purposes.

6.4 Legal Disclosures & Compliance

We may disclose your information when required or permitted by law, including:

  • Legal Process: In response to subpoenas, court orders, legal process, or government requests
  • Law Enforcement: When required to comply with law enforcement or regulatory investigations
  • Legal Rights Protection: To protect our rights, property, safety, or the rights and safety of others
  • Fraud Prevention: To detect, prevent, or address fraud, security issues, or illegal activity
  • Contract Enforcement: To enforce our Terms & Conditions or other agreements
  • Business Transfers: In connection with merger, acquisition, sale of assets, or bankruptcy (with confidentiality obligations maintained)

6.5 Disclosure with Your Consent

We may share your information with third parties when you provide express consent or direction to do so.

7. DATA SECURITY & PROTECTION

7.1 Security Measures

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, disclosure, alteration, or destruction, including:

  • Secure data storage systems
  • Access controls and authentication
  • Encryption for sensitive data transmission
  • Regular security assessments and updates
  • Employee training on data protection practices
  • Contractual obligations with third-party processors

7.2 No Guarantee of Absolute Security

While we take reasonable steps to protect your information, no method of transmission over the Internet or electronic storage is 100% secure.

We cannot and do not guarantee absolute security of your information. You acknowledge and accept the inherent risks of transmitting information electronically and using online services.

7.3 Your Responsibility

You are responsible for:

  • Maintaining confidentiality of any account credentials
  • Using secure Internet connections when transmitting sensitive information
  • Notifying us immediately of any suspected unauthorized access or security breach
  • Taking reasonable precautions to protect your own information

8. DATA RETENTION & DELETION

8.1 Retention Period

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including:

  • Duration of active client relationship
  • Reasonable period following service completion for recordkeeping and quality assurance
  • Period required by applicable laws, regulations, or legal obligations
  • Period necessary to resolve disputes, enforce agreements, or protect legal rights

8.2 Retention Criteria

Retention periods vary based on:

  • Type of information collected
  • Nature of services provided
  • Legal and regulatory requirements (e.g., tax records, business records)
  • Legitimate business needs (e.g., warranty claims, dispute resolution)

Typical retention periods include:

  • Active client records: Duration of relationship plus 3-7 years
  • Consultation requests (not converted to service): 2-5 years
  • Financial records: 7 years (tax compliance requirement)
  • Service documentation & photos: 3-7 years post-service
  • Marketing communications: Until opt-out or unsubscribe

8.3 Secure Deletion

When personal information is no longer needed, we:

  • Securely delete or destroy records containing personal information
  • Anonymize data where possible for aggregate analysis or business purposes
  • Ensure that third-party service providers also delete information per contractual obligations

9. MARKETING COMMUNICATIONS & OPT-OUT

9.1 Marketing Emails

If you provide consent, we may send occasional marketing communications, including:

  • Service updates or new offerings
  • Educational content or tips
  • Company news or announcements
  • Promotional offers (rare and targeted)

9.2 Opt-Out Rights

You may opt out of marketing communications at any time by:

  • Clicking “unsubscribe” link in any marketing email
  • Replying to any marketing email with “UNSUBSCRIBE”
  • Contacting us directly at legal@thedraperyspa.com
  • Indicating your preference during consultation or service

Opting out of marketing does NOT affect:

  • Transactional or service-related communications (e.g., appointment confirmations, invoices)
  • Communications necessary to fulfill services or contracts
  • Legal notices or required disclosures

9.3 No Sale of Marketing Lists

We do NOT sell, rent, or share our client list or contact information with third-party marketers.

10. YOUR PRIVACY RIGHTS

10.1 Access to Your Information

You have the right to request:

  • Confirmation of whether we hold personal information about you
  • Access to personal information we have collected
  • Information about how we use and share your data

10.2 Correction of Inaccurate Information

You may request correction or update of inaccurate or incomplete personal information.

10.3 Deletion of Your Information

You may request deletion of your personal information, subject to:

  • Our legal obligations to retain certain records (e.g., tax, business, dispute resolution)
  • Legitimate business needs (e.g., enforcement of agreements, protection of rights)
  • Technical limitations on immediate deletion from backup systems

We will make reasonable efforts to delete information where legally and operationally feasible.

10.4 Restriction or Objection to Processing

Where applicable under law, you may:

  • Request restriction of certain processing activities
  • Object to processing based on legitimate interests
  • Withdraw consent where processing is based on consent

10.5 Submitting Privacy Requests

To exercise your privacy rights, contact us at:

Email: legal@thedraperyspa.com
Subject Line: “Privacy Rights Request”

Include in your request:

  • Your full name
  • Contact information (email and phone)
  • Specific right you wish to exercise
  • Details to help us locate your information
  • Verification information to confirm your identity

We will respond to verified requests within a reasonable timeframe as required by applicable law (typically 30-45 days).

10.6 Verification of Identity

To protect your privacy and security, we may require verification of your identity before fulfilling privacy requests. This may include:

  • Matching information in your request to information we have on file
  • Requesting additional identifying information
  • Confirming through previously used communication channels

11. CHILDREN’S PRIVACY

The Drapery Spa does not knowingly collect personal information from individuals under the age of 18.

Our services are directed to adults, and our website is not intended for use by children.

If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

12. THIRD-PARTY WEBSITES & SERVICES

12.1 Links to Third-Party Sites

Our website may contain links to third-party websites, services, or resources (e.g., social media platforms, payment processors, scheduling tools).

We are NOT responsible for the privacy practices, content, or security of third-party websites or services.

We encourage you to review the privacy policies of any third-party sites you visit.

12.2 Third-Party Integrations

We may use third-party tools or integrations (e.g., Google Analytics, social media widgets, payment processors) that may collect information independently.

We do not control third-party data collection practices. Refer to third-party privacy policies for information about their practices.

13. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

Right to Know: Request disclosure of personal information collected, used, shared, or sold

Right to Delete: Request deletion of personal information (subject to exceptions)

Right to Opt-Out of Sale: Opt out of “sale” of personal information (Note: We do NOT sell personal information)

Right to Non-Discrimination: Receive equal service and pricing regardless of exercising privacy rights

Right to Correct: Request correction of inaccurate personal information

Right to Limit Use of Sensitive Information: Limit use of sensitive personal information (Note: We do not collect sensitive personal information as defined by CCPA)

To exercise California privacy rights, contact us at: legal@thedraperyspa.com with “California Privacy Request” in the subject line.

14. TEXAS & U.S. PRIVACY COMPLIANCE

This Privacy Policy is designed to comply with:

  • Texas state privacy and consumer protection laws
  • Federal laws including CAN-SPAM Act, Telephone Consumer Protection Act (TCPA), and other applicable regulations
  • Industry best practices for service-based businesses

We do not knowingly collect sensitive personal data beyond what is necessary and appropriate for providing professional services.

15. INTERNATIONAL DATA TRANSFERS

The Drapery Spa operates in the United States and processes information primarily within the United States.

If you are located outside the United States and provide information to us, please be aware that:

  • Your information will be transferred to and processed in the United States
  • U.S. privacy laws may differ from those in your jurisdiction
  • By providing information, you consent to transfer and processing in the United States

16. CHANGES TO THIS PRIVACY POLICY

16.1 Right to Modify

We reserve the right to modify, update, or change this Privacy Policy at any time to reflect:

  • Changes in our business practices
  • Legal or regulatory requirements
  • Technological developments
  • Improvements to privacy protections

16.2 Notice of Changes

When we make material changes to this Privacy Policy, we will:

  • Update the “Effective Date” at the top of this policy
  • Post the revised policy on our website
  • Provide notice through our website or via email (for material changes affecting your rights)

16.3 Continued Use Constitutes Acceptance

Your continued use of our website or services following posting of changes constitutes acceptance of the revised Privacy Policy.

We encourage you to review this Privacy Policy periodically.

17. CONTACT INFORMATION & QUESTIONS

For questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact:

The Drapery Spa
Privacy & Legal Inquiries
Email: legal@thedraperyspa.com
Phone: 972-809-9816

We will respond to privacy inquiries within a reasonable timeframe.

18. DISPUTE RESOLUTION

Any disputes arising from or relating to this Privacy Policy or our privacy practices shall be resolved in accordance with the dispute resolution provisions outlined in our Terms & Conditions, including binding arbitration and class action waiver provisions.

19. SEVERABILITY

If any provision of this Privacy Policy is found to be invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect.

Last Updated: 01/2026
Version: 2.0

BY USING OUR WEBSITE, SUBMITTING INFORMATION, OR ENGAGING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREED TO THIS PRIVACY POLICY.