Privacy
Effective draft: June 4, 2026. This page is written for Maison Aphrodite's launch but should be reviewed by Aruba counsel and your licensed clinical lead before going live.
Maison Aphrodite is a beauty and wellness concept in Aruba. This website is for beauty, wellness, booking, and client-care operations. It is not intended for emergency care, diagnosis, or treatment of disease. If you have a medical concern, contact a licensed healthcare professional or emergency services.
Contact details will be updated before launch. Current booking follow-up is planned through email and WhatsApp at +297 564 3604.
Booking information may include your name, email, phone number, selected service, appointment time, first-time status, and optional glow goals or notes. CRM records may include intake answers, consent records, treatment notes, appointment history, product usage, payment completion status, and private before/after photos when you choose to provide them.
We use personal information to respond to booking requests, prevent double bookings, prepare appointments, complete intake and consent, maintain client records, manage inventory used during appointments, send reminders, follow up through email or WhatsApp, and improve Maison Aphrodite operations.
Some intake, suitability, treatment, or photo records may be sensitive. Maison Aphrodite stores these records privately, limits CRM access by role, and separates private record consent from optional marketing/gallery consent.
Depending on the situation, processing may be based on your request to book services, consent, legitimate business operations, legal obligations, and the need to maintain accurate appointment and safety records. Marketing and public gallery use require separate opt-in permission.
We do not sell personal information. We may use service providers for website hosting, database/storage, email delivery, deployment, security, and business operations. Current planned processors include Supabase, Netlify, GitHub, and an email provider such as Resend when configured.
Maison Aphrodite is based in Aruba and serves tourists and locals. If you visit from the European Economic Area, United Kingdom, or another jurisdiction with additional privacy rights, we aim to handle your data using GDPR-style transparency, purpose limitation, consent, security, and rights-request practices.
Booking records, consent records, appointment notes, and photo records are retained only as long as needed for operations, legal obligations, dispute handling, client continuity, and safety. Marketing permissions can be withdrawn without deleting private records that Maison Aphrodite must reasonably keep.
You may request access, correction, deletion where legally appropriate, withdrawal of optional consent, restriction of marketing/gallery use, or clarification about how your information is handled. Requests should be sent to the Maison Aphrodite contact email once finalized.
The launch website is designed to avoid unnecessary tracking. Essential cookies may be used for admin authentication and security. If analytics or advertising tools are added later, this policy and the cookie notice should be updated before launch.
The website uses private storage for client files, role-based CRM access, server-side privileged operations, hashed appointment-management tokens, and database constraints to protect appointment integrity. No internet system can guarantee absolute security.
This draft was prepared against Aruba privacy guidance, Aruba's personal-data ordinance references, European Commission GDPR consent guidance for international visitors, and Supabase security/DPA documentation. Review the final language before launch.