Privacy Policy

Updated March 10, 2026

Just You Aesthetics (“Just You,” “we,” “our,” or “us”) is part of the medical practice of Stephen Spain, MD, located at 5040 Kinsey Drive, Suite 300, Tyler, Texas 75703. We provide aesthetic medicine, hormone therapy, hair restoration, weight-loss treatments, and other health and wellness services.

This Privacy Policy describes how we collect, use, store, and share information about you when you:

  • Visit our website at www.justyoutyler.com (the “Site”);
  • Contact us by phone, email, or web form;
  • Schedule or receive services at our clinic; or
  • Interact with us on social media.

By using the Site or our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with its terms, please do not use our Site or services.

HIPAA & Medical Information

As a medical practice, Just You Aesthetics is a Covered Entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Your protected health information (PHI) is governed by our separate Notice of Privacy Practices (NPP), which you receive at your first appointment and is available upon request. This website Privacy Policy covers your non-clinical interactions with us online.

Protected Health Information (PHI) includes any individually identifiable health information — such as diagnoses, treatment records, lab results, prescriptions, billing information, and insurance details — that we create, receive, maintain, or transmit in connection with your care.

We use and disclose PHI only as permitted or required by HIPAA and Texas law, including for:

  • Treatment: Coordinating your care among providers;
  • Payment: Processing billing and insurance claims;
  • Healthcare Operations: Quality improvement, staff training, and compliance;
  • Required by law: Public health reporting, court orders, and law enforcement requests as mandated.

All other uses or disclosures of your PHI require your written authorization, which you may revoke at any time. To request a copy of our full Notice of Privacy Practices, please contact our office directly.

Information We Collect

Information You Provide Directly

  • Name, address, phone number, and email address when you complete a contact or appointment request form;
  • Date of birth, gender, and insurance information when you become a patient;
  • Health history, symptoms, and treatment preferences shared during consultations;
  • Payment information (processed securely through third-party payment processors — we do not store full credit card numbers);
  • Messages, reviews, or inquiries you send to us.

Information Collected Automatically

When you visit our Site, we may automatically collect:

  • IP address and approximate geographic location;
  • Browser type, operating system, and device information;
  • Pages visited, time spent on the Site, and links clicked;
  • Referring URL (the page that directed you to our Site);
  • Cookie and tracking pixel data

Information From Third Parties

  • Reviews or messages submitted through Google, Facebook, or other platforms;
  • Analytics data provided by services such as Google Analytics;
  • Appointment or telehealth scheduling data from integrated platforms.

How We Use Your Information

We use the information we collect to:

  • Provide and improve our services — scheduling appointments, administering treatments, and personalizing your care experience;
  • Communicate with you — sending appointment reminders, follow-up care instructions, and responding to your questions;
  • Process payments — billing for services rendered;
  • Market our services — sending newsletters, promotions, or health tips (you may opt out at any time);
  • Operate our website — analyzing traffic, fixing technical issues, and improving content;
  • Comply with legal obligations — responding to legal processes and meeting regulatory requirements under Texas and federal law;
  • Protect our patients and staff — detecting and preventing fraud, unauthorized access, or safety threats.

We will not use your personal information for any purpose that is incompatible with the purposes described in this Policy without your prior consent.

Sharing & Disclosure

We do not sell your personal information. We may share information in the following limited circumstances:

  • Service Providers: Trusted vendors who support our operations — such as electronic health record (EHR) systems, payment processors, email platforms, and IT support — under strict confidentiality agreements;
  • Healthcare Partners: Referring physicians, specialists, labs, or pharmacies involved in your care (subject to HIPAA);
  • Legal Requirements: When disclosure is required by law, court order, subpoena, or government regulation;
  • Safety: When we believe in good faith that disclosure is necessary to prevent imminent harm to you or others;
  • Business Transfers: In the unlikely event of a practice acquisition, merger, or asset transfer, patient records would be handled in accordance with HIPAA and applicable Texas law;
  • With Your Consent: For any other purpose with your explicit permission.

Cookies & Tracking Technologies

Our Site uses cookies and similar technologies to enhance your browsing experience and help us understand how visitors use the Site.

  • Essential Cookies: Necessary for core website functionality (e.g., security, navigation);
  • Analytics Cookies: Google Analytics and similar tools that help us understand page views and traffic patterns. Data is aggregated and anonymized where possible;
  • Marketing Cookies: Third-party cookies (e.g., from Google Ads or Meta/Facebook) used to serve relevant advertisements on other platforms based on your visit to our Site.

Managing Cookies: You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Disabling certain cookies may affect the functionality of our Site. You may also opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.

Do Not Track: Our Site does not currently respond to “Do Not Track” browser signals.

Data Security

The security of your information — especially your health information — is a top priority. We implement administrative, technical, and physical safeguards consistent with HIPAA Security Rule requirements and industry best practices, including:

  • Encrypted transmission of sensitive data (SSL/TLS);
  • Role-based access controls limiting staff access to information on a need-to-know basis;
  • Regular security assessments and staff training;
  • Secure, HIPAA-compliant electronic health records systems.

Despite these safeguards, no transmission over the internet or electronic storage system is completely secure. We encourage you to avoid sending sensitive health information via standard email. For confidential communications, please call our office directly at (903) 426-1023.

Data Retention

We retain your personal and health information for as long as necessary to fulfill the purposes described in this Policy and to comply with applicable law:

  • Medical records are retained for a minimum of 10 years from the date of service (or 10 years after a minor patient reaches age 18), in accordance with Texas Medical Board requirements;
  • Billing records are retained as required by Medicare, Medicaid, and insurance carrier guidelines;
  • Website and marketing data is generally retained for no longer than 26 months in analytics platforms, unless a longer period is required by law;
  • When data is no longer needed, we securely dispose of it in accordance with HIPAA and Texas law.

Your Rights & Choices as a Website Visitor

  • Marketing Opt-Out: You may unsubscribe from our email marketing at any time using the “unsubscribe” link in any email, or by contacting us directly;
  • Cookie Preferences: Manage or disable cookies via your browser settings (see Section 6);
  • Access & Correction: You may request access to or correction of personal information we hold about you that is not part of your medical record by contacting us.

Children’s Privacy

Our website is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 through our Site. If a parent or legal guardian believes their child has provided us with personal information online without consent, please contact us immediately and we will take steps to remove that information.

Minors who are patients are treated in compliance with applicable Texas parental consent laws and HIPAA. Medical records for minor patients are handled with the same security standards applied to all patient records.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology. When we make material changes, we will:

  • Post the updated policy on this page with a revised “Last Reviewed” date;
  • Where appropriate, notify you by email or a prominent notice on our website.

We encourage you to review this page periodically to stay informed about how we protect your information. Your continued use of our Site or services after any updates constitutes your acceptance of the revised Policy.