Good Years Family Medicine
DBA Good Years Aesthetics + Wellness
14960 W. Indian School Road, Suite 340
Goodyear, AZ 85395
Email: hello@goodyearsaesthetics.com

Effective Date: September 25, 2025
Last Updated: February 19, 2026

1. OUR COMMITMENT TO YOUR PRIVACY

Good Years Family Medicine, doing business as Good Years Aesthetics + Wellness, is a licensed healthcare provider in the State of Arizona. We are committed to protecting the privacy, confidentiality, and security of your personal information and health information.

This Privacy Policy describes how we collect, use, disclose, and safeguard personal information through our website, communications, and business operations.

This Privacy Policy applies to website and business data. Protected Health Information (PHI) is governed by our separate HIPAA Notice of Privacy Practices.

2. HEALTH INFORMATION AND HIPAA

As a medical practice, we collect and maintain Protected Health Information in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and applicable Arizona law.

Our HIPAA Notice of Privacy Practices explains:

• How we use and disclose medical information
• Your rights regarding your medical records
• How to request amendments or access
• How to file a complaint
• How we provide breach notifications

This website Privacy Policy does not replace HIPAA rights.

To request a copy of our Notice of Privacy Practices, contact us at hello@goodyearsaesthetics.com.

3. INFORMATION WE COLLECT

A. Information You Provide Directly

We may collect:

• Full name
• Phone number
• Email address
• Mailing address
• Date of birth
• Appointment information
• Billing address
• Payment information
• Treatment interests
• Communication preferences
• Photographs (with authorization)
• Forms submitted through website contact or booking portals

If you become a patient, we collect health information as described in our HIPAA Notice of Privacy Practices.

B. Information Collected Automatically

When you visit our website, we may collect:

• IP address
• Browser type
• Device type
• Pages visited
• Time spent on pages
• Referring website
• Approximate geolocation
• Cookies and similar identifiers

This data helps us analyze website performance, improve user experience, and maintain security.

C. Information from Third Parties

We may receive information from:

• Electronic Medical Record (EMR) systems
• Appointment scheduling platforms
• Payment processors
• Marketing and analytics providers
• Social media platforms if you interact with us there

We do not purchase medical data from third-party data brokers.

4. HOW WE USE YOUR INFORMATION

We use personal information to:

• Schedule and confirm appointments
• Provide medical and aesthetic services
• Process payments
• Send appointment reminders
• Respond to inquiries
• Provide marketing communications with consent
• Improve website functionality
• Analyze marketing performance
• Maintain security and prevent fraud
• Comply with legal and regulatory requirements

Health information is used only as permitted under HIPAA and applicable laws.

5. PAYMENT PROCESSING

All payment transactions are processed through PCI-compliant third-party processors.

We do not store full credit card numbers on our internal systems.

Payment vendors maintain their own privacy and security policies.

6. PHOTOGRAPHS AND MARKETING CONTENT

Clinical photographs may be taken for treatment documentation.

Marketing use of photographs, testimonials, or identifiable information requires separate written patient authorization.

You may revoke marketing authorization in writing at any time. Revocation does not affect uses made before withdrawal.

7. TEXT MESSAGING AND ELECTRONIC COMMUNICATIONS

If you opt into SMS communications:

• You consent to receive appointment reminders and, if selected, marketing messages
• Message frequency may vary
• Message and data rates may apply
• You may opt out at any time by replying STOP
• You may request assistance by replying HELP

We do not sell, rent, or share mobile phone numbers, SMS opt-in data, or other personally identifiable information with third parties or affiliates for marketing or promotional purposes.

Mobile information will not be shared with third parties or affiliates for their own marketing purposes.

Information sharing to service providers or subcontractors that support our business operations (such as messaging platforms or appointment reminder systems) is permitted solely for the purpose of providing services on our behalf and not for independent marketing use.

All other use categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

8. COOKIES AND TRACKING TECHNOLOGIES

We use cookies, pixels, and similar technologies to:

• Improve website performance
• Analyze traffic and user behavior
• Support marketing efforts

We may use Google Analytics and similar tools.

You can control cookies through your browser settings. Disabling cookies may impact website functionality.

9. INFORMATION SHARING

We may share information with:

• EMR vendors
• Payment processors
• IT and cybersecurity providers
• Marketing service providers
• Legal or regulatory authorities when required

We require vendors to safeguard information appropriately.

We do not sell personal information.
We do not sell health information.

10. DATA RETENTION

Medical Records
Maintained in accordance with HIPAA and Arizona law. Adult records are retained for a minimum of six years from the last date of service, or longer if required by law. Records of minors are retained consistent with Arizona retention requirements.

Billing Records
Retained as required by tax and accounting laws.

Marketing Data
Retained until you opt out or request deletion, subject to legal obligations.

Website Analytics Data
Retained according to operational needs and platform settings.

11. DATA SECURITY

We implement administrative, physical, and technical safeguards, including:

• Secure electronic medical record systems
• Role-based access controls
• Encryption where appropriate
• Workforce privacy training
• Vendor security agreements

No electronic transmission or storage system is completely secure.

In the event of a breach involving protected information, we will provide notification as required under HIPAA and Arizona law.

12. YOUR PRIVACY RIGHTS

Depending on your state of residence, you may have the right to:

• Access personal information
• Request correction
• Request deletion
• Obtain a copy of your data
• Opt out of targeted advertising
• Limit use of sensitive information

To submit a request, email hello@goodyearsaesthetics.com.

We may verify your identity before responding.

HIPAA-related rights are governed by our Notice of Privacy Practices.

13. ARIZONA AND OTHER STATE PRIVACY RIGHTS

Good Years Family Medicine is located in Arizona and operates in accordance with applicable federal and Arizona state privacy laws, including:

• The Health Insurance Portability and Accountability Act (HIPAA)
• Arizona data breach notification laws
• Arizona medical records retention requirements

Arizona Residents

If you are an Arizona resident, your health information rights are governed primarily by HIPAA and applicable Arizona medical privacy statutes.

In the event of a data breach involving personal information, we will provide notification in accordance with Arizona Revised Statutes § 18-552 and other applicable laws.

Residents of Other States

Because our website is accessible nationwide, residents of certain states may have additional rights under their state privacy laws.

Depending on your state of residence, you may have the right to:

• Request access to personal information we maintain about you
• Request correction of inaccuracies
• Request deletion of personal information
• Obtain a copy of your personal information
• Opt out of targeted advertising, where applicable

We do not sell personal information as defined under applicable state privacy laws.

To exercise applicable rights, please contact hello@goodyearsaesthetics.com. We may verify your identity before responding.

Important Clarification

If you are a patient, your medical records and health information are governed by HIPAA and our Notice of Privacy Practices, not general consumer privacy statutes.

14. DO NOT TRACK

Our website does not currently respond to browser Do Not Track signals due to the absence of a uniform standard.

15. CHILDREN

We do not knowingly collect website information from children under 18 without parental consent.

Medical services provided to minors are governed by applicable healthcare laws and HIPAA.

16. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically.

Material updates will be reflected by a revised “Last Updated” date and posted on our website.

17. CONTACT INFORMATION

Good Years Family Medicine
d/b/a Good Years Aesthetics + Wellness
14960 W. Indian School Road, Suite 340
Goodyear, AZ 85395
Email: hello@goodyearsaesthetics.com