Privacy Policy – Exquisite Steam & Spa

Effective Date: November 20, 2024
Last Updated: November 20, 2024

1. Introduction

At Exquisite Steam & Spa, your privacy matters. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website, place an order, or interact with our services.

This policy applies to our website: www.exquisitesteam.com, and all associated subdomains (collectively referred to as the "Service"). By using our site, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of personal information:

  • Contact Information: Name, email address, phone number
  • Billing & Shipping Information: Mailing addresses, billing addresses
  • Technical Information: IP address, device type, browser type, operating system
  • Transaction Data: Order details, purchase history, transaction records
  • Usage Data: Browser cookies, page views, time spent on site, referral sources

Payment Information

We do not store your full credit card or payment details on our servers. Payment information is processed securely through trusted third-party payment processors (such as Stripe, PayPal, or similar services) that comply with PCI-DSS standards. We may retain the last four digits of your card and transaction confirmation details for order verification purposes only.

How We Collect Information

We collect information when you:

  • Visit our website
  • Create an account or place an order
  • Contact us via forms, email, or phone
  • Subscribe to newsletters or promotional updates
  • Interact with our customer support

3. How We Use Your Information

We use your personal information for the following purposes:

  • Order Fulfillment: Process and ship your orders, manage returns and exchanges
  • Payment Processing: Complete transactions securely
  • Customer Support: Respond to inquiries, resolve issues, and provide assistance
  • Communication: Send order confirmations, shipping updates, and service notifications
  • Marketing: Send promotional emails, newsletters, and special offers (you can opt-out anytime)
  • Personalization: Customize your shopping experience and product recommendations
  • Analytics: Improve our website, products, and services based on usage patterns
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes
  • Fraud Prevention: Detect and prevent fraudulent transactions and security threats

4. Sharing Your Information

We do not sell your personal information to third parties. We may share your information with:

Service Providers

Trusted third-party companies that help us operate our business, including:

  • Payment Processors: Stripe, PayPal, or similar services
  • Shipping Partners: USPS, FedEx, UPS, or other carriers
  • Email Services: Mailchimp, Klaviyo, or similar platforms
  • Website Hosting: Cloud service providers
  • Analytics Tools: Google Analytics and similar services

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

Legal Requirements

We may disclose your information when required by law, such as:

  • In response to court orders, subpoenas, or legal processes
  • To comply with government or regulatory requirements
  • To protect our rights, property, or safety
  • To prevent fraud or investigate suspected illegal activity

Business Transfers

If Exquisite Steam & Spa is involved in a merger, acquisition, bankruptcy, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you via email or prominent website notice before your data is transferred and becomes subject to a different privacy policy.

5. Data Security

We take the security of your personal information seriously and implement industry-standard measures to protect it:

  • SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using Secure Socket Layer (SSL) technology
  • Secure Storage: Data is stored on secure, access-controlled servers with firewalls and intrusion detection systems
  • Limited Access: Only authorized personnel with legitimate business needs can access your personal information
  • Regular Security Audits: We periodically review and update our security practices
  • PCI Compliance: Our payment processors maintain PCI-DSS compliance for credit card security

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Breach Notification

In the unlikely event of a data breach that compromises your personal information, we will:

  • Investigate the breach promptly and take immediate corrective action
  • Notify affected users via email within 72 hours of discovering the breach
  • Provide information about what data was compromised and steps you can take to protect yourself
  • Report the breach to relevant authorities as required by law
  • Implement additional security measures to prevent future incidents

7. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic.

Types of Cookies We Use

  • Essential Cookies: Required for basic website functionality (shopping cart, checkout, login sessions)
  • Performance Cookies: Help us understand how visitors use our site (page views, bounce rates)
  • Functional Cookies: Remember your preferences (language, region, login information)
  • Marketing Cookies: Track your browsing to show relevant ads and measure campaign effectiveness

Managing Cookies

You can control or delete cookies through your browser settings. Note that disabling certain cookies may limit website functionality. For more information, visit:

  • Chrome: chrome://settings/cookies
  • Firefox: about:preferences#privacy
  • Safari: Preferences > Privacy

You can also opt out of targeted advertising through:

  • Network Advertising Initiative: www.networkadvertising.org/choices
  • Digital Advertising Alliance: www.aboutads.info/choices

8. Your Privacy Rights

General Rights (All Users)

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate or incomplete information
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Restriction: Limit how we process your information
  • Objection: Object to certain types of processing (e.g., direct marketing)
  • Data Portability: Receive your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing emails at any time via the link in our emails

California Residents (CCPA/CPRA Rights)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request details about what personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of your personal information (we do not sell data)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit: Limit the use of sensitive personal information

Do Not Sell My Personal Information: We do not sell personal information as defined by CCPA.

To exercise your California rights, contact us at support@exquisitesteam.com or call (831) 534-9188. We will verify your identity before processing your request.

European Users (GDPR Rights)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Lawful Basis for Processing: We process your data based on consent, contract performance, legal obligation, or legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority
  • Data Protection Officer: For GDPR inquiries, contact support@exquisitesteam.com

International Data Transfers: If you are outside the United States, your information may be transferred to and processed in the U.S. We use standard contractual clauses and other safeguards to protect your data during international transfers.

How to Exercise Your Rights

To exercise any of these rights, please contact us:

  • Email: support@exquisitesteam.com
  • Phone: (831) 534-9188
  • Mail: 30745 Pacific Coast Hwy, Ste 21 #1119, Malibu, CA 90265

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing certain requests.

9. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods

  • Account Information: Retained while your account is active and for 3 years after account closure
  • Order History: Retained for 7 years for accounting, tax, and legal purposes
  • Marketing Data: Retained until you opt out or request deletion
  • Technical Logs: Retained for 12-24 months for security and analytics purposes

When data is no longer needed, we securely delete or anonymize it.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors.

If we discover that we have inadvertently collected information from a child under 18, we will delete that information immediately. If you believe we have collected information from a minor, please contact us at support@exquisitesteam.com.

11. International Transfers

Your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country of residence.

When we transfer data internationally, we use appropriate safeguards such as:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield frameworks (where applicable)
  • Other legally approved transfer mechanisms

By using our services, you consent to the transfer of your information to countries outside your country of residence.

12. Third-Party Links

Our website may contain links to third-party websites, services, or applications that are not operated by us (e.g., social media platforms, payment processors, product manufacturers).

We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Do Not Track Signals

Some web browsers have a "Do Not Track" (DNT) feature that signals to websites you visit that you do not want to have your online activity tracked.

Our website does not currently respond to DNT signals. However, you can manage tracking through your browser settings and opt-out tools mentioned in the Cookies section.

14. Return & Refund Policy

For information about returns, refunds, exchanges, and our satisfaction guarantee, please review our separate Return & Refund Policy available at: [https://exquisitesteam.com/pages/return-and-refund-policy]

Our return policy outlines:

  • Return eligibility and timeframes
  • Refund processing procedures
  • Shipping costs for returns
  • Damaged or defective product procedures
  • Exchange options

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email or prominent website notice
  • Provide a summary of key changes (when applicable)

Your continued use of our website after changes are posted constitutes acceptance of the revised policy. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Exquisite Steam & Spa

  • Email: support@exquisitesteam.com
  • Phone: (831) 534-9188
  • Mailing Address: 30745 Pacific Coast Hwy, Ste 21 #1119, Malibu, CA 90265
  • Business Hours: Monday - Friday, 9:00 AM - 5:00 PM PST

We will respond to your inquiry within 3-5 business days.

By using Exquisite Steam & Spa's website and services, you acknowledge that you have read, understood, and agree to this Privacy Policy.

Start Shopping

Indoor Saunas
Indoor Saunas 6 Items
Outdoor Saunas
Outdoor Saunas 17 Items
Wood Burning Saunas
Wood Burning Saunas 0 Items

About

Exquisite Steam & Spa delivers premium steam showers, saunas, whirlpool baths, and cold plunge systems across the U.S., offering top brands, expert guidance, reliable service, and a seamless wellness-focused experience.

Our Collections

Explore

Connect

Join our mailing list for updates

© 2025 Exquisite Steam and SpaPowered by Shopify