Privacy Policy
Last updated: 2026-06-18
This page explains, in plain language, what information Jennifer Whitaker (Massage Ithaca) collects when you book or visit, how it is used, who helps process it, and the choices you have. We keep this short and honest on purpose. If anything here is unclear, please contact us.
Who is responsible
Jennifer Whitaker, a New York State Licensed Massage Therapist (license #026298), is responsible for the information described here. The practice operates at 950 Danby Rd, 202-U, Ithaca, NY 14850.
For questions about privacy or records, use the contact page linked below. If the practice later publishes a dedicated privacy contact, this page will be updated.
What we collect
- Booking details — your name, contact information (email and/or phone), and your appointment date, time, and service.
- Health intake information — if you complete an intake form, this can include health history, symptoms, areas of concern, and similar details. This is sensitive information. We use it only to provide safe, appropriate treatment. It is never sold, never used for marketing, and never used to publicly identify you.
- Payment information — payments are handled by our payment processors (Stripe and PayPal). We do not store your card numbers on our systems.
- Website analytics — if and when analytics is enabled, and only with your consent, we may collect basic, aggregate usage data (such as which pages are visited). Analytics is off by default until you opt in via the cookie notice. See Cookies & analytics below.
- Public reviews — if you leave a review on Google, the name and content you choose to make public there are public by your own choice on that platform.
Who helps us process it
We use a small number of trusted service providers to run the practice. We share only what each one needs, and we do not sell your information to anyone:
- Acuity Scheduling — appointment booking.
- Stripe and PayPal — payments.
- Mailgun — appointment and account emails.
- Google — analytics (only if enabled and consented) and public reviews.
Each provider handles your information under its own privacy terms.
How long we keep it
We keep booking and health-intake records for as long as needed to provide care and to meet professional and legal recordkeeping obligations, then dispose of them securely.
Recordkeeping needs can depend on professional, legal, payment, and insurance obligations, so we do not promise deletion on a fixed schedule. If you have a question about a specific record, please contact us.
Your choices
As a matter of good practice, you may ask us to:
- see the information we hold about you,
- correct anything that is inaccurate, and
- delete your information, where we are not required to keep it for professional or legal reasons.
To make a request, contact us. We offer these as a courtesy; this policy does not by itself create legal rights beyond those the law already gives you.
Security
We use reasonable administrative and technical safeguards to protect your information, consistent with New York's data-security expectations for businesses (the SHIELD Act). No method of storage or transmission is perfectly secure, so we cannot promise absolute security — but we take reasonable care.
Changes & contact
We may update this policy as the practice or our tools change. The "last updated" date above reflects the current version. Questions or requests? Please reach out.
