The CRM for medical spas
Run your medspa from one platform.
Booking, client charts, e-signed consent forms, payments, and twenty-two real-time reports — HIPAA-compliant, multi-location ready, designed specifically for the way medspas operate.
- HIPAA-compliantArchitectural, not a checkbox.
- Built for medspasNot adapted from a salon tool.
- No payment markupPricing is one clean line.
Sarah
Available
Jamie
Available
Marco
Available
Botox 30u
L. Davis
Filler
M. Tran
HydraFacial
S. Kim
Consult
New
Laser
P. Rao
Microneedling
A. Lee
Multi-provider booking · Manhattan location
Six core capabilities, built specifically for medspas.
Each one designed for the actual workflows medical spas run every day — not retrofit from a salon, gym, or general-purpose CRM.
A calendar built for multi-provider operations.
Per-provider columns, per-location scoping, and working-hours awareness. Drag to reschedule, click to take payment, see at a glance which appointments still need consent before check-in.
- Per-provider, per-location columns
- Drag-to-reschedule with conflict detection
- Online booking with deposit-on-book
- Automated SMS + email reminders
Sarah
Available
Jamie
Available
Marco
Available
Botox 30u
L. Davis
Filler
M. Tran
HydraFacial
S. Kim
Consult
New
Laser
P. Rao
Microneedling
A. Lee
Every client record in one place.
Contact, treatment history, allergies, signed consent forms, outstanding paperwork, and provider-only notes — accessible in two taps from the calendar or the search bar.
- Searchable across all locations
- Treatment history with outcome tracking
- Provider-only notes thread
- Pending forms surfaced where needed
Sarah Chen
Client since Mar 2024 · 12 visits · Member
Phone
(555) 234-1180
sarah.chen@…
Date of birth
Jan 14, 1989
Allergies
Penicillin
Pending forms
Botox consent · per-visit · expires today
E-signed consent that holds up to a compliance review.
Schema-versioned templates for intake and per-treatment consent. Sent as tokenized links, signed on a tablet, snapshotted at the moment of signing — so an evolving template never rewrites a signed past.
- Version-snapshotted at signing
- Tokenized fill links (no login required)
- Auto-assigned per service or per visit
- Audit trail with IP, user-agent, timestamp
Botox & Neurotoxin Consent
Version 4 · For: Sarah Chen · Tokenized link
Signature
Invoicing built around end-of-day reconciliation.
Cash, check, card-on-terminal, and other — recorded with payment reference, owner-reopenable within sixty days, void with a required reason. The numbers match the cash drawer at close.
- Owner-only 60-day reopen window
- Per-payment-method daily close-out
- Tax handled per service line item
- No platform fee on card volume
Invoice INV-2026-0214
L. Davis · Today, 11:40 am · Sarah Chen
| Item | Qty | Total |
|---|---|---|
| Botox 30u | 1 | $540.00 |
| HydraFacial add-on | 1 | $180.00 |
Twenty-two reports across financial, staff, guests, and operations.
Daily close-out, AR aging, revenue by service / provider / location, schedule utilization, top spenders, no-show rates, booking lead time — all running against live data, all exportable to CSV with a HIPAA confirmation gate.
- 22 pre-built reports
- Live data — no nightly refresh delay
- CSV export with PHI confirmation
- Audit-logged on every run
Sales — last 30 days
Apr 16 → May 15 · 4 paid invoices today
Gross
$48.6k
Tax
$4.31k
Avg invoice
$483
One brand, multiple locations, one bill.
Per-location calendars, pricing, staff schedules, and reporting. The org-level dashboard rolls up revenue, appointments, and utilization across every site. The location switcher only appears when the team has more than one to switch between.
- Per-location pricing + staff
- Org-level rollup dashboard
- Per-location reporting filters
- Single sign-on across sites
All locations · Rollup
3 sites · Last 30 days
Manhattan
Flagship · 8 providers
$28.4k
+12%
Brooklyn
5 providers
$14.1k
+4%
Hudson Yards
Opened Mar · 3 providers
$6.1k
+38%
Built for the way medspas actually run.
Three specific differences from the platforms most medspas are using today.
- 01
Built for medspas, not retrofit.
Most CRMs medspas use today were designed for salons, yoga studios, or general doctors' offices, then patched to handle injectables and lasers. Lumè was built for medspa workflows from the first migration: treatment-cycle scheduling, per-service consent recurrence, multi-provider rooms, and the close-out reconciliation a front desk actually does.
- 02
HIPAA compliance is structural.
Tenant isolation enforced at the database. Role-based permissions resolved per request from a forty-permission catalog. Append-only audit logging on every PHI access. AWS infrastructure under a signed BAA. The compliance posture is the architecture — not a separate "secure" tier.
- 03
Pricing without the games.
One per-seat number, scaled by location count. No platform fee on card volume. No annual contract lockout. No tier upgrade required to export your own data. The Business Associate Agreement is included.
Security & compliance
HIPAA-compliant by architecture, not by checkbox.
Tenant isolation at the database layer. Role-based permissions resolved per request. Append-only audit logging on every PHI read and write. AWS infrastructure under a signed Business Associate Agreement. SOC 2 Type II in progress.
See it in 30 minutes
See Lumè running on workflows like yours.
Tell us about your spa. We'll set up a private 30-minute walkthrough with the product configured for your service menu, your providers, and your locations.
No long sales cycle. We respond within one business day.