Click to view our Privacy Statement - V2.0 last reviewed April 11, 2023
Smile is committed to protecting the privacy and security of its users. We treat all collected information with complete confidentiality and work to collect the minimum amount of data necessary.
What information do we collect?
Smile gathers two basic types of information through the Site: “personal information”, being information from which an individual can be identified, and “aggregate information”, from which an individual cannot be identified.
Personal Information: You are not required to register or provide personal information in order to access the Site, though certain functionalities (such as requesting information) may require the inclusion of personal information. Personal information may include your contact information (such as your name and email address) or other relevant details (your organization).
Aggregate Information: When you visit and interact with the Site, Smile and third parties Smile uses (namely Google Analytics and Hubspot) may collect anonymous information from three sources: server log files, cookies, and “pixel tags”.
How do we collect personal information?
Smile collects and maintains personal information sent via online forms and email addresses published on our website. We will use this information to contact you regarding products and services for which you have expressed interest.
How do we collect aggregate information?
“Cookies”: data that a web server transfers to a computer for record-keeping purposes. Cookies are an industry standard used by most web sites and help facilitate users’ ongoing access to and use of a particular web site. Cookies do not cause damage to your computer systems or files, and only the web site that transferred a particular cookie to you can read, modify or delete said cookie.
For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
“Log files”: Your Internet Protocol (IP) address is an identifying number that is automatically assigned to your computer by your Internet Service Provider (ISP). This number is identified and logged automatically in our server log files whenever you visit the Site, along with the time(s) of your visit(s) and the page(s) that you visited. Smile tracks user IP addresses for the purposes of systems administration, demographic profiling and traffic logging, but Smile will not use IP addresses to try to identify individual users of the Site. Collecting IP addresses is standard practice on the internet and is carried out automatically by many web sites.
“Pixel tags”, “web beacons”, “clear GIFs” or similar means (collectively, “pixel tags”) compile aggregate statistics about Site usage and response rates. Pixel tags allow us to count users who have visited certain pages of the Site.
How do we use your personal information?
Smile uses information collected from users of the Site for one of three purposes:
- Monitoring of test server: we maintain a list of test server users’ email addresses to provide them with updates regarding server features, alert them of account expiry or other information relevant to their use of the test server.
- Replying to inquiries submitted via the Site’s contact form or company email addresses published on the Site: We use the information you provide about yourself to reply to the inquiry.
- Hubspot CRM: The personal information we gather through forms or company email addresses published on the site is stored in our secure Hubspot CRM system. In accordance with our legitimate business interests, we may also use your contact information for commercial purposes to inform you by means of direct marketing about our products and upcoming events. We always provide the option to opt-out of these messages.
How do we use your aggregate information?
The aggregate information we collect through the Site is used to better design our website. We analyze aggregate information in order to enhance website security, track the popularity of certain pages of the Website, the success of our email notifications, traffic levels on the Website and other usage data, all of which helps us to improve the Site.
For example, we may understand that X number of individuals visited a certain area on our website, but we would not disclose anything that could be used to identify those individuals.
When do we disclose your aggregate information?
We use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://policies.google.com/technologies/partner-sites
You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
When do we disclose your personal information?
We may share your personal information (such as name, employer, or contact information) to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Your rights when we process your personal information under EU law
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you, or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
What happens if a breach of your information occurs
If you are a United States resident, Smile Digital Health follows the HIPAA Breach Notification Rule, 45 CFR §§ 164.400-414, which requires that HIPAA covered entities and their business associates, provide notification following a breach of unsecured protected health information.
If a breach of unsecured protected health information occurs at or by Smile Digital Health, the covered entity/ business associate will be notified in writing without unreasonable delay, no later than 60 days from the discovery of the breach.
If a breach of unsecured protected health information occurs at or by Smile Digital Health and it involves 500 or more individuals, the covered entity/business associate will be notified without unreasonable delay after the discovery of the breach.
A breach notification log will be maintained and designed to satisfy requirements under HIPAA and ISO/IEC 27018 standards.
For Ontario residents, Smile Digital Health will collaborate with the appropriate health information custodian to ensure any breach of your personal health information is properly reported as required by the Personal Health Information Protection Act (PHIPA).
Residents outside of U.S. & Ontario
If you reside outside of the United States and Ontario, Smile Digital Health will follow breach notice requirements outlined in applicable regional legislation or contractual agreements, whichever is stronger.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us or send a letter to 622 College Street Suite 401, Toronto, ON M6G 1B4