Privacy Policy Overview
Committed to Your Privacy
At SmileSync, safeguarding your personal data is our top priority. Our Privacy Policy outlines the meticulous steps we take to protect your information.
Introduction
Our Commitment to Privacy
SmileSync is dedicated to ensuring the privacy and protection of personal data. This Privacy Policy details the methods we use to collect, utilize, store, and secure your information. It applies to dentists, dental practices, patients, and visitors to our website.
Who We Are
About SmileSync
SmileSync is a comprehensive dental software platform designed to enhance practice management and patient care. For any privacy-related inquiries, please contact us at privacy@smilesync.com. Our company address and data controller information are available upon request.
Information Users Provide Directly
Data We Collect
We collect personal information directly from users, including names, email addresses, and phone numbers. Additionally, we gather practice details, roles within the practice, and login credentials. Information submitted through forms and communications with SmileSync are also collected to ensure seamless interaction and support.
Patient Data Processed on Behalf of Dental Practices
SmileSync processes patient data on behalf of dental practices, which includes patient contact details, medical history, clinical notes, treatment plans, and consent records. We also handle photos, media, and patient portal activity. It is important to note that dental practices act as the data controller, while SmileSync functions as a data processor.
Technical and usage data collected by SmileSync encompasses IP addresses, browser and device information, usage analytics, and cookies. This data is essential for enhancing user experience, ensuring platform security, and optimizing our services. Our use of cookies and similar technologies is detailed in our Cookie Policy.
How We Use Data
Data collected by SmileSync is utilized to provide and operate our platform efficiently. It enables clinical workflows and patient journeys, allowing us to respond promptly to enquiries and offer support. We use this data to improve our services and functionality, maintain security, and prevent misuse. Compliance with legal obligations is a priority, and we assure users that personal data is never sold.
SmileSync processes data under several lawful bases as outlined by GDPR. These include contractual necessity, legitimate interests, consent, and legal obligation. It is crucial to emphasize that patient data is processed strictly under the instructions of dental practices, ensuring adherence to privacy regulations and maintaining trust with our users.
Our commitment to data protection is unwavering, and we employ robust security measures to safeguard all information. Data is retained only as long as necessary or legally required, and we ensure that all third-party service providers comply with data protection laws. SmileSync never shares patient data for marketing purposes, reinforcing our dedication to privacy and security.
Data Storage and Security
Ensuring Data Safety
At SmileSync, we prioritize the protection of your data through robust security measures. Our platform is built on a secure cloud infrastructure designed to safeguard personal information. We employ advanced encryption techniques to protect data both in transit and at rest, ensuring that only authorized personnel have access through stringent access controls. Continuous monitoring and regular security audits help us maintain a secure environment, preventing unauthorized access and data breaches. Data is retained only for as long as necessary to fulfill the purposes outlined in our policy or as required by law, after which it is securely deleted or anonymized.
We are committed to maintaining the confidentiality and integrity of all data processed through SmileSync, providing peace of mind to dental practices and their patients. Our security protocols are regularly reviewed and updated to adapt to emerging threats and technological advancements, ensuring that your data remains protected at all times.
Data Sharing
Sharing Information Responsibly
SmileSync may share data with trusted third-party service providers to facilitate the operation and enhancement of our platform. These providers include hosting services, analytics tools, and customer support solutions, all of which are carefully selected to ensure compliance with data protection regulations. We require all third-party partners to adhere to strict data protection standards, safeguarding the information entrusted to us.
Importantly, SmileSync does not share patient data for marketing purposes. Our commitment to privacy means that any data sharing is conducted solely to support the functionality and improvement of our services, ensuring that patient confidentiality is always maintained. Dental practices can trust that their patients’ data is handled with the utmost care and respect.
International Data Transfers
When transferring data outside the UK or European Economic Area (EEA), SmileSync implements appropriate safeguards to ensure compliance with data protection laws. We utilize standard contractual clauses and other legally recognized mechanisms to provide a secure framework for international data transfers, ensuring that your data receives the same level of protection as it would within the UK or EEA.
Our commitment to maintaining high standards of data protection extends globally, allowing us to support dental practices and their patients no matter where they are located. By adhering to international data transfer regulations, SmileSync ensures that your information remains secure and protected across borders.
Cookie Usage Overview
Understanding Our Cookie Policy
SmileSync utilizes cookies to enhance user experience by ensuring website functionality, optimizing performance, and conducting analytics. These small data files are stored on your device to remember your preferences and improve site interactions.
Users have the ability to manage cookie settings through their browser preferences, allowing control over which cookies are accepted or declined. For more detailed information, please refer to our Cookie Policy.
Your GDPR Rights
Under the GDPR, you are entitled to several rights regarding your personal data. These include the right to access your data, request rectification of inaccuracies, seek erasure under certain conditions, restrict processing, object to processing, and request data portability.
It is important to note that requests related to patient data are generally managed by the respective dental practice, as they act as the data controller.
Marketing Communications Policy
Guidelines for Receiving Marketing Communications from SmileSync
Children's Data
Processing of Children's Information
SmileSync is specifically designed for use by dental professionals. Any data related to children is managed solely under the responsibility of the dental practices using our platform. We ensure that all processing of children’s data is conducted in compliance with applicable data protection laws and under the strict guidance of the respective dental practices.
Policy Updates
SmileSync reserves the right to modify this Privacy Policy at any time. Any changes to the policy will be promptly posted on this page to keep users informed about how we protect their personal information. We encourage users to review this page periodically to stay updated on our privacy practices.
We will notify users of significant changes through our platform or via email, ensuring transparency and continued trust in our commitment to data protection. The date of the latest revision will be clearly indicated at the top of the policy.