Smileback | Privacy

SmileBack, LLC (“SmileBack”) is a Delaware, USA, limited liability company. SmileBack adopted this Privacy Policy to make it easy for you to understand what sorts of information SmileBack collects and how we use that information. Please read our Terms of Service and this Privacy Policy carefully prior to using this Site, registering to use or using the Service, and/or submitting information through this Site or the Service. If you do not agree with all of the terms of our Terms of Service and Privacy Policy, you are not authorized to use this Site, register to use or use the Service, and your sole remedy is to stop using this Site and the Service.

Scope

This Privacy Policy discloses information that we collect and use in the course of our business. By providing information through this Site and/or the Service, you acknowledge that such information is governed by this Privacy Policy.

For the purpose of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, (“GDPR”) or any subsequent amendment or replacement or supplementary legislation (together “Data Protection Law”), the data controller is SmileBack LLC of 427 N Tatnall St #64120, Wilmington, DE 19801-2230, USA.

Legal Basis for Processing

We collect and use the Personal Information described below in order to provide you with access to our Site and Service in a reliable and secure manner. We also collect and use Personal Information:

For our legitimate business needs.
To fulfil our contractual obligations to you.
To comply with our legal obligations.

To the extent we process your Personal Information for any other purposes, we ask for your consent in advance or require that our partners obtain such consent.

Information We Collect

We collect Personal Information, Customer Data, and Aggregated Information in the following ways:
When you voluntarily give us information. For example, you may provide us information by filling in forms on our Site or within the Services, by corresponding with us by telephone, email or otherwise. This includes information you provide when you set up an account, register to use our Site, Services or apps, register for our newsletter, search for a product, place an order on our Site, participate in discussion boards or other social media functions on our site, take part in a survey or promotion or report a problem with our Site or Services. We may ask for Personal Information such as your name,email address, phone number, company name, job title, financial, and credit card information. As part of our Services, we also collect reviews and ratings that consumers provide us about our customers’ businesses.
When you use our Site and/or Services. We automatically collect information about how you interact with our Services and Sites, including:
- Device information, such as your hardware and operating system;
- Log information, or information that our servers automatically generate when you use our Services. Log information includes information like your search queries, your IP address, browser type, hardware settings, browser language, and cookies that uniquely identify your browser, plugins, time zone settings.
- Visit information, such as the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Location information, which may be derived by our service providers from your IP address, Wi-Fi access point, and/or cell tower.
Through our service providers.We have contracts with service providers who may, in the course of providing services to us and to the extent you give information to them, supply us information about you like your IP address, location, name, email address, browser type, and hardware. Our service providers who provide information to us include products like Google Analytics and HubSpot which provide information about how users interact with our Sites.
Through cookies and similar technologies. We and our partners may use various technologies to identify your browser or device to distinguish you from other users of the Site or Services. This helps to provide you with a good experience when you browse our Site or use our Services and allows us to improve our Site and Services.

Cookies

What are Cookies
Cookies are small data files stored on your hardware that help us remember you and your settings and to collect general, anonymous information about how users use our Services. Cookies can be “persistent” or “session” cookies. We use persistent cookies and session cookies.

Persistent Cookies
A persistent cookie is stored on a user’s device in between browser sessions which allows the preferences or actions of a user across the Site or Services (or in some cases across different websites) to be remembered. We use persistent cookies to save your login information for future logins to the Site or Services.

Session Cookies
A session cookie allows the Site to link your actions during a browser session. We use session cookies to enable certain features of the Site or Services, to better understand how you interact with the Site or Services and to monitor aggregate usage by users and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site or Service and then close your browser.

Which cookies we use and why
The table below explains the cookies we use and why we use each of them.

Cookie	Type	Purpose
Google Analytics	Tracking cookies	These cookies are used to collect information about how visitors use our Site. We use the information to compile reports and to help us improve the Site. The cookies collect information in an anonymous form, including the number of visitors to the Site, where visitors have come to the Site from and the pages they visited. If you do not allow these cookies we will not be able to include your visit in our statistics. You can read the full Google Analytics privacy policy at: http://www.google.com/policies/privacy/.
Anonymous Analytics	Analytics cookies	We use analytics cookies to tell us whether you have visited the Site previously, and to gather statistics about visits to a page.
Registration	Sign-in cookies	When you sign in, we generate cookies that let us know whether you are signed in or not. Our servers use these cookies to work out which account you are signed in with.
Site Performance	Preference cookies	We use site performance cookies to remember preferences you may have set on our Sites.
Intercom Analytics	Analytics cookies	We use these cookies and other technologies to help understand your usage of our services when you visit our Site or use our product. This cookie analyzes your use of our Site and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy.

You can set up your browser options, to stop your computer accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use the whole of the Site or all functionality of the Services.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

How We Use Your Information

Customer Data
We respect the confidential nature of your Customer Data. SmileBack will not review, share, distribute, or reference any Customer Data, except as provided in our Terms of Service, DPA, or as may be required by law. In accordance with our Terms of Service, we may access your Customer Data to provide you with the Service, as well as to prevent or address service or technical problems. We may also access your Customer Data to provide you with customer support.

Personal Information
When you provide Personal Information to us, we use your Personal Information to provide you with access to the requested Service, content and/or information. We may also use your Personal Information to help us understand who is visiting this Site and using our Service. We may also use your Personal Information to:

Carry out our obligations arising from any contracts entered into between you and us.
Provide technical administration and customer support.
Respond to your inquiries.
Send important notices, such as communications about purchases and changes to our terms, conditions, and policies.
Process payment for purchases you make.
Deliver products and services you purchase or request.
Provide you with the information, products and services that you request from us.
Provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about.
Make it easier for you to log back into this Site and the Service.
Contact you about our specials and new services or specials and new services from our affiliated companies or other third parties, we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this by ticking the relevant box situated on the form on which we collect your data.
Verify your eligibility and deliver prizes in connection with contests and sweepstakes.
Notify you about changes to our Site or Services.
Ensure that content from our Site or Services is presented in the most effective manner for you and for your computer.

Use of Information we collect from you
We may use your Personal Information to:

Administer our Site and Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
Inform you about scheduled Service downtimes and new features.
Improve our Site and Services to ensure that content is presented in the most effective manner for you and your computer.
Allow you to participate in interactive features of our Services or Site when you choose to do so.
Part of our efforts to keep our Services and Site safe and secure.
Make suggestions and recommendations to you and other users of our Site or Services about our goods or services that may interest you or them.
Enforce our Terms of Service.
Protect against or identify fraudulent transactions.

Information we receive from other sources
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Aggregated Information
We collect, analyze and use Aggregated Data to help us provide you with a better user experience. For example, we keep track of the domains from which users visit this Site and we also measure visitor activity on this Site. When we use Aggregated Information, we do so in a way that keeps your Personal Information anonymous. You hereby acknowledge and agree that SmileBack may make Aggregated Information publicly available, provided that such information does not incorporate any Customer Data and/or identify you or your Confidential Information. By way of example, we use Aggregated Information to:

Analyze our audience size and usage patterns.
Develop, deliver, and improve our Services.
Develop and display content and advertising tailored to your interests.
Process payment for purchases you make.

Disclosure of Your Information

SmileBack is not in the business of sharing or selling your Customer Data or Personal Information. We consider this information to be a vital part of our relationship with you. However, in addition to specific requests by you, there are certain circumstances in which we may share your Customer Data and/or Personal Information with third parties without further notice to you, as set forth below:

Business Transfers. As we develop our business, we may buy, sell or reorganize businesses or assets. In the event of such sale, merger, reorganization, dissolution or similar event, Personal Information may be part of the transferred assets.
Affiliated Companies. We may also share your Customer Data and Personal Information with our subsidiaries, affiliates and other related companies for purposes consistent with this Privacy Policy and providing you with the Service.
Agents, Consultants and Service Providers. SmileBack, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function, and we only allow them to process that information for the purposes the information was collected.
Customers. SmileBack collects feedback, reviews, and ratings from consumers and businesses on behalf of subscribers to the SmileBack service. The information provided to these subscribers includes a rating of the subscriber’s business and, if supplied by the consumer or business, qualitative feedback in the form of a note or message to the subscriber’s business.
Credit Card Processing. We use a third-party service providers to manage subscription billing and credit card processing. These service providers are not permitted to use billing information except for the sole purpose of processing subscription billing and credit card transactions on SmileBack’s behalf.
Site Optimization. We use analytics and search engine providers to assist us in the improvement and optimization of our Site and provide information to providers such as Google for these purposes.
Legal Requirements. SmileBack may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation; (ii) enforce, protect or defend the rights or property of SmileBack our customers, or others; (iii) act in urgent circumstances to protect the personal safety of users of this Site or the public; or (iv) protect against legal liability; (v) to enforce or apply our Terms of Service or any other agreements; (vi) for fraud prevention; or (vii) credit risk reduction.

Joint Offerings

From time to time, SmileBack may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from us, SmileBack may share information collected in connection with your purchase or expression of interest with our joint promotion partner(s). SmileBack does not control our business partners’ use of the information we share with them, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, your sole remedy is to opt not to purchase or specifically express interest in a jointly-offered product or service.

EU-US and Swiss-US Privacy Shield Frameworks

We participate in the EU-US and Swiss-US Privacy Shield Frameworks, which require that we (and the organizations on the Privacy Shield List) adhere to the principles set forth below. SmileBack is committed to subjecting all Personal Information it receives from the European Union and Switzerland to the Privacy Shield Principles. If there is any conflict between the terms of this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

Access. You have the right to access your Personal Information to the extent that the burden or expense of providing access would not be disproportionate to the risk of violation of your or someone else’s privacy.
Choice. You may opt out of the onward transfer of your Personal Information by sending us an email with your name and a statement that you do not want us to provide your Personal Information to third parties. Please be advised that if you opt out, our Services might not be functional for you.
Onward Transfer. SmileBack remains responsible for any Personal Information that is shared under the Onward Transfer Principle with third parties processing Personal Information on our behalf. For more information on third parties with whom we might share your information, please see the “Disclosure of Your Information” section above. SmileBack will only disclose Personal Information to third parties that is relevant to the purposes for processing that information and only to the extent compatible with the purposes for which it was collected or subsequently authorized.
Legal Requests. We might be required to disclose your Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Enforcement. SmileBack’s compliance with the Privacy Shield Principles is subject to the investigatory and enforcement powers of the US Federal Trade Commission or any other body designated by statute.
Questions and Disputes. Please feel free to contact us with any questions or concerns relating to our Privacy Shield certification. You have the option to resolve any applicable disputes you have with us in connection with our EU-US and Swiss-US Privacy Shield certification through JAMS, an alternative dispute resolution provider based in the United States. You can file a claim with JAMS here. In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles in each of the Privacy Shield Frameworks.

Special Notification for California Residents – Your Privacy Rights

Individuals who are residents of California and have provided their Personal Information to us may request information regarding our disclosures, if any, of their Personal Information to third parties for direct marketing purposes. Such requests must be submitted to our Privacy Officer in writing at help@smileback.com or:

SmileBack, LLC
Attention: Privacy Officer
427 N Tatnall St #64120
Wilmington, DE 19801-2230
USA

Such requests must include the reference “Request for California Privacy Information” in the subject line and in the body of the message and must include the e-mail address or mailing address, as applicable, for us to send our response. This request may be made no more than once per calendar year. We reserve the right not to respond to requests submitted to us if not submitted pursuant to the terms set forth above.

Special Notification for Individuals Located in the European Union – Your Rights

You have the right under Data Protection Law, free of charge, to request:

Access to your Personal Information.
Rectification or deletion of your Personal Information.
A restriction on the processing of your Personal Information.
Object to the processing of your Personal Information.
A transfer of your Personal Information (data portability).

You can make a request in relation to any of the above rights by contacting us as set out at the end of this Privacy Policy. We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of Data Protection Law.

You have the right to withdraw your consent to us processing your Personal Information, at any time, by writing to us at the contact address given for EU individuals at the end of this Privacy Policy.

Where we process your Personal Information for marketing purposes, we will inform you and obtain your opt in consent (before collecting your Personal Information if we intend to use your Personal Information for such purposes or if we intend to disclose your information to any third party for such purposes. If you change your mind about being contacted in the future, please opt out by clicking the “unsubscribe” link at the bottom of any email. Once you do this, you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email.

We send push notifications from time to time in order to update you about any service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.

Storage of Personal Information

Our Services are global and your information (including Personal Information) may be stored and processed in any country where we have operations or where we engage service providers, and we may transfer your information to countries outside of your country of residence, which may have data protection rules that are different from those of your country of residence.

The Personal Information that we collect from you may therefore be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or partners. Such staff or subcontractors maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services. By submitting your Personal Information, you agree to this transfer, storing or processing outside of the EEA.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. In particular, this means that your Personal Information will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clauses according to conditions provided by the European Commission (“EU Model Clauses”).

Our Site is accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Site from outside the EEA. This means that where you chose to post your data on our Site, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.

Protection of Your Information

All information you provide to us is stored on our secure servers. Any credit card information or payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Site or Services, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will endeavour to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Site or Services. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Links to Other Websites

Our Site or Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Data Retention

We retain Personal Information for as long as necessary for the relevant activity for which it was provided or collected. This will be for as long as we provide access to the Site or Services to you, your account with us remains open or any period set out in any relevant contract you have with us. However, we may keep some data after your account is closed or you cease using the Site for the purposes set out below.

After you have closed your account or ceased using the Site or Services we usually delete Personal Information, however we may retain Personal Information where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Terms or Services, or fulfil your request to “unsubscribe” from further messages from us.

We will retain de-personalised information after your account has been closed.

Please note: After you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the Site or Services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.

Age of Users

This Site and the Services are not intended for and shall not be used by anyone under the age of 18.

General Information

Capitalized terms not defined in our Privacy Policy will have the meaning ascribed to such term in our Terms of Service.

Customer Support

If you have questions, comments or concerns about our Privacy Policy or SmileBack’s compliance with the Privacy Shield Framework, please contact SmileBack at:

SmileBack, LLC
427 N Tatnall St #64120
Wilmington, DE 19801-2230
USA

E-mail: help@smileback.com

If you have questions, comments or concerns about our use of Personal Information collected from individuals located within the European Union or SmileBack’s compliance with Data Protection Law, please contact SmileBack at: