With this policy, we present transparently that we gather, process, store and use the data of persons fairly and in accordance with law. As part of our drive to serve you better, we need to obtain and process your information. Smile collects or processes this information only with the full knowledge, cooperation and consent of interested parties.
Your data will be kept up-to-date, collected or processed fairly and for lawful purposes only. The information you give us will be processed within legal boundaries and will be protected against any unauthorized or illegal access by internal or external parties. You are free to exercise your rights under the law as a data subject and we fully respect the same.
Your data will not be distributed to any party other than the ones consented and agreed by you or the data’s owner (exempting those compellable to be disclosed by law and legitimate requests from courts of competent jurisdiction and law enforcement authorities). Without such express consent from you or the data owner, it will not be communicated or transferred, informally or in any manner, to any other person, entity, organization or country.
We also allow you to modify, erase, reduce or correct data contained in our databases in line with your rights under the law. We will have provisions in cases of lost or corrupted data.
For protection, our officers and employees will be trained in online privacy and data security and will establish data protection practices (secure locks, data encryption, access authorization, etc.). In addition, security measures will be built through a secure network to protect data from cyber attacks.
Please read this Policy carefully as it will help you understand what we do with the information that we collect. Thank you for using Smile!
1. WHY DO WE COLLECT YOUR INFORMATION?
In Short: We collect your information to enable us to provide our Services to you.
2. WHAT INFORMATION DO WE COLLECT?
In Short: We collect information that you provide to us.
We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our Services, or otherwise when you contact us. The personal information that we collect depends on the context of your interactions with us. The personal information we collect may include the following:
a) identity data, such as your name, gender, profile picture, identification number, and date of birth;
b) contact data, such as billing address, delivery address, email address, and phone numbers;
c) account data, such as your user ID, connected accounts, your profile information such as your login
d) employment data, such as your employer, job title, work history, job ratings;
e) income data, such as gross income, net income;
f) financial transaction data, such as payouts, insurance contributions, liabilities;
g) documentary data, such as identification documents, payslips, tax returns;
h) technical data, such as Internet protocol (IP) address, your login data, browser type and version, time zone
setting and location, browser plug-in types and versions, operating system and platform, international mobile
equipment identity, device identifier, and other information and technology on the devices you use to access
i) usage data, such as information on how you use the Platform, products, and Services or view any content on
j) location data, biometrics data;
k) marketing and communications data, such as your preferences in receiving marketing from us and/or third
parties and your communication preferences; and
l) Legal data, such as criminal records and related background
All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information. We shall have the right to request for documentation to verify the personal information provided by you as part of our user verification processes.
Information collected from other sources
In Short: We may collect limited data from public databases, marketing partners, and other outside sources.
To the extent permitted by law, in order to enhance our ability to provide relevant marketing, offers and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, as well as from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs and custom profiles, for purposes of targeted advertising and event promotion. When collecting information from third-party sources, Smile ensures that the third-party provider has secured the users’ or your consent to the sharing of their data for marketing purposes.
3. HOW DO WE USE YOUR INFORMATION?
In Short: We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or for other purposes with your consent.
We use personal information for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.
We use the information we collect or receive:
a) To facilitate, provide and maintain our Service, including to monitor the usage of our Service or access to the Platform;
b) To improve the efficiency and operation of the Platform and/or Services;
c) To manage and administer your account and your registration as a user of the Service. The personal information you provide can give you access to different functionalities of the Service that are available to you as a registered user;
d) To perform verification procedures regarding your identity in order to provide to you our Services appropriately;
e) To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products, or contracted services, including the security updates, when necessary or reasonable for their implementation;
f) To notify and provide you with updates, news, special offers and general information about services and events which we offer or enquired about unless you have opted not to receive such information;
g) To respond to and manage your queries, feedback, claims, disputes, troubleshoot problems, or product and customer service requests, whether directly or through customer service team;
h) To comply with our legal obligations;
i) To send you marketing and promotional communications whereby we and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences;
j) For and in the performance of a contract, the development, compliance and undertaking of the purchase contract for the products, items, or services you have purchased or of any other contract with us through the Service;
k) For business transfers: We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Service users is among the assets transferred; and
l) For other purposes: We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing, and your experience.
4. WILL YOUR INFORMATION BE SHARED WITH ANYONE?
In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.
The Company acknowledges its role and responsibilities under the law, subject to the provisions of this Policy. You consent to our outsourcing of our data processing activities within and among Smile and its subsidiaries and affiliates. We may share, transfer, disclose, and/or permit the sharing of your information with our service providers, business partners and affiliates which include our parent company and any subsidiaries, joint venture partners, or other companies controlled by us or under common control with us, in order to provide our Services and to facilitate your use of the Services, to complete a transaction with you, to manage your account and our relationship with you, to enhance fraud protection, to reduce credit risk, to facilitate marketing and promotions, and to fulfill any legal or regulatory requirements and requests as deemed necessary by us.
We may also process or share your data that we hold based on the following legal basis:
a) Consent: We may process your data if you have given us specific consent to use your personal
information in a specific purpose.
b) Legitimate Interests: We may process your personal information when it is reasonably necessary to achieve our legitimate business interests.
c) Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract, including third party data processors necessary to perform such contractual services (i.e. cloud providers).
d) Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
e) Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
Any data transfer/sharing to outside parties will be covered by a Data Sharing/Outsourcing Agreement, when applicable. We are not responsible for the actions of third parties with whom you share personal
or sensitive data, and we have no authority to manage or control third-party solicitation or requests. If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
In sharing your personal information with them, we endeavor to ensure that the third parties and our affiliates keep your personal information secure from unauthorized access, collection, use, disclosure, processing, or similar risks and that your personal information be retained only for as long as needed in order to achieve the abovementioned purposes.
Moreover, as we take industry accepted best practices and reasonable steps to safeguard your personal information, you acknowledge and agree that the Company has the right to disclose your personal information to any legal, regulatory, governmental, tax, law enforcement or other authorities, or the relevant right owners, if the Company has reasonable grounds to believe that the disclosure is necessary for the purpose of meeting any obligations, requirements, or arrangements, whether voluntary or mandatory, as a result of cooperating with an order, investigation, and/or request of any nature made by such parties. To the extent permissible by applicable law, you agree not to take any action and/or waive your rights to take any action against the Company for the disclosure of your personal information in these circumstances.
5. HOW LONG DO WE KEEP YOUR INFORMATION?
In Short: We keep your information for as long as necessary to fulfill a legitimate business purpose or the purposes outlined in this Policy unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for a legitimate business purpose or for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, anti-money laundering or other legal requirements). We may also retain usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service.
We shall cease to retain your personal information or remove the means by which the data can be associated with you as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal information was collected and is no longer necessary for any legal or business purpose. When we have no ongoing legitimate business need to process your personal information, we will either irreversibly delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
You understand that you are, at any time, free to unsubscribe, delete your account, uninstall our Platform, and/or submit an official request for deletion of your data, subject to this Policy. Should you wish to have your personal information deleted and destroyed or you wish to revoke or withdraw your consent in the processing or storing of your personal information, you may do so by contacting us, and we shall comply by doing the necessary deletion or anonymization.
The deletion or anonymization of your personal data shall be honored within a reasonable time from request and as long as it will not compromise, damage, injure, or make inefficient the entirety, integrity, confidentiality, and security of the Platform and/or Services, and shall be performed within such reasonable time from the time of your request to do so.
6. HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We aim to protect your personal information through a system of physical, organizational, and technical security measures.
We have implemented appropriate physical, technical, and organizational security measures designed to protect the security of any personal information we process subject to the requirements of the law and of commercially acceptable standards for data protection.
We will develop and implement measures to ensure that all Smile staff who have access to any personal information will strictly process such data in compliance with applicable laws and regulations. These measures may include drafting new or updated relevant policies of Smile and conducting or sponsoring training programs to educate our stockholders, directors, officers, employees, agents and other interested parties on data privacy related concerns. A continuing obligation of confidentiality is also imposed on our stockholders, directors, officers, employees, agents or other interested parties in connection with such personal information that they may encounter during the period of which they are such with Smile. This obligation will still apply after they cease to work with Smile for whatever reason.
Furthermore, Smile will, from time to time, conduct a privacy impact assessment relative to all activities, projects and systems involving the processing of personal information. We will review security policies, conduct vulnerability assessments and perform penetration testing, as applicable, within Smile on a regular schedule to be prescribed by our IT Team.
a) Safeguards to protect Smile computer network and systems against accidental, unlawful, or unauthorized usage, any interference which will affect data integrity or hinder the functioning or availability of the system, and unauthorized access;
b) Our ability to ensure and maintain the confidentiality, integrity, availability, and resilience of Smile data processing systems and services;
c) Regular monitoring for security breaches, and a process for identifying and accessing reasonably foreseeable vulnerabilities in Smile computer network and systems, and taking preventive and corrective actions against security incidents;
d) Our ability to restore the availability and access to personal information in a timely manner in the event of a security incident;
e) A process for regularly testing and evaluating effectiveness of security measures; and
f) Encryption of personal information during storage and while in transit, authentication process, and other technical security measures that control and limit access thereto.
However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures. Although we will do our best to protect your personal information, transmission of personal information to and from our Platform is at your own risk. You should only access the Platform within a secure environment.
7. DO WE COLLECT INFORMATION FROM MINORS?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
The Company shall not be responsible for any unauthorized use of the Services on the Platform by yourself, users who act on your behalf, or any unauthorized users. It is your responsibility to make your own informed decisions about the use of the Services on the Platform and take the necessary steps to prevent any misuse of the Services on the Platform.
8. WHAT ARE YOUR PRIVACY RIGHTS?
In Short: You may review, change, or terminate your account at any time.
Under the law, you are entitled to the following data privacy rights:
a.) the right to be informed whether your personal information shall be, are being, or have been processed;
b.) the right to object to the processing of your personal information;
c.) the right to reasonably access your personal information;
d.) the right to dispute the inaccuracy or error in your personal information and have us correct it immediately and accordingly;
e.) the right to suspend, withdraw, or order the blocking, removal or destruction of your personal information from our records;
f.) the right to file a complaint with the proper government authorities for any violation of your data privacy rights;
g.) the right to be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of your personal information not in accordance with this Statement;
h.) the right to data portability of your personal information; and
i.) the right to be informed whether personal information is being or has been processed. This includes processing through automated processing, automated decision-making and profiling.
In respecting your data privacy rights, you may opt to tell us:
a.) not to share your information with our subsidiaries and affiliates or with other companies that we have business with provided that such information is not critical nor required by applicable laws and regulations in maintaining the Services that you availed with us;
b.) to provide you with information that we currently have about you subject to restrictions applied to us as a company operating in the relevant jurisdictions where Smile operates by certain laws and regulations;
c.) to update your personal information; and
d.) about your other concerns relating to how we collect, use, share, protect or dispose your information.
Opting out of email marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us. You will then be removed from the marketing email list – however, we may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes. To otherwise opt-out, you may contact us using the contact information provided in this Policy.
9. CONTROLS FOR DO-NOT-TRACK FEATURES AND COOKIES
When you visit the Platform through your computer, mobile device, or any other device with Internet connectivity, our company servers will automatically record data that your browser sends whenever you visit a website. This data may include:
a.) your computer or device’s IP address;
b.) browser type;
c.) webpage you were visiting before you came to the Platform;
d.) the pages within the Platform which you visit; and
e.) the time spent on those pages, items and data searched for on the Platform, access times and dates, and other statistics.
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Policy.
10. DO WE MAKE UPDATES TO THIS NOTICE?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this Policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible.
11. HOW CAN YOU CONTACT US ABOUT THIS NOTICE AND EXERCISE YOUR DATA PRIVACY RIGHTS?
If you have questions or comments about this Policy, you may contact us by email at email@example.com. If you have any feedback, concerns, complaints or suggestions in relation to personal information, please feel free to contact us by clicking “GET ACCESS”.
12. YOUR ACKNOWLEDGMENT AND CONSENT
In Short: Yes, you acknowledge and consent to our data processing activities as described in this Policy.
By communicating with us using the Platform or our Services, you acknowledge that you have read and understood this Policy and agree and consent to the use, processing and/or transfer of your personal information by us as described in this Policy.
By submitting the required personal information to us, you consent to such collection, disclosure, processing and use thereof. You hereby expressly waive and release us from any and all liability, claims, causes of action or damages arising from our legitimate use of the submitted personal information.
Last Modified on: April 28, 2023.