Data Privacy FAQ

What is/who is Smylor? 

Smylor is the leading platform for Dental Treatment Marketplaces, where patients can compare local dentists, chat with dentist practices online, book dental appointments and review their dental treatment experience. Just like Airbnb, Booking.com and TripAdvisor, Smylor offers patients a simpler way to manage their dentist visit..

Smylor Ltd. is a European company headquartered in Ireland. Our founding team includes experts in crm process application development, digital marketing, user experience, conversion rate optimization and dentistry.

What is Smylor's approach to privacy? 

We also have clear guidelines in place in our Acceptable Use Policy and Smylor remains committed to maintaining the same level of user anonymization by default and allowing users to block Smylor from collecting their data.

What Personal Information has Smylor collected about me? 

While each scenario is unique, Smylor uses the principle of only requesting from you the necessary information to perform the services needed. For example, using Smylor for the purpose of completing treatment reviews, Smylor will request you to review your experience and provide other parameters such as Personally Identifiable Information and appointment data, such as email or appointment date.
Smylor is the processor of data that a dentist may collect about you. We store this data for the dentist owner to access through Smylor’s Patient Relationship Management (PRM) software. We do not access it for our own needs and will never harvest or sell this data, ever.
As a user of Smylor you have the right to view and request the deletion of information collected about you. More information about our user information feature can be found here. 

What types of Cookies does Smylor use? What do they do? 

In order to process data about your visit to a website, Smylor stores first-party cookies on your browser. Cookies are either set by the Smylor script, or by visiting the Smylor website. These cookies have different purposes and also have different lifespans.

If you have Cookies disabled, you won’t be tracked by any website using Smylor. Most web browsers allow some control of most cookies through the browser settings. To find out what cookies have been set and how to manage and delete them, we recommend visiting Smylor Cookies Policy.

I have enabled the Do-Not-Track setting in my browser. Will this stop Smylor processing data about me? 

Yes. Smylor respects the Do-Not-Track (DNT) headers in browsers. As a website user browsing websites that have Smylor installed, you are able to use the Do Not Track setting in your browser to avoid Smylor tracking any data about your visit.

Do-Not-Track is implemented through your browser, so you’ll need to check if the setting is enabled or disabled within your own browser.

Does Smylor harvest/sell data? 

Smylor does not sell, has not sold, and will never sell personal data to anyone at any time.

Smylor considers data protection and privacy to be of paramount importance. We never sell personal data and we carry out all processing operations in strict compliance with the EU General Data Protection Regulation (“GDPR”) (specifically but not limited to Article 6(1)(b) to (f) and Article 28) as well as the Laws of Ireland, where Smylor is incorporated, and other applicable global privacy and data protection laws such as the California Consumer Privacy Act (“CCPA”) (collectively, the “Applicable Law”).

Do you mine or access my data for profiling or advertising? 

Absolutely not. This isn't our business; it's not our data and we have no right to do any of these activities. Dentists use our software to process data about your visit and appointment. We at Smylor store this data for them to access. 

My users are requesting access to data processed about them. How can I get them this data? Can it be deleted? 

Using the User Lookup tool for user information, Dentists can look up and delete users that have had their data collected. Once the user’s email is submitted, a report will be generated of all the data you have collected on them. By default, Smylor works with anonymized user IDs when tracking users. It’s therefore important to keep in mind that the user will only have results shown in the User Lookup tool if they have previously included their email.

How long does Smylor retain data? 

Recordings data in Smylor is kept from date of capture for up to 3 years depending on the nature of the data. Appointment data is retained for 3 years from date of creation. Responses gathered from Treatment Reviews are stored indefinitely until the account owner decides to delete them.

How do I process sensitive data safely with Smylor? 

At Smylor, we believe in our customers’ (and their customers’) rights to privacy. We include features on every plan level that allow the processing of sensitive data without putting customer data at risk. Features include being easily able to look up the data you collected on a user to delete information that is requested to be removed.

How do I make sure I am compliant with Smylor’s Acceptable Use Policy? 

Smylor is designed to empower you and your team to build a better experience for dentists and patients, while ensuring their rights to privacy are respected.

Because of this, all data collected and processed with Smylor must solely be used by the site or app owner and not shared with third parties, unless explicit consent has been received from all data parties. This includes but is not limited to:

• Selling or sharing the data with third parties
• Marketing automation
• Re-targeted advertising

For more detail, have a read of our full Acceptable Use Policy here.

About security

Where does Smylor store my end-user data? 

User and usage data that Smylor collects is stored with secure data centers, which are located in Germany and Switzerland. Please check out Data Safety, Privacy & Security for more detailed information.

How does Smylor protect my data? 

Smylor has implemented a number of technical and organizational controls that help protect the confidentiality, integrity, and availability of customer data. More detail on this can be found over in Security.

About legal matters

Does Smylor own my data? 

Short answer: no.
Smylor Ltd is the processor of data that is collected through Smylor. We are not the owners of this data. The data collected is owned by you as a Smylor user. The data collected is hosted in datacenters by a third party. They do not access or use the content for any purpose other than as legally required and for maintaining the data services.

 

What steps do I need to take to use Smylor in a legally compliant manner? 

Depending on your situation and jurisdiction, below are the measures which we can foresee you needing to take as a result of using Smylor:
Make sure your Terms of Service or Privacy Policy properly communicate to your users how you are using Smylor (and any other similar services) on your website or app. This requirement has always been part of Smylor’s Terms of Service, but the GDPR can heavily penalize you if you’ve not done this clearly. We recommend you ensure your policies are up to date and clear to your readers.
If you are in the European Union, you’ll likely want to sign a Data Processing Agreement with Smylor. We’re happy to do so. Working with outside counsels in Germany we’ve updated this document to be in compliance with the GDPR and other generally acceptable privacy laws. If you have any questions about its contents email privacy@smylor.com.

How should I describe Smylor in my Privacy Policy? Do you have sample language for this? 

We recommend you ensure your policies are up to date and clear to your readers. Contact us for a sample of the wording which you can include in your Privacy Policy. Note that this is a very generic statement and might need to be tailored to fit your particular use of our services.

What is Smylor's commitment to compliance with GDPR? 

Smylor has undertaken the required business and technological steps to operate in a manner compliant with GDPR. For more information take a look at our GDPR compliance documentation which you can request via privacy@smylor.com

 

Contacting us

I have a question that you haven’t answered here. How do I get in touch? 

We’re here to help! Reach out to us via privacy@smylor.com.

My organization has compliance requirements - how can I best reach you to discuss these? 

If you’d like to make a request relating to your specific or custom compliance requirements, reach out to us via privacy@smylor.com