Effective Date: January 11, 2024
2. Important Definitions.
- When we use the term “De-Identified Information”, we mean information that is neither used nor intended to be used to personally identify an individual and for which there is no reasonable basis to believe that the information can be used to identify an individual.
- When we use the term “Cookies”, we mean the small pieces of information that a Site sends to your browser while you are viewing a website. When you visit that website again, the Cookie allows the website to recognize your web browser. Cookies may store unique identifiers, user preferences, and other information.
Our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA“). We will maintain the privacy of your Protected Health Information (“PHI”) as required by HIPAA and the regulations promulgated thereunder. We encourage you to review our Notice of Privacy Practices, which may be found at smileyaesthetics.com/privacy-practices and which describes how we may use and disclose your Health Information.
5. Individuals Under Age 18.
This Site is not directed to children and children are not eligible to use the Services. We will not knowingly collect information from Site users under the age of eighteen (18). If you are under age 18, please do not attempt to use the Site or any of the Services or provide any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under 18, we will delete that information as quickly as possible. If you believe a person who is underage has signed up for an account, please contact us via e-mail at firstname.lastname@example.org
6. The Personal Information we may collect and/or maintain about you includes (but is not limited to):
- Your name, age, e-mail address, username, password, and other registration information; Health Information that you provide to us, which may include information or records relating to your medical or health history, health status, laboratory testing results, diagnostic images, and other health-related information;
- Health information about you prepared by the health care provider(s) who provide the Services through the Site such as medical records, treatment and examination notes, and other health-related information;
- Billing information that you provide us, such as credit card information;
- The IP address of the computer or mobile device you are using;
- Information about the computer or mobile device you are using, such as what Internet browser you use, the kind of computer or mobile device you use, and other information about how you use the Site and/or how much time you spend on the Site; and
- Other information that you input into the Site.
7. We may collect Personal Information from you when you:
- Create an account or register on the Site;
- Sign up for an event;
- Order items or services through the Site;
- Fill out a form or otherwise provide your information to us;
- Respond to a survey;
- Subscribe to a newsletter;
- Submit or post content; and
- Engage in other activities, services, features, or resources that we make available on the Site that require your information.
8. We may use your Personal Information for the following purposes (subject to applicable legal restrictions):
- To provide you with the Services and customer support (e.g., administer your account, process your payments, fulfill your orders);
- Verify your identity;
- To improve the quality of the Services offered, through the performance of quality reviews and similar activities;
- To create De-Identified Information (e.g., aggregate statistics) relating to the use of the Services;
- To notify you when Site updates are available;
- To market and promote the Site and the Services to you (you can “opt out” of receiving direct marketing and/or market research inquiries by emailing us at email@example.com. Please note that even if you opt out, we may still send you certain Site and Services related communications.);
- To fulfill any other purpose for which you provide us Personal Information; and
- For any other purpose for which you give us authorization or as otherwise required or permitted by law.
9. We also may disclose your Personal Information that we collect or that you provide (subject to applicable legal restrictions):
- To our subsidiaries and affiliates;
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and to use it only for the purposes for which we disclose it to them;
- To third parties to whom you ask us to send such information. If applicable, any disclosures to your health plan will be in strict compliance with the limitations imposed on disclosures of PHI to group health plans under HIPAA.
- As required or permitted by law, which can include providing information as required by a regulation, subpoena, court order, legal process, or government inquiry;
- When we believe in good faith that disclosure is necessary to protect our safety or the safety of others, to protect our rights, to investigate fraud, or to respond to a government request;
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Medical Providers’ or Smiley Aesthetics Holdco, LLC’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information maintained by the Site is among the assets transferred; and
- For any other purpose disclosed by us when you provide the Personal Information.
10. We will not sell or lease your Personal Information to any third party.
11. Information We Collect via Technology.
As you use the Site or the Services, certain information may be passively collected by Cookies, navigational data like Uniform Resource Locators (“URLs”), and third-party tracking services, including:
- Site Activity Information. We may keep track of some of the actions you take on the Site, such as the content of searches you perform on the Site.
- Access Device and Browser Information. When you access the Site from a computer or other device, we may collect anonymous information from that device, such as your Internet protocol address, browser type, connection speed, and access times (collectively, “Anonymous Information”).
- Cookies. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies to make the Site and Service easier to use, to make our advertising better, and to protect both you and us. You can instruct your browser, by changing its options, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. If you do not accept Cookies, however, you will not be able to stay logged in to the Site.
- Web Beacons. We may also occasionally use “web beacons” (also known as “clear gifs,” “web bugs,” “1-pixel gifs,” etc.) that allow us to collect non Personal Information about your response to our email communications, and for other purposes. Web beacons are tiny images, placed on a web page or e-mail that can tell us if you have visited a particular area of the Site. For example, if you have given us permission to send you emails, we may send you an email urging you to use a certain feature of the Site. If you do respond to that email and use that feature, the web beacon will tell us that our email communication with you has been successful. Because web beacons are used in conjunction with persistent cookies (described above), if you set your browser to decline or deactivate cookies, web beacons cannot function.
- Real-Time Location. Certain features of the Site use GPS technology to collect real-time information about the location of your device so that the Site can connect you to a healthcare provider who is licensed or authorized to provide services in the state where you are located.
- Mobile Services. We may also collect non-personal Information from your mobile device or computer. This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include how you use the application(s) and information about the type of device or computer you use. In addition, in the event our application(s) crashes on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our application(s).
12. De-Identified Information
We may use De-Identified Information created by us without restriction.
13. Information You Share with Third Parties.
14. Modification of Information.
We will not verify, modify, or otherwise alter any Member Personal Information without the consent of the applicable Member, however, we may correct any internal errors or modify any immaterial information at any time. Members will be able to update some of their information through the Site. Requests to modify any information may also be submitted directly to firstname.lastname@example.org.
15. Deletion of Information.
16. Steps We Take to Keep Your Personal Information Secure.
We employ reasonable physical, electronic, and managerial security methods to help protect against unauthorized access to Personal Information, consistent with applicable law. We provide secure transmission of your Personal Information from your PC or mobile device to our servers and/or our Site. Personal Information collected by our Site is stored in secure operation environments that are not available to the public. Further, we use a password and authentication system that is user-specific to ensure that users can only see the specific information to which they have been granted access. We also have policies, procedures, and controls to reduce the risk of unauthorized or accidental use, disclosure, or destruction of your Personal Information, and we train our employees on data security. Please be aware, however, that no data transmission via the Internet or a data storage facility is guaranteed to be perfectly secure. As a result, while we try to protect your Personal Information, we cannot ensure or guarantee the security of any information you transmit to us, and you do so at your own risk. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. As with all electronic communications, there are potential risks such as failures of hardware, software, and/or internet connections. We are not responsible for failures, distortions, delays, or other problems resulting from equipment configuration, connection, signal power, hardware, software, or any equipment used to access the internet. We do not guarantee that the confidentiality or security of any electronic transmissions via the internet can be assured, due to potentially unsecured computers or links, which could result in your information becoming lost or intercepted during transmission. It is your responsibility to protect the security of your login information and to use good judgment before deciding to send information via the Internet.
17. Third Party Sites.
Transmittal of e-mails to this Site should not be considered to be private. Email transmissions should be considered to be at risk of becoming known or accessible to third parties. If you provide confidential information about you or your health to us via electronic communication, it is at your own risk. If you wish to correspond with us about your health via email, you will need to complete and return a Patient Consent to Allow Email Correspondence to us.
19. Updating Your Information.
If your information needs to be updated, corrected, or deleted, please notify us. Your personal information can only be deleted in accordance with our data retention policy, and as permitted by law.
20. Access from Outside the United States.
21. Social Media Features.
22. Acceptance of Policy.
23. Report Violations.
You should report any security violations to us by sending an e-mail to email@example.com.