1. Definitions and Interpretation
1.1 In this Policy, the following terms have the following meanings:
1.1.1 Account: An account required to access and/or use certain areas and features of Our Sites.
1.1.2 Cookie: A small text file placed on your computer or device by Our Sites when you visit certain parts and/or use certain features. Details of Cookies used are in Section 12.
1.1.3 Our Sites: This refers to both wearesmile.com and prospectus.plus.
1.1.4 UK and EU Cookie Law: The relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011, and 2015.
1.1.5 We/Us/Our: We are SMILE Ltd., a company registered in England under 07405582, with a registered and trading address at 12 Phoenix Business Park, Avenue Close, Birmingham, B7 4NU.
2. Information About Us
2.1 Our Sites, wearesmile.com and prospectus.plus, are owned and operated by We are SMILE Ltd.
2.2 Our VAT number is 987 216 775.
2.3 Our data protection officer is Nathan Monk, reachable at dataprotection@wearesmile.com.
2.4 We are regulated by the ICO (https://ico.org.uk).
3. Scope – What Does This Policy Cover?
3.1 This Privacy Policy applies only to your use of Our Sites.
3.2 It does not extend to any third-party websites linked to from Our Sites.
4. What Data Do We Collect?
4.1 Data collected automatically includes:
4.1.1 IP address, web browser type and version, operating system.
4.1.2 URLs of referring sites, activity on Our Sites, and exit sites.
4.2 Data collected voluntarily includes:
4.2.1 Name, date of birth, gender, company name, job title, profession.
4.2.2 Contact information (email, phone number), demographic information (postcode, preferences, interests).
4.2.3 Financial information (credit/debit card numbers).
5. How Do We Use Your Data?
5.1 We store personal data securely in compliance with GDPR.
5.2 We use your data for:
5.2.1 Managing accounts and access to Our Sites.
5.2.2 Personalizing your experience and providing services.
5.2.3 Responding to communications and sending subscribed email alerts.
5.2.4 Market research and analyzing site usage.
5.2.5 Storing and managing contact details in our CRM system (HubSpot) to track interactions, follow-ups, and communication history.
5.3 Marketing communications are only sent with your consent.
5.4 Advertisers on Our Sites may engage in behavioral advertising using Cookies (see Section 12).
5.5 Data is processed under GDPR-compliant legal bases.
6. How and Where Do We Store Your Data?
6.1 We retain data only as long as necessary. An annual review determines retention needs.
6.2 Some data may be transferred outside the EEA, with safeguards in place.
6.3 Security measures include:
6.3.1 Firewalls, authentication controls, restricted access, data encryption, and SSL.
6.4 Despite security measures, internet transmission is not completely secure.
7. Do We Share Your Data?
7.1 We may share data with subsidiaries.
7.2 We contract third parties for services (e.g., payment processing, marketing), including:
7.2.1 Linode, AWS, Google, HubSpot (for CRM and marketing automation), Mailchimp, Sparkpost, Postmark.
7.3 If you interact with Our Sites, submit a form, request information, or engage with Us, your details may be stored in HubSpot CRM to manage communication and improve Our services.
7.4 Anonymized site usage statistics may be shared with partners.
7.5 We may be legally required to share data in compliance with legal proceedings.
8. What Happens If Our Business Changes Hands?
8.1 If control of Our business changes, user data may be transferred to the new owner under the same Privacy Policy.
9. How Can You Control Your Data?
9.1 You can restrict Our use of your data, including opting out of marketing communications.
9.2 You can sign up for UK preference services (TPS, CTPS, MPS) to limit marketing calls or mail.
10. Your Right to Withhold and Withdraw Information
10.1 Certain site features require data submission.
10.2 You can restrict browser Cookies (see Section 12).
10.3 You can withdraw consent at any time by contacting Us.
11. How Can You Access Your Data?
11.1 You have the right to request a copy of your personal data. Contact dataprotection@wearesmile.com.
12. What Cookies Do We Use?
12.1 We use first-party Cookies for site functionality.
12.2 Third-party Cookies (e.g., Google Analytics, HubSpot) are used for analytics and advertising.
12.3 You can enable or disable Cookies in your browser settings.
13. Summary of Your Rights under GDPR
13.1 Under GDPR, you have the right to:
13.1.1 Access, delete, or correct your data.
13.1.2 Restrict or object to processing.
13.1.3 Data portability and to complain to a supervisory authority.
13.2 Contact Us to enforce these rights.
14. Automated Decision-Making and Profiling
14.1 If we use automated decision-making, you have the right to challenge it.
14.2 Profiling data is used for usage analysis, prediction, and evaluation.
15. Contacting Us
15.1 Questions about this Policy can be directed to dataprotection@wearesmile.com.
16. Changes to Our Privacy Policy
16.1 Changes to this Privacy Policy will be posted on Our Sites. Continued use after changes implies acceptance.
