1. Who we are
This Policy explains how the provider of the SmileCrop application processes personal data of website visitors, customers, application users, and persons who contact support.
SmileCrop is a desktop application designed for local processing of photographs on the user's device. By default, the Provider does not receive or store patient photographs.
2. Important distinction: customer data vs. patient photographs
The Provider may process ordinary personal data of customers, such as name, email, billing details, order details, licence details, payment information, support communication, and technical data necessary for operating the website and licence.
Patient photographs that the User inserts into the Application are normally processed only locally on the User's device. The Provider does not have access to them unless the User provides them, for example as an email attachment for technical support. The User should not send patient data to the Provider unless it is necessary and agreed in advance. More information is available in the Patient Photos & Local Processing Statement.
3. What data we process
- Identification and contact data: name, surname, email, and, where applicable, company name, Company ID, VAT ID, and billing address.
- Purchase and licence data: purchased plan, purchase date, subscription status, Licence Key, activation history, and customer ID with the payment provider.
- Technical data: IP address, browser type, operating system, application version, device or instance identifier for activation and licence protection purposes.
- Communication: content of emails, support requests, error messages, and data voluntarily provided by the User.
- Website analytics and cookies: the website currently does not use any analytics or marketing tools. Only technical data necessary for the operation and security of the website may be processed; see the Cookie Policy.
4. Purposes and legal bases of processing
| Purpose | Data categories | Legal basis |
|---|---|---|
| Order fulfilment, licence delivery, and subscription management | contact, billing, payment, and licence data | performance of a contract |
| Technical support and communication | email, message content, and technical information | performance of a contract / legitimate interest |
| Licence verification and prevention of misuse | Licence Key, device/instance ID, activation status | performance of a contract / legitimate interest |
| Accounting and tax obligations | billing and payment data | legal obligation |
| Website and infrastructure security | IP address, logs, and technical data | legitimate interest |
| Marketing communication to customers | email and purchase history | legitimate interest / consent depending on the situation |
| Analytics and non-essential cookies | cookie identifiers and website behavior | consent (currently not used) |
5. Payment provider (Paddle) and tax documents
Payments are processed by Paddle.com Market Limited ("Paddle") acting as a Merchant of Record. Paddle processes payment data, billing data, tax data, and data needed for fraud prevention. Paddle also calculates and remits applicable taxes (VAT, sales tax, etc.) according to the Customer's country and manages the subscription. The SmileCrop Provider does not have access to the full payment card number.
Paddle is listed as the seller/merchant on the issued invoice or receipt. Paddle's own privacy policy applies to its processing of personal data.
6. Processors and recipients
Depending on the infrastructure used, personal data may be made available in particular to providers of hosting, domains, email communication, payments, licensing, customer support, and accounting. Currently we use in particular:
- Cloudflare — DNS, website hosting (Cloudflare Pages), CDN, and security protection;
- Paddle.com Market Limited — payments, invoicing, tax calculation and remittance (Merchant of Record), subscription management, and tax documents;
- Email provider — support communication and transactional emails;
- Accountant/tax advisor — processing of tax and accounting agenda.
The Provider selects suppliers that provide appropriate guarantees of personal data protection. If data is transferred outside the EU/EEA, the transfer is carried out in accordance with GDPR rules, especially by means of an adequacy decision or standard contractual clauses where required.
7. Retention period
- Order, billing, and accounting data are retained for the period required by legal regulations, usually 10 years under accounting law.
- Licence and activation data are retained for the duration of the contract and for a reasonable period thereafter for the defence of legal claims and prevention of misuse.
- Customer support communication is retained for the time necessary to handle the request and subsequently for the defence of legal claims.
- Technical and security logs are retained for a reasonable period according to their purpose.
- Marketing contacts are retained until unsubscribe or objection, unless another legal basis applies.
8. Data subject rights
Under the conditions of the GDPR, the data subject has in particular the right of access, rectification, erasure, restriction of processing, data portability, objection to processing based on legitimate interest, and the right to withdraw consent where processing is based on consent.
Requests may be sent to [email protected]. The data subject also has the right to lodge a complaint with the Czech Office for Personal Data Protection (www.uoou.cz).
9. Security
We adopt appropriate technical and organizational measures to protect personal data, including access limitation, use of secure infrastructure providers, and minimization of processed data. However, no system is absolutely secure.
10. Patient photographs and sensitive data
Because patient photographs may be personal data and, under certain circumstances, sensitive data or part of medical documentation, the Customer is responsible for their lawful processing. The Customer should ensure an appropriate legal basis, internal rules, access permissions, device security, and backups.
If it is necessary to send the Provider a sample file for support, we recommend using anonymized or sample data. Sending real patient data should take place only after prior agreement and with an appropriate legal basis. More information is available in the Patient Photos & Local Processing Statement.
11. Changes to the Policy
This Policy may be updated. The current version will always be available at smilecrop.app/privacy-en.html.