Privacy Policy | Smile and Shine Professional Teeth Whitening

Privacy Policy

How we collect, use, and protect your personal information

Last Updated: January 2025

At Smile and Shine Professional Teeth Whitening, we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with the Protection of Personal Information Act (POPIA) and other applicable South African privacy laws.

1. Information We Collect

1.1 Personal Information

We collect the following types of personal information:

  • Contact Information: Name, phone number, email address, and physical address
  • Identification Information: Date of birth and identification number (when required)
  • Health Information: Dental health history, current medications, allergies, and relevant medical conditions
  • Appointment Information: Booking dates, service preferences, and treatment history
  • Payment Information: Billing details and payment history
  • Visual Records: Before and after photographs (with your consent)

1.2 Information Collected Automatically

When you visit our website, we may automatically collect:

  • Browser type and version
  • Device information
  • IP address
  • Pages visited and time spent on pages
  • Referring website addresses

2. How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: To provide teeth whitening services, assess suitability for treatment, and maintain treatment records
  • Appointment Management: To schedule, confirm, and send reminders about appointments
  • Communication: To respond to inquiries, provide customer support, and send service updates
  • Payment Processing: To process payments and maintain billing records
  • Marketing: With your consent, to send promotional materials, special offers, and newsletters
  • Quality Improvement: To improve our services and customer experience
  • Legal Compliance: To comply with legal obligations and protect our legal rights
  • Health and Safety: To ensure the safety and suitability of our treatments

3. Legal Basis for Processing

We process your personal information based on:

  • Consent: You have given explicit consent for specific processing activities
  • Contractual Necessity: Processing is necessary to fulfill our service agreement with you
  • Legal Obligation: Processing is required by law
  • Legitimate Interest: Processing is necessary for our legitimate business interests, provided it does not override your rights

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

  • Payment processing
  • Appointment scheduling systems
  • Marketing and communication platforms
  • Website hosting and maintenance

All third-party providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information when required by law, such as:

  • In response to court orders or legal processes
  • To comply with regulatory requirements
  • To protect our rights, property, or safety
  • In connection with the investigation of fraud or illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.4 With Your Consent

We may share your information with other parties when you have given explicit consent, such as sharing before and after photos for marketing purposes.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Secure storage of physical and electronic records
  • Access controls and authentication procedures
  • Encryption of sensitive data
  • Regular security assessments
  • Staff training on data protection
  • Secure disposal of information when no longer needed

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but will notify you of any data breaches as required by law.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide ongoing services to you
  • Comply with legal, regulatory, and professional obligations
  • Resolve disputes and enforce agreements
  • Maintain business records for operational purposes

Generally, we retain:

  • Treatment Records: Minimum of 5 years from last treatment
  • Financial Records: As required by tax laws (typically 5 years)
  • Marketing Consent: Until you withdraw consent or request deletion

7. Your Rights Under POPIA

As a data subject in South Africa, you have the following rights:

  • Right to Access: Request access to your personal information we hold
  • Right to Correction: Request correction of inaccurate or incomplete information
  • Right to Deletion: Request deletion of your information (subject to legal obligations)
  • Right to Object: Object to processing of your information for certain purposes
  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Data Portability: Request transfer of your information to another service provider
  • Right to Withdraw Consent: Withdraw previously given consent at any time
  • Right to Lodge a Complaint: Lodge a complaint with the Information Regulator

7.1 Exercising Your Rights

To exercise any of these rights, please contact us using the contact information below. We will respond to your request within one month, or as required by law.

8. Marketing Communications

With your consent, we may send you marketing communications about our services, promotions, and special offers via:

  • Email
  • SMS/WhatsApp
  • Phone calls
  • Social media

You can opt-out of marketing communications at any time by:

  • Clicking the unsubscribe link in emails
  • Replying "STOP" to SMS messages
  • Contacting us directly

Even if you opt-out of marketing, we may still send you service-related communications (appointment confirmations, payment receipts, etc.).

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  • Remember your preferences
  • Improve website functionality
  • Analyze website traffic and usage
  • Provide personalized content

You can control cookie settings through your browser. However, disabling cookies may affect website functionality.

10. Third-Party Links

Our website may contain links to third-party websites (social media platforms, partner sites, etc.). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

12. International Data Transfers

Your information is primarily stored and processed in South Africa. If we transfer information internationally, we will ensure appropriate safeguards are in place to protect your information in accordance with POPIA requirements.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending you direct notification (for material changes)

Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Business Name: Smile and Shine Professional Teeth Whitening
  • Physical Address: 57 Pretoria Road, Rynfield, Benoni, South Africa
  • Phone: 074 052 0599
  • Email: smileshne069@gmail.com

15. Information Regulator Contact

If you believe we have not handled your personal information in accordance with POPIA, you have the right to lodge a complaint with the Information Regulator:

  • Website: www.inforegulator.org.za
  • Email: inforeg@justice.gov.za
  • Phone: 012 406 4818

16. Consent

By using our services and providing your personal information, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. You may withdraw your consent at any time, subject to legal and contractual restrictions.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by