HiSmile maintains the websites and associated features and mobile applications located at www.hismileprofessional.com.
By visiting and continuing to access our Site, you are agreeing to the terms and conditions set out in this policy.
1. Information Collected
The types of personal information that we collect about you will depend on our relationship with you and may include the following:
- Your name, gender, date of birth, contact details, photos;
- Your financial information, including your bank account and credit card details;
- Any other information that we may need to identify you as well as any information that you provide to us on our website.
We may collect personal information where you input information into our website, purchase our goods, sign up to our newsletter, and/or from cookies and traffic data.
2. How we use and disclose your personal data
We may use your personal data in the following ways:
- To provide you with our goods and services;
- To improve our goods and services;
- To send you updates and promotional information relating to our products;
- For research purposes. Some of the data provided may be de-identified e.g. no name or reference to data from which you are reasonably likely to re-identified by; and
- To maintain records and comply with our legal obligations.
We may also disclose your personal information to:
- Our employees, contractors and third-party service providers. This includes social network providers, payment providers (e.g. for goods purchased from us with others that may manage our brand or product promotions) and for others that may develop or maintain our systems or technology which will enable us to enhance and better our offering for your continued use;
- Those parties who we are required to provide your personal information to by law, for example, to comply with a court order, prevent illegal use or to defend third party claims;
- Associated businesses that may wish to market products to you; and
- Those persons that we may sell all or a portion of our business to, as well as their agents and advisors.
3. Cross Border Disclosure
Any personal information collected and held by HiSmile may be disclosed to, and held at, a destination outside Australia. Generally speaking this is because HiSmile is a global operation selling products in many countries throughout the world. Personal information may also be processed by staff or by other third parties operating outside Australia who work for us or for one of our suppliers, agents, partners or related companies.
In addition we may utilise overseas IT services (including software, platforms and infrastructure), such as data storage facilities (e.g. Snowflake) or other IT infrastructure (e.g. Stitch). In such cases, we may own or control such overseas infrastructure or we may have entered into contractual arrangements with third party service providers to assist HiSmile with providing our products and services to you.
As we utilise Cross Border IT Services and platforms which can be accessed from various countries via an Internet connection, it is not always practicable to know where your information may be held.
3.2 If you do not consent. If you do not agree to the disclosure of your personal information outside Australia by HiSmile, you should (after being informed of the cross border disclosure) tell HiSmile that you do not consent. To do this, either elect not to submit the personal information to HiSmile after being reasonably informed in a collection notification or please contact us through firstname.lastname@example.org.
4. Uses and Disclosures for Cross Border Shipments
If you engage in electronic commerce on this website, please be aware that cross border shipments are subject to opening and inspection by customs authorities. In order to facilitate customs clearance and comply with local laws, we may provide certain order, shipment and product information (such as name and titles) to our international carriers and such information may be communicated by the carriers to customs authorities. Customs authorities require the value of the product item to be stated directly on the package.
5. Direct Marketing (Opt-Out)
From time to time we may use your personal information to provide you with current information about offers you may find of interest, changes to our organisation, or new products or services being offered by us or any company with whom we are associated.
If you do not wish to receive marketing information, you may at any time decline to receive such information by contacting us through email@example.com. If the direct marketing is by email you may also use the unsubscribe function. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity.
6. Data Security
We have adopted a number of measures to ensure that the security of your personal information is maintained. Such measures include:
- The adoption of internal practices, procedures and systems – this includes the training of staff with respect to the risks and threats to personal information, providing them with access to our internal policies and procedures on this issue and taking disciplinary action if they are found to have breached our policies;
- Access security – we ensure that access to personal information is provided on a ‘need to know’ basis and is secured with password protection;
- Destruction and de-identification – when we no longer need your personal information for the purposes detailed in this policy or as required by law, we will take reasonable steps to destroy or de-identify the personal information that we have collected.
We may combine personal information we receive about you with other information we hold about you. This includes information received from our partners or third parties. Secure Sockets Layer (SSL) encrypts the information you send through our website.
- Enhance your online website experience;
- To track and report on website usage;
- To personalise your experience and make it easier for you to do what you want.
You can change your browser’s cookie settings via your browser privacy settings.
8. Links to Other Websites
From time to time, we may provide hyperlinks to third party websites that we do not control. We do not accept any responsibility nor make any warranties with respect to the collection, use, disclosure and storage of your personal information when accessing those websites. It is your responsibility to review the privacy policies of the websites that you are accessing.
Our website currently contains links to the following social media providers: Facebook, Twitter, LinkedIn, YouTube, Pinterest and Instagram via the relevant social media buttons. In order to avoid unwanted transfer of your usage data (e.g., address of the currently visited page) to these services, you will only be able to access them by clicking on the link. The aforementioned social networks may themselves collect usage and possibly user data. We have no control over the data collected and data processing activities, nor are we aware of how much data is collected, the purposes of processing or the storage periods. Nor do we have any information on the erasure of the data collected by the plugin provider.
Your browser may not establish a direct connection to the servers of the aforementioned services until you click on the links. This means that the information that you have visited our website is indirectly (referrer) forwarded to these services. If you are already logged in to the service with your personal user account during your visit to our website, you can usually click on the social media buttons to "share" the content or leave a comment, etc. If you do not wish any such data transfer, we advise against clicking on the social media buttons.
The purpose and scope of data collection by social media services, as well as the further processing and use of your data there and your rights and options for setting your privacy preferences can be found in the privacy policies for these services.
9. Access and Correction
You may seek to access, delete (where permitted by law) or correct personal information which we hold about you. We will provide that access in accordance with the applicable laws, however there are certain exemptions, which may apply to the provision of that information. In certain circumstances, we may charge a reasonable administration fee for granting access to information.
If we have obtained your consent to process certain personal information, you may withdraw your consent at any time. If you would like to obtain access to or correct personal information, please contact:
HiSmile Postal Address: Shop 1-7, 2563 Gold Coast Highway, Mermaid Beach QLD Australia, 4218
Email Address: firstname.lastname@example.org
10. Jurisdiction-specific Provisions
Our Site sells products and services to customers throughout the world. As a company based in Australia we are primarily bound by the Privacy Act 1988 (Cth) (“the Privacy Act”) and the Australian Privacy Principles (“APPs”) and we will manage your personal information pursuant to these laws. In addition, as we process personal information of data subjects inside the EEA we are also bound by Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR). We also comply with the United States Children’s Online Privacy Protection Act (COPPA) 1998.
10.1 Residents of the European Economic Area (EEA) and the United Kingdom. The purpose of the following data protection information is to provide you with an understandable, transparent and concise explanation of how we intend to process your personal data in accordance with Articles 13 and 14 of the EU General Data Protection Regulation (GDPR). However, should you require further explanations relating to data protection at HiSmile or wish to exercise any of your rights, please do not hesitate to contact our Privacy Officer at email@example.com.
HiSmile recognises the below rights which you enjoy under the applicable data protection law with respect to your personal data:
- Right of access: You may request information from HiSmile at any time as to whether HiSmile has stored your personal data and which personal data it has stored. We are required to provide this information to you free of charge.
- Right to rectification: If your personal data stored by HiSmile is inaccurate or incomplete, you have the right to demand at any time that we correct the information.
- Right to erasure: You have the right to demand that HiSmile erase your personal data if and to the extent that the data is no longer needed for the purposes for which it was collected or if the data is processed on the basis of your consent and you have opted to revoke your consent. In such cases, HiSmile must cease processing your personal data and remove that data from its IT systems and databases.
You do not have a right to erasure if:
- The data may not be deleted due to a statutory obligation or must be processed due to a statutory obligation
- The processing of data is necessary for the establishment, exercise or defence of legal claims.
- Right to restriction of processing: You have the right to demand that HiSmile restrict the processing of your personal data.
- Right to object to processing: If your data is processed by HiSmile on the basis of Article 6 (1) (f) GDPR, you may object at any time to processing by HiSmile. You may assert any and all of the rights of data subjects described above against HiSmile by addressing your specific requests by contacting our Privacy Officer via firstname.lastname@example.org.
- Right to lodge a complaint with a data protection supervisory authority: Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data infringes data protection law.
10.2 Children under 13 years residing in the United States. In compliance with the United States Children’s Online Privacy Protection Act (COPPA) 1998, you are not permitted to use our Site, or provide personal information through our Site if you are under 13 years of age.
11. Complaints or Disputes. If you have any concerns or complaints about your privacy and the Australian Privacy Principles, or you have any queries on how your personal information is collected or used please contact us at email@example.com. We will respond to your query or complaint within a reasonable time. If you are dissatisfied with our response, you may make a complaint to the relevant privacy regulator, which, in Australia, is the Office of the Australian Information Commissioner who can be contacted on either www.oaic.gov.au or 1300 363 992.