mobiel
SmileArt Privacy Policy
Effective date: 25 July 2025
Applies to: SmileArt mobile application for Android and iOS
1. Who we are (Controller) & contact
Controller: Smile Art B.V. ("SmileArt", "we")
Address: Boerhaavelaan 40, 2713 HX Zoetermeer, The Netherlands
Email: info@smileart.nl
No Data Protection Officer has been appointed.
This policy explains how we process personal data under the EU GDPR. Users are mainly located in the Netherlands and the EU.
2. Who can use the app
The app is intended for users aged 16 and older.
We do not collect date of birth or age fields and do not knowingly collect data from children under 16. If you believe a child has used the app, please contact us so we can take appropriate action.
3. Data we collect
Account data
- Name
- Username
User content (health context)
- Camera photos taken in the app for treatment progress (no photo album access)
- In-app chat/messages related to treatment or feedback
- Aligner information (for example the number of aligners received)
- Profile avatar uploaded from the user’s photo library
Device & app diagnostics
- App version
- Operating system version
- Device basics
- Crash/error identifiers
Analytics & diagnostics services
- Firebase Crashlytics
- Sentry (error tracking, limited session replay around errors)
- Google/Firebase Analytics for product improvement
We do not collect:
- Government IDs
- Contacts
- Calendars
- Precise location
- Payment information
- Advertising identifiers
4. Why we process data & legal bases
We process personal data for:
- Providing the service (accounts, authentication, core features)
- Capturing treatment progress and enabling communication with your dentist
- Customer support and service communication
- Security, debugging and crash analytics
- Product improvement and non-marketing personalisation
- Compliance with legal obligations
For health-related content, explicit consent is required.
You can withdraw consent at any time, although some features may then no longer function.
5. Sharing & disclosures
We do not sell personal data and do not use behavioural advertising.
We may share data with:
Your treating dentist or clinic
Progress data such as:
- Photos
- Aligner info
- Relevant messages
Service providers
- Google Cloud / Firebase (EU region – Western Europe)
- Firebase Crashlytics
- Sentry
Legal or safety reasons
If required by law or necessary to protect users and the service.
6. SDKs, analytics, and signals
The app does not use cookies.
It uses:
- Firebase
- Crashlytics
- Sentry
Firebase Analytics is used only for product improvement, not for advertising.
Sentry session replay is limited to troubleshooting and configured to avoid sensitive inputs where possible.
7. International storage & transfers
Primary storage and processing take place in the EU (Western Europe).
If support access from outside the EEA is needed, appropriate safeguards such as Standard Contractual Clauses are used.
8. Retention
Account data & user content
Stored for the lifetime of the account.
After deletion request:
- Active copies removed within 30 days
- Backups removed within an additional 365 days
Crash logs & diagnostics
Retained up to 90 days.
Firebase Analytics
Retained up to 13 months.
Support email threads
Retained up to 24 months.
If legal retention is required, only necessary data is kept longer.
9. Your GDPR rights
You have the right to:
- Access
- Rectification
- Erasure
- Restriction
- Portability
- Objection
- Withdraw consent
Requests can be sent to:
You may also file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
10. Security
We protect data using:
- Encryption in transit
- Google Cloud/Firebase security controls
- Access control
- Least-privilege principles
11. Children
We do not knowingly process data from users under 16.
If we learn a child has used the app, the data will be deleted.
12. Changes to this policy
Material changes will be communicated in-app and/or by email before taking effect.
13. Contact
Smile Art B.V.
Boerhaavelaan 40
2713 HX Zoetermeer
The Netherlands