Privacy Policy
We at Smile Sync AI are committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website or use our services.
Information We Collect
We may collect the following types of information:
- Personal InformationIncludes name, email, and phone number collected during registration or support interactions.
- Usage DataDetails about website interactions, IP addresses, browser types, and usage patterns.
- Cookies & TrackingTechnologies used to enhance navigation and understand user preferences.
How We Use Data
- Maintain Services
- Process Transactions
- User Communication
- Platform Improvements
- Monitor Usage
- Enhance UX
Facebook Advertising Data
When dental practices connect their Facebook accounts to Smile Sync AI, we collect and process the following data through the Facebook (Meta) platform:
- Lead Form SubmissionsContact information submitted through Facebook Lead Ads forms, including name, email, and phone number.
- Ad Account MetricsAdvertising performance data such as campaign spend, impressions, clicks, and cost-per-lead analytics.
- Page TokensFacebook Page access tokens used to retrieve lead form submissions and manage webhook subscriptions.
This data is used solely for lead management and ad spend analytics on behalf of the connected dental practice. We do not sell or share Facebook data with third parties beyond what is necessary to provide our services.
Revoking Access: You can disconnect your Facebook account at any time from within the Smile Sync AI platform. You may also revoke access directly through Facebook Settings → Business Integrations. Upon revocation, all stored Facebook data (tokens, page connections, and ad account data) is automatically deleted from our systems via our data deletion callback.
Marketing Pixels and Conversions API
We use Meta's advertising and measurement tools — specifically the Meta Pixel and the Meta Conversions API — to measure marketing campaign performance and improve ad relevance for our partner dental and orthodontic practices.
Because Smile Sync operates in a healthcare context, all data shared with Meta is transmitted under Meta's Limited Data Use (LDU) mode, in compliance with Meta's Health and Wellness advertising policies (POL-1).
- Anonymous Hashed IdentifierA SHA-256 hash representing your interaction with our site. This identifier cannot be reversed to reveal your identity.
- Attribution SignalsMeta click identifiers (fbclid, _fbp cookie), IP address, and browser user agent — used solely to attribute ad performance.
- Event TypeThe category of event that occurred (e.g., contact form submission, booking, consultation attendance). For treatment-start events, the associated transaction value in USD.
- • Your name, email address, or phone number
- • Your date of birth, mailing address, or demographic data
- • Any Protected Health Information (PHI), treatment details, appointment specifics, diagnoses, or clinical notes
- • The contents of any form you submit
Patient and clinical data is stored exclusively in our HIPAA-compliant systems and is never transmitted to Meta or any third-party advertising platform.
Opting Out: You may opt out of Meta-based ad measurement by adjusting your preferences at Facebook Ad Preferences or by contacting us to request exclusion from future measurement events.
Disclosure of Your Information
We share information only with service providers necessary to operate our platform (such as hosting, analytics, and communications providers), with the dental or orthodontic practice you have engaged with, or when required by law or during a business transfer. We do not sell your personal information.
Data Retention
We retain personal information only as long as necessary for the purposes described in this policy or as required by law. Patient and lead data associated with healthcare services is retained for a minimum of six (6) years in compliance with HIPAA recordkeeping requirements, after which it is securely deleted or de-identified. Facebook integration tokens are deleted immediately upon disconnection. You may request earlier deletion of your data at any time by contacting us, subject to applicable legal retention obligations.
Children's Privacy
Smile Sync provides services to orthodontic and dental practices, which include the treatment of minor patients. We do not knowingly collect personal information directly from children under the age of 13. When information about a minor patient is provided to us, it is provided by a parent, legal guardian, or the treating clinic acting under HIPAA-permitted purposes. Parents and guardians may review, request correction of, or request deletion of their child’s information at any time by contacting us or the treating clinic. If you believe we have inadvertently collected personal information from a child under 13 without verifiable parental consent, please contact us immediately and we will take steps to delete it.
Security Measures
We implement rigorous technical and organizational measures to safeguard your data, including encryption in transit and at rest, access controls, audit logging, and HIPAA-compliant infrastructure. However, no electronic transmission or storage is 100% secure.
Your Privacy Rights
Depending on your location, you have rights to access, correct, delete, port, or object to the processing of your personal data, and to withdraw consent at any time. To exercise these rights, contact us using the link below. We will respond within the timeframes required by applicable law.
SMS/Mobile Information
No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Questions?
Our team is here to help you understand how we protect your information.
By using our website and services, you consent to the collection and use of information in accordance with this Privacy Policy.