Privacy Policy

GSmile Dental Card — Last updated: March 25, 2026

GSmile Dental Card ("GSmile", "we", "our", or "us") operates the GSmile Dental Card mobile application and web app (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

Personal Information You Provide:

• Account Information: Name, email address, phone number, and profile photo when you create an account.
• Payment Information: Payment details processed securely through our payment provider (PayMongo). We do not store your full credit card or e-wallet credentials on our servers.
• Dental Card Data: Card purchase records, service usage history, and appointment bookings.
• Clinic Information: For clinic users — clinic name, address, contact details, operating hours, services offered, and dentist profiles.

Information Collected Automatically:

• Device Information: Device type, operating system, unique device identifiers, and push notification tokens for delivering notifications.
• Location Data: With your permission, we collect approximate and precise location data to help you find nearby partner clinics using our map feature. You can disable location access in your device settings at any time.
• Camera Access: With your permission, we access your camera for QR code scanning (service redemption) and profile photo capture. Images are not stored beyond their intended purpose.
• Usage Data: App interactions and analytics data to improve the Service (via Firebase Analytics).
• Biometric Data: If you enable biometric login, authentication is handled entirely on your device. We do not collect, store, or transmit biometric data (fingerprint, face data) to our servers.

2. How We Use Your Information

• To create and manage your account
• To process dental card purchases and payments
• To facilitate service redemptions at partner clinics
• To enable appointment booking and management
• To show nearby partner clinics on the map
• To send push notifications about appointments, promotions, and service updates
• To generate digital dental cards with QR codes
• To provide customer support
• To improve and optimize the Service
• To prevent fraud and ensure security

3. How We Share Your Information

We do not sell your personal information. We may share your data with:

• Partner Clinics: When you book an appointment or redeem a service, the clinic receives your name and card details necessary to provide the dental service.
• Payment Processor (PayMongo): Your payment information is shared with PayMongo to process transactions securely. PayMongo's privacy policy governs their handling of your data.
• Firebase (Google): We use Firebase for authentication, data storage, analytics, and push notifications. Google's privacy policy applies to data processed by Firebase services.
• Legal Requirements: We may disclose your information if required by law, regulation, legal process, or government request.

4. Data Storage and Security

• Your data is stored securely using Google Firebase (Cloud Firestore) with encryption at rest and in transit (TLS/HTTPS).
• Access to user data is restricted through role-based security rules.
• Payment processing is handled by PCI-DSS compliant providers (PayMongo).
• We implement industry-standard security measures, but no method of electronic transmission or storage is 100% secure.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Dental card and transaction records are retained for a reasonable period for regulatory and business purposes. You may request deletion of your account and associated data at any time by contacting us.

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Delete your account and personal data
• Withdraw consent for location access, camera access, or push notifications via your device settings
• Export your data in a portable format upon request

To exercise these rights, contact us using the information below.

7. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us personal data, please contact us and we will delete it.

8. Third-Party Services

Our app integrates with the following third-party services, each governed by their own privacy policies:

• Google Firebase: Authentication, database, storage, analytics, and push notifications — Firebase Privacy Policy
• PayMongo: Payment processing — PayMongo Privacy Policy
• Google Maps / Leaflet: Map and location services

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

• Email: g.smilecard@gmail.com
• App: GSmile Dental Card