Privacy Policy

Last Updated: 02/22/26

At SmileMax, we take your privacy seriously. This Privacy Policy describes how we collect, use, share, and protect your personal information when you use the SmileMax mobile application and related services (the "App").

By using the App, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the App.

1. Information We Collect

We may collect the following categories of data, either directly from you or automatically through the App:

a. Information You Provide Voluntarily

• Face and Smile Images: Photos of your face and smile captured through the App's camera for AI-powered smile analysis. These images contain face data, including facial features visible in the photograph.
• Scan Results: Smile scan scores, radar chart data, and analysis reports.
• Account Information: Name, email (if provided), and credentials for registered users.

b. Information Collected Automatically

• Device Information: Device model, operating system, IP address, screen resolution, and language settings.
• App Usage Data: Features accessed, interaction timestamps, crash reports, and diagnostic logs.
• Advertising Identifiers and Events: Device identifiers (such as IDFA and IDFV) and in-app events (such as page views, subscriptions, and other interactions) collected by third-party advertising SDKs for ad attribution and performance measurement. See Section 5 for details.
• Location Data: Approximate location based on IP address for regional compliance and analytics.

We do not intentionally collect personally identifiable information (PII) unless explicitly provided by you (e.g., via customer support or registration).

2. How We Use Your Information

We process your information for the following purposes:

• To analyze your smile and generate personalized AI reports including smile scores and radar charts.
• To provide improvement tips and product recommendations based on your analysis results.
• To operate and improve the App's performance, security, and user experience.
• To provide customer support, respond to inquiries, and troubleshoot issues.
• To conduct analytics, research, and product development.
• To comply with legal obligations or enforce our Terms of Use.

3. Face Data

SmileMax uses your face data solely to provide smile analysis and improvement guidance. This section describes our face data practices in detail.

a. What Face Data We Collect

• Smile photographs: Images of your face and smile captured through the App's camera.
• On-device facial landmark detection: The App uses Apple's Vision framework to detect facial landmarks (such as lip positions) in real time. This data is processed entirely on your device to help frame your smile for optimal analysis. On-device landmark data is never transmitted to our servers or any third party, and is not stored.

b. How We Use Face Data

• To analyze your smile and generate personalized reports including smile scores, dental health metrics, and improvement tips.
• To generate an AI-enhanced "best smile" version of your photo for visual comparison.
• To detect dental features such as tooth contours and plaque indicators for health analysis.
• Face data is not used for biometric identification, facial recognition, or any purpose unrelated to smile analysis.

c. Third-Party Processing of Face Data

To provide our AI analysis services, your smile photographs are shared with the following third-party AI service providers:

• OpenAI: Processes your smile photograph to generate detailed smile analysis, scoring, and personalized improvement recommendations.
• Google (Gemini): Processes your smile photograph to generate an AI-enhanced version showing potential smile improvements (teeth area only).
• Computer vision analysis service: Processes a cropped image of the mouth area to detect tooth contours and plaque indicators for dental health scoring.

These third-party providers process your images solely for the purpose of generating your analysis results. They are contractually bound to handle your data in accordance with their respective privacy policies and data protection obligations. According to their published policies, these providers do not retain image data submitted via API after processing is complete.

d. Storage of Face Data

• Your smile photographs are stored securely in encrypted cloud storage (Amazon Web Services S3) with server-side encryption.
• Photographs are stored in your private, isolated storage directory accessible only to your account.
• Analysis results (scores, metrics, and text-based reports) are stored in an encrypted database.
• Face data is retained until you choose to delete it. You may delete individual scan reports at any time through the App, which removes both the photographs and associated analysis data. Deleting your account removes all stored face data permanently.

e. Security of Face Data

• All face data is encrypted in transit (TLS) and at rest (server-side encryption).
• Access to stored photographs requires authenticated, time-limited signed URLs (valid for 1 hour).
• Database access is restricted within a private cloud network (VPC) with strict access controls.
• Each user's data is isolated by their unique identity, preventing cross-user access.

4. Use of AI Analysis and User-Generated Content

Information provided to or generated by the SmileMax AI analysis is used only to:

• Enhance your experience through personalized smile improvement guidance.
• Improve AI models through aggregated and anonymized analysis.
• Never for automated decisions that have legal or significant effects.

You retain ownership of your uploaded content. By using the App, you grant SmileMax a non-exclusive, royalty-free license to process this content solely for service delivery and product improvement.

5. Sharing Your Information

We do not sell your personal data.

We may share your data with trusted third parties only in the following cases:

• AI service providers (including OpenAI and Google) for smile analysis and image processing as described in Section 3.
• Cloud infrastructure providers (Amazon Web Services) for secure data storage and application hosting.
• Advertising and analytics partners (including TikTok/ByteDance) for ad attribution, campaign performance measurement, and aggregated analytics. The TikTok SDK collects device identifiers (IDFA/IDFV) and in-app events (such as page views and subscription events) to measure advertising effectiveness. Data shared with TikTok is processed in accordance with TikTok's Partner Privacy Policy.
• Analytics providers for aggregated usage metrics.
• Legal or compliance purposes as required by law, subpoena, or enforcement request.

All third-party partners are bound by confidentiality obligations and required to follow data protection standards consistent with this policy.

6. Data Retention

We retain your data only as long as necessary to fulfill the purposes outlined above, or as required by law.

• Face data (photographs and analysis results): Retained until you delete the individual scan report or your account. You may delete scan reports at any time within the App.
• Account information: Retained until you delete your account.
• Usage and device data: Retained in aggregated, anonymized form for analytics purposes.

You may request deletion of your data at any time, and we will honor it unless retention is required for compliance, dispute resolution, or security.

7. Security Measures

We implement appropriate administrative, technical, and physical safeguards to protect your information:

• Encryption during transmission and at rest.
• Access restrictions to authorized personnel.
• Regular security reviews and system updates.

Despite our efforts, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

• Access or request a copy of your personal data.
• Correct or update inaccurate information.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict certain types of processing.
• Withdraw consent where processing is based on it.

To exercise any of these rights, contact us at wei@signerlabs.com. We may request verification of your identity.

9. Children's Privacy

SmileMax does not knowingly collect personal data from children under 13. If you believe your child has submitted personal information without your consent, please contact us immediately to delete it.

10. International Transfers

Your data may be processed in the United States or other jurisdictions with different data protection laws. We take steps to ensure your data is handled securely and in accordance with this Privacy Policy.

11. Cookies and Tracking Technologies

We may use cookies or similar technologies to:

• Remember preferences and settings.
• Improve navigation and functionality.
• Monitor app performance and usage trends.

We also integrate third-party advertising SDKs (such as the TikTok SDK) that use device identifiers for ad attribution and performance measurement. You can control ad tracking on iOS by going to Settings > Privacy & Security > Tracking and disabling "Allow Apps to Request to Track." When tracking is disabled, the App will not access your Identifier for Advertisers (IDFA). You may also reset your advertising identifier or enable Limit Ad Tracking from your device settings.

You can manage cookie settings through your device or browser.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the App or email (if available). Continued use of the App after such updates indicates your acceptance.

13. Contact Us

For questions, concerns, or privacy-related requests, contact:

Email: wei@signerlabs.com