Shimmer Computerized Dental Technology Co., LTD
Shimmer Transfer System Privacy
Notice
We know that you (refer to Shimmer’s partner, the person or entity
using STS) care how information about you and patient (refer to the patient in an order provided by
Shimmer’s partner) is used and shared, and we appreciate your trust in us to do that carefully and
sensibly. This Privacy Notice (
"
Notice
"
) describes how
Shimmer Computerized Dental Technology Co., LTD
(
"
Shimmer
"
or
"
We
"
) collect and process patient’s personal information through Shimmer
Transfer System (
"
STS
"
), which applies to your interaction with STS. If you use STS, it means
that you agree and accept this Notice. Please read carefully and fully understand the content of each
clause.
I.
Processor of personal
information
Shimmer is the processor of personal information
transmitted, collected and processed through STS, located in Phase I Plant and Complex Building, No. 2,
Pingxi 7th Road, Nanping Science and Technology Industrial Park, Xiangzhou District, Zhuhai City,
Guangdong Province of the People’s Republic of China.
II.
What personal information does STS
collect?
When you login and transfer data in STS, with your
consent and confirmation, STS does not require you to upload personal information, but the data you
transmit will contain patient’s personal information. We collect patient’s personal information to
provide and continually improve our products and services. Here are the types of personal information we
collect:
l
Patient’s Personal information: the name, age and gender of the patient, the
name of the doctor;
l
Information for making denture: the oral images of the patient (the shape of the
mouth, the position and the shape of the teeth).
III.
For what purposes does STS process patient’s
personal information?
We process patient’s personal information to
operate, provide, develop and improve the products and services. These purposes include:
l
Providing products and services: (1) Repair patient’s oral data: We use patient’s
personal information for data repair; (2) Make oral digital model: We import the repaired data into
professional dental software to design and generate corresponding digital model; (3) Make denture: We
use the generated digital models to make denture.
l
Communicate with you: We use your personal information to communicate
with you in relation to STS via different channels (e.g., by phone, email, chat).
l
Comply with legal obligations: In certain cases, we collect and use personal
information to comply with laws.
l
Fraud prevention and credit risks: We process personal information to prevent and
detect fraud and abuse in order to protect the security of our customers, Shimmer, and others. We may also use scoring methods to
assess and manage credit risks.
l
Purposes for which we seek your consent: We may also ask for your consent to process
patient’s personal information for a specific purpose
that we communicate to you. When you consent to our processing patient’s personal information for a specified purpose,
you may withdraw your consent at any time and we will stop processing of that patient’s data for that purpose.
Please understand that we will not use the
information you provide for STS for other purposes without your consent and confirmation.
IV.
How secure is information about
patient?
We design our systems with your and patient’s
security and privacy in mind. We will strictly manage and protect the information you provide. We will
use corresponding administrative, technical, and physical safeguards to prevent patient’s personal
information from being lost, stolen, tampered with, unauthorized access, use or disclosure.
l
We will use various security protection measures
within a reasonable security level to ensure the security of information. We use encryption protocol and
software to protect the security of patient’s personal information in the process of collection,
storage, use, sharing, transmission, and deletion, etc. For example, we will use encryption technology
(for example, SSL), anonymization and other means to protect patient’s personal information.
l
We maintain physical, electronic and procedural
safeguards in connection with the collection, storage, use, sharing, transmission, deletion, and
disclosure of personal information. Our security procedures mean that we may ask you to verify your
identity before we disclose personal information to you.
l
Our devices offer security features to protect them
against unauthorized access and loss of data. You can control these features and configure them based on
your needs.
l
It is important for you to protect against
unauthorized access to your password and to your computers, devices, and applications. Be sure to sign
off when you finish using a shared computer.
l
In the following circumstances, we can process and
use the collected personal information beyond the necessary scope: (1) Have obtained your written
consent; (2) To avoid the imminent danger to your and patient’s life, body or property; (3) To prevent
major harm to the rights and interests of others; (4) To enhance the public interest and harmless to
your and patient’s major interests; (5) Other circumstances stipulated by laws and regulations.
l
When government agencies require us to disclose personal information in
accordance with legal procedures, we will provide personal information in accordance with the
requirements of law enforcement agencies or for public safety purposes. In this case, we shall be exempt
from liability for any disclosure. Except in the circumstances stipulated by laws and regulations, we
will not disclose or disclose patient’ personal information to third parties without the patient’
permission.
l
We establish special management system, process and organization to
ensure the security of information. For example, we strictly limit the scope of people who can access
information, require them to comply with confidentiality obligations and conduct audits.
l
In the event of a security incident such as personal information
leakage, we will initiate an emergency plan to prevent the expansion of the security incident, and
notify you in the form of push notifications, announcements, etc.
We will do our best to protect your and patient’s
personal information. We also ask you to understand that no security measures can be
impeccable.
V.
Storage of patient’s personal
information
We will store the patient’s personal information
collected within/outside China in China in accordance with laws and regulations, and strictly follow the
laws and regulations of relevant countries and regions as well as China. If patient’s personal
information storage location is transferred from China to overseas, we will also strictly follow the
law.
We store patient’s personal information to ensure
that Shimmer provides you with better services. We only
store it for the time necessary to meet the relevant purposes described in this Notice. We may also
comply with legal requirements for storage , such as tax or accounting. For other storage requirements,
we will inform you in advance. For example, we keep patient’s historical oral images so that you can
view the oral images uploaded in the past.
VI.
Transfer of personal information from the
European Union to china
When we transfer personal information from the
European Union to China, we ensure that the information is transferred in accordance with this Notice
and applicable data protection laws.
VII.
Does STS share patient’s personal
information?
Information about our customers and patients is an
important part of our business and we are not in the business of selling our customers’ or patients’
personal information to others. We share customers’ or patients’ personal information only as described
below and with third parties that are either subject to this Notice or follow practices at least as
protective as those described in this Notice.
l
Third party service providers:
We employ other companies and individuals to perform functions on our
behalf. Examples include fulfilling orders for products or services, delivering packages, sending postal
mail and e-mail, removing repetitive information from customer lists, analyzing data, providing
marketing assistance, providing search results and links (including paid listings and links), processing
payments, transmitting content, assessing and managing credit risk, and providing customer service.
These third-party service providers have access to personal information needed to perform their
functions, but may not use it for other purposes. Further, they must process the personal information in
accordance with this Notice and as permitted by applicable data protection laws.
l
Business transfers: As we continue to develop our business, we might
sell or buy other businesses or services. In such transactions, customers’ or patients’ information
generally is one of the transferred business assets but remains subject to the promises made in any
pre-existing Privacy Notice (unless, of course, the customer consents otherwise). Also, in the unlikely
event that STS, or Shimmer or substantially all of its assets are
acquired, customers’ or patients’ information will of course be one of the transferred
assets.
l
Protection of our customers, Shimmer and others: We release account and other personal information
when we believe release is appropriate to comply with the law; enforce or apply other agreements; or
protect the rights, property or safety of Shimmer, our customers or others. This includes exchanging
information with other companies and organizations for fraud protection and credit risk
reduction.
l
In accordance with relevant laws, regulations and national standards, we may share, transfer, and publicly disclose
personal information in the following situations without your prior authorization: (1) Related to our
fulfillment of obligations under laws and regulations; (2) Directly related to national security and
national defense security; (3) Directly related to public safety, public health, and major public
interests; (4) Directly related to criminal investigation, prosecution, trial, and execution of
judgments; (5) In order to protect the life and property of the personal information subject or other
individuals, but it is difficult to obtain the authorization and consent of the person; (6) Personal
information disclosed by the personal information subject to the public on their own; (7) Collected from
the legally disclosed information, such as legal news reports, government disclosures and other
channels.
Other than as set out above, you will receive
notice when you or patient’s personal information might be shared with third parties and you will have
an opportunity to choose not to share the information.
VIII.
What rights do I have?
You have the following rights with respect to your
and patient’s personal information:
l
Request to withdraw your consent;
l
Request for inquiry, access or reading;
l
Request for updates, additions or corrections. When you update, add, or correct personal
information, we usually keep a copy of the original information on file;
l
Request for deletion;
l
Request to cancel the account;
l
Request to restrict the processing;
l
Request to stop computer processing and utilization;
l
Request for the transfer of personal information to a third party;
l
Request for a copy of the data processing.
If you want to perform any of the above operations,
you can do it by yourself through STS. As mentioned above, you can choose not to provide certain
information, but you may not be able to use many services of STS in the future.
IX.
Are minors allowed to use STS?
We concerns about the protection of the privacy of minors. We will
establish and maintain a reasonable procedure to protect the confidentiality and security of minors’
personal information. We solemnly declare: Any minor under the age of 16 using STS should obtain the
verifiable consent of the parent or his or her legal guardian (hereinafter collectively referred to as
the
"
guardian
"
).
The guardian shall bear the primary responsibility for protecting the
privacy of minors in the network environment.
Guardians have the right to refuse STS to make further contact with
their children or the person under guardianship.
X.
What about cookies?
We use cookies to enable our system to recognize
your device and provide and improve our services.
Cookies refers to a technology. When a customer
visits STS equipped with Cookies, the server of STS will automatically send Cookies to your device and
store them. This Cookie is responsible for recording the various activities of your visit to STS in the
future.
STS can provide you with more thoughtful and
personalized services by using Cookies technology. STS will use Cookies to provide you with information
of interest or store passwords so that you do not have to repeat the password every time you visit
STS.
XI.
EU-General Data Protection Regulation
L
egal
Basis
The EU GDPR requires a legal basis for our use of
personal information. Our basis varies depending on the specific purpose for which we use personal
information. We use:
l
Your consent: When you ask us to make products or provide
services for you, and process your and patient’s personal information for restoring patient’s oral data,
making digital oral models, making dentures, etc., we use patient’s personal information based on your
consent, and you can withdraw your consent at any time, and we will stop processing your data for that
purpose. In addition, when we ask for your consent to process your or patient’s personal information for
a specific purpose that we communicate to you. When you consent to our processing personal information
for a specified purpose, you may withdraw your consent at any time and we will stop processing of data
for that purpose.
l
Performance of a contract: when we provide you with products or services, or
communicate with you about them. This includes when we use your and patient’s personal information to
take and handle orders, deliver products and services, and process payments.
l
Compliance with a legal obligation:
In some cases, we collect and use your and patient’s personal
information to comply with legal requirements.
l
Our legitimate business interests and the
interests of our customers: when STS serves; when we detect and prevent fraud and abuse to
protect the safety of our customers, ourselves or others; when to protect our legitimate business
interests, the interests of our customers, or the interests of others.
l
These and other legal bases depending on the purpose for which we use personal
information.
XII.
Contact Information, Privacy Notices And
Amendments
If you have any concerns about the privacy of STS,
or want to contact us, please explain to the customer service in detail, or contact our person in charge
at 0756-8930801, and we will try our best to solve the problem for you.
If you choose to visit STS, your visit and privacy
disputes will be subject to this Notice and these Terms of Use, including the limitation of compensation, dispute
resolution, and the application of the laws of the People’s Republic of China. If you have any privacy
issues on STS, please contact us and give a full description, we will try our best to solve it for
you.
Our business changes constantly and our Privacy
Notice will change also. You should check our website frequently to see recent changes. Unless stated
otherwise, our current Privacy Notice applies to all information that we have about you and your
account. We stand behind the promises we make, however, and will never materially change our policies
and practices to make them less protective of customer information collected in the past without the
consent of affected customers. The right to modify and update this Notice belongs
to Shimmer.
XIII.
Disclaimer
In addition to the above-mentioned provisions or agreed exemptions, we
do not need to bear any responsibility in the following situations:
l
Any personal information leakage caused by you telling others your
password or sharing the registered account with others.
l
Any leakage, loss, theft or alteration of personal data caused by force
majeure that affects the normal operation of the network due to computer problem, hacker attack,
computer virus intrusion or attack, temporary shutdown due to government control, etc.
l
The leakage of personal data caused by other websites linked to STS and
any legal disputes and consequences caused by this.
(End)
Updated on
【
December 1st, 2021
】
Shimmer Computerized Dental Technology Co., LTD