Privacy Policy

Thank you for trusting Todd Smith & Associates (“we”, “us”, “our”). Your privacy and security are very important to us. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website or use our vision recheck services (including the ibis.vision integration).

By using our website or service, you agree to the terms of this Privacy Policy.

1. What Information We Collect

We may collect the following types of information when you interact with us:

a. Information You Provide Directly

• Name, email address, phone number

• Date of birth, address

• Prior prescription information, vision history

• Responses you provide during the recheck (vision test data)

• Communication content (messages, support requests, feedback)

b. Automatically Collected Information

• Device and browser information (type, version, OS)

• IP address

• Usage data (pages visited, time spent, clicks)

• Cookies and similar tracking technologies

c. Third‑Party Sources

• If you connect through or use third‑party services (e.g. analytics, integrations), we may receive data from them as permitted by law.

2. How We Use Your Information

We use the personal information we collect for purposes including:

• To provide, operate, maintain, and improve our services

• To conduct the vision recheck and validate prescription eligibility

• To communicate with you (email, SMS, phone) about your account, updates, or service notices

• To send you promotional content (if you consent)

• To detect, prevent, and respond to fraud, security risks, abuse, or violations

• To comply with legal obligations

3. Legal Basis & Consent

Where applicable (e.g. for users in the European Union), we rely on legal bases like:

• Consent: when you explicitly agree (e.g. to receive marketing communications)

• Contract performance: when needed to provide you services (e.g. recheck)

• Legitimate interests: for security, fraud prevention, site analytics, improving services

• Legal compliance: to comply with laws or respond to lawful requests

4. Sharing & Disclosure of Data

We do not sell your personal information. We may share your data under these scenarios:

• Service providers / vendors: companies who perform functions on our behalf (hosting, analytics, email, security)

• ibis.vision or partners: for the purpose of recheck operations and Rx validation

• Legal or regulatory requests: when required by law or to protect rights, safety, or property

• Business transactions: in the event of a merger, acquisition, or sale of assets

We ensure third parties adhere to confidentiality and security obligations.

5. Cookies & Tracking Technologies

We and third parties use cookies, web beacons, and similar technologies to:

• Recognize you and your device

• Analyze site usage and performance

• Personalize content and ads

• Improve user experience

You can manage cookie preferences through your browser settings or via a cookie consent control if we provide one.

6. Data Retention

We retain your personal information only as long as necessary:

• To fulfill service obligations

• To comply with legal, tax, or regulatory requirements

• To resolve disputes, enforce agreements, or prevent fraud

When no longer needed, we will delete or anonymize data.

7. Security

We implement administrative, technical, and physical safeguards to protect against unauthorized access, alteration, or disclosure. However, no method of transmission or storage is 100% secure.

If a breach occurs, we’ll follow applicable legal obligations, including notifying affected individuals and authorities.

8. Your Rights & Choices

Depending on your jurisdiction, you may have rights such as:

• Accessing your personal data

• Correcting or updating your data

• Deleting your data

• Restricting or objecting to processing

• Withdrawing consent

• Data portability

To exercise these rights, contact us as noted below. (We may ask you to verify identity.)

You can also opt out of marketing communications at any time via unsubscribe links or contacting us.

9. Children’s Privacy

Our services are not directed to children under 18. We do not knowingly collect personal data from children under 18. If we discover such data, we will promptly delete it.

10. International Transfers

If your data is transferred outside your country (e.g. for processing, hosting), we ensure appropriate safeguards (e.g. standard contractual clauses, approved frameworks) in compliance with applicable laws.

11. Changes to This Privacy Policy

We may update this policy from time to time. If we make significant changes, we will post a notice and update the “Last Updated” date. Your continued use constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, requests, or complaints about this policy or your data, please contact:

Todd Smith & Associates
The Green, Unit # 18482, Dover, De 19901
Email: drsmith@telehealthaffiliates.com
Phone: (267) 440-1007