Dental·Polyglot
Pricing
Back to home
Version 1.0 (Draft)

Privacy Policy

Draft, not yet in force

This document is under legal review and is not yet binding. Wording, retention periods, and the contracting entity are still being finalized. Do not rely on it yet.

1. Two roles, two sets of rights

DentalPolyglot SRL (in formation) ("we", "us") handles personal data in two roles:

  • Controller for data about our clinic customers and their staff (account, billing, support). We decide how it is used.
  • Processor for Patient Data flowing through the Service on a clinic's behalf. Here the clinic is the controller and we act on its instructions under our Data Processing Agreement. If you are a patient, the clinic you contacted controls your data; see that clinic's privacy notice and direct requests to it.

2. Data we control (clinic customers)

  • Account: clinic name, website URL, contact name and role, email, phone, address, source and patient languages.
  • Authentication: hashed passwords (Argon2id), session identifiers.
  • Billing: handled by Stripe; we receive subscription status, tier, VAT ID, billing address, and invoices, not full card numbers.
  • Support and operations: support tickets, edit requests, account audit logs.
  • Usage and diagnostics: first-party analytics (Vercel only; no Google Analytics, no advertising trackers) and error diagnostics (Sentry, personal data scrubbed).

3. Data we process for clinics (Patient Data)

On a clinic's behalf, we process: patient contact details and inquiry messages; two-way translated messages; treatment plans, including clinical diagnoses and per-tooth findings; patient-uploaded documents that may include x-rays, identity, and insurance documents; and scheduling data. This may include special-category health data, processed only on the clinic's instructions under the Data Processing Agreement.

4. Why we use controller data (legal bases)

  • Providing and operating the Service: performance of contract.
  • Billing and tax records: contract and legal obligation.
  • Security, fraud prevention, rate limiting: legitimate interests.
  • Service improvement and support: legitimate interests.
  • Sending transactional email: performance of contract.
  • Contacting clinics about the Service (B2B outreach): legitimate interests; you can object at any time.

For Patient Data, the clinic determines the lawful basis as controller; we do not use Patient Data for our own purposes.

5. AI-assisted translation

To deliver multilingual content and messaging, text (clinic content, patient messages, treatment plans) is sent to a third-party AI provider (Anthropic) for translation. This may include health-related text. It is covered by our agreement with that provider and, for Patient Data, by the Data Processing Agreement.

6. Subprocessors

The authoritative, dated list is in the Data Processing Agreement.

  • Stripe for payments and subscriptions (clinic billing data only; no Patient Data reaches Stripe).
  • Neon for the primary database.
  • Vercel for hosting, file storage, CDN, custom domains, and first-party analytics.
  • Upstash for rate limiting and caching.
  • Resend for transactional email.
  • Anthropic for AI-assisted translation.
  • Meta (WhatsApp Business Platform) for the optional WhatsApp messaging line, where a clinic enables it.
  • Sentry for error monitoring (personal data scrubbed).

7. Where data is processed

Primary processing is in the EU (Frankfurt). Where a provider processes data outside the EEA, we rely on appropriate safeguards: the EU-US Data Privacy Framework where the provider is certified, and Standard Contractual Clauses otherwise, detailed per provider in the Data Processing Agreement.

8. Retention

We keep data only as long as needed to provide the Service and meet legal obligations:

  • Active account data: for the life of the account.
  • Reactivation window after pause or cancellation: 90 days (paused accounts: at least 90 days).
  • Post-termination export window: the same 90 days (the dashboard remains accessible read-only).
  • Deletion after termination: automatic, once the 90-day window ends.
  • Inbound inquiries that never became a treatment plan: deleted after 24 months.
  • Data-subject erasure: actioned without undue delay, at most within 30 days.
  • Backups: rolling point-in-time backups, expired automatically after 6 hours.
  • Invoices and tax records: the period required by law.

9. Your rights

Subject to applicable law, you may request access, correction, deletion, restriction, portability, or object to processing. Clinics export their data via the in-product tool or by contacting us. Patients should contact the relevant clinic, which controls their data; we assist the clinic in responding. You can also submit a request through our privacy request form.

10. Security

We apply encryption in transit, hashed passwords, tenant isolation, access controls, rate limiting, and scrubbing of personal data from error logs. No system is perfectly secure, and we cannot guarantee absolute security.

11. Cookies and analytics

We use strictly necessary cookies (such as session and demo cookies) and first-party analytics (Vercel). We do not use Google Analytics or third-party advertising trackers.

12. Children

The Service is not directed to children. Clinics are responsible for any processing of minors' data they carry out as controllers.

13. Changes and contact

We may update this policy and will note the date above. Contact: DentalPolyglot SRL (in formation), [ADDRESS — pending registration], [PRIVACY CONTACT EMAIL].