Privacy Policy

1. Information We Collect

1.1 Personal Information

When you register for Dental3DApp, we collect:

• Full name and professional title
• Email address and phone number
• Professional license number and credentials
• Practice or clinic information
• Billing and payment information

1.2 Patient Health Information (PHI)

As a HIPAA-compliant platform, we process Protected Health Information including:

• Patient names and contact information
• Medical images and 3D scans
• DICOM files and dental records
• Treatment plans and clinical notes
• Case histories and diagnoses

1.3 Usage Information

We automatically collect certain information about your device and usage:

• IP address and browser type
• Device information and operating system
• Access times and dates
• Pages viewed and features used
• File upload and download activity

2. How We Use Your Information

2.1 Service Provision

• To provide secure file sharing and storage services
• To facilitate communication between healthcare providers
• To manage your account and provide customer support
• To process payments and maintain billing records

2.2 Security and Compliance

• To maintain HIPAA compliance and audit trails
• To detect and prevent security threats
• To comply with legal obligations and regulations
• To enforce our Terms of Service

2.3 Service Improvement

• To analyze usage patterns and improve functionality
• To develop new features and services
• To send service updates and important notifications

3. Data Security Measures

3.1 Technical Safeguards

• End-to-end encryption for all file transfers
• Secure Socket Layer (SSL) certificates
• Regular security audits and penetration testing
• Intrusion detection and prevention systems
• Redundant backups in geographically distributed data centers

3.2 Administrative Safeguards

• Role-based access controls
• Regular employee training on data security
• Background checks for all personnel
• Signed confidentiality agreements
• Incident response procedures

3.3 Physical Safeguards

• Secure data centers with 24/7 monitoring
• Biometric access controls
• Environmental controls and disaster recovery

4. Data Sharing and Disclosure

4.1 Authorized Sharing

We share PHI only as you direct us to, specifically:

• With healthcare providers you designate
• Through secure PIN-protected links you generate
• With authorized staff members in your practice

4.2 Service Providers

We may share limited information with trusted service providers who:

• Sign Business Associate Agreements (BAAs)
• Are bound by confidentiality obligations
• Use the information only to provide services to us
• Meet our security and compliance standards

4.3 Legal Requirements

We may disclose information when required by law:

• To comply with legal processes or court orders
• To protect rights, property, or safety
• To cooperate with law enforcement
• As required by HIPAA or other regulations

5. Your Rights and Choices

5.1 HIPAA Rights

Under HIPAA, you have the right to:

• Access your health information
• Request corrections to your records
• Request restrictions on uses and disclosures
• Receive an accounting of disclosures
• Choose how we communicate with you
• File a complaint if you believe your rights are violated

5.2 GDPR Rights (For EU Residents)

If you are in the European Union, you have additional rights:

• Right to Access: Obtain copies of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Portability: Transfer your data to another service
• Right to Object: Object to certain processing activities
• Right to Restrict: Limit how we use your data

5.3 California Privacy Rights (CCPA)

California residents have the right to:

• Know what personal information is collected
• Know if information is sold or disclosed
• Say no to the sale of personal information
• Access their personal information
• Request deletion of personal information
• Not be discriminated against for exercising rights

6. Data Retention

7. International Data Transfers

If we transfer data internationally, we ensure appropriate safeguards:

• Standard Contractual Clauses approved by the EU Commission
• Adequacy decisions where applicable
• Your explicit consent when required
• Encryption and security measures during transfer

8. Children's Privacy

Dental3DApp is intended for use by healthcare professionals. We do not knowingly collect personal information from children under 13. Patient information about minors is collected only as necessary for healthcare purposes and with appropriate authorization.

9. Cookies and Tracking

9.1 Essential Cookies

We use essential cookies for:

• User authentication and security
• Session management
• Preference settings

9.2 Analytics

We use privacy-respecting analytics to understand usage patterns. This data is anonymized and cannot be linked to individual users or patients.

10. Data Breach Notification

11. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via:

• Email notification to registered users
• Prominent notice on our platform
• Update to the "Last Updated" date

13. Contact Our Privacy Team

14. Consent and Agreement

By using Dental3DApp, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.