Privacy Policy

1. Introduction

This Privacy Policy describes how Dental Cloud Technologies LLC ("Company," "we," "us," or "our") collects, uses, and protects your information when you use the CloudLab.Dental platform and related services.

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Information You Provide

• Account Information: Name, email address, phone number, job title
• Business Information: Laboratory name, address, EIN, business license
• Patient Data: Order information, prescriptions, dental files (STL, PLY, DCM)
• Billing Information: Payment details processed securely via Stripe

Information Collected Automatically

• Usage Data: Features used, pages visited, actions taken within the platform
• Device Information: Browser type, operating system, IP address
• Log Data: Access times, error logs, audit trails for compliance

3. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve the Service
• Process payments and manage subscriptions
• Send service notifications and support responses
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations

We do not use your information for advertising or sell it to third parties.

4. Data Security

We implement industry-standard security measures:

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access Controls: Role-based permissions and multi-factor authentication
• Infrastructure: Hosted on Amazon Web Services with redundant backups
• Monitoring: Continuous security monitoring and audit logging

5. HIPAA Compliance

We operate as a Business Associate under HIPAA. All Protected Health Information (PHI) is handled in accordance with HIPAA requirements:

• Business Associate Agreement available for electronic signature
• PHI encrypted at rest and in transit
• Access to PHI logged and auditable
• Breach notification procedures in compliance with HIPAA

6. Data Sharing

We share information only as necessary to provide the Service:

• Service Providers: Amazon Web Services (hosting), Stripe (payments), and integration partners
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell personal information to third parties.

7. Data Retention

We retain your data for as long as your account is active. Upon cancellation, data is retained for 30 days before permanent deletion. Some data may be retained longer to comply with legal obligations.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal information. To exercise these rights, contact us at [email protected].

9. Cookies

We use essential cookies for authentication and session management. We do not use advertising cookies or third-party tracking. See our Cookie Policy for details.

10. International Transfers

Our Service is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. We implement appropriate safeguards for international data transfers.

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will provide notice via email or through the Service. Your continued use after such notice constitutes acceptance of the updated policy.