Privacy Policy

Denticode Inc. ("Denticode," "we," "us," or "our") provides dental technology software and related services, including clinical dictation, audio capture, transcription, clinical documentation support, CDT code guidance, insurance attachment logic, claim-readiness workflows, PMS integrations, scheduling tools, patient workflow support, analytics, and related administrative and technical services.

This Privacy Policy explains how Denticode collects, uses, discloses, and protects information when you visit our website, use our platform, communicate with us, or otherwise interact with our services.

This Privacy Policy is intended to cover Denticode's handling of personal information in our capacity as a business, website operator, software provider, and service provider. When Denticode processes Protected Health Information ("PHI") on behalf of a dental practice, provider group, dental service organization, or other HIPAA-regulated customer, that PHI is governed by our Business Associate Agreement with the customer and applicable HIPAA requirements.

1. Scope of This Privacy Policy

This Privacy Policy applies to information we collect through:

• the Denticode website;
• the Denticode application, platform, software, and related services;
• demos, sales calls, onboarding, support, and customer communications;
• integrations, forms, and account registration workflows;
• marketing communications, newsletters, events, and business development activities; and
• other online or offline interactions with Denticode.

This Privacy Policy does not replace or limit any Business Associate Agreement, customer agreement, order form, data processing agreement, or other written agreement between Denticode and a customer.

2. Important HIPAA Notice

Denticode may act as a "Business Associate" under HIPAA when we create, receive, maintain, or transmit PHI on behalf of a covered dental practice, dental service organization, provider group, or other HIPAA-regulated customer.

When Denticode processes PHI as a Business Associate, we use and disclose that PHI only as permitted by our Business Associate Agreement, our customer agreements, HIPAA, and applicable law.

Dental practices and other healthcare customers are responsible for their own HIPAA notices of privacy practices, patient authorizations, patient communications, clinical decisions, billing decisions, and responses to patient rights requests, unless otherwise agreed in writing.

Patients who have questions about their dental records, treatment information, billing records, or HIPAA rights should contact their dental provider or practice directly.

3. Information We Collect

We may collect the following categories of information.

3.1 Account and Contact Information

We may collect information such as:

• name;
• email address;
• phone number;
• job title;
• practice or company name;
• professional role;
• username and account credentials;
• billing and subscription information;
• address or business location; and
• communication preferences.

3.2 Practice and Business Information

We may collect information about dental practices, DSOs, billing teams, providers, or business customers, including:

• practice name;
• practice address;
• provider names and roles;
• user permissions and account roles;
• PMS or software environment;
• integration preferences;
• subscription details;
• onboarding status;
• support history; and
• workflow configuration.

3.3 Platform Usage Information

We may collect information about how users interact with Denticode, including:

• login activity;
• features used;
• pages or screens viewed;
• session activity;
• workflow actions;
• templates used;
• timestamps;
• device and browser information;
• IP address;
• system logs;
• error reports;
• audit logs; and
• performance and diagnostic data.

3.4 Dental Workflow and Service Data

Depending on how a customer configures and uses the Services, Denticode may process information such as:

• audio recordings or dictation;
• transcriptions;
• clinical notes;
• patient information;
• treatment details;
• dental charting information;
• CDT code guidance;
• insurance attachment guidance;
• claim-readiness documentation;
• narratives;
• patient history summaries;
• PMS data;
• appointment or scheduling data;
• provider notes;
• billing workflow information; and
• related documents, images, files, or attachments.

Some of this information may be PHI when processed on behalf of a HIPAA-regulated customer.

3.5 Communications and Support Information

When you contact us, we may collect:

• emails, messages, and chat communications;
• support tickets;
• call notes;
• demo requests;
• feedback;
• survey responses;
• screenshots or files you provide; and
• information needed to resolve technical or account issues.

3.6 Payment Information

We may collect billing details, subscription information, invoice history, and payment-related information. Payment card information may be processed by third-party payment processors. Denticode generally does not store full payment card numbers unless expressly stated and handled through a secure payment provider.

3.7 Cookies and Similar Technologies

We may use cookies, pixels, local storage, analytics tools, and similar technologies to:

• operate our website and platform;
• remember preferences;
• understand traffic and usage;
• improve performance;
• support security;
• measure marketing effectiveness; and
• personalize user experience.

You may be able to control cookies through your browser settings. Disabling cookies may affect website or platform functionality.

4. How We Use Information

We may use information to:

• provide, operate, and maintain Denticode;
• create and manage user accounts;
• authenticate users;
• provide clinical dictation, transcription, documentation, CDT code guidance, attachment logic, and claim-readiness workflows;
• support PMS integrations and data synchronization;
• configure workflows, templates, and user permissions;
• provide onboarding, training, technical support, and customer service;
• process billing, subscriptions, and account administration;
• monitor system performance and reliability;
• maintain security and prevent fraud, abuse, or unauthorized access;
• troubleshoot errors and improve product functionality;
• communicate with customers and users;
• send administrative messages, product updates, and service notices;
• send marketing communications where permitted by law;
• conduct analytics and product improvement;
• develop new features and services;
• comply with legal obligations;
• enforce our agreements and policies; and
• protect the rights, safety, and security of Denticode, our customers, patients, users, and others.

5. AI, Automation, and Product Improvement

Denticode may use artificial intelligence, machine learning, automation, natural language processing, rules engines, and other computational methods to provide the Services.

These technologies may be used to support:

• transcription;
• note structuring;
• clinical documentation organization;
• CDT code guidance;
• insurance attachment logic;
• narrative generation;
• claim-readiness workflows;
• template completion;
• analytics;
• workflow improvement; and
• product functionality.

Denticode does not use identifiable PHI to train, fine-tune, or improve generalized artificial intelligence models unless permitted by a Business Associate Agreement, authorized by the applicable customer, or unless the information has first been de-identified in accordance with HIPAA.

Denticode may use de-identified or aggregated information for analytics, benchmarking, product improvement, documentation logic, CDT library improvement, attachment logic improvement, model improvement, research and development, and claim-readiness system development.

Customer users are responsible for reviewing and approving AI-generated or AI-supported outputs before using them for clinical, billing, insurance, legal, or patient-care purposes.

6. How We Disclose Information

We may disclose information in the following circumstances.

6.1 To Customers and Authorized Users

We may disclose information to the dental practice, DSO, provider group, billing team, administrator, or other customer account owner associated with your account.

For example, a practice administrator may be able to view user activity, account access, clinical documentation workflows, support issues, and other information associated with the practice's Denticode account.

6.2 To Service Providers and Subprocessors

We may disclose information to vendors, service providers, subprocessors, and contractors who help us operate, secure, support, or improve Denticode.

These may include providers of:

• cloud hosting and infrastructure;
• database hosting and storage;
• artificial intelligence infrastructure;
• transcription or speech-processing infrastructure;
• analytics;
• monitoring and logging;
• cybersecurity tools;
• customer support software;
• email, SMS, and communication tools;
• billing and payment processing;
• implementation and technical services; and
• professional services.

Where required, we enter into appropriate agreements with service providers and subprocessors, including Business Associate Agreements when a vendor creates, receives, maintains, or transmits PHI on our behalf.

6.3 Legal and Compliance Disclosures

We may disclose information when we believe it is necessary to:

• comply with applicable law, regulation, legal process, subpoena, or government request;
• enforce our agreements or policies;
• protect against fraud, security threats, or misuse;
• protect the rights, safety, or property of Denticode, customers, users, patients, or others;
• investigate suspected unlawful activity; or
• respond to regulatory or compliance obligations.

6.4 Business Transfers

We may disclose or transfer information in connection with a merger, acquisition, financing, corporate reorganization, sale of assets, bankruptcy, due diligence process, or similar business transaction.

If PHI is involved, such transfer will be handled in accordance with applicable Business Associate Agreements and HIPAA requirements.

6.5 With Consent or Direction

We may disclose information with your consent, at your direction, or as otherwise described when the information is collected.

7. Data Security

Denticode uses administrative, technical, and physical safeguards designed to protect information against unauthorized access, use, disclosure, alteration, or destruction.

These safeguards may include:

• encryption in transit;
• encryption at rest where commercially reasonable and technically feasible;
• role-based access controls;
• least-privilege access;
• authentication controls;
• administrative access restrictions;
• audit logging;
• system monitoring;
• vulnerability management;
• backup and disaster recovery controls;
• workforce confidentiality obligations;
• security training;
• incident response procedures;
• vendor risk management; and
• secure development practices.

No system is completely secure. We cannot guarantee absolute security, but we work to maintain safeguards appropriate to the nature of the information we process.

8. Data Retention

We retain information for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, maintain security, support business operations, and meet customer contractual requirements.

Retention periods may vary depending on:

• the type of information;
• customer configuration;
• legal and regulatory requirements;
• contractual obligations;
• backup and disaster recovery schedules;
• audit and compliance requirements;
• security needs; and
• whether the information is PHI.

When Denticode processes PHI on behalf of a customer, retention, export, deletion, and return of that PHI are governed by the applicable customer agreement and Business Associate Agreement.

9. Patient Information and Patient Requests

Denticode generally processes patient information on behalf of dental practices, DSOs, provider groups, or other healthcare customers.

If you are a patient and want to access, amend, delete, restrict, or receive a copy of your dental records or other PHI, please contact your dental provider directly. Denticode may assist the provider as required by our agreements and applicable law.

Denticode may not be able to respond directly to patient requests where we act as a Business Associate and the dental provider controls the relevant patient records.

10. Your Choices

Depending on your relationship with Denticode and applicable law, you may have choices regarding your information.

10.1 Account Information

Authorized users may be able to update certain account information through the platform or by contacting Denticode support.

10.2 Marketing Communications

You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us. Even if you opt out of marketing communications, we may still send transactional, administrative, security, legal, or service-related messages.

10.3 Cookies

You may be able to limit or disable cookies through your browser settings. Some features may not function properly without cookies.

10.4 Customer-Controlled Data

Information controlled by a dental practice or other customer may be subject to that customer's own privacy practices, notices, and policies. Requests regarding customer-controlled records should be directed to the applicable customer.

11. State Privacy Rights

Depending on where you live, you may have certain privacy rights under state privacy laws. These rights may include the right to:

• know or confirm whether we process your personal information;
• access personal information;
• correct inaccurate personal information;
• delete personal information;
• obtain a copy of personal information;
• opt out of certain targeted advertising, sale, or sharing of personal information;
• limit certain uses of sensitive personal information, where applicable; and
• appeal a decision regarding a privacy request.

Denticode does not sell PHI. Denticode does not use PHI for targeted advertising.

Some state privacy laws include exemptions for PHI governed by HIPAA, information processed by a Business Associate on behalf of a HIPAA-covered entity, or business-to-business contact information. As a result, certain rights may not apply to all information we process.

To submit a privacy request, contact us using the information in the "Contact Us" section below. We may need to verify your identity and authority before fulfilling your request.

12. California Privacy Notice

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act, applies to Denticode's processing of personal information.

12.1 Categories of Personal Information We May Collect

We may collect the following categories of personal information:

• identifiers, such as name, email address, phone number, IP address, account ID, or business contact information;
• customer records information, such as billing details and business account information;
• internet or electronic network activity information, such as usage logs, device information, browser information, and interaction data;
• geolocation information at an approximate level, such as IP-based location;
• audio, electronic, or similar information, such as support calls, demos, or platform audio where enabled by the customer;
• professional or employment-related information, such as role, job title, practice, or company affiliation;
• inferences derived from usage information, such as product preferences or workflow insights;
• sensitive personal information, only where applicable and subject to legal limits; and
• PHI, where processed on behalf of a HIPAA-regulated customer and subject to applicable HIPAA requirements.

12.2 Sources of Personal Information

We may collect personal information from:

• you;
• your employer, practice, DSO, or organization;
• authorized users;
• customers;
• integrations and PMS systems configured by customers;
• service providers;
• business partners;
• publicly available sources; and
• automated technologies such as cookies and logs.

12.3 Purposes for Collection and Use

We collect and use personal information for the purposes described in this Privacy Policy, including providing the Services, account administration, security, support, billing, analytics, product improvement, compliance, and communication.

12.4 Disclosures

We may disclose personal information to the categories of recipients described in this Privacy Policy, including customers, authorized users, service providers, subprocessors, legal or regulatory recipients, and parties involved in business transactions.

12.5 Sale and Sharing

Denticode does not sell PHI. Denticode does not knowingly sell personal information in the ordinary meaning of the word "sell."

Denticode does not use PHI for cross-context behavioral advertising.

If Denticode uses website analytics, advertising pixels, or similar technologies that may be considered "sharing" or "selling" under California law, we will provide any legally required opt-out mechanism.

12.6 Sensitive Personal Information

Denticode does not use sensitive personal information for purposes that require a right to limit under California law unless we provide the required notice and choice.

12.7 California Rights

California residents may have the right to request access, correction, deletion, portability, and opt-out of sale or sharing, subject to legal limitations and exemptions.

California residents also have the right not to be discriminated against for exercising their privacy rights.

13. Children's Privacy

Denticode is intended for use by dental practices, healthcare organizations, providers, staff, administrators, and business users. Denticode is not directed to children under 13, and we do not knowingly collect personal information directly from children under 13 through our website or general business services.

Patient information about minors may be processed by Denticode on behalf of dental practices or other healthcare customers as part of the Services and is governed by the applicable customer agreement, Business Associate Agreement, HIPAA, and applicable law.

14. International Users

Denticode is primarily intended for use in the United States. If you access Denticode from outside the United States, your information may be processed in the United States or other jurisdictions where our service providers operate.

By using Denticode, you understand that your information may be transferred to and processed in jurisdictions that may have privacy laws different from those in your location.

15. Third-Party Links and Integrations

Denticode may include links to third-party websites, tools, services, or integrations. We are not responsible for the privacy practices of third parties that we do not control.

Customers may configure integrations with PMS systems, communication tools, billing systems, analytics tools, or other third-party services. Use of those services may be governed by the third party's own terms and privacy policies.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date above.

If we make material changes, we may provide additional notice, such as through the website, platform, email, or other reasonable means.

Your continued use of Denticode after an updated Privacy Policy becomes effective means you acknowledge the updated Privacy Policy, unless applicable law requires otherwise.

17. Contact Us

If you have questions about this Privacy Policy or want to submit a privacy request, contact us at:

For patient record requests, please contact your dental provider or practice directly.