Register

Privacy Policy

Last updated: January 10, 2026

1. Introduction

DenPro ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our dental practice management software and website.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

DenPro is the data controller responsible for your personal data. If you have questions about this policy or our data practices, contact us at:

3. Information We Collect

3.1 Information You Provide

  • Account information: name, email address, phone number, clinic name
  • Billing information: payment details, invoicing address
  • Patient data: information you enter about your patients (as a data processor)
  • Communications: messages you send to our support team

3.2 Automatically Collected Information

  • Device information: IP address, browser type, operating system
  • Usage data: pages visited, features used, time spent in the application
  • Cookies and similar technologies (see our Cookie Policy)

4. How We Use Your Information

We use your information for the following purposes:

  • To provide and maintain our dental practice management service
  • To process your subscription and billing
  • To communicate with you about your account and provide customer support
  • To send you important updates about the service
  • To improve our software and develop new features
  • To ensure security and prevent fraud
  • To comply with legal obligations

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract: Processing necessary to provide our service to you
  • Legitimate Interest: Improving our service, security, and fraud prevention
  • Legal Obligation: Compliance with tax, accounting, and other legal requirements
  • Consent: Marketing communications (where applicable)

6. Patient Data (Data Processing)

When you use DenPro to manage patient records, you are the data controller for that patient data, and we act as a data processor on your behalf. We:

  • Process patient data only according to your instructions
  • Implement appropriate technical and organizational security measures
  • Do not share patient data with third parties except as required to provide the service
  • Assist you in fulfilling your GDPR obligations regarding patient data

7. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Regular backups with secure storage
  • Employee training on data protection

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. After account termination:

  • Account data is deleted within 30 days
  • Backup data is purged within 90 days
  • Billing records are retained as required by law (typically 7-10 years)

9. Your Rights (GDPR)

Under GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request limitation of processing
  • Portability: Receive your data in a portable format
  • Objection: Object to processing based on legitimate interest

To exercise these rights, contact us at [email protected].

10. International Data Transfers

Your data is stored on servers within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses.

11. Third-Party Services

We use the following third-party services that may process your data:

  • Cloud hosting providers (for data storage)
  • Payment processors (for billing)
  • Email service providers (for transactional emails)

All third-party providers are vetted for GDPR compliance.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the application. Continued use of our service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

You also have the right to lodge a complaint with your local data protection authority.