DTS Instant Smiles - Privacy Policy
DNROHIDA TECHNOLOGIES PVT. LTD.
Dental Treatment Simulation
C/2, Nahar Shopping Complex, Opposite Nahar Business Center, Chandivali, MH, 400072, India
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.This information is necessary to complete your transaction and deliver your purchases.
We may also automatically collect information regarding your browsing behavior, including your computer’s Internet Protocol (IP) address, browser type, and operating system, in order to enhance your user experience on our site.
Marketing Communications: With your explicit consent, we may send you marketing emails about our store, new products, and other updates. You can withdraw your consent at any time.
SECTION 2 - LAWFUL BASIS FOR PROCESSING (GDPR)
-
We process your personal data under the following lawful bases:
• Performance of a Contract: When you purchase a product or service, your personal data is necessary to fulfil the contract between you and us.
• Consent: For marketing communications, we will process your data only with your explicit consent.
• Legal Obligation: We may process your personal data where it is required to comply with legal obligations, such as financial records or fraud prevention.
If we ask for your personal information for a secondary reason, like marketing, we will ask for your explicit consent, and you will have the opportunity to opt-out at any time.
SECTION 3 - YOUR RIGHTS UNDER GDPR
As a user under GDPR, you have the following rights:
• Right of Access: You may request a copy of your personal data.
• Right to Rectification: You may ask us to correct any inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): Under certain conditions, you can request the deletion of your personal data.
• Right to Restrict Processing: You may request the restriction of processing under specific conditions.
• Right to Data Portability: You can request your data be provided to you or another service provider in a structured, machine-readable format.
• Right to Object: You may object to the processing of your personal data in certain situations, such as for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 3 business days.
- If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at [email protected] or mailing us at: Dental Treatment Simulation C/2, Nahar shopping complex, Opposite Nahar Business Center, Chandivali, MH, 400072, India
SECTION 4 - HIPAA COMPLIANCE FOR PROTECTED HEALTH INFORMATION (PHI)
If we process any health-related data, we comply with the Health Insurance Portability and Accountability Act (HIPAA). We implement appropriate safeguards to protect your PHI and ensure that it is not inappropriately accessed, disclosed, altered, or destroyed.
• Patient Rights Under HIPAA: You have the right to access, amend, or request restrictions on your PHI.
• Data Security: PHI is encrypted and stored securely in compliance with HIPAA’s Privacy and Security Rules.
If you have questions regarding our HIPAA compliance, please contact us at [email protected].
SECTION 5 - DISCLOSURE
We may disclose your personal data in the following cases:
• If required by law, such as compliance with a court order or government regulation.
• To enforce our Terms of Service or protect the rights, property, or safety of our business or customers.
We will never sell or rent your personal data to third parties.
SECTION 6 - PAYMENT
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express, and Discover.
PCI-DSS standards help ensure the secure handling of payment information.
For more details, you can refer to the privacy policies of our payment processors, such as cCavenue, PayuMoney and PayPal.
SECTION 7 - THIRD-PARTY SERVICES
Third-party providers, such as payment processors and analytics services, will only collect, use, and disclose your information as needed to perform their services. We recommend reviewing the privacy policies of any third-party service providers with whom you engage.
If your personal data is transferred to a third-party provider located in a different jurisdiction (e.g., the United States), your data may be subject to local laws (e.g., the Patriot Act in the US).
International Data Transfers: We ensure that personal data transferred outside the European Economic Area (EEA) is protected using lawful mechanisms, such as Standard Contractual Clauses (SCC) or other appropriate safeguards..
We use Facebook conversion pixels We use the “Custom Audience pixel” of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) on our website. With its help, we can keep track of what users do after they see or click on a Facebook advertisement. This enables us to monitor the effectiveness of Facebook ads for purposes of statistics and market research. Data collected in this way is anonymous to us, which means we cannot see the personal data of individual users. However, this data is saved and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook’s Data Policy which can be found at https://www.facebook.com/about/privacy/
You can allow Facebook and its partners to place ads on and outside of Facebook. A cookie can also be saved on your device for these purposes.
Please follow this link if you would like to withdraw your consent https://www.facebook.com/settings/?tab=ads#_=_
Our website uses Google Analytics, a web analysis service provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses cookies—small text files that are stored on your device—to help analyze how you use our website. The information generated by these cookies, including details such as the time, place, and frequency of your site visits and your IP address, is transmitted to and stored by Google in the United States. In accordance with the GDPR, we have implemented measures to anonymize IP addresses before they are stored or processed by Google. Google will not associate your anonymized IP address with any other data held by Google. In certain situations, Google may share this information with third parties where legally required, or when such third parties process data on Google's behalf. You can prevent the storage of cookies by adjusting your browser settings. However, this may affect the full functionality of our website. Additionally, Google offers a browser add-on for disabling Google Analytics, which prevents the data generated by cookies from being transmitted to Google Analytics.
You can find and install the browser add-on at this link: https://tools.google.com/dlpage/gaoptout?hl=en.
In cases where personal data is transferred to the United States, Google ensures an adequate level of protection by complying with the Standard Contractual Clauses approved by the European Commission or other lawful mechanisms for international data transfers. For more information on Google’s data protection practices, you can review their privacy policy at this link: https://safety.google/intl/en_in/privacy/data/
SECTION 8 - COOKIES
We use cookies on this website to improve your browsing experience and provide personalized services. Cookies are small data files stored on your device that allow us to remember your preferences and recognize returning users. You can control your cookie preferences via your browser settings. Disabling cookies may affect the functionality of our site.
SECTION 9 - SECURITY
We take reasonable precautions to protect your personal data and follow industry best practices to ensure it is not lost, misused, accessed, disclosed, altered, or destroyed. We utilize encryption, access controls, and secure storage to safeguard your data. However, no method of transmission over the Internet or electronic storage is 100% secure, so we cannot guarantee absolute security.
SECTION 10 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence. If you are the legal guardian of a minor dependent, you give consent for their use of the site.
SECTION 11 - DATA RETENTION
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. After the retention period, your data will be securely deleted or anonymized
SECTION 12 - CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Any changes will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you via email or by placing a prominent notice on our site.
SECTION 13 - DATA PROCESSING
Our apps (DTS PRO / DTS PRO 3D / Instant Smiles) process specific facial features such as the eyes, nose, mouth, jawline, and eyebrows from photos to detect the smile area based on the positioning of the user’s mouth. Additionally, the app may rotate the photo if tilted, by analysing the angle between the eyes and the horizontal line.
We want to emphasize that we do not collect, store, or retain any facial data. The processing of images/ scans is done locally on your device, and no facial recognition or personal identifiers are extracted or stored by us. This ensures that your privacy is maintained, and no personal or sensitive data is retained after the processing is completed.
The images you provide are processed in real-time, and the results are delivered directly on your device without being transmitted to our servers. This means that your images and any derived data never leave your control, ensuring the highest level of privacy and data security.
We take your privacy seriously and only process the minimal data necessary to provide the requested functionality. All processing activities are conducted with the utmost care to ensure compliance with applicable data protection regulations, including GDPR and HIPAA, where applicable.
If you have any concerns about how your data is processed or need further clarification, please do not hesitate to contact us.
SECTION 14 - DATA PROTECTION AND SECURITY
The following is for informational purposes only and does not constitute contractual obligations.
Our legal relationships with customers are governed solely by our formal legal agreements. For specific legal advice, please consult with your own legal counsel. We are dedicated to upholding high data protection and privacy standards, including HIPAA and GDPR regulations.
At DTS, we act as a processor of data. We do not store any patient health information in the app or on our servers.
All PHI is locally stored and accessed by the end user.
All data processing by DTS will be based on documented instructions from our customers.
This aligns with the compliance norms ensuring processing activities are conducted only as explicitly directed by the data controller (the end user or our clients).
HIPAA Compliance within DTS: Accepting the Business Associate Agreement (BAA)
HIPAA compliance is a shared responsibility between DTS and its customers.
Accepting our Business Associate Agreement (BAA) or Terms and Conditions is a fundamental step towards enabling HIPAA compliance for your organization when using our services. By accepting our Terms and Conditions, you affirm that DTS’s security posture aligns with your HIPAA compliance requirements.
It is crucial that upon accepting the BAA, your organization also adheres to HIPAA-compliant practices in your use of our services. This includes ensuring that PHI is handled in accordance with HIPAA standards and implementing appropriate safeguards to protect health information.
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
SECTION 15 - YOUR RIGHTS UNDER GDPR AND OTHER DATA PROTECTION LAWS
In some regions (like the EEA and UK), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure, (iii) to restrict the processing of your personal information, and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
If you are a resident in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority.
You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html
If you have questions or comments about your privacy rights, you may email us at [email protected]
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information to contact our Privacy Compliance Officer at [email protected] or by mail at Dental Treatment Simulation
[Re: Privacy Compliance Officer]
Dental Treatment Simulation
DNROHIDA TECHNOLOGIES PVT. LTD
[C/2, Nahar shopping complex, Opposite Nahar Business Center, Chandivali, MH, 400072, India]
----
DTS Privacy Policy - Effective Date: 2023-05-26