Privacy Policy

1. Data We Collect

When you use Odontist+, we collect the following categories of information:

Account & Authentication Data

Phone number — Required for account creation and login via Firebase phone authentication (OTP verification)
Display name (optional)
Email address (optional, for account recovery)

Clinic & Patient Data (entered by you)

Patient names, contact details, and demographic information
Dental records, treatment history, and odontogram data
Appointment schedules and notes
Prescriptions, lab requests, and clinical documentation
Billing and payment records

Technical & Usage Data

Device type, operating system, and app version
Log data (error reports, crash analytics)
Approximate geographic region (for compliance)
App usage patterns (anonymous, for improving the product)

Data Type	Why Collected	Retained For
Phone number	Authentication only	Duration of account
Patient records	Core app functionality	Until deleted by user
Usage analytics	Product improvement	12 months (anonymised)
Error logs	Bug fixing & stability	90 days

2. How We Use Your Data

We use the information we collect for the following purposes:

Authentication: Verifying your identity via Firebase phone OTP to secure your account
App Functionality: Storing and displaying your clinic and patient data within the app
Service Communication: Sending important account or service-related notifications
Product Improvement: Analysing anonymous usage patterns to improve features and performance
Security & Fraud Prevention: Detecting and preventing unauthorized access or abuse
Legal Compliance: Fulfilling our obligations under applicable laws and regulations

We do not use your data for advertising. We do not sell, rent, or trade your personal data or your patients' data to any third party for commercial purposes.

3. Firebase Phone Authentication

Important: Phone numbers are used only for authentication via Firebase and are not shared or sold to any third party.

Odontist+ uses Firebase Authentication, a service provided by Google LLC, to verify user identities via one-time passwords (OTP) sent to your phone number.

What this means for you:

Your phone number is transmitted securely to Firebase servers for OTP delivery
Google Firebase may process your phone number as part of the authentication flow
Firebase's handling of your data is governed by Google's Privacy Policy (policies.google.com/privacy)
We do not store your phone number on our own servers beyond what Firebase provides
Your phone number is never used for marketing, spam, or sold to any party

For more information on Firebase's data practices, visit firebase.google.com/support/privacy.

4. Third-Party Services

Odontist+ integrates with the following third-party services to deliver its functionality:

● Google Firebase

Firebase (Google LLC) — Used for phone authentication, real-time database, cloud storage, and crash reporting. Firebase is a platform by Google subject to Google's Privacy Policy and Terms of Service.

● Analytics

Firebase Analytics — Used to collect anonymous usage data to understand how users interact with the app. No personally identifiable information is shared with analytics systems.

We carefully select third-party services that meet high standards for data security and privacy. We do not integrate any advertising networks or data brokers.

5. Data Storage & Security

All data entered into Odontist+ is stored securely using Google Firebase infrastructure, which provides enterprise-grade security including:

Encryption in transit (TLS/HTTPS) for all data transfers
Encryption at rest for stored data
Role-based access controls to limit internal data access
Regular security audits and vulnerability assessments by Google
Compliance with ISO 27001, SOC 1, SOC 2, and SOC 3 standards

Patient health records stored in Odontist+ are accessible only to authorised users of your clinic account. We do not access your patient data except as required to provide the service or as required by law.

While we implement strong security measures, no digital system is 100% immune to breaches. We encourage users to use strong, unique passwords and keep their devices secure.

6. Your Rights

You have the following rights regarding your data:

Access: Request a copy of the personal data we hold about you
Correction: Update or correct any inaccurate information in your account
Deletion: Request deletion of your account and associated data
Portability: Request an export of your clinic and patient data in a portable format
Withdrawal of Consent: Withdraw consent to data processing where applicable

To exercise any of these rights, contact us at support@odontistplus.com. We will respond within 30 days.

Upon account deletion, your personal data and clinic data will be permanently removed within 90 days, except where retention is required by law.

7. Children's Privacy

Odontist+ is intended for use by dental professionals and is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors.

Patient records for minor patients may be entered by the treating dental professional, who bears responsibility for obtaining appropriate parental or guardian consent in accordance with applicable laws.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make material changes, we will:

Update the "Last Updated" date at the top of this page
Notify users via in-app notification or email (where available)
Provide a reasonable period to review changes before they take effect

Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated Privacy Policy.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact our privacy team:

Email: support@odontistplus.com
Subject line: Privacy Inquiry — Odontist+
Website: odontistplus.com

We are committed to resolving privacy concerns promptly and transparently.

Contents