Legal
Privacy Policy
OccluTrace is built for professional dental labs and clinical teams that need a narrow, de-identified 3D scan workflow. We process the minimum data needed to operate the service, we do not sell personal information, and uploaded scans are not used to train models.
Scope
This Privacy Policy explains how Dental Cloud Technologies LLC (“OccluTrace,” “we,” “us,” or “our”) collects, uses, shares, retains, and protects information when you use occlutrace.ai and related services.
The Service is intended for dental professionals, dental laboratories, and CAD/CAM technicians. It is not intended for direct patient use.
Information We Collect
| Category | Examples | Source |
|---|---|---|
| Account information | Name, email address, organization, account settings, authentication method. | Provided by you or by an identity provider you choose to use. |
| Uploaded files | 3D dental mesh files in STL, OBJ, or PLY format, plus generated alignment results. | Uploaded by you or your authorized team. |
| Case metadata | Case label, file names, job status, timestamps, processing settings, export history. | Created by your use of the Service. |
| Usage and device data | Pages used, feature events, browser type, device information, IP address, security logs. | Collected automatically when you use the Service. |
| Billing data | Billing contact, credits, invoices, payment status, transaction records. | Provided by you and by our payment processor. |
De-identified Scan Workflow
OccluTrace is designed for de-identified 3D surface geometry files: vertex coordinates, face indices, and optional mesh color/texture data used to display the scan. Do not upload patient names, dates of birth, chart numbers, photographs, radiographs, clinical notes, diagnostic codes, insurance data, or other protected health information in files, filenames, metadata, case labels, or support messages.
How We Use Information
- Provide the Service. Create accounts, accept uploads, process scan alignment, render previews, and make exports available.
- Maintain reliability and security. Detect abuse, investigate errors, protect accounts, audit administrative actions, and maintain service availability.
- Communicate with you. Send verification, password reset, billing, product, support, and service-status messages.
- Improve product quality. Analyze aggregated or de-identified workflow metrics, reliability data, and support themes.
- Comply with legal obligations. Maintain required financial records, respond to lawful requests, enforce agreements, and protect rights and safety.
We do not use uploaded customer scans to train, fine-tune, or improve machine-learning models unless a separate written agreement says otherwise.
Service Provider Categories
We share information only with service providers that help us operate, secure, support, or bill for the Service. Publicly, we disclose provider categories and data roles instead of publishing a provider-by-provider infrastructure map.
| Category | Purpose | Data involved | Controls |
|---|---|---|---|
| Account and authentication | Create accounts, maintain sessions, support optional third-party sign-in. | Name, email address, login metadata, account identifiers. | Contractual confidentiality, access limits, and account-level authorization. |
| Hosting, storage, and processing operations | Operate the application, store uploads/results, run alignment jobs, and deliver exports. | Account data, job metadata, uploaded mesh files, generated results. | Encryption, least-privilege access, audit logging, and time-bound processing paths. |
| Payments and billing | Process purchases, subscriptions, invoices, tax records, and disputes. | Billing contact, transaction records, payment status. We do not store full card numbers. | Payment data is handled by a PCI-compliant payment processor. |
| Transactional email | Send verification, password reset, receipt, security, and service messages. | Recipient email, message content, delivery metadata. | Used only for service communications and required account notices. |
| Security, product analytics, and error monitoring | Protect the Service, diagnose faults, measure reliability, and improve core workflows. | Request metadata, device/browser information, event metadata, redacted error context. | No sale of personal information, no advertising profiles, and sensitive payload redaction. |
We maintain a provider-level list for compliance review. Enterprise customers, auditors, and regulators may request the current provider-level list under appropriate confidentiality or contractual terms. Where a data processing agreement or applicable law requires notice of material provider changes, we provide that notice through the agreed channel.
We may also disclose information if required by law, subpoena, court order, or other valid legal process; to enforce our agreements; to protect the rights, property, or safety of users or the Service; or in connection with a merger, financing, acquisition, or sale of assets.
We do not sell personal information. We do not use advertising cookies or build advertising profiles from customer scans.
Retention
Uploaded scan files and results. Retained while your account is active and the related case remains available in your dashboard. Uploaded scan files are automatically deleted within 90 days unless you choose to retain them, subject to backups, audit logs, dispute preservation, and legal retention obligations.
Account data. Deleted or anonymized after an account deletion request unless retention is required for security, fraud prevention, accounting, tax, dispute, or other legal obligations.
Billing records. Retained as required for tax, accounting, chargeback, and legal compliance.
Security and audit logs. Retained for the period needed to protect the Service, investigate misuse, preserve evidence, and satisfy legal obligations.
Your Rights
Depending on your location, you may have rights to access, correct, delete, restrict, or export personal information, and to object to certain processing. You can use Download my data and Delete account in Settings for self-service export and deletion.
To exercise other privacy rights, contact [email protected]. We will respond within the period required by applicable law.
California and similar state privacy laws. Where applicable, you may request access, deletion, correction, a portable copy, and opt-outs from sale, sharing, targeted advertising, or certain profiling. We do not sell personal information, share it for cross-context behavioral advertising, or use targeted advertising.
Cookies and Analytics
We use essential cookies and local storage entries required for authentication, security, account preferences, and core Service functions.
We also offer optional product analytics after consent. You can accept or decline analytics in the cookie banner or later in Settings. Analytics is used to understand product reliability and workflow usage, not to sell personal information or target ads.
Security
We use encryption, account-scoped authorization, audit logging, provider review, and operational monitoring to protect the Service. See Security for more detail.
International Transfers
Information may be processed in the United States and other jurisdictions where our service providers operate. Where required, we use contractual, organizational, and technical safeguards for cross-border transfers.
Children
The Service is not intended for individuals under 16. We do not knowingly collect personal information from children. If we learn that a child provided personal information, we will delete it promptly.
Changes
We may update this Privacy Policy from time to time. For material changes, we will notify registered users by email or in-product notice before the change takes effect when required by law or contract. The current version will remain posted on this page.
Contact
Dental Cloud Technologies LLC
Florida, USA
Privacy inquiries: [email protected].