Dentic

Privacy Policy

Dentic · Australia · Last updated May 2026

Dentic Pty Ltd (we, us) provides software that helps Dental clinics communicate with patients. This policy explains how we handle personal information in connection with the Dentic application (the Service), in line with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. What we collect

  • Practice account data: contact details, practice profile, channel configuration (e.g. SMS/WhatsApp routing), and integration credentials you supply for your practice management system.
  • Operational and message metadata: timestamps, channels, session identifiers, and scrubbed message content (see below) where logging is enabled for analytics and support.
  • Technical data: IP addresses in security audit logs (e.g. practice portal sign-in), and standard server logs required to run the Service.

We do not use patient message content to train public AI models.

2. How we use information

We use personal information to operate the Service, authenticate practice users, deliver messages you configure, improve reliability and security, comply with law, and respond to requests.

3. Storage and location

Application data for this deployment is stored in SQLite on our hosting provider (e.g. Railway) with compute in regions we configure for production—typically aligned with Sydney, Australia where offered. Practice integrations (such as your PMS) are governed by those providers’ terms.

Sensitive fields such as D4Web API keys may be encrypted at rest when you configure an encryption key for your environment.

4. Conversation logs and scrubbing

Inbound and outbound text logged for reporting may have Australian mobile numbers and email addresses replaced with placeholders before storage. Other identifiers may remain; practices should continue to meet their own clinical record-keeping and privacy obligations.

5. Retention

Unless you ask us otherwise or we are required to keep data longer:

  • Conversation logs: retained up to 90 days, then deleted automatically by scheduled cleanup.
  • Certain campaign and follow-up logs (e.g. no-show, reactivation, treatment follow-up): retained up to 180 days for operational reporting, then deleted by scheduled cleanup.
  • Practice account data: retained while your subscription or trial is active and for a reasonable period afterwards for legal and accounting purposes.

6. Disclosure

We share information with subprocessors needed to run the Service (e.g. hosting, messaging, email), where you direct us (e.g. Twilio for SMS/WhatsApp), or where required by law. We do not sell personal information.

7. Access, correction, and deletion

Practice administrators may update many details in the portal. For deletion of practice data, export requests, or questions about this policy, contact privacy@dentic.com.au. We will respond within a reasonable time. You may also complain to the Office of the Australian Information Commissioner (OAIC).

8. Security

We apply administrative, technical, and organisational measures appropriate to the Service, including HTTPS in production, access controls for the practice portal, rate limiting on public webhooks, and audit logging for sensitive actions. No online service is perfectly secure; please protect your passwords and API keys.

9. Contact

Privacy enquiries: privacy@dentic.com.au