Legal
Privacy Policy
Effective 2026-07-13
This is a template provided for convenience and is not legal advice. Have it reviewed and adapted by a licensed attorney in your jurisdiction before use.
This Privacy Policy explains how [Legal Entity] ("Dentist Owners," "we," "us") collects, uses, and protects information when you use our onboarding and deal-room platform (the "Platform").
1. Who we are
[Legal Entity] is the controller of the information described here. Contact us at [Contact Email].
2. Information we collect
- Account information: your name, email address, password (stored only as a salted hash), and two-factor authentication settings.
- Practice and business information: the practice and ownership details, financial and operational documents, and diligence materials you choose to provide.
- Usage and device information: log data, IP address, and basic analytics needed to operate and secure the Platform.
3. What we never collect
We collect business records only. We do not collect, and ask you not to upload, patient records or other protected health information (PHI). The Platform actively screens for and quarantines suspected PHI.
4. How we use information
To provide the Platform; to verify identity and secure accounts; to facilitate diligence and the exchange of documents with the group's review team; to communicate with you; to comply with law; and to protect the rights and safety of users and the Platform.
5. How we share information
- Service providers who host and support the Platform under confidentiality obligations (for example, our cloud infrastructure provider and our transactional email provider).
- The group's review team, only for documents you submit for review, and under a signed confidentiality agreement.
- Legal and safety: when required by law, to enforce our agreements, or to protect rights and safety.
We do not sell your personal information.
6. How we protect information
Documents are encrypted at rest using envelope encryption; access is scoped to the people you assign; every access is recorded in a tamper-evident, hash-chained audit log you can review; and two-factor authentication is required before any document surface is available.
7. Retention and deletion
We retain information for as long as needed to provide the Platform and to meet legal, tax, and accounting obligations, then delete or de-identify it. You may request deletion of your account and associated documents, subject to records we must retain by law.
8. Your choices and rights
You may access, correct, or request deletion of your information, and you may withdraw consent to non-essential processing. To exercise these rights, contact [Contact Email]. Depending on your state, you may have additional rights.
9. Cookies and analytics
We use strictly necessary cookies to keep you signed in and to secure the Platform, and limited, privacy-respecting analytics to understand usage. We do not use third-party advertising cookies.
10. Children
The Platform is not intended for anyone under 18, and we do not knowingly collect information from children.
11. Changes
We may update this Policy; material changes take effect when posted with a new effective date.
12. Contact
Privacy questions or requests: [Contact Email].