Your privacy is our priority. This policy explains how we collect, use, and protect your personal and health information.
Last Updated: November 6, 2025
Here's what you need to know about how we handle your data
All your health data is encrypted in transit and at rest using industry-standard AES-256 encryption.
We follow strict HIPAA guidelines to protect your protected health information (PHI).
You can access, download, or delete your data at any time through your account settings.
We only collect data necessary to provide our services and improve your experience.
We never sell your personal or health information to third parties. Period.
We'll notify you immediately if there's any security incident affecting your data.
When you create an account, we collect your name, email address, phone number, date of birth, and location information. This helps us personalize your experience and connect you with nearby dental professionals.
We collect dental scans, photos of your teeth, health history, dental records, treatment information, and AI analysis results. This information is essential for providing you with accurate health assessments and personalized recommendations.
We automatically collect information about how you use MySmileBridge, including app interactions, feature usage, scan frequency, and device information. This helps us improve our services and user experience.
When you communicate with dentists through our platform, we store messages, video call metadata (not recordings unless you consent), and appointment information to maintain your care history.
We use your information to provide AI-powered dental analysis, connect you with dentists, track your oral health progress, send appointment reminders, and deliver personalized health recommendations.
Your data helps us train and improve our AI models (using anonymized data only), develop new features, enhance user experience, and conduct research to advance dental care technology.
We may contact you about service updates, health tips and educational content, appointment confirmations, and important account information. You can opt out of non-essential communications at any time.
We may use or disclose your information to comply with legal obligations, respond to legal requests, protect our rights and safety, and prevent fraud or abuse.
When you book appointments or consultations, we share relevant health information with your chosen dentists to facilitate your care. You always control what information is shared.
We work with trusted third-party service providers for cloud storage, payment processing, analytics, and customer support. These providers are contractually bound to protect your data and can only use it for specified purposes.
With your explicit consent, we may share anonymized, de-identified data with research institutions to advance dental science. No personally identifiable information is ever shared for research purposes.
We never sell your personal information to advertisers, marketing companies, or data brokers. We never share your health information for marketing purposes without your explicit consent.
We implement AES-256 encryption for data at rest, TLS 1.3 for data in transit, multi-factor authentication, regular security audits and penetration testing, and automated threat detection systems.
Our team follows strict access controls and role-based permissions, mandatory security training for all staff, comprehensive privacy policies and procedures, and regular compliance reviews.
We use secure, SOC 2 Type II certified data centers with 24/7 monitoring, redundant power and network systems, and strict physical access controls.
You have the right to access all your personal and health information, download your data in a portable format, and request copies of your dental scans and records at any time through your account settings.
You can update your personal information, correct inaccurate health data, and modify your communication preferences directly in your account.
You can request deletion of your account and associated data. Note that we may retain certain information as required by law or for legitimate business purposes (e.g., fraud prevention) for a limited time.
You can opt out of marketing communications, data sharing for research purposes, and certain AI training uses of your data while still using our core services.
MySmileBridge is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
For users between 13 and 18, we require parental consent before creating an account and collecting any health information.
MySmileBridge operates globally. If you access our services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.
We ensure that all international data transfers comply with applicable data protection laws, including GDPR for European users, through standard contractual clauses, adequacy decisions, and other approved transfer mechanisms.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: privacy@chanieldigitalhealth.com
Phone: 1-800-SMILE-00
Mail: MySmileBridge Privacy Team
123 Dental Plaza, Suite 500
San Francisco, CA 94105
Data Protection Officer: dpo@chanieldigitalhealth.com
We're committed to transparency and protecting your privacy. If you have any questions or concerns, our privacy team is always here to help.