Privacy Policy
We believe you have the right to know exactly how your information is handled — clearly, not buried in legalese.
Introduction
Dentox Digital ("we," "our," or "us") operates dentoxdigital.com and provides dental marketing services including website design, SEO, AI agents, and automation. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and what rights you have over it.
This policy applies to all visitors and prospective clients who interact with our website, contact forms, newsletter, or AI chat widget. By using our site, you agree to the practices described here. If you disagree with any part of this policy, please do not use our services and contact us at [email protected] with any questions.
We review and update this policy periodically. Material changes will be noted with a revised "Last updated" date at the top of this page.
Information We Collect
We only collect information that is necessary to deliver our services or to improve your experience on our site.
Information you provide directly:
- Name, email address, and phone number submitted via contact or audit request forms
- Practice name, location, and service interests provided in inquiry forms
- Messages and questions submitted through our contact form or AI chat widget
- Email address when subscribing to our monthly newsletter
- Payment details when purchasing services (processed directly by our payment partners — we never store card numbers)
Information collected automatically:
- IP address and approximate geographic location (city/country level only)
- Browser type, operating system, and device type
- Referring website URL and pages visited on our site
- Session duration, scroll depth, and click interactions (via Google Analytics 4)
- Topbar-dismissed preference stored in your browser's local storage
We do not collect sensitive personal data such as racial or ethnic origin, health information, financial account details, or government-issued identifiers — except to the extent a user voluntarily includes them in a message or form field.
How We Use Your Information
We use the information we collect for the following purposes:
- Deliver your free Practice Growth Audit and follow up with results
- Respond to inquiries and provide project proposals within 4 business hours
- Onboard new clients and manage ongoing service delivery
- Send our monthly newsletter to subscribers (opt-in only — you can unsubscribe at any time)
- Analyse website performance and improve our content and user experience
- Detect and prevent fraud or abuse of our systems
- Comply with applicable legal and regulatory obligations
We do not sell, rent, or trade your personal information to any third party for their own marketing purposes.
Marketing communications: If you submit an inquiry or request an audit, we may send you follow-up emails about our services. Every marketing email includes an unsubscribe link. We honour all opt-out requests within 5 business days.
Cookies & Analytics
We use a minimal set of cookies and analytics tools. Here is exactly what runs on our site:
- Google Analytics 4 — anonymised usage analytics (page views, session duration, traffic sources). IP anonymisation is enabled. No cross-site tracking.
- Session cookies — temporary, deleted when you close your browser. Used for core site functionality.
- Local storage preference — stores whether you dismissed the announcement bar. Not a cookie; never sent to our servers.
We do not use advertising cookies, retargeting pixels, or third-party tracking cookies of any kind on this website.
How to opt out of analytics:
- Install the Google Analytics Opt-out Browser Add-on
- Use your browser's built-in tracking protection or a privacy-focused browser extension
- Enable "Do Not Track" in your browser settings (we honour this signal)
Third-Party Services
To operate our website and deliver our services, we work with the following third-party providers. Each has its own privacy policy governing how it handles your data.
- Google Analytics 4 — website analytics. Data is anonymised and processed under Google's data processing terms.
- Google Workspace — email and internal communication. Incoming emails to [email protected] are processed via Google.
- WhatsApp Business — optional chat channel. Messages sent via WhatsApp are subject to Meta's Privacy Policy.
- Cloudflare — DNS, CDN, and DDoS protection. Cloudflare processes your IP address to route traffic and block malicious requests.
- CRM software — we use a CRM to manage client relationships and inquiry follow-ups. Data stored is limited to what you have provided in forms.
- Email marketing platform — for our monthly newsletter. Newsletter subscribers can unsubscribe at any time via the link in any email.
- Payment processors (Stripe / PayPal) — payment card data is entered directly on our payment processor's secure page and never touches our servers.
We require all third-party providers to maintain appropriate technical and organisational security measures and to only process data for the purposes we specify.
Patient Data & HIPAA
Important notice for dental practices: Dentox Digital is a marketing agency and is not a HIPAA covered entity. We do not provide healthcare services and our marketing tools are not designed to collect or process Protected Health Information (PHI).
Our contact forms, audit requests, and chat widget are designed to collect business contact information only — not patient data. Please do not submit any patient names, treatment records, insurance information, dates of birth, or any other PHI through our website forms or chat.
If patient data is inadvertently shared with us, we will:
- Notify you immediately upon discovery
- Delete the data from our systems within 48 hours
- Not use or disclose the data in any way
- Document the incident for our own security records
For practices in HIPAA-regulated environments: Your practice is responsible for ensuring that any marketing materials or processes we create on your behalf comply with HIPAA's marketing rules. We are happy to discuss a Business Associate Agreement (BAA) if your workflow requires one. Contact us at [email protected] to discuss.
Practices in the EU, UK, or Australia should also note that we are GDPR and APPs-aware when handling any data provided by their practice.
Your Rights
Depending on your location, you have the following rights regarding your personal information:
- Right to access — request a copy of the personal data we hold about you
- Right to rectification — ask us to correct inaccurate or incomplete data
- Right to erasure — request deletion of your personal data ("right to be forgotten")
- Right to restriction — ask us to limit how we process your data in certain circumstances
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interests, or to direct marketing at any time
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting prior processing
California residents (CCPA): You have the right to know what personal information we collect, disclose, and sell (we do not sell personal information). You also have the right to delete your information and to non-discrimination for exercising your rights.
EU/UK residents (GDPR/UK GDPR): All the rights listed above apply to you in full. Our lawful basis for processing is typically legitimate interests (responding to inquiries), contract performance (service delivery), or consent (newsletter). You also have the right to lodge a complaint with your local supervisory authority.
To exercise any of these rights, email [email protected] with the subject line "Privacy Request." We will respond within 5 business days and complete your request within 30 days (or sooner where required by law). We do not charge a fee for reasonable requests.
Contact Us
If you have any questions about this Privacy Policy, want to exercise your rights, or need to report a data concern, please get in touch:
- Email: [email protected]
- Response time: Within 4 business hours for general enquiries; within 5 business days for formal privacy requests
- Company: Dentox Digital
For privacy complaints that we are unable to resolve to your satisfaction, EU and UK residents may escalate to their national data protection authority. California residents may contact the California Privacy Protection Agency (CPPA).
Ready to Fill More Chairs?
Book a free 15-point Practice Growth Audit — get a clear, no-pressure look at what's working, what's leaking, and what to fix first.
⏱ RESPONSE WITHIN 4 BUSINESS HOURS · NO COMMITMENT REQUIRED