Legal

Privacy Policy

How Dental Education, Inc. d/b/a Intake.Dental collects, uses, and protects information.

Last updated: February 2026

1. Overview

This Privacy Policy explains how Dental Education, Inc. d/b/a Intake.Dental ("we", "our", or "the Service") collects, uses, and protects information. By using the Service you agree to the terms below.

2. What we do not do

We want to be explicit about what we do not do with your data:

  • We do not sell data to third parties.
  • We do not share information with marketing companies.
  • We do not track patients for advertising.
  • We do not access patient PHI except as necessary for service delivery.
  • We do not use patient data for AI training beyond the requested Services.

3. What we do collect

Practice account information

Practice name, address, and contact information, along with billing details, subdomain preferences, and staff user accounts.

Patient data

Patient demographics, contact information, and medical/dental history submitted through intake forms, plus insurance information, electronic signatures, and appointment data.

Technical information

Browser type and version, and IP addresses for service improvement and security monitoring.

4. Data protection

All patient data is encrypted using AES-256-GCM with proprietary dual-layer Glyph encryption (optional add-on) and stored on our HIPAA-compliant infrastructure.

5. Data hosting and infrastructure

Data resides on Amazon Web Services (AWS) for HIPAA-compliant storage and computing, plus Supabase for database services. Both providers operate under their own executed BAAs with Intake.Dental.

6. Third-party providers

Services include AWS, Supabase, Stripe, Sikka AI (PMS integration), insurance verification APIs, Daily.co (video), and DeepL (form translation). Each is bound by either a BAA or an equivalent data processing agreement where required.

7. Payment processing

We do not store credit card information. Stripe's privacy policy governs their handling of payment information.

8. HIPAA compliance

Dental Education, Inc. executes a Business Associate Agreement (BAA) with every registered practice at no additional cost.

9. Security measures

Implementations include AES-256-GCM encryption, TLS 1.3, HIPAA-compliant AWS infrastructure, protection against common web attacks, and isolated per-practice data environments.

10. Your rights

Practices can access and export all their patient data at any time and can request deletion in compliance with applicable retention requirements.

11. Data breach notification

We will notify affected practices within 72 hours of the discovery of a security incident affecting PHI.

12. Children's privacy

Minor patient information is handled in accordance with HIPAA, applicable state laws, and the practice's own policies.

13. International data

Patient data is stored on servers located in the United States.

14. Policy changes

The "Last Updated" date will reflect any changes to this policy. Continued use of the Services after notification constitutes acceptance of the updated terms.

Contact

Questions about this policy? Email support@intake.dental.

Privacy Policy β€” Intake.Dental | Intake Dental