← Dental Now

Privacy Policy

Effective date: March 8, 2026  ·  Last updated: June 11, 2026

Dental Now is a neutral technology platform and marketplace — we are not your healthcare provider. We do not employ, refer, recommend, or endorse any dental provider. To the extent we handle health-related information you submit, we protect it consistent with applicable law. We are not a HIPAA covered entity with respect to self-submitted booking data; our hosting infrastructure (Fly.io) operates under a signed Business Associate Agreement. For your consumer health data rights (including Washington My Health My Data Act rights), see our Consumer Health Data Privacy Policy.

1. Who We Are

Dental Now ("we," "us," or "our") is a dental appointment facilitation platform operated by Samuel Wachira, d/b/a Dental Now, a sole proprietorship based in Massachusetts. We connect patients with licensed dental providers. Our contact information appears at the end of this policy.

2. Information We Collect

We collect the following categories of information:

Information about your appointment and reason for visit is sensitive health information. Under the California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA), appointment details and reason for visit constitute sensitive personal information (health-related information). We collect and use this data solely to facilitate your appointment with the dental provider you select. We do not use sensitive personal information for purposes beyond those stated in this policy without your separate authorization. We protect it as described in this policy and consistent with applicable law. For your specific health-data rights, see our Consumer Health Data Privacy Policy.

3. How We Use Your Information

We do not sell your personal information or consumer health data to any third party — ever. We do not share it with data brokers or advertisers. We do not use health-related information for marketing or advertising without your separate, specific, written authorization.

Data minimization. We minimize the personal information we transmit to third-party service processors. Appointment details (including reason for visit, contact information, and clinical notes) remain within your authenticated account on our Fly.io infrastructure (covered by a signed Business Associate Agreement). Email and push notification delivery systems receive only a generic nudge directing you to open the app — they do not receive your appointment details, reason for visit, insurance information, or contact details. Full booking information is accessible only to you and the provider you selected, within the authenticated application.

4. How We Share Your Information

Your information may be shared only in the following limited circumstances:

5. Data Retention

Booking records are retained for 7 years from the date of the appointment, as required by applicable healthcare regulations. After this period, records are permanently and securely deleted. Account data is retained until you request deletion.

Student profile data, shadowing records, and logged hours are retained until you delete your account. School ID images are retained only as long as needed for verification and are deleted when you remove them or delete your account. Upon account deletion, all student data (profile, shadowing requests, logged hours, uploaded files) is anonymized and de-identified. Personal identifiers are removed, but anonymized records may be retained as required by applicable law (minimum 6 years for certain healthcare records). You may request confirmation of anonymization by contacting admin@dentalnow.io.

Analytics & Third-Party Services

Vercel Analytics: On the web version of Dental Now, we use Vercel Analytics to collect anonymized page view and performance data. No personally identifiable information is collected through this service. You may opt out via the cookie consent banner.

Expo Push Notifications: We use Expo's push notification service to deliver notifications to your device. Device push tokens are transmitted to Expo for delivery purposes only. Push notification content does not contain patient names, appointment times, or other health-related information — all notifications use generic text directing you to open the app.

6. Security

We implement the following safeguards:

7. Your Privacy Rights

You have the following rights regarding your information:

To exercise any of these rights, contact our Privacy contact at admin@dentalnow.io. We will respond within 30 days and will not require you to create an account to submit a request. For consumer health data rights under the Washington My Health My Data Act or similar state laws, see our Consumer Health Data Privacy Policy.

8. Children's Privacy

Dental Now is not directed to children under 13. We do not knowingly collect personal information from children under 13 without verified parental consent. If you believe we have inadvertently collected such information, please contact us immediately.

9. California Residents — CCPA/CPRA Notice at Collection

This section serves as the required notice at collection for California residents under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) (Cal. Civ. Code §1798.100 et seq.; CCPA Regs §7012).

Categories of personal information collected and purposes:

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. California residents have the rights described in Section 7 above, including the right to know, delete, correct, and limit use of sensitive personal information. To submit a verifiable consumer request, contact admin@dentalnow.io. We will not discriminate against you for exercising these rights.

10. Breach Notification

If we discover a security breach that involves your personal information, we will notify you and the appropriate regulatory authorities consistent with applicable law, including the FTC Health Breach Notification Rule (16 C.F.R. Part 318, as amended effective July 29, 2024) and applicable state breach-notification statutes. For breaches covered by the FTC HBNR, we will notify affected individuals without unreasonable delay and no later than 60 calendar days after discovery. Notifications to regulators will follow the timelines required by applicable law. We will not create a reportable breach by routing health-related data through un-BAA'd third parties — our data-minimization posture (Section 3) is designed to prevent this.

11. Consent Practices

Where we collect consent (including for consumer health data under state health-privacy laws), we do so through a separate, unbundled opt-in that is specific, informed, and voluntary. We do not use pre-checked boxes, confirmshaming decline labels, manufactured urgency, or hidden disclosures. Consents are not bundled into general terms acceptance — health-data-specific consents appear at the point of collection (the booking flow). You may withdraw any consent at any time by contacting admin@dentalnow.io.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notice at least 30 days before they take effect. Continued use of Dental Now after the effective date constitutes acceptance of the revised policy.

13. How to File a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights:

HHS Office for Civil Rights
200 Independence Avenue, S.W., Washington, D.C. 20201
Phone: 1-800-368-1019 (TDD: 1-800-537-7697)
www.hhs.gov/hipaa/filing-a-complaint

You will not be retaliated against for filing a complaint.

14. Contact Us

Dental Now Privacy Contact
Email: admin@dentalnow.io
Response time: within 30 days of receipt

For information about your consumer health data rights, see our Consumer Health Data Privacy Policy.