Privacy Policy

Last Updated: November 12, 2025

This Privacy Policy explains how ImplantPassport (“we”, “our”, or “Service Provider”) collects, uses, stores, and protects your information through the Implant Passport mobile application (“App”). This Policy is designed to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller for personal data collected in the App is:

ImplantPassport
Registered in the UK
Email: support@implantpassport.app

2. Information We Collect

2.1 User-Provided Information

• Registration details (optional): name, email, password.
• Implant information, including type, location, and related notes.
• Images or documents related to dental implants.
• Consent preferences for sharing implant data with dentists.
• Opt-in preferences for marketing push notifications.

2.2 Automatically Collected Information

• Device type and operating system.
• IP address of the device.
• Usage information for features such as searching for nearby clinics.

2.3 Location Information

The App does not collect precise GPS location unless you explicitly choose to search for nearby clinics. Location is only used temporarily to provide search results.

3. Use of Your Information

• To operate the App and provide implant record management.
• To allow users to share implant data with dentists via explicit consent and QR code scanning.
• To provide AI-generated guidance and answers via the ChatGPT API. These responses are automated and for educational purposes only; they do not replace professional dental advice.
• To send push notifications:
  • Service-related notifications (e.g., maintenance reminders) do not require opt-in consent.
  • Marketing notifications (e.g., promotions from custom implant brands) require explicit opt-in consent.
• To improve App functionality and fix issues.

4. Sharing of Your Information

• Data shared with dentists occurs only with your explicit consent and for the implants you choose to share. You control which implants and how long access is granted.
• We may disclose data to third-party service providers who process data on our behalf, including:
  • Google Maps (for clinic search)
  • Firebase Cloud Messaging (for push notifications)
  • OpenAI (for AI assistant responses)
• Aggregated or anonymized data may be shared for research or app improvement purposes.
• Data may be transferred outside the EU/EEA to service providers; we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) are in place.
• We may disclose information if required by law or to protect rights, safety, or investigate fraud.

5. User Rights under GDPR

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Update or correct inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, including implant records and uploaded images. Note: some data may be required for App functionality.
• Restriction: Limit the processing of your personal data.
• Data Portability: Receive your data in a structured, commonly used format.
• Objection: Object to processing of your data for marketing purposes.
• Withdraw Consent: Withdraw consent at any time for marketing communications or sharing implant data with dentists.

To exercise any of these rights, contact us at support@implantpassport.app. EU users also have the right to lodge a complaint with a local Data Protection Authority: https://edpb.europa.eu.

6. Data Retention

• User-provided implant data and images are stored as long as your account exists. You can delete them by deleting your account.
• Usage logs are minimal (no analytics) and are deleted automatically.
• Consent preferences and sharing records are kept only as long as necessary to honor your selections.

7. Children

The App is not directed to anyone under the age of 13. We do not knowingly collect personal data from children under 13. If we learn that a child under 13 has provided personal data, we will delete it immediately. Parents or guardians may contact support@implantpassport.app for deletion requests.

8. Security

We implement appropriate technical and organizational measures to protect your data, including encryption of sensitive data and limited access to authorized personnel. However, no system is completely secure; you acknowledge that some risks remain.

9. Third-Party Services

The App uses third-party services (Google Maps, Firebase, OpenAI). Each has its own Privacy Policy, and you should review them:

• Google Maps: https://policies.google.com/privacy
• Firebase: https://firebase.google.com/support/privacy
• OpenAI: https://openai.com/privacy

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted in the App, and the “Last Updated” date will be revised. Continued use of the App constitutes acceptance of any changes.

11. Consent

By using the App, you consent to our processing of your personal data as described in this Privacy Policy. “Processing” includes collecting, storing, using, combining, and disclosing your data.

12. Contact Us

If you have questions or concerns regarding your privacy or this Policy, contact us at:

Email: support@implantpassport.app