Privacy Policy — CuspFlow

1. Introduction

CuspFlow ("we", "our", "us") is committed to protecting the privacy of dental clinics and their patients. This Privacy Policy explains how we collect, use, and safeguard information when you use the CuspFlow platform.

2. Data We Collect

We collect the following categories of data:

Account data: Name, email address, clinic name, and contact information provided when signing up.
Patient data: Patient records entered by clinic staff, including personal details, medical history, and treatment information.
Usage data: Anonymized logs of how the platform is used, for the purpose of improving the service.

3. How We Use Data

We use your data solely to provide and improve the CuspFlow service. We do not sell, rent, or share patient data with third parties for marketing purposes.

4. Data Security

All data is encrypted in transit (TLS) and at rest. Each clinic's data is logically isolated using row-level security policies. Access to any clinic's data requires authenticated credentials scoped to that clinic.

5. Data Retention

Clinic data is retained for the duration of the subscription and for 90 days after cancellation, during which time clinics can export their full data. After this window, data is permanently deleted.

6. Contact

For privacy-related questions, contact us at privacy@cuspflow.co.