Privacy Policy
Last updated: May 16, 2026
1. Introduction
Petdentx ("we", "our", or "us") is committed to protecting the privacy of our users and the patients whose data flows through our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our services.
By using Petdentx, you agree to the practices described in this policy. If you do not agree, please discontinue use of our services.
2. Information We Collect
Account Information: Name, email address, phone number, organization details, and billing information provided during registration.
Patient Data (via Clinic Users): Clinics using our platform may input patient health information, including demographics, medical history, clinical notes, and diagnostic results. This data is subject to our Business Associate Agreement (BAA) for HIPAA compliance.
Usage Data: Log files, IP addresses, browser type, pages visited, and feature interaction patterns. This data is used to improve the platform and is never sold.
Cookies: Session cookies for authentication and optional analytics cookies. You may opt out of non-essential cookies at any time.
3. How We Use Your Information
- To provide, operate, and improve the Petdentx platform
- To process transactions and send billing communications
- To send service-related notifications (order updates, security alerts)
- To respond to support requests and inquiries
- To monitor for security threats and prevent fraud
- To comply with legal obligations and enforce our Terms of Service
We do not sell, rent, or trade your personal data or patient data to third parties.
4. Data Sharing and Disclosure
Cross-tenant Sharing: When a clinic sends a lab order, only the minimum necessary patient identifiers required to process that specific order are shared with the laboratory. Full patient records are never exposed.
Service Providers: We use trusted third-party services under strict data processing agreements. These providers may not use your data for their own purposes.
Legal Requirements: We may disclose data if required by law, court order, or governmental authority.
5. Data Security
We implement industry-standard security measures including:
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for data at rest
- Multi-factor authentication for administrator accounts
- Role-based access control with least-privilege principles
- Regular third-party penetration testing
- Immutable audit logs for all significant actions
6. Data Retention
We retain account data for as long as your account is active. Upon account termination, we will delete or anonymize your data within 90 days, except where retention is required by law.
7. Your Rights (GDPR / Cambodia DPL)
- Access: Request a copy of personal data we hold about you
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your personal data
- Portability: Receive your data in a machine-readable format
- Objection: Object to processing based on legitimate interests
To exercise any of these rights, contact us at hello@petdentx.com.
8. HIPAA Business Associate Agreement
For US-based healthcare organizations, Petdentx functions as a Business Associate under HIPAA. We offer a standard BAA to all covered entities. Contact us to request and execute a BAA before inputting Protected Health Information (PHI).
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 30 days before they take effect.