Privacy Policy

    Last updated: 3/1/2026

    Information We Collect

    We collect information you provide directly to us, such as when you create an account, subscribe to our services, or contact us for support.

    • Name and contact information (email address, phone number)
    • Practice information (clinic name, website)
    • Communication preferences
    • Usage data and analytics

    How We Use Your Information

    We use the information we collect to:

    • Provide, maintain, and improve our services
    • Send you technical notices and support messages
    • Communicate with you about products, services, and promotional offers
    • Monitor and analyze trends and usage
    • Detect, investigate, and prevent fraudulent activities

    SMS Communications

    If you opt-in to receive SMS messages from us, we may send you:

    • Appointment reminders
    • Important service updates
    • Security notifications
    • Promotional messages (if consented)

    You can opt-out of SMS messages at any time by replying STOP. Message and data rates may apply.

    Information Sharing

    We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this privacy policy.

    Data Retention

    Summary: Our data retention policy ensures we keep your data only as long as needed for services and legal requirements. Most data is deleted within 7 years after account closure.

    Data retention: We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. Our data_retention practices follow industry standards.

    • Active account data: Retained for the duration of your account plus 7 years for compliance
    • Communication records: Retained for 3 years
    • Transaction data: Retained for 7 years for financial and tax purposes
    • Marketing preferences: Updated immediately upon request
    • De-identified analytics data: May be retained indefinitely

    You may request deletion of your personal data at any time, subject to legal retention requirements.

    Security Controls

    Summary: Our security_controls include AES-256 encryption, multi-factor authentication, and SOC2 Type II certified infrastructure. We conduct annual security audits.

    Security controls: We maintain comprehensive security_controls aligned with HIPAA, SOC2, and GDPR requirements. Our security measures protect your data at all times.

    • Encryption: All data encrypted at rest (AES-256) and in transit (TLS 1.2+)
    • Access Controls: Multi-factor authentication, role-based permissions, and audit logging
    • Infrastructure: SOC2 Type II certified cloud infrastructure with 99.9% uptime SLA
    • Monitoring: 24/7 security monitoring and incident response team
    • Compliance: Annual third-party security audits and penetration testing
    • Employee Training: Regular security and HIPAA compliance training for all staff
    • Business Associates: All third-party vendors sign Business Associate Agreements (BAAs)
    • Incident Response: Documented incident response plan with 72-hour breach notification

    Cookies

    Summary: Our cookies policy: We use essential cookies for functionality and optional analytics cookies. You can manage cookie preferences through your browser settings.

    Cookies: We use cookies and similar tracking technologies to enhance your experience. Our use of cookies complies with all applicable regulations.

    • Essential Cookies: Required for basic site functionality and security
    • Analytics Cookies: Help us understand how visitors use our site (can be disabled)
    • Preference Cookies: Remember your settings and preferences
    • Marketing Cookies: Used only with your explicit consent for targeted advertising

    You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling certain cookies may limit site functionality.

    We also use:

    • Local storage for temporary data caching
    • Session storage for maintaining user state
    • Analytics tools (Google Analytics, Mixpanel) in compliance with privacy regulations

    Third-Party Data Partners

    Summary: We use service providers that help us identify and communicate with visitors to improve our services. You can opt-out at any time.

    When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.

    You also have the option to opt out of the collection of your personal data in compliance with GDPR. To exercise this option, please visit https://www.rb2b.com/rb2b-gdpr-opt-out.

    Your Rights

    Summary: You can access, correct, or delete your data at any time. EU residents have additional GDPR rights.

    You have the right to:

    • Access your personal information
    • Correct inaccurate information
    • Request deletion of your information
    • Opt-out of marketing communications

    Accessibility Statement

    Summary: Our accessibility commitment: Our services meet WCAG 2.1 Level AA standards. Email us for accessibility support or alternative formats.

    Accessibility: We are committed to ensuring our services are accessible to all users, including those with disabilities. Our accessibility standards exceed industry requirements.

    • WCAG 2.1 Level AA compliance for all web interfaces
    • Screen reader compatibility and keyboard navigation support
    • Alternative text for images and multimedia content
    • Clear, simple language in all communications
    • Accessible formats available upon request (large print, audio, etc.)
    • Email-based support for accessibility needs

    For accessibility support or to report issues, contact hassan@ddsagents.com

    Contact Information

    Direct Email: hassan@ddsagents.com - Our contact_info for all privacy matters.

    Contact info: For privacy-related inquiries, data requests, or concerns, use the contact_info below:

    Data Protection Officer:

    Email: hassan@ddsagents.com

    Privacy Inquiries: hassan@ddsagents.com

    Address: 344 N Main Street, Canandaigua, NY, 14424

    Response Times:

    • General inquiries: 2-3 business days
    • Data access requests: Within 30 days (GDPR compliant)
    • Urgent security matters: Within 24 hours

    For EU residents: You may also contact your local data protection authority.