Back to home

Privacy Policy

Last updated: 1 April 2026

1. Data Controller

Denpath ("we", "us") operates denpath.co.uk and is the data controller for personal data processed through our service. Contact us at hello@denpath.co.uk.

2. What We Collect

We collect the following personal data:

  • Waitlist signups: email address, practice name
  • Account holders: name, email address, practice details
  • Patient data: name, email, dental treatment plans and associated clinical data (entered by dental practices)
  • Technical data: authentication cookies, session tokens

3. How We Use Your Data

  • Provide and maintain our dental practice management service
  • Facilitate treatment plan communication between practices and patients
  • Manage user accounts and authentication
  • Send service-related communications
  • Comply with legal obligations

Legal bases for processing under UK GDPR: performance of contract (service delivery), legitimate interests (service improvement, security), consent (waitlist, marketing), and legal obligation (regulatory compliance).

4. Data Storage and Security

All data is stored on servers located in the United Kingdom. We implement appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest, access controls, and regular security reviews. We do not transfer personal data outside the UK without adequate safeguards.

5. Data Retention

We retain personal data only as long as necessary for the purposes set out in this policy. Account data is retained while your account is active and deleted upon request. Patient treatment data is retained in accordance with dental record-keeping requirements.

6. Your Rights

Under UK GDPR you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with the ICO (ico.org.uk)

To exercise any of these rights, contact hello@denpath.co.uk.

7. Cookies

We use strictly necessary cookies for authentication and session management. These are essential for the service to function and cannot be disabled. We do not use advertising or analytics cookies.

8. Third-Party Sharing

We do not sell personal data. We may share data with infrastructure providers (hosting, email delivery) who process data on our behalf under data processing agreements compliant with UK GDPR.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or in-app notice. Continued use of the service after changes constitutes acceptance.

10. Contact

For privacy-related enquiries: hello@denpath.co.uk