Privacy Policy

This Privacy Policy applies to CrownDesk, a dental practice management platform developed and operated by XaltraX Inc., a corporation registered in Delaware, United States. XaltraX Inc. serves as the data controller for all information collected through the CrownDesk platform.

Personal Information

• • Account information (name, email, phone number)
• • Professional details (practice name, license information)
• • Billing and payment information
• • Communication preferences

Usage Data

• • Application usage patterns and features accessed
• • Performance metrics and error logs
• • Device information and IP addresses
• • Session duration and interaction data

Patient Data (HIPAA Protected)

• • Patient health information (PHI) as defined by HIPAA
• • Appointment and treatment records
• • Insurance and billing information
• • Communication logs and notes

Service Delivery

• • Provide and maintain CrownDesk services
• • Process transactions and manage billing
• • Provide customer support and technical assistance
• • Send important service notifications

Improvement and Analytics

• • Analyze usage patterns to improve features
• • Conduct research for product development
• • Monitor system performance and security
• • Generate anonymized insights and reports

Legal and Compliance

• • Comply with applicable laws and regulations
• • Respond to legal requests and court orders
• • Protect against fraud and security threats
• • Enforce our terms of service

Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Patient health information receives additional encryption layers.

Access Controls

We implement role-based access controls, multi-factor authentication, and regular access reviews to ensure only authorized personnel can access your data.

Infrastructure Security

Our systems are hosted on SOC 2 Type II certified infrastructure with 24/7 monitoring, intrusion detection, and automated threat response.

HIPAA Compliance

CrownDesk is fully HIPAA compliant. We sign Business Associate Agreements (BAAs) with all healthcare customers and maintain comprehensive audit logs.

Access and Portability

You have the right to access your personal information and receive a copy in a portable format. Contact us to request your data.

Correction and Deletion

You can update or correct your information through your account settings or by contacting support. You may also request deletion of your data.

Communication Preferences

You can opt out of marketing communications at any time. Service-related communications may still be necessary for account management.

Data Retention

We retain your data only as long as necessary for service provision and legal compliance. Patient health information follows healthcare-specific retention requirements.

Service Providers

We work with trusted third-party providers for infrastructure, analytics, and support services. All providers are vetted for security and sign appropriate data processing agreements.

Integrations

CrownDesk integrates with various dental software and services. Data sharing with these services is controlled by you and follows your explicit consent.

No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. Your data is used solely to provide and improve our services.