Privacy Policy
Effective Date: October 22, 2025
1) Who We Are
The Oncall Bot LLC (“The Oncall Bot,” “we,” “us,” or “our”) provides mobile and web applications that deliver dental education, after-care guidance, and related tools for patients and dental practices. We are located in the State of New York, USA.
Support contact: support@theoncallbot.com
2) Scope
This Privacy Policy explains how we collect, use, disclose, and protect information when you use our websites, mobile apps, and services (the “Services”). By using the Services, you agree to this Policy.
3) Information We Collect
a) Information you provide
- Account details (name, email, password).
- Practice information (for dentist accounts): practice name, role, business email.
- Messages and inputs you submit to the app (e.g., symptom descriptions, content selections, language settings, feedback).
- Support requests and communications.
b) Information collected automatically
- Device and app data (device type, OS version, app version, language, time zone).
- Usage analytics (screens viewed, taps, session duration).
- Log data and diagnostics (crash logs, performance metrics).
- Approximate location (from IP) for localization and compliance. We do not collect precise GPS location unless a feature clearly requests it.
c) Information from third parties (if you opt in)
- Single sign-on providers (e.g., Apple/Google) for basic profile details.
- Payment processors (if you purchase a subscription): we receive payment status but not full card details.
Health & Sensitive Data: If you enter information that could relate to your health (e.g., symptoms, procedure type, after-care needs), we treat it as sensitive and protect it accordingly. The Services are designed for education and guidance—not diagnosis or treatment.
4) How We Use Information
- Provide, maintain, and personalize the Services.
- Deliver educational content and after-care guidance you request.
- Communicate with you (account notices, service updates, support).
- Process subscriptions and verify eligibility.
- Monitor security, prevent fraud/abuse, and fix bugs.
- Analyze aggregate usage to improve quality and features.
Legal bases (EEA/UK): contract performance, legitimate interests (service improvement, security), consent where required, and legal obligations.
7) Data Retention
We retain personal information only as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. You can request deletion at any time (see §10).
8) Children’s Privacy
The Services are not directed to children under 13 (or under the age required by local law). We do not knowingly collect personal information from children without verifiable parental consent. If you believe a child has provided personal information, contact us and we will take appropriate action.
9) International Transfers
We may process information in the United States and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border data transfers.
10) Your Rights & Choices
Depending on your location, you may have rights to access, correct, delete, or port your data, and to object or restrict certain processing.
Requests: email support@theoncallbot.com with the subject “Privacy Request.”
Account Deletion: Request in-app (Account → Delete Account) or by email. We will verify your request and delete or anonymize your personal data, except where retention is required by law (e.g., transaction records).
11) U.S. State Disclosures (incl. NY; CCPA/CPRA)
Where applicable, you may have the right to know categories/specific pieces of personal information collected; request deletion; correct inaccuracies; and opt out of “selling” or “sharing” (we do not sell). We honor authorized agent requests as required by law and do not discriminate for exercising rights.
12) Security
We use administrative, technical, and physical safeguards designed to protect personal information (encryption in transit, access controls, least-privilege practices, and monitoring). No system is 100% secure—please use strong passwords and keep them confidential.
13) HIPAA Notice
The Oncall Bot is not intended to store electronic Protected Health Information (ePHI) as a covered entity system. If a dental practice integrates the Services in a way that involves PHI, The Oncall Bot LLC may enter into a Business Associate Agreement (BAA) where required. We apply heightened safeguards to sensitive entries.
14) Third-Party Services (including OpenAI)
To operate core features, we use trusted third parties. These include analytics, hosting, payments, error logging, email/SMS providers, and AI processing vendors such as OpenAI (for generating or improving responses to your prompts). When AI features are used, the text you input and necessary metadata may be sent to these providers to generate results and to monitor for abuse and quality.
- OpenAI: We may send user prompts and app outputs to OpenAI’s API to process your request. OpenAI’s policies: openai.com/policies. We do not knowingly send PHI unless you choose to include it.
- Other processors: SSO (Apple/Google), payments, analytics, and crash reporting—each governed by their own privacy policies and bound by processor terms with us.
Your choices: Avoid entering sensitive personal information you do not want processed by third-party AI vendors. If your organization requires special terms (e.g., BAA), contact us.
15) Changes to This Policy
We may update this Policy from time to time. Material changes will be notified in-app or via email. Continued use after the effective date constitutes acceptance.
16) Contact Us
The Oncall Bot LLC
New York, USA
Email: support@theoncallbot.com