Privacy Policy

Last updated: May 15, 2026

TeethTalk Dental Clinic ("we," "our," or "the Clinic") is committed to protecting your personal data in accordance with the Republic Act No. 10173 (Data Privacy Act of 2012) of the Philippines. This policy explains what information we collect, how we use it, and your rights as a patient.

1. Information We Collect

When you register or use our system, we may collect the following:

• Personal identifiers: Full name, email address, phone number, birthdate, sex, and home address
• Emergency contact: Name and phone number of a designated contact person
• Account credentials: Email and password (passwords are stored in hashed/encrypted form only)
• Appointment data: Dates, times, selected services, and appointment status
• Treatment records: Procedures performed, dentist notes, consultation history
• Billing information: Invoice totals, payment status, and outstanding balance

2. Purpose of Collection

We collect and process your personal data strictly for the following purposes:

• To manage your patient account and verify your identity
• To schedule, confirm, and track dental appointments
• To maintain accurate treatment and medical history records
• To generate and display billing summaries
• To send appointment reminders and clinic notifications (via email or SMS, if enabled)
• To improve our services and system functionality

3. Data Sharing & Disclosure

Your personal information is accessible only to authorized Clinic staff (dentists, front desk personnel, and clinic administrators) on a need-to-know basis. We do not sell, rent, or trade your data.

We may share limited data with:

• Third-party service providers: Such as email delivery or SMS gateway services, solely for sending appointment reminders. These providers are bound by confidentiality agreements.
• Legal authorities: If required by Philippine law, a court order, or regulatory obligation.

4. Data Retention & Deletion

• Patient records are retained for the duration of your relationship with the Clinic and for a reasonable period thereafter, in compliance with applicable healthcare record-keeping requirements.
• You may request deletion of your personal data by contacting us in writing. Certain records may be retained as required by law (e.g., medical records retention under DOH guidelines).

5. Data Security

We implement appropriate security measures to protect your data, including:

• Passwords stored using industry-standard one-way hashing (bcrypt)
• CSRF token protection on all forms
• Session timeout and login attempt throttling
• Access restricted by role-based authentication (admin, front desk, patient)
• Prepared SQL statements to prevent injection attacks

6. Cookies & Sessions

This system uses session cookies to maintain your login state. These cookies are essential for the system to function and are automatically deleted when you log out or close your browser. We do not use third-party tracking cookies or advertising cookies.

7. Your Rights as a Patient

Under the Data Privacy Act of 2012, you have the right to:

• Access your personal data held by the Clinic
• Correct inaccurate or outdated information via your profile page
• Object to certain types of data processing
• Erasure or blocking of your data, subject to legal retention requirements
• Lodge a complaint with the National Privacy Commission (NPC) if you believe your data privacy rights have been violated

8. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised "Last updated" date. We encourage you to review this page periodically.

9. Contact Us

For questions, concerns, or requests regarding your personal data, please contact:

• TeethTalk Dental Clinic — Data Privacy Officer
• Email: info@teethtalk.com
• Phone: +1 (555) 123-4567
• Address: 123 Dental Street
  Health City, HC 12345
  United States