Privacy Policy
Your Privacy,
Our Commitment
ProstoCalc: Clinical Cost Intelligence Platform for Modern Dentistry
ℹ️
Important Notice: By downloading, installing, or using ProstoCalc on any platform (iOS, Android, or Web), you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, please do not use the application. This policy is publicly accessible at our website and within the app.
🦷
Section 01
About ProstoCalc
ProstoCalc ("we," "our," "us," or "the App") is a Clinical Cost Intelligence Platform designed exclusively for licensed dental practitioners, dental clinic administrators, and their staff. The App provides highly accurate, AI-assisted treatment cost estimation, clinical documentation support, and dental practice management features.
ProstoCalc is operated by the ProstoCalc development team. All data processing described in this Policy is carried out by us or our vetted sub-processors as described herein.
🤖
Hybrid Cost Estimation
Deterministic clinical formulas combined with ML-based predictions
📋
Neural Justification
AI-generated clinical reports to transparently justify costs to patients
📊
Risk Analysis
Predictive modeling for cost escalation and treatment complexity
💯
Dental Health Score
Dynamic 0–100 index based on hygiene, age, and urgency factors
⚠️
Professional Use Only. ProstoCalc is intended solely for use by licensed dental professionals. Patient-facing use of output data (cost estimates, clinical reports) is the responsibility of the practitioner. Nothing in this App constitutes direct medical or financial advice to patients.
📂
Section 02
Information We Collect
We collect only the data necessary to provide the features of ProstoCalc. The categories below describe what we collect, why, and how.
2.1 — Account & Practitioner Data
- Identity: Full name, professional title, clinic name
- Contact: Email address, phone number, clinic address
- Credentials: Hashed password, role (admin / practitioner / staff), session tokens
- Professional: Dental licence number (where required for verification)
🔒 Encrypted at rest
✅ Required to use the App
2.2 — Patient Records
🛡️
Health Data & HIPAA Notice. Patient dental records are classified as Protected Health Information (PHI) / Special Category Data. They are processed solely at the direction of the practitioner (as a data processor) and are subject to the highest level of security and access controls available in the App.
- Demographics: Patient name, date of birth, age, gender, contact details
- Medical/Dental History: Existing conditions, allergies, previous treatments, dental records
- Insurance Information: Insurer name, policy number, coverage details (practitioner-entered only)
- Appointment Records: Dates, procedures scheduled/completed, consultation notes
- Treatment Plans: Proposed procedures, complexity scores, estimated costs
2.3 — Clinical & Procedural Data (Estimation Engine Inputs)
- Procedure type and category (Restorative, Endodontic, Orthodontic, Surgical, Implant, Preventive, Cosmetic)
- Number of units / teeth involved
- Number of treatment sessions required
- Bio-complexity scores (1–10 scale)
- Material grade selected (standard / premium / luxury)
- Patient hygiene score, urgency level
- AI-generated clinical justification text
- Escalation risk predictions and confidence intervals
- Dental Health Score (0–100) and its component inputs
2.4 — Usage & Technical Data
- Device information: Device model, OS version (iOS/Android/Web), screen resolution, unique device identifier (IDFV on iOS — never IDFA for advertising)
- App usage: Features accessed, screens visited, estimation sessions initiated, time in app, crash logs
- Network data: IP address, approximate location (city/country level only for security), access timestamps
- Analytics events: Feature engagement metrics collected in aggregate and/or pseudonymised form
✅
No Ad Tracking. We do not use Apple's Advertising Identifier (IDFA), Google Advertising ID (GAID), or any cross-app or cross-website tracking for advertising purposes. App Tracking Transparency (ATT) permission is therefore not requested.
2.5 — Data You Do NOT Need to Provide
We do not require and ask you not to enter Social Security numbers, national ID numbers, financial account numbers, or any data not directly relevant to dental practice management.
⚙️
Section 03
How We Use Your Information
| Purpose | Data Used | Legal Basis |
|---|
| Provide core App features (estimation engine, records management) | All collected data | Contract performance |
| AI / ML cost estimation (6-algorithm ensemble, Dental Health Score) | Clinical inputs, patient age, hygiene score | Contract performance |
| Generate clinical justification reports (Llama-3 AI) | Procedure data, complexity score | Contract performance |
| User authentication & security | Account credentials, IP, device ID | Legitimate interest |
| Appointment scheduling | Patient & practitioner data | Contract performance |
| Improve ML model accuracy | Anonymised/aggregated estimation logs | Legitimate interest |
| Customer support & bug fixes | Crash logs, device/OS info, support messages | Legitimate interest |
| Legal compliance & audit | Access logs, account data | Legal obligation |
| Transactional communications (account alerts, policy updates) | Email address | Legitimate interest / Consent |
📌
We will never use patient clinical data for marketing, profiling unrelated to treatment, or sell it to any third party. ML model training uses only anonymised, aggregated data — never identifiable patient records.
⚖️
Section 04
Legal Basis for Processing (GDPR)
Where the General Data Protection Regulation (GDPR) or equivalent legislation applies, we process your personal data on the following legal grounds:
- Contractual Necessity (Art. 6(1)(b)): Processing is necessary to provide the App's services as agreed when you create an account.
- Legitimate Interests (Art. 6(1)(f)): Security monitoring, fraud prevention, product analytics, and model improvement — subject to balancing tests.
- Legal Obligation (Art. 6(1)(c)): Compliance with applicable healthcare, data protection, and tax regulations.
- Consent (Art. 6(1)(a) / Art. 9(2)(a)): For optional features and for processing Special Category (health) data where no other basis applies. You may withdraw consent at any time without affecting prior processing.
- Health Data Derogation (Art. 9(2)(h)): Processing of health data for the provision of healthcare management services by health professionals, subject to appropriate confidentiality obligations.
🤝
Section 05
Data Sharing & Disclosure
🚫
We do NOT sell personal information. ProstoCalc does not sell, rent, or trade identifiable personal data or patient health data to any third party for any commercial purpose.
We may share data only in the following limited circumstances:
- Within Your Clinic: Data is shared among authorised staff within your clinic based on role-based access controls configured by the administrator.
- Service Providers (Sub-processors): We engage vetted third-party providers (e.g., cloud hosting, email delivery) under Data Processing Agreements (DPAs) that prohibit them from using your data for their own purposes. A list of sub-processors is available on request.
- Insurance & Billing: Authorised insurance claims data may be shared with named insurers strictly for billing purposes and only with practitioner authorisation.
- Legal Requirements: We may disclose data to comply with a valid court order, subpoena, legal process, or governmental request, or to protect the rights, property, or safety of ProstoCalc, our users, or the public.
- Business Transfer: In the event of a merger, acquisition, or sale of assets, personal data may be transferred subject to the acquirer assuming equivalent privacy obligations. We will notify affected users.
- Aggregated Research Data: Fully anonymised and aggregated statistical data (no identifiable individuals) may be used in published research or product analytics.
- With Your Explicit Consent: In any other case, only with your prior written consent.
🧠
Section 06
AI / ML Architecture & Automated Processing
ProstoCalc uses a 6-algorithm ensemble engine for clinical cost intelligence. We are transparent about automated decision-making as required under GDPR Article 22 and equivalent laws.
| Algorithm | Purpose | Data Used |
|---|
| Multivariate Regression | Deterministic non-linear cost modeling | Complexity score, material grade |
| GBDT (Gradient Boosted Decision Trees) | Pattern recognition for age-complexity interactions | Patient age, procedure type |
| Monte Carlo Simulation | Uncertainty quantification (10,000 simulations per estimate) | Complication risk factors |
| Bayesian Inference | Evidence-based estimation updates | Age, hygiene score, urgency |
| KNN (K-Nearest Neighbour) | Historical treatment pattern matching | 7-dimensional similarity matrix |
| Meta-Learner | Confidence-weighted aggregation of all outputs | All algorithm outputs |
AI Justification Engine: We integrate Llama-3 and HuggingFace Transformers to generate "Neural Clinical Justifications" — converting numerical estimation data into professional-grade clinical report language. These outputs are always reviewed and approved by the practitioner before being shared with patients.
ℹ️
Automated Decision-Making Safeguards. Cost estimates generated by ProstoCalc are decision-support tools, not final binding decisions. No automated output directly determines patient treatment without human practitioner review. You have the right to request a manual review of any estimate. Model training uses only anonymised, aggregated historical data — never identifiable patient records.
🔐
Section 07
Data Security
We implement industry-standard and healthcare-grade security controls to protect your data from unauthorised access, disclosure, alteration, and destruction.
Technical Safeguards
- Encryption in transit: TLS 1.2 / 1.3 for all API communications
- Encryption at rest: AES-256 for database storage and backups
- Database security: Parameterised queries (SQL injection protection), least-privilege DB accounts
- Authentication: Token-based session management, secure password hashing (bcrypt), optional two-factor authentication (2FA)
- Input validation: Server-side validation and sanitisation of all user inputs
- iOS-specific: Data stored in iOS Keychain (credentials), encrypted Core Data store, App Transport Security (ATS) enforced
Organisational Safeguards
- Role-based access control (RBAC) — staff only access data required for their role
- Confidentiality agreements for all employees and contractors
- Regular security audits and penetration testing
- Incident response plan with defined breach notification procedures
- Data minimisation principles applied throughout the product lifecycle
⚠️
Breach Notification. In the event of a personal data breach that is likely to result in a high risk to individuals, we will notify affected users and the relevant supervisory authority within 72 hours of becoming aware, in accordance with GDPR Article 33/34 and applicable HIPAA Breach Notification Rule requirements.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.
🗃️
Section 08
Data Retention
| Data Category | Retention Period | Reason |
|---|
| Account data | Duration of account + 30 days after deletion request | Service provision; legal obligation |
| Patient dental records | As required by local healthcare regulations (commonly 7–10 years) | Healthcare regulatory compliance |
| Treatment estimate logs | 3 years (anonymised after 12 months) | ML model improvement; audit trail |
| Security / access logs | 12 months | Security monitoring; incident response |
| Crash & analytics data | 90 days | Product improvement |
| Backups | Up to 90 days (rolling) | Disaster recovery |
When data is no longer required, it is securely deleted or irreversibly anonymised. You may request early deletion subject to applicable legal hold obligations.
👤
Section 09
Your Privacy Rights
Depending on your jurisdiction, you may have the following rights. To exercise any right, contact us at prostocalc.otp@gmail.com. We will respond within 30 days (GDPR: within 1 month, extendable by 2 months for complex requests).
👁️
Access
Request a copy of all personal data we hold about you (data subject access request).
✏️
Rectification
Request correction of inaccurate or incomplete personal data.
🗑️
Erasure
Request deletion of your data ("right to be forgotten"), subject to legal hold obligations.
⏸️
Restriction
Request we restrict processing of your data while a complaint is being resolved.
📤
Portability
Receive your personal data in a structured, machine-readable format (JSON/CSV).
🙅
Objection
Object to processing based on legitimate interests, including profiling.
🤖
Automated Decisions
Request human review of any significant decision made by automated processing.
↩️
Withdraw Consent
Withdraw previously given consent at any time without penalty, for future processing only.
🏛️
Right to Lodge a Complaint. If you are in the EU/EEA, you have the right to lodge a complaint with your local Data Protection Authority (DPA). In India, complaints may be directed to the Data Protection Board under the Digital Personal Data Protection Act, 2023 (DPDPA).
👶
Section 10
Children's Privacy
ProstoCalc is not directed at, and is not intended for use by, individuals under the age of 18. The App is a professional dental practice management tool restricted to licensed practitioners and their authorised adult staff.
In the context of patient records, minors may be registered as patients by their practitioner. Such records are handled with the same or greater level of protection as adult records and in compliance with applicable children's data protection laws. Parental/guardian consent applies where required by law.
We do not knowingly create accounts for or collect personal information directly from children under 13 (or the applicable age of digital consent in your jurisdiction). If we become aware that such data has been collected without appropriate consent, we will delete it promptly.
⚠️
If you believe a child has provided personal information to us without appropriate consent, please contact us immediately at
prostocalc.otp@gmail.com.
📱
Section 11
Apple App Store, Google Play & Platform-Specific Disclosures
Apple App Store — Privacy Nutrition Label Disclosures
In accordance with Apple's App Privacy requirements, the following data types are used by ProstoCalc:
| Data Type | Collected | Used For | Linked to Identity | Tracking |
|---|
| Name | Yes | App functionality | Yes | No |
| Email Address | Yes | App functionality, account management | Yes | No |
| Phone Number | Yes (optional) | App functionality | Yes | No |
| Health & Fitness (Dental Records) | Yes | App functionality (core feature) | Yes | No |
| User Content (Clinical Notes) | Yes | App functionality | Yes | No |
| Device ID (IDFV) | Yes | Analytics, security | No | No |
| Crash Data | Yes | App functionality (bug fixes) | No | No |
| Product Interaction | Yes | Analytics (aggregated) | No | No |
✅
No Third-Party Advertising. ProstoCalc does not use data to track users across apps or websites for advertising, does not share data with data brokers, and does not display third-party advertisements. The App Tracking Transparency (ATT) framework permission is not requested because we do not engage in cross-app tracking.
iOS Permissions Requested
- Camera (Optional): To capture patient photographs for records — only accessed when you explicitly tap the camera button. Never accessed in background.
- Photo Library (Optional): To attach existing images to patient records — only accessed upon explicit user action.
- Notifications (Optional): For appointment reminders and clinical alerts — only sent with your explicit permission.
- Face ID / Touch ID (Optional): For secure biometric app unlock — biometric data never leaves your device and is processed entirely by iOS.
All permissions are optional unless noted and can be revoked at any time in iOS Settings → ProstoCalc. Revoking optional permissions does not affect core app functionality.
Google Play — Data Safety
The Google Play Data Safety form is kept current and reflects the data practices described in this policy. We do not share personal or sensitive data with third parties for advertising. Location data is not collected.
🔗
Section 12
Third-Party Services & Sub-Processors
ProstoCalc may integrate with the following categories of third-party services to deliver its features. Each sub-processor is contractually bound to process data only on our instructions and under appropriate security standards.
- Cloud Infrastructure: Server hosting and database storage (data stored within your selected region where possible)
- AI / ML Inference: HuggingFace Transformers API (used for Neural Clinical Justification generation; inputs are pseudonymised before transmission)
- Transactional Email: Account verification and notification emails
- Crash Reporting: App stability monitoring (crash data only; no personal data)
- Analytics: Aggregated, anonymised usage analytics for product improvement
📩
A full, up-to-date list of sub-processors is available upon written request to
prostocalc.otp@gmail.com. We will notify you of material changes to our sub-processor list with at least 14 days' notice.
Our App may contain links to third-party websites (e.g., help documentation, insurance portals). We are not responsible for the privacy practices of such third parties. We encourage you to review their respective privacy policies.
🍪
Section 13
Cookies & Tracking Technologies
The web version of ProstoCalc uses the following cookies and similar technologies:
| Category | Purpose | Can be disabled? |
|---|
| Strictly Necessary | Session authentication, CSRF protection, load balancing. Without these, the App cannot function. | No |
| Functional | Remembering your language, UI preferences, and recently accessed records for ease of use. | Yes (with reduced functionality) |
| Analytics | Aggregated, anonymised usage statistics to improve the product. | Yes |
We do not use advertising cookies, cross-site tracking cookies, or social media tracking pixels. You can manage cookie preferences in the App's Settings or via your browser settings. Disabling strictly necessary cookies will prevent you from logging in.
The iOS and Android native apps do not use browser cookies. They use secure, app-local session tokens stored in the device Keychain (iOS) or EncryptedSharedPreferences (Android).
🌍
Section 14
International Data Transfers
ProstoCalc may store and process your data on servers located outside your country of residence. Where data is transferred from the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs): EU-approved contract terms with all non-EEA sub-processors
- Adequacy Decisions: Where the European Commission has recognised the destination country as providing adequate protection
- Binding Corporate Rules: Where applicable for intra-group transfers
For users in India: data may be processed in data centres located in India or in other countries. We apply the same security standards regardless of location and comply with applicable provisions of the Digital Personal Data Protection Act, 2023 (DPDPA).
🚫
Section 15
Do Not Sell or Share My Personal Information
✅
ProstoCalc does not sell or share personal information for cross-context behavioural advertising. This policy applies to all users, including California residents under the CCPA/CPRA. No action is required by you to opt out — this is our default practice.
California Residents (CCPA / CPRA)
In addition to the rights in Section 9, California residents have the right to:
- Know the categories and specific pieces of personal information collected about them
- Know whether personal information is sold or disclosed and to whom
- Opt out of the sale or sharing of personal information (not applicable — we do not sell or share)
- Non-discrimination for exercising CCPA rights
- Limit use and disclosure of sensitive personal information
To exercise California rights, contact us at prostocalc.otp@gmail.com with the subject line "CCPA Request".
🔄
Section 16
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will update the "Last Updated" date at the top of this page.
For material changes (e.g., new data categories collected, new sharing arrangements, changes to your rights), we will:
- Send an email notification to the address on your account, and/or
- Display a prominent in-app banner at next login requiring acknowledgment
- Provide at least 30 days' notice before the changes take effect
Your continued use of ProstoCalc after the effective date of a revised policy constitutes your acceptance of the changes. The current version of this policy is always accessible in the App under Settings → Privacy Policy and at our website.