Privacy Policy

At Neo Dental ("we", "us", "our"), your privacy is a fundamental part of our mission. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, request a consultation, or use our coordination services. It applies to all users, whether you are just browsing or actively seeking dental treatment.

1. Data Controller & Contact

Neo Dental (operated by Neo Dental shpk) is the data controller for the personal data you provide through our website. If you have any questions about this policy or wish to exercise your rights, please contact us:

📧 privacy@neodental.al
📞 +355 69 123 4567
📍 Tirana, Albania

2. Information We Collect

We collect only the information necessary to provide our services. This includes:

• Identity & Contact Data: Name, email address, phone number, WhatsApp number, country of residence.
• Health Information: Dental X‑rays (if you upload them), smartphone photos of your teeth, medical questionnaire responses (e.g., existing conditions, medications, allergies). This is considered sensitive data under GDPR and is processed with your explicit consent.
• Communication Data: Records of your video consultations (not recorded by us unless you give separate consent), chat logs, emails, and call summaries.
• Technical Data: IP address, browser type, device information, pages visited, and referral source (collected via cookies – see Section 7).
• Travel Information: Flight details, hotel preferences, and transfer requests (only when you decide to proceed with treatment).

3. How We Use Your Information

Your personal data is used for the following purposes, based on legitimate interest, contractual necessity, or your consent:

• To provide our coordination service: Assess your dental situation, match you with a partner clinic, arrange video consultations, and deliver a preliminary treatment plan.
• To communicate with you: Respond to inquiries, send appointment reminders, provide travel assistance, and follow up after treatment.
• To improve our website: Analyze traffic, fix errors, and personalize content (e.g., language preference).
• Legal compliance: Maintain records as required by Albanian law or respond to lawful requests from authorities.

We never sell your data to third parties for marketing purposes.

4. Sharing Your Information

We share your data only with strictly necessary parties:

• Partner dental clinics: Your name, contact details, health information (X‑rays, photos, questionnaire) are shared with the clinic you select. This is essential for the dentist to evaluate your case. The clinic becomes an independent data controller for its own records and treatment.
• Service providers: We use trusted third parties for email, calendar scheduling, and secure file transfer (e.g., Google Workspace, Calendly). These providers are contractually bound to process data only on our behalf and with appropriate security.
• Legal authorities: If required by law, court order, or to protect our rights or the safety of others.

5. International Transfers

Your data may be transferred to and processed in Albania (where our partner clinics are located) and possibly the EU (for email or analytics services). Albania is recognised by the European Commission as providing adequate protection for personal data. For any transfer outside the EEA, we ensure appropriate safeguards (Standard Contractual Clauses) are in place.

6. Data Security

We implement technical and organisational measures to protect your data: SSL encryption, access controls, regular backups, and staff training. However, no internet transmission is 100% secure. You are responsible for keeping any passwords you create (if any) confidential.

7. Cookies & Tracking Technologies

Our website uses essential cookies (necessary for navigation and form submission) and optional analytics cookies (to count visits and track page performance). We do not use third‑party advertising cookies on this site. You can manage your cookie preferences via the cookie banner that appears on your first visit. Essential cookies cannot be disabled because they keep the site functional.

8. Your Rights (GDPR & Albanian Law)

If you are located in the European Economic Area or Albania, you have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Erasure (“right to be forgotten”): Request deletion of your data, subject to legal retention obligations (e.g., medical records may need to be kept for a certain period).
• Restriction: Limit how we use your data while a complaint is pending.
• Data portability: Receive your data in a structured, machine‑readable format.
• Object: Object to processing based on legitimate interests (e.g., direct marketing).
• Withdraw consent: Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any right, please email privacy@neodental.al. We will respond within 30 days. If you are unhappy with our response, you may lodge a complaint with the Albanian Data Protection Commissioner (or your local EU supervisory authority).

9. Data Retention

We retain your personal data only as long as necessary:

• Consultation data (name, email, health info for cases that do not proceed) – deleted after 12 months of inactivity.
• Patient records (for those who undergo treatment) – kept for 10 years as required by medical liability laws in Albania.
• Website logs & analytics – anonymised after 26 months.

10. Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a child has provided us with personal information, we will delete it immediately. A parent or guardian may contact us to request deletion.

11. Changes to This Privacy Policy

We may update this policy from time to time to reflect changes in our practices or legal obligations. The “Last updated” date at the top indicates when the latest version was published. Material changes will be notified via a banner on our website or by email to active consultation users.

12. Third‑Party Links

Our website may contain links to external sites (e.g., partner clinic websites, hotel booking platforms). This Privacy Policy does not apply to those sites. We encourage you to read their privacy notices.

13. Your Acceptance

By using our website, submitting a consultation request, or providing us with your personal information, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use our site or services.

Contact our Data Protection Officer: DPO@neodental.al