Privacy Policy

1. Introduction

Welcome to Guident. This Privacy Policy governs your use of the Guident mobile applications (iOS and Android), web platform, and related backend services engineered by J. Servo LLC. We built Guident to be the core operating system for modern dental practices. Because clinical environments demand absolute trust, we treat data privacy not as a compliance checkbox, but as the foundational architecture of our software.

2. Information We Collect

To provide practice management functionality, we collect the following categories of data:

• ✦
  Account & Authentication Data: Names, professional credentials, email addresses, and secure authentication tokens (including identifiers provided via Apple Sign-In and Google Auth).
• ✦
  Clinical & Operational Data: Patient profiles, session notes, appointment schedules, to-do lists, and inventory tracking data inputted by your practice.
• ✦
  File Attachments: Digital assets securely uploaded by practice staff, including dental X-rays, treatment plans, and clinical documents.
• ✦
  Device Data: Standard diagnostic data (OS version, app version, IP address) utilized strictly for performance monitoring and crash resolution.

3. How We Use Your Data

Guident operates on a strict "necessity-only" usage model. We use your data exclusively to:

• ✦ Provide, operate, and maintain the clinical dashboards and scheduling features.
• ✦ Synchronize your practice's inventory and patient data across authorized mobile and web devices in real time.
• ✦ Authenticate users and enforce granular, role-based access controls within a practice.
• ✦ Dispatch automated administrative emails (e.g., password resets) via secure SMTP relays.

4. Storage, Security & Zero-Trust Architecture

Guident utilizes an enterprise-grade security framework to protect clinical data:

• ✦
  Cloud Infrastructure: Core application data is stored in isolated MongoDB clusters. File attachments (X-rays, documents) are securely hosted in encrypted Amazon Web Services (AWS) S3 buckets.
• ✦
  Encryption: All data is secured using AES-256 encryption at rest and TLS/SSL encryption in transit.
• ✦
  Ownership Guards: Our backend API utilizes strict middleware authorization to guarantee that users can only access data explicitly tied to their verified practice ID.

5. Third-Party Sharing

Guident does not sell, rent, broker, or trade your clinical, operational, or personal data to any third parties. Data is only processed through essential, highly secure sub-processors required to run the platform:

• ✦
  Amazon Web Services (AWS): Encrypted S3 object storage for clinical file attachments.
• ✦
  Cloudflare: Network routing, DDoS protection, and media asset delivery via Cloudflare R2. Our website and privacy policy are hosted on Cloudflare Workers & Pages.
• ✦
  Brevo (Sendinblue): Secure SMTP relay for transactional emails (e.g., password resets).
• ✦
  Firebase Cloud Messaging (Google): Push notification delivery to mobile devices.

These providers are contractually bound by strict data processing agreements and are prohibited from using your data for any purpose beyond supporting Guident's services.

6. Cookies, Analytics & Tracking Technologies

Our website (guident.org) is hosted on Cloudflare Workers & Pages and uses essential third-party CDNs (Google Fonts, Cloudflare) for rendering. We do not deploy tracking cookies, behavioral analytics, advertising pixels, or any form of user fingerprinting on our website or within the mobile application. No third-party analytics SDKs are embedded in the Guident app.

7. Children's Data

Guident is a professional practice management platform designed exclusively for licensed dental practitioners and healthcare professionals. The application is not directed at, intended for, or designed to collect data from individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe that a minor has provided personal data through our platform, please contact us immediately at admin@guident.org and we will promptly delete such information.

8. Your Rights & Data Deletion (App Store Compliance)

In accordance with Apple App Store and Google Play Store guidelines, you retain absolute control over your data. Users have the right to request full account deletion and data purging at any time.

How to request deletion: Account deletion can be initiated directly within the Guident mobile application settings menu, or by emailing a formal deletion request to our administrative team. Upon verification, all associated practice data, patient sessions, and AWS-hosted attachments will be permanently expunged from our active servers within 30 days.

9. Data Retention

Active account data is retained for the duration of your use of the platform. Upon account deletion (initiated via the in-app settings or by email request), all personal and clinical data is permanently removed from active database servers within 30 calendar days. Encrypted backup copies may persist in our disaster recovery systems for up to 90 days before automatic purging.

10. International Data Transfers

Your data may be processed and stored on servers located outside your country of residence, including the United States and the European Union. We ensure that all cross-border data transfers comply with applicable data protection laws through standard contractual clauses and equivalent safeguards provided by our infrastructure partners.

11. Contact Us

For privacy inquiries, data requests, or compliance questions, please contact our administrative team at:

admin@guident.org