Privacy and Data Governance
Effective Date: May 15, 2026. This notice explains our data practices for DentistExpand website and product workflows.
This Privacy Policy explains how DentistExpand collects, uses, stores, and protects information when you use our website, data products, and prospector tools.
Our services are designed for business-to-business use, including dental-market outreach, segmentation, and prospecting workflows.
We process account data (name, email, company, billing details), transactional data (orders, invoices, support tickets), and product-usage data (filters, exports, and on-site interactions).
For contact datasets, fields may include professional identifiers and business contact attributes such as name, specialty, office phone, office address, license-related fields, and professional email where available.
Our dataset assembly workflows may use public and professional sources, including licensing boards, registries, association directories, and publisher-permitted data channels.
Records are normalized, deduplicated, and quality-reviewed using automated and manual checks. Data quality metrics are performance indicators, not absolute guarantees.
Where applicable, we rely on recognized lawful bases such as legitimate business interests, contractual necessity, and legal obligations.
Customers are responsible for lawful campaign execution, including honoring opt-out requests, suppression handling, and compliance with CAN-SPAM and applicable regional privacy laws.
We use data to deliver purchased products, support account management, process payments, prevent abuse, improve platform performance, and provide customer support.
We may use aggregate, de-identified analytics to improve data quality and product operations.
We do not sell personal information as that term is defined in many privacy statutes. We share data only as needed with vetted processors for hosting, payment processing, analytics, security, and support operations.
All vendors are expected to operate under contractual confidentiality and data-protection obligations.
We apply layered administrative, technical, and organizational safeguards, including access controls, encrypted transport, logging, least-privilege access, and environment-level monitoring.
No internet transmission or storage environment is guaranteed to be 100% secure, but we continuously improve security posture and incident readiness.
We retain information only for business, contractual, legal, and security needs, then delete or de-identify records in accordance with retention schedules.
Retention periods vary by data type, legal obligations, and fraud-prevention requirements.
If data is processed across borders, we implement appropriate transfer safeguards consistent with applicable legal frameworks.
Processing locations may include jurisdictions where our infrastructure providers and subprocessors operate.
Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, object, or request portability of certain personal data.
To submit a request, contact us with enough detail to verify identity and locate relevant records. We respond within the timelines required by applicable law.
Our platform is not directed to children, and we do not knowingly collect personal information from individuals under the applicable age threshold.
We may update this Privacy Policy to reflect legal, technical, or operational changes. Material updates will be posted on this page with a revised effective date.
For privacy inquiries, data rights requests, or compliance questions, please use our Contact Us page and include the subject line: Privacy Request.
