Skip to content

Legal

Privacy Policy

Last updated: January 15, 2026

smileQute, operated by TechMaven IT Solutions Pvt Ltd ("we", "us"), provides cloud dental practice management software. This Privacy Policy describes the personal data we process and how. By using our website or our product, you agree to this Policy.

1. Who this Policy is for

This Policy covers:

  • Website visitors — anyone who visits our marketing site at smilequte.com.
  • Clinic staff — dentists, hygienists, and administrative staff who log in to our product on behalf of a dental clinic.
  • Dental patients — patients of clinics that use our product, indirectly. For most patient data, the clinic is the data controller and smileQute is the data processor.

2. What data we process

Website visitors

  • Pages viewed, referrer, approximate location (city-level), device type, browser.
  • Contact data you voluntarily submit (demo form, buyer's guide form): name, email, clinic name, phone.
  • Anonymous analytics via Google Analytics 4.

Clinic staff (product users)

  • Account info: name, email, role, language preference.
  • Authentication data: hashed password, session tokens.
  • Activity logs: login times, IP address, actions taken (for audit purposes).

Dental patients (via the clinic)

The clinic is the controller of patient data. We process patient data only on the clinic's instructions, including:

  • Demographic data (name, DOB, address, phone, email).
  • Clinical data (medical history, allergies, dental chart, treatments, prescriptions, X-rays).
  • Billing data (invoices, payments, insurance claims).
  • Communication preferences (channel, opt-out).

3. Why we process it

  • To provide the service — schedule appointments, store records, send reminders, process payments.
  • To secure the service — detect abuse, prevent fraud, investigate security incidents.
  • To improve the product — anonymized usage data only; no patient data leaves the clinic's tenant for product improvement.
  • To comply with law — respond to lawful requests, retain records for the period required.

4. Legal basis (GDPR / DPDP)

  • Contract — most clinic and patient processing is to perform our contract with the clinic.
  • Legitimate interest — security, fraud prevention, anonymous analytics.
  • Consent — marketing emails, optional cookies (where law requires).
  • Legal obligation — tax, accounting, lawful disclosure.

5. How long we keep it

  • Marketing-form data: until you ask us to delete it, or 24 months of no contact.
  • Clinic / patient data: for the active life of the clinic's account, plus the retention period the clinic configures (default 7 years for clinical data; configurable per regulation).
  • Audit logs: 365 days (Solo / Group); 7 years (Chain).
  • Backups: 30 days, encrypted, regionally stored.

6. Who we share it with (sub-processors)

We use the following sub-processors to operate the service. List updated when changes occur.

  • Cloud hosting — application infrastructure in Munich, Germany.
  • Amazon Web Services (AWS) — regional storage and managed database. Clinic and patient data is held in the customer's region (for example AWS London for UK clinics, AWS Mumbai for Indian clinics).
  • Zoho Corporation — transactional and account email.
  • MSG91 (Walkover Web Solutions Pvt Ltd) — SMS and WhatsApp Business API messaging.
  • Google LLC — Google Analytics 4 (website analytics only; no patient data).
  • Stripe, Inc. — payment processing.

We do not sell personal data, ever.

7. International transfers

Where data leaves the EU or India to a country without an adequacy decision, we rely on Standard Contractual Clauses and equivalent safeguards. Chain plan customers may pin data residency to a specific region.

8. Your rights

Depending on your jurisdiction, you have the right to access, correct, delete, export, or restrict the processing of your personal data, and to withdraw consent.

For clinic-controlled patient data, request these through the clinic. For website / clinic-user data, email privacy@smilequte.com. We respond within 30 days.

9. Cookies

We use a minimal cookie set: session authentication and (optional) anonymous analytics. We do not use third-party advertising cookies. Where law requires, we surface a cookie banner with granular consent.

10. Security

We protect personal data with the technical and organizational measures described on our Security page. No system is perfectly secure; we treat security as continuous work.

11. Children

Our website is not directed at children. Patient data for minors is processed by clinics under their own legal authority; we do not collect any data directly from minors.

12. Changes to this Policy

We update this Policy when our practices change. Material changes are announced by email to active customers at least 30 days before they take effect.

13. Contact

Privacy questions: privacy@smilequte.com
Security disclosures: security@smilequte.com
Postal: TechMaven IT Solutions Pvt Ltd, KRF Square, BMC P.O, Seaport-Airport Rd, Thrikkakara, Kakkanad, Kerala 682021, India

Disclaimer. This page is a working draft. It is not legal advice. Final wording should be reviewed by qualified counsel in every jurisdiction smileQute operates.

Live in a day

Book a demo