Skip to main content

PRIVACY POLICY

Privacy Notice (EU) – Empident Care Platform

Last updated: April 17, 2025

This Privacy Notice describes how Empident GmbH (“Empident”, “we”, “us”) processes your personal data when you use the Empident Care Platform (Empident Care mobile app and dentist dashboard) or access our web pages under the domain www.empident.de.
We comply with the EU General Data Protection Regulation (GDPR).

Who is responsible for processing?

Empident GmbH
Voglbachlweg 5, 85774 Unterföhring, Germany
📧 info@empident.de

What data do we process?

We may collect and process:

  • Personal Information: Name, email address, phone number, postal address, date of birth, contact preferences
  • Health Data:
    • Oral health images and videos
    • Assessment notes and oral symptoms
    • Medical history where relevant for dental care
    • Any inputs or health information inputed in our application
  • Application Data:
    • Device information (model, operating system, IP address)
    • Crash logs, performance data, session times
    • In-app behavior (usage patterns, navigation)
  • Communication Data:
    • Messages, requests, or feedback you send to us
    • Feedback from support or usability testing

Sensitive health data is only processed with your explicit consent or where otherwise permitted by law.

Why do we process your data and on what legal basis?

We process your data for the following purposes:

PurposeLegal Basis
To provide our services and facilitate dental care (e.g., transferring case information to dentists)Contract performance (Art. 6(1)(b) GDPR)
To comply with medical documentation and legal obligationsLegal obligation (Art. 6(1)(c) GDPR)
To improve our services, troubleshoot errors, and analyze usage patterns for better user experience and safetyLegitimate interests (Art. 6(1)(f) GDPR)
To process sensitive health data (e.g., oral images, dental assessments)Explicit consent (Art. 9(2)(a) GDPR) or Art. 9(2)(h)*

*Process health data for diagnosis or secondary opionion when requested by patient to their treating health professional.

Our legitimate interest includes ensuring the security, functionality, and continuous improvement of our platform.

Who do we share your data with?

Your data may be shared:

  • With your chosen dental professional, provided there is a separate service and treatment agreement between you and the dentist.
    Dentists are bound by professional secrecy under GDPR and local medical laws.
  • For second opinions, with your consent or request.
  • With service providers (e.g., hosting, cloud services) under strict GDPR-compliant data processing agreements (Art. 28 GDPR).

We do not sell your data.
Data is stored inside the EU.

How long do we store your data?

We retain your personal data only as long as necessary:

  • For providing services and ensuring medical documentation
  • As required by applicable laws (e.g., health record retention laws)
  • Afterward, data is securely deleted or anonymized

Your rights under GDPR

You have the right to:

  • Access your personal data
  • Correct inaccuracies
  • Request deletion (where lawful)
  • Restrict or object to processing
  • Withdraw your consent at any time
  • Lodge a complaint with your national data protection authority

To exercise your rights, please contact us at 📧 info@empident.de

Security

We implement technical and organizational measures to protect your data (e.g., encryption, secure access controls). However, no system is 100% secure, and risks inherent to internet transmissions remain.

Contact

If you have any questions or concerns regarding data protection, you may contact our Data Protection Officer:
📧 dataprotection@empident.de