PRIVACY POLICY
Privacy Notice (EU) – Empident Care Platform
Last updated: April 17, 2025
This Privacy Notice describes how Empident GmbH (“Empident”, “we”, “us”) processes your personal data when you use the Empident Care Platform (Empident Care mobile app and dentist dashboard) or access our web pages under the domain www.empident.de.
We comply with the EU General Data Protection Regulation (GDPR).
Who is responsible for processing?
Empident GmbH
Voglbachlweg 5, 85774 Unterföhring, Germany
📧 info@empident.de
What data do we process?
We may collect and process:
- Personal Information: Name, email address, phone number, postal address, date of birth, contact preferences
- Health Data:
- Oral health images and videos
- Assessment notes and oral symptoms
- Medical history where relevant for dental care
- Any inputs or health information inputed in our application
- Application Data:
- Device information (model, operating system, IP address)
- Crash logs, performance data, session times
- In-app behavior (usage patterns, navigation)
- Communication Data:
- Messages, requests, or feedback you send to us
- Feedback from support or usability testing
Sensitive health data is only processed with your explicit consent or where otherwise permitted by law.
Why do we process your data and on what legal basis?
We process your data for the following purposes:
Purpose | Legal Basis |
To provide our services and facilitate dental care (e.g., transferring case information to dentists) | Contract performance (Art. 6(1)(b) GDPR) |
To comply with medical documentation and legal obligations | Legal obligation (Art. 6(1)(c) GDPR) |
To improve our services, troubleshoot errors, and analyze usage patterns for better user experience and safety | Legitimate interests (Art. 6(1)(f) GDPR) |
To process sensitive health data (e.g., oral images, dental assessments) | Explicit consent (Art. 9(2)(a) GDPR) or Art. 9(2)(h)* |
*Process health data for diagnosis or secondary opionion when requested by patient to their treating health professional.
Our legitimate interest includes ensuring the security, functionality, and continuous improvement of our platform.
Who do we share your data with?
Your data may be shared:
- With your chosen dental professional, provided there is a separate service and treatment agreement between you and the dentist.
Dentists are bound by professional secrecy under GDPR and local medical laws. - For second opinions, with your consent or request.
- With service providers (e.g., hosting, cloud services) under strict GDPR-compliant data processing agreements (Art. 28 GDPR).
We do not sell your data.
Data is stored inside the EU.
How long do we store your data?
We retain your personal data only as long as necessary:
- For providing services and ensuring medical documentation
- As required by applicable laws (e.g., health record retention laws)
- Afterward, data is securely deleted or anonymized
Your rights under GDPR
You have the right to:
- Access your personal data
- Correct inaccuracies
- Request deletion (where lawful)
- Restrict or object to processing
- Withdraw your consent at any time
- Lodge a complaint with your national data protection authority
To exercise your rights, please contact us at 📧 info@empident.de
Security
We implement technical and organizational measures to protect your data (e.g., encryption, secure access controls). However, no system is 100% secure, and risks inherent to internet transmissions remain.
Contact
If you have any questions or concerns regarding data protection, you may contact our Data Protection Officer:
📧 dataprotection@empident.de