Back to Home

Privacy Policy

Last Updated: January 7, 2026

CyberDental Group ("we," "our," or "us") operates the secure card authorization platform at card.cyberdental.co. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payment authorization services.

Information We Collect

Information You Provide

When you submit a card authorization through our platform, we collect:

  • Payment Card Information: Card number, cardholder name, expiration date, and CVV (encrypted immediately upon entry using RSA-4096 + AES-256-GCM encryption)
  • Billing Information: Name, street address, city, state, and ZIP code
  • Authorization Details: Authorization date, practice name, and digital signature

Information Collected Automatically

When you access our platform, we automatically collect:

  • Device Information: Browser type, operating system, and device identifiers
  • Usage Data: IP address, access times, and pages viewed
  • Session Data: Authentication tokens and session identifiers (for admin users)

How We Use Your Information

We use the information we collect to:

  • Process and store card authorizations securely for dental practices
  • Enable authorized dental practice personnel to process payments
  • Send administrative communications and notifications
  • Maintain security and prevent fraud
  • Comply with legal obligations and PCI DSS requirements
  • Improve our services and user experience

Data Security

We implement industry-leading security measures to protect your information:

  • End-to-End Encryption: Card data is encrypted client-side before transmission using RSA-4096 public key encryption combined with AES-256-GCM symmetric encryption
  • Zero Plaintext Storage: We never store unencrypted card data. All sensitive information is encrypted at rest
  • PCI DSS Compliance: Our platform is designed to meet Payment Card Industry Data Security Standards
  • Access Controls: Only authorized personnel can decrypt card data, with all access logged and audited
  • Secure Infrastructure: We use enterprise-grade cloud infrastructure with encrypted data transmission

Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Dental Practices: The dental practice you authorized to charge your card
  • Service Providers: Third-party vendors who assist in operating our platform (subject to confidentiality agreements)
  • Legal Requirements: When required by law, subpoena, or to protect our legal rights

Third-Party Services

Our platform uses the following third-party services:

Cookies and Tracking

We use essential cookies to:

  • Maintain admin user sessions
  • Ensure security (CSRF protection)
  • Remember your preferences

We do not use third-party analytics or advertising cookies on the card authorization forms.

Data Retention

We retain your information as follows:

  • Card Authorizations: Stored encrypted for 90 days by default, or until revoked by the dental practice
  • Audit Logs: Retained for 7 years for compliance purposes
  • Session Data: Deleted upon logout or after 8 hours of inactivity

Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability
  • Withdraw consent

For California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected and the right to opt-out of the sale of personal information. We do not sell personal information.

For EU/EEA Residents (GDPR)

If you are in the European Union or European Economic Area, you have rights under GDPR including access, rectification, erasure, restriction, portability, and objection. Contact us to exercise these rights.

Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

CyberDental Group

Email: privacy@cyberdental.co

For data subject requests: dpo@cyberdental.co

256-bit AES
PCI DSS
Verified Secure

Your payment information is encrypted with industry-standard RSA-4096 and AES-256-GCM encryption. Card data is never stored in plaintext and is only accessible to authorized personnel through a secure, audited process.

© 2026 CyberDental Group. All rights reserved.
Privacy Policy Terms of Service Contact