Privacy Policy

Last Updated: April 4, 2026

1. Introduction

BioDentrix (“BioDentrix,” “we,” “us,” or “our”), an Arizona limited liability company, is committed to protecting the privacy and security of the personal information of our users. This Privacy Policy describes how we collect, use, disclose, store, and protect information when you access or use the BioDentrix website, provider portal, or any associated services (collectively, the “Service”).

By accessing or using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, you must discontinue use of the Service.

2. Information We Collect

We may collect the following categories of information:

a) Account and Identity Information: Full name, email address, phone number, mailing address, practice name, practice website, professional title, and role.

b) Professional Credentials: National Provider Identifier (NPI) number, Drug Enforcement Administration (DEA) registration number, state licensing information, and professional certifications.

c) Payment Information: Payment card type, last four digits, expiration date, and card brand. Full card numbers, CVV codes, and bank account details are transmitted directly to and stored by Stripe, Inc. BioDentrix does not store full payment credentials.

d) Order Information: Products ordered, order history, shipping addresses, order notes, confirmation numbers, and order status.

e) Usage Information: Pages visited, features used, time spent on the platform, browser type, device information, IP address, and referring URLs.

f) Communications: Any messages, inquiries, feedback, or support requests you submit through the Service.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To create, manage, and maintain your account
• To process and fulfill orders placed through the platform
• To transmit order details to Lab Partners for product fulfillment and shipping
• To process payments through Stripe
• To communicate with you regarding your account, orders, and the Service
• To verify your professional credentials and licensing status
• To provide customer support
• To improve, maintain, and optimize the Service
• To enforce our Terms and Conditions
• To comply with legal obligations and respond to lawful requests
• To detect and prevent fraud, abuse, or security incidents

4. How We Share Your Information

a) Lab Partners: We share your name, practice information, shipping address, and order details with our independently owned and operated Lab Partners solely for the purpose of fulfilling your orders. Lab Partners are independent entities and are subject to their own privacy practices.

b) Payment Processor: Payment information is transmitted to Stripe, Inc. for payment processing. Stripe's use of your information is governed by Stripe's own privacy policy and PCI DSS compliance standards.

c) Legal Requirements: We may disclose your information if required to do so by law, regulation, subpoena, court order, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, the safety of others, or to investigate fraud.

d) Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

e) No Sale of Personal Information: BioDentrix does not sell, rent, lease, or trade your personal information to any third party for marketing or advertising purposes.

5. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect the information we collect. However, no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

Payment card data is handled exclusively by Stripe in accordance with PCI DSS Level 1 compliance standards. BioDentrix does not store, process, or transmit full payment card data on its own systems.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you with the Service. We may also retain information as necessary to comply with legal obligations, resolve disputes, enforce our agreements, and for legitimate business purposes.

7. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

• The right to access the personal information we hold about you
• The right to request correction of inaccurate information
• The right to request deletion of your information, subject to legal and contractual obligations
• The right to opt out of certain communications

To exercise any of these rights, please contact us at austantorson@gmail.com. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

8. HIPAA and Protected Health Information

BioDentrix is not a “covered entity” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). One or more Lab Partners may or may not be a “covered entity” or “business associate” under HIPAA. HIPAA does not necessarily apply to an entity simply because health information is involved, and HIPAA may not apply to your transactions or communications with BioDentrix.

To the extent BioDentrix is deemed a “business associate” of any Lab Partner, BioDentrix may be subject to certain provisions of HIPAA with respect to “protected health information” (“PHI”). Any medical or health information subject to specific protections under applicable state or federal laws (“Protected Information”) will be used and disclosed only in accordance with such applicable laws.

Information that does not constitute Protected Information under applicable laws may be used or disclosed in any manner permitted under this Privacy Policy. Protected Information does not include information that has been de-identified in accordance with HIPAA.

9. Cookies and Tracking Technologies

We may use cookies, local storage, and similar technologies to enhance your experience, remember your preferences, and analyze usage patterns. You may disable cookies through your browser settings, but doing so may affect the functionality of the Service.

10. Third-Party Links

The Service may contain links to third-party websites or services. BioDentrix is not responsible for the privacy practices or content of any third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Children's Privacy

The Service is not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from anyone under 18. If we become aware that we have collected information from a minor, we will take steps to delete that information.

12. Changes to This Privacy Policy

BioDentrix reserves the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated “Last Updated” date. Your continued use of the Service after any changes constitutes acceptance of the revised Privacy Policy.

13. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Arizona, without regard to its conflict of law principles.

14. Lab Partner Information Confidentiality

Information regarding BioDentrix laboratory partners — including but not limited to partner identities, contact information, manufacturing locations, pricing arrangements, contractual terms, and product sourcing details — is classified as Confidential Business Information. This information is shared with Providers only to the extent necessary to facilitate orders and is subject to the strict non-disclosure obligations outlined in the Terms & Conditions. Providers shall not extract, copy, store, share, or otherwise disclose lab partner information to any third party.

15. Order Acceptance Records

BioDentrix maintains permanent records of each order transaction, including timestamps, IP addresses, device information, and acknowledgment of Terms & Conditions and Privacy Policy at the time of each purchase. These records may be used to verify provider acceptance of binding agreements in any legal proceeding.

16. Provider Agreement Audit Records

When a healthcare provider applies through BioDentrix, the application process includes execution of the Provider Platform Access & Services Agreement. BioDentrix captures and stores the following information for each signed Provider Agreement:

(a) Typed signature (full legal name)
(b) Date of agreement
(c) Timestamp (date, hour, minute)
(d) IP address used to sign
(e) Device information (user agent string)
(f) Screen resolution
(g) Disclosed DBAs and alternate entities
(h) SHA-256 cryptographic hash of the agreement payload

These records constitute legally binding evidence of agreement execution and are stored permanently in BioDentrix's legal records system. They may be used to verify provider acceptance and enforce agreement terms in any legal proceeding.

17. Lab Partner Audit Records

When a laboratory partner applies through BioDentrix, the onboarding process includes execution of the Laboratory Partnership Agreement. BioDentrix captures and stores the following information for each signed Lab Partnership Agreement:

(a) Company legal name and address
(b) Managing member name and email
(c) Business license number, EIN/Tax ID, FDA registration
(d) Disclosed DBAs and alternate entities (REQUIRED)
(e) Typed signature (managing member full legal name)
(f) Date of agreement
(g) Timestamp (date, hour, minute)
(h) IP address used to sign
(i) Device information (user agent string)
(j) Screen resolution
(k) Email confirmation status with confirmation IP and timestamp
(l) SHA-256 cryptographic hash of the agreement payload

These records constitute legally binding evidence of agreement execution and are stored permanently in BioDentrix's legal records system.