Whatsapp Us
Click here to Chat
Give us a Call
+54 11 6569-0005
Visit our Clinic
Congreso 2174, Buenos Aires
Opening Hours
Mon - Saturday: 8AM - 20PM

Why Your Privacy is Important.

Your privacy is crucial in today’s digital age, safeguarding your personal information from misuse. At Teeth Traveler, we prioritize your privacy by collecting only necessary data, securing it diligently, and never sharing it without your explicit consent. Read our privacy policy below to understand how we care about and protect your data.

Last Updated: March 8, 2025.

Overview of Our Policy

In Short: What to Find Here.

Your privacy matters to us. On this page, you’ll find clear information about what data we collect, why we need it, and how we keep it safe. We also explain your rights and how you can manage your preferences. No complicated terms—just simple, transparent details.

  • Which of your data is collected
  • The reasons why we collect data
  • How we protect your privacy

1. Introduction & Commitment to Privacy

Section summary: this section explains our commitment to protecting your personal data, the privacy laws we comply with, and how using our services means you agree to this Privacy Policy.

At Teeth Traveler, we take privacy seriously. Your personal data belongs to you, and we are committed to collecting only what is necessary, using it responsibly, and keeping it safe. This Privacy Policy explains what information we collect, how we use it, and how we protect your privacy.

When you visit https://www.teethtraveler.com or use our services, you trust us with your data. We follow strict privacy regulations to protect your rights, including:

  • European Union (EU) countries, where the General Data Protection Regulation (GDPR) ensures strong privacy protections and the right to control personal data.
  • European Free Trade Association (EFTA) countries, such as Norway, Iceland, Liechtenstein, and Switzerland, which follow similar privacy laws.
  • United States, where privacy laws such as the California Consumer Privacy Act (CCPA) provide transparency in data collection and allow users to request their data.
  • Canada, covered under the Personal Information Protection and Electronic Documents Act (PIPEDA), which regulates how businesses handle user data.
  • Australia and New Zealand, which have national privacy laws that prevent misuse of personal data and require businesses to keep it secure.
  • Singapore and Malaysia, where the Personal Data Protection Act (PDPA) sets guidelines for protecting user information.

By using our services, you agree to this Privacy Policy, meaning you understand how we collect, store, and protect your data.

 

2. Data Collection & Processing

Section summary: here, we explain what types of personal data we collect, why we collect it, and the legal basis under GDPR that allows us to process your information.

We only collect personal data that is necessary to provide our services and improve your experience. Below, we explain what information we collect, why we collect it, and how it protects your privacy.

Data We Collect & Process

  • Your Full Name, Email, Phone Number, and Mailing Address
    We collect your name and contact details so we can send appointment confirmations, respond to inquiries, and provide customer support. For example, if you book an appointment at a dental clinic, we will send a confirmation email with all the details.


    Privacy Protection:     Your personal details are encrypted and stored securely, meaning no one can access them without proper authorization.

  • Medical Information (Only If You Provide It Voluntarily)
    Some users provide dental history, treatment preferences, or medical conditions so we can help them find the best clinic. For example, if you have an allergy to a specific dental material, we ensure that the clinic is aware before your appointment.


    Privacy Protection:     Medical data is stored separately from other personal information and is only shared with your explicit permission.

  • Geolocation Data (Only If You Allow It)
    If you enable location tracking, we use your approximate location to suggest nearby dental clinics and estimate travel times. For example, if you are in Madrid and searching for an emergency dentist, we show clinics closest to you.


    Privacy Protection:     You have full control over enabling or disabling location tracking in your settings.

  • IP Address, Browser Type & Device Information
    We collect this information to detect security threats, optimize website performance, and prevent fraud. For example, if someone tries to access your account from an unfamiliar location, we can send you a security alert.


    Privacy Protection:     This data is used strictly for security purposes and is never used for tracking or advertising.

  • Emergency Contact Information (If Provided)
    If you are traveling for medical treatment, you may provide an emergency contact so we can assist in urgent situations. For example, if you undergo surgery abroad, your emergency contact can be informed if necessary.


    Privacy Protection:     This information is only accessed in case of emergencies and is stored securely.

  • Data Type
  • Purpose of Processing
  • Legal Basis
  • Full Name, Email, Phone Number, Mailing Address
  • Used for communication, appointment confirmations, and customer support.
  • Contractual Obligation (Art. 6(1)(b) GDPR) – Necessary to provide services.
  • Medical Information (if voluntarily provided)
  • Helps match users with suitable dental clinics and providers.
  • Explicit Consent (Art. 9(2)(a) GDPR) – Users must actively agree to provide medical data.
  • Geolocation Data (if enabled by the user)
  • Suggests clinics nearby and helps estimate travel distances.
  • User Consent (Art. 6(1)(a) GDPR) – Users can enable/disable location sharing.
  • IP Address, Browser Type & Device Details
  • Detects security threats, prevents fraud, and ensures website optimization.
  • Legitimate Interest (Art. 6(1)(f) GDPR) – Used for security and technical improvements.
  • Emergency Contact Information (if provided)
  • Allows assistance in urgent medical situations while traveling.
  • Explicit Consent (Art. 9(2)(a) GDPR) – Only used when given voluntarily.
  • Cookies & Tracking Data
  • Analyzes website interactions and user preferences.
  • User Consent (Art. 6(1)(a) GDPR) – Users can adjust preferences in cookie settings.

3. How We Use Your Data

Section summary: This section outlines how we use your personal data, including for customer support, personalized recommendations, security, and fraud prevention.

We only use your personal data for essential purposes and never sell it.

  • To Provide Customer Support & Schedule Appointments
    Your data helps us assist you with booking, rescheduling, or canceling appointments. For example, if you need to change your appointment, we notify the clinic on your behalf.


    Privacy Protection:     Your appointment details are stored securely and never shared without your consent.

  • To Offer Personalized Recommendations
    We analyze your preferences and search history to suggest dental providers that best fit your needs. For example, if you prefer a clinic that offers sedation dentistry, we ensure those options are prioritized.

    Privacy Protection:     You can opt out of personalized recommendations anytime.
  • To Detect Fraud & Protect Your Account
    If suspicious login attempts or fraudulent activity are detected, we act quickly to protect your account. For example, if someone tries to log in from an unfamiliar location, we block access until verification is completed.

    Privacy Protection:     We use multi-factor authentication (MFA) to ensure only you can access your account.

4. Data Protection & Security

Section summary: Your data security is our priority. This section describes the encryption, access controls, and data breach response plans we have in place to protect your personal information.

Teeth Traveler implements strict security protocols to safeguard personal data from unauthorized access, breaches, or misuse. The strong security measures to protect your personal data are amongst others:

  • Encryption (AES-256)
    AES-256 is a highly secure encryption standard used by governments and banks to convert your data into unreadable code.


    Privacy Protection:     Even if someone intercepts your data, they cannot read or use it without the proper encryption key.

  • TLS 1.2+ Secure Transfers
    TLS (Transport Layer Security) protects your data when it is being sent between your device and our servers.

    Privacy Protection:     This ensures that hackers cannot intercept sensitive data, such as passwords or medical information.
  • Multi-Factor Authentication (MFA)
    MFA adds an extra layer of security by requiring a second verification step, such as a one-time code sent to your phone.

    Privacy Protection: This ensures that even if someone steals your password, they cannot access your account without the second step.

  • Breach Response Plan
    In case of a data breach, we have a plan to contain the issue, notify affected users, and work with authorities. We will alert you within 72 hours and guide you on protective measures.
  • Users are notified in case of a security breach as follows. If we detect a security breach that affects personal data, we will:
      • Investigate the incident immediately and contain the breach.
      • Notify affected users within 72 hours if the breach poses a significant risk to personal data.
      • Report the breach to data protection authorities if required under GDPR.
  • Example: If an unauthorized access attempt is detected on our servers, our security team will block the intrusion, investigate the impact, and notify affected users via email or an in-platform notification.
  • How This Protects Your Privacy: By having a rapid breach response plan and providing timely notifications, we ensure that users remain informed and can take necessary actions to protect their data.

5. Data Sharing & Third-Party Disclosures

Section summary: We do not sell your data, but in certain cases, we may share it with trusted third parties like clinics, payment processors, and analytics providers. This section explains when and why this happens.

We never sell your personal data. However, in some cases, we share data with trusted third parties when necessary to provide our services. Below, we explain when and why data is shared and how your privacy is protected.

5.1 When We Share Data

  • Sharing with Medical Providers (Clinics, Dentists, Labs)
    We share appointment details, medical history (if provided), and contact information with the dental clinic or healthcare provider you choose.


    Example:     If you book a root canal procedure in Barcelona, we provide the clinic with your name, appointment time, and any allergies or health conditions that may affect treatment.

    Privacy Protection:     Your medical information is only shared when you explicitly approve the booking, and clinics must comply with strict data protection agreements.

  • Sharing with Legal Authorities (If Required by Law)
    In rare cases, we may be required to provide limited user information to legal authorities, such as in cases of fraud, court orders, or regulatory investigations.

    Example:     If a fraudulent transaction is detected, authorities may request account logs or transaction details for investigation.

    Privacy Protection:     We only share the minimum data required by law and inform you whenever legally possible.
  • Sharing with Service Providers (Analytics & Website Optimization Tools)
    We use services like Google Analytics and Hotjar to understand how users interact with our website. These tools collect anonymous browsing data, such as which pages are visited and how users navigate our site.

    Example:     If a large number of users leave the site before booking an appointment, analytics help us improve the experience by making booking easier.


    Privacy Protection:     These tools do not track personally identifiable information (PII) and follow strict GDPR and CCPA compliance.

5.2 Your Rights to Restrict Data Sharing

  • You can opt out of third-party analytics and tracking in your privacy settings.
  • You can disable cookies that are not required for website functionality.
  • You can request a full record of what data has been shared
  • We do not share user data with law enforcement authorities voluntarily. Personal data will only be provided if required by law, such as by a court order or regulatory demand.
    • Example: If a government agency requests user transaction history, we will only comply if legally obligated to do so, and only after confirming the request’s legitimacy.
    • How This Protects Your Privacy: Ensuring that data is only shared when legally required prevents unnecessary exposure of user information to third parties.

5.3 HIPAA Coverage

  • Teeth Traveler is not a covered entity under HIPAA, as we do not provide healthcare services, process insurance claims, or store medical records on behalf of clinics. Instead, we act as an intermediary, connecting users with clinics and providers who may be subject to HIPAA.
  • Any health information shared with a provider falls under their responsibility, and their privacy policy will dictate how it is handled.

5.4 Marketing & Communications

  • Users can subscribe to our email newsletters to receive updates about dental treatments, special offers, and healthcare trends. We ensure that email communication is transparent and fully controlled by the user. We may send you promotional emails about new services, special offers, or industry updates. You can opt out of these communications at any time by clicking the unsubscribe link at the bottom of our emails or updating your account settings.
  • How It Works:
    We use a double opt-in system, meaning users must confirm their subscription via email before receiving newsletters. This prevents unauthorized sign-ups and ensures that only those who want to receive marketing emails do so.
  • Example: If you subscribed to updates about new clinics in your area but later change your preferences, you can adjust your email settings to receive only appointment reminders.
  • How This Protects Your Privacy: By allowing you to opt out of marketing at any time, we ensure that you only receive communications that are relevant to you. Users can unsubscribe at any time via the “unsubscribe” link in emails.

5.5 Cookies & Tracking

We use cookies and tracking technologies like web beacons to improve website performance and personalize your experience. Cookies are small data files stored on your device that help improve user experience by remembering preferences and tracking interactions.

Cookie Type

Purpose

Requires User Consent?

Essential Cookies

Ensure basic website functionality, such as login sessions and security features.

No, these are required for site operation.

Analytical Cookies

Help us understand how users navigate our site (e.g., most visited pages).

Yes, user consent is required.

Marketing Cookies

Used for personalized advertising and retargeting ads (e.g., showing relevant dental services).

Yes, user consent is required.

  • Essential Cookies: Help keep the website secure and functional (e.g., remembering your login).
  • Analytics Cookies: Help us understand how users interact with our site (e.g., which pages are most visited).
  • Marketing Cookies: Used for advertising purposes to show you relevant content.


    Example:     If you frequently browse dental clinics in Argentina, marketing cookies may allow us to show you related promotions. Below we listed some of the parties of which we use their marketing cookies:

    • 5.5.1 Analytics & Website Tracking (Google Analytics)

      To better understand how users interact with our website and improve the functionality and accessibility of our services, we use Google Analytics, a web analytics service provided by Google Ireland Limited (Dublin, Ireland), with its parent company Google LLC (USA). Google Analytics helps us collect and analyze data about website visits, allowing us to improve user experience based on browsing behavior and preferences.

      • How It Works:

        When you visit our website, Google Analytics places cookies on your device, collecting anonymous visitor data such as the pages you visit, how long you stay, and which features you interact with. The tool also gathers technical details, including browser type, screen resolution, operating system, and referral sources (how you arrived at our website, such as from search engines or ads). This information helps us optimize navigation and ensure a smooth user experience.

      • Example:
        If we notice that users frequently visit the dental clinic reviews page but exit before booking an appointment, we can use this insight to make the booking process clearer and more intuitive.
      • Privacy Protection & Withdrawal of Consent:
        We use Google Analytics with IP anonymization, meaning your IP address is shortened within the EU, ensuring that personal identity cannot be directly linked to browsing behavior. You can disable tracking by adjusting your browser settings, using Google’s opt-out tool (https://tools.google.com/dlpage/gaoptout), or rejecting analytics cookies via our cookie banner when first visiting the website.

    • 5.5.2 Advertising & Google Ads

      We use Google Ads, a targeted advertising service by Google Ireland Limited, to promote our website through search engine results and external websites. Google Ads allows us to display advertisements that are relevant to users who are actively searching for dental treatments or related services.

      • How It Works:
        Google Ads operates using keyword targeting and automated algorithms to show ads when users search for dental treatments or related topics. Additionally, it uses a conversion tracking system that helps us measure the effectiveness of our advertising campaigns. When you visit our site after clicking an ad, Google Ads places a temporary cookie on your browser to track whether you complete certain actions, such as booking an appointment or submitting a contact form.
      • Example:
        If you search for “affordable dental implants in Spain”, Google may display a relevant ad that directs you to a list of vetted clinics on our website.
      • Privacy Protection & Withdrawal of Consent:
        We do not receive personally identifiable information from Google Ads, only aggregated reports that help us assess advertising performance. Users can opt out of Google Ads tracking by adjusting their ad preferences (https://www.google.com/settings/ads) or disabling advertising cookies in our cookie settings panel.

    • 5.5.3 Embedded Media & Third-Party Content (YouTube Videos)

      Some of our website content includes embedded YouTube videos, hosted by Google Ireland Limited. These videos provide informative content, such as explanations of dental procedures and patient testimonials.

      • How It Works:
        When a YouTube video is embedded on our website, no data is collected unless you play the video. Once you do, YouTube may collect technical information such as your IP address, device type, and browser information. If you are logged into a Google account, YouTube may associate this activity with your profile, which can affect the ads you see.
      • Example:
        If you play a video explaining “How Dental Implants Works”, YouTube may register that you engaged with content related to orthodontics.
      • Privacy Protection & Withdrawal of Consent:
        We integrate YouTube videos in privacy-enhanced mode, meaning no cookies are placed until you interact with the video. To prevent data collection, you can log out of YouTube before playing a video or block YouTube cookies in your browser settings.

    • 5.5.4 Web Design & External Technologies (Google Fonts)

      To ensure our website displays properly across all devices and browsers, we use Google Fonts, a font library by Google Ireland Limited.

      • How It Works:
        Google Fonts allows websites to use a consistent font style, improving readability and design. Unlike other integrations, we store these fonts locally on our servers, meaning no data is shared with Google when pages load.
      • Example:
        Without Google Fonts, our website might appear differently depending on the user’s device or browser, affecting usability.
      • Privacy Protection & Withdrawal of Consent:
        Since we host Google Fonts locally, no data is transferred to Google, and there is no need for user consent or opt-out mechanisms.

    • 5.5.5 Reviews & Reputation Management

      We use various review platforms (Trustpilot, Google Reviews, Yelp, WhatClinic, TripAdvisor, Qunomedical) to allow users to share feedback on their experiences with our services and the clinics listed on our platform.

      • How It Works:
        Users can submit reviews on Trustpilot, Google Reviews, Yelp, WhatClinic, TripAdvisor, and Qunomedical. These reviews are then displayed publicly to help other users make informed choices.
      • Example:
        If you undergo a successful teeth whitening procedure in Turkey, you may leave a review on Trustpilot or Google Reviews to share your experience.
      • Privacy Protection & Withdrawal of Consent:

         

        • Trustpilot: Reviews can be edited or deleted through the user’s Trustpilot account.
        • Google Reviews: Users can delete their reviews from their Google account settings (https://support.google.com/business/answer/4596773).
        • Yelp: Reviews can be removed by the user or reported for violations (https://www.yelp-support.com/article/How-do-I-report-a-review).

    • 5.5.6 Social Media Tracking & Facebook Pixel

      We use Facebook Pixel, a tool provided by Meta Platforms Ireland Limited, to track user behavior and improve advertising effectiveness.

      • How It Works:
        Facebook Pixel collects anonymous data on website visitors, allowing us to display personalized ads to users who have interacted with our platform.
      • Example:
        If you browse dental implant clinics, you may later see a related Facebook ad promoting similar services.
      • Privacy Protection & Withdrawal of Consent:
        Users can opt out of Facebook tracking via their Facebook account settings (https://www.facebook.com/settings?tab=ads).

    • 5.5.7 Social Media Engagement & External Links

      We maintain profiles on Facebook, Instagram, LinkedIn, Twitter, YouTube, and Pinterest, where users can interact with our content.

      • How It Works:
        When visiting our social media pages, users’ data is processed directly by the platform according to their privacy policies.
      • Example:
        If you comment on our LinkedIn post about dental tourism, LinkedIn stores this interaction.
      • Privacy Protection & Withdrawal of Consent:
        We only link to these social platforms and do not collect additional personal data beyond what the platform itself processes. Users should review the privacy policies of each platform to manage their settings.
  • How This Protects Your Privacy: We ensure that no personally identifiable information is stored in cookies and provide options to manage your preferences via our cookie banner.
  • How Users Can Withdraw Consent for Cookies:

    Users can adjust cookie preferences anytime via the cookie settings panel or they can manage their cookie preferences anytime by visiting our Cookie Settings Page and selecting which types of cookies they want to accept.

    Users can also block cookies via browser settings or use opt-out tools from third-party providers.

    • Example: If a user disables marketing cookies, they will no longer see targeted ads from Teeth Traveler.
    • How This Protects Your Privacy: By allowing users to control cookie settings, we ensure compliance with GDPR while respecting personal preferences.


5.6 External Links

Our website may contain links to third-party sites, including dental clinics and travel service providers. Once you leave Teeth Traveler, this Privacy Policy no longer applies.

  • Example: If you click on a clinic’s website to read reviews, their privacy policy will govern how your data is collected.
  • How This Protects Your Privacy: By clearly stating that third-party websites have separate privacy policies, we help users make informed decisions before sharing personal information.

6. International Data Transfers

Section summary: As we operate globally, your data may be transferred outside your country. This section explains where your data is stored, how we protect it, and under what conditions international transfers occur.

Teeth Traveler stores user data primarily in Google Cloud (Ireland, EU) and AWS (Frankfurt, Germany, EU). These services comply with GDPR regulations under Standard Contractual Clauses (SCCs). Read in more detail below how we handle (international) data transfers.

  • As a global company, we may transfer your personal data to countries outside your home region. However, we ensure that all data transfers meet international privacy standards and that your data remains protected at all times.
  • When you use our services, your data is primarily stored in the European Union (EU), where GDPR regulations provide strong data protection. Below we briefly outline in more detail how and where our data is stored:
    • Primary Storage: Data is stored on Google Cloud servers in Ireland (EU), ensuring GDPR compliance.
    • Backup Storage: Redundant backups are stored on AWS (Amazon Web Services) servers in Frankfurt, Germany.
  • When booking an appointment or getting in contact with dentists outside of the EU, relevant medical data may be transferred to the chosen clinic only with user consent.
    • Example: if a France user books treatment in another country, such as Argentina, its appointment details will be securely shared with that clinic in Argentina, only after confirmation. We will notify you before confirmation of submission of your details that we will transfer your data. We only transfer data when necessary to be able to operate our services (such as appointment bookings) or to let the dental clinic where you have confirmed your booking, receive your details in order for them to provide you with the right service (e.g. appointing the right dentist). Using encryption and legal agreements (Standard Contractual Clauses – SCCs) to maintain GDPR compliance.
    • How This Protects Your Privacy: All international transfers are handled under EU-approved safeguards, preventing unauthorized data exposure.
  • In addition to transfers of medical appointment data, Teeth Traveler may also transfer non-personal data such as website logs, security monitoring data, and analytics reports to cloud storage providers in Germany (AWS Frankfurt) and Ireland (Google Cloud).
    • Example: If data needs to be accessed by IT security teams, it may be temporarily processed in international locations under GDPR-approved safeguards.
    • How This Protects Your Privacy: Data is only transferred under legally approved agreements (Standard Contractual Clauses – SCCs) to ensure EU-level privacy protection.
  • To keep your data safe, we use Standard Contractual Clauses (SCCs) for international data transfers.

    These legally binding agreements ensure that your data receives the same level of protection, regardless of where it is transferred.

    Additionally, we encrypt your data before transferring it, ensuring it cannot be intercepted or accessed by unauthorized parties.

    • Example: If you book a dental treatment in Mexico while residing in Germany, we will securely send your appointment details to the clinic only after you confirm the booking. This prevents your personal data from being shared unnecessarily.
    • How This Protects Your Privacy: By encrypting data before transfer, limiting international sharing, and notifying users before sending their data abroad, we ensure that your personal information remains secure and under your control.

7. Your Rights & Privacy Controls

Section summary: Under GDPR, you have rights over your personal data, including the ability to access, update, delete, restrict processing, and transfer your data. This section explains how you can exercise these rights.


7.1 Rights & Privacy Controls

You have the right to control your personal data, in line with GDPR, CCPA, and other privacy regulations, and we fully support your ability to access, modify, delete, and restrict how your data is used. These rights are protected by laws such as GDPR, CCPA, and PIPEDA, ensuring that you are always in control of your personal information. Within the following sections we explain how you control your personal information:

  • If you would like to see what data we have collected, you can request a copy of all your stored data. If any of your information is incorrect or outdated, you can request that we update it. If you no longer want us to store your data, you have the right to request its deletion (“Right to Be Forgotten”), and we will remove your records from our system unless legally required to keep them.
  • Right to Data Portability (Requesting Your Data in a Machine-Readable Format): Users can request a structured, machine-readable version of their data (e.g., JSON, XML, or CSV format). They can also transfer this data to another service provider upon request.
      • Example: If a user wants to switch to another medical booking platform, they can download their data file for easy transfer.
      • How This Protects Your Privacy: By allowing data portability, we ensure users maintain full ownership of their information and can move it freely between platforms.
  • Additionally, you can object to certain types of data processing, such as marketing emails or AI-based recommendations. You can also withdraw consent for data collection at any time, meaning we will stop processing your information immediately upon request.
      • Example: If you originally allowed location tracking but later decide you no longer want our system to suggest nearby clinics, you can disable geolocation tracking in your account privacy settings.
      • How This Protects Your Privacy: By giving you full control over your data, allowing easy opt-out options, and ensuring transparency, we empower you to manage your privacy according to your preferences.
  • AI-Decision Making & User Control
    Our platform uses automated systems to provide personalized recommendations and detect fraudulent activity. This means that AI analyzes your browsing behavior, location (if enabled), and past searches to suggest the most relevant clinics. AI-based profiling is used only to improve user experience and does not make legally binding decisions, such as approving or denying transactions.
    • Users can request human intervention if they believe an AI-based recommendation is inaccurate.
      • Example: If you have searched for dental implants, our AI may recommend providers who specialize in dental implant treatments;
      • How This Protects Your Privacy: AI-powered decisions help personalize your experience without human bias, and you can opt out of AI profiling through your account settings.
    • Right to Contest AI Decisions & Request Human Review
      Users can request human intervention if they believe an AI-based decision is incorrect or unfair.
      • Example: If an AI system suggests clinics based on past searches, but the user wants different options, they can disable automated recommendations
      • How This Protects Your Privacy: By allowing users to contest AI decisions and opt out of automated processing, we ensure transparency and human oversight in critical decisions. Ensuring that AI recommendations are purely optional guarantees that users maintain full decision-making power.


7.2 Restriction of processing

Users have the right to request a restriction on the processing of their personal data if they contest its accuracy, object to processing, or require data for legal claims. If a user disputes the accuracy of their data, they can request that processing be temporarily restricted while the accuracy is being verified.

Restrictions apply to:

  • Medical data (until corrected or deleted upon request).
  • Billing data (if disputed by the user).
  • Marketing preferences (immediate restriction upon withdrawal of consent).
    • Example: If a user believes their medical history was stored incorrectly, they can request a temporary restriction on data processing while their information is reviewed. Or if a user disputes their billing history, they can request that their payment data is temporarily restricted from further processing while the issue is investigated.
    • How This Protects Your Privacy: This ensures that your data is not used in any decision-making until accuracy is confirmed.
  • How Long Does the Restriction Last?
    The restriction will remain in place until the issue is resolved (e.g., data accuracy is confirmed) or until the user withdraws their request and ensures your data is not used unfairly while its accuracy is under review.
  • How to Request a Restriction:
    Users can submit a request via email (privacy@teethtraveler.com) or through account settings. Users have the right to request their personal data in a structured, machine-readable format and transfer it to another service provider.
    • How the Process Works:
      Users must verify their identity via email confirmation before their request is processed. Requests are processed within 30 days, in line with GDPR requirements.
      • Example: If a user wants to switch to another appointment booking platform, they can download their data in CSV format for easy import.
      • How This Protects Your Privacy: Allowing data portability ensures that users remain in control of their information and can move their data without being locked into a single platform. Identity verification ensures only the rightful owner can access or transfer their data.
      • Available File Formats
        Users can request their data in the following formats:
        • CSV (Comma-Separated Values) – Compatible with Excel and most database systems.
        • JSON (JavaScript Object Notation) – Used for system integrations.
        • XML (Extensible Markup Language) – Common for structured data sharing.
    • Processing Time:
      Portability requests are processed within 30 days, in accordance with GDPR guidelines.

7.3 Frequently Asked Questions (FAQs) About Your Rights

Q: How can I verify what personal data Teeth Traveler has about me?

A: You can request a copy of all personal data we store about you by submitting a data access request through your account settings or by emailing privacy@teethtraveler.com.

Q: Can I request to restrict how my data is used instead of deleting it?

A: Yes. If you want to temporarily restrict processing of your data (e.g., while disputing its accuracy), you can request this restriction via email or account settings. During this time, your data will be stored but not used.

Q: Will I still be able to use Teeth Traveler if I object to AI-based recommendations?

A: Yes. You can opt out of AI-based recommendations in your account settings. This means our system will no longer personalize search results based on past behavior, but you can still browse and book clinics manually.

Q: Can I stop my data from being shared with third parties?

A: Yes. You can opt out of data sharing with third parties for marketing and analytics purposes by adjusting your cookie settings or contacting us at privacy@teethtraveler.com. However, some essential data (e.g., for appointment bookings) must still be shared to complete services.

Q: What happens if I request data deletion but still have a pending appointment?

A: If you request data deletion but have an active or upcoming appointment, your data will be deleted only after the appointment is completed or canceled. Until then, we must retain basic data for appointment management.

Q: How can I revoke consent for data processing after I have already agreed?

A: You can withdraw consent at any time by updating your privacy settings in your account or contacting us. Any processing done before withdrawal remains lawful, but no further processing will occur.

8. Data Retention & Deletion

Section summary: We only keep your data for as long as necessary. This section details how long different types of data are retained and how you can request data deletion.

  • We only keep your personal data for as long as necessary to provide our service. Once your data is no longer needed, we permanently delete or anonymize it to prevent unnecessary storage and reduce security risks. 30 days prior upon deletion, we will notify you on this action taken. By limiting retention periods and securely deleting old data, we reduce privacy risks and comply with GDPR.
    • Example: If an account remains inactive for 12 months, an email reminder will be sent, allowing the user to log in and keep their account active.
    • How This Protects Your Privacy: advance notification ensures that users do not lose access to their data unexpectedly.
  • If you do not log into your account for 12 months, we will automatically delete your account and any associated data. Customer support interactions, such as emails and chat records, are stored for 12 months to help resolve future inquiries but are then permanently erased.

Data Type

Retention Period

Legal Basis

User Accounts

Deleted after 12 months of inactivity

Legitimate Interest (to maintain accurate records).

Customer Support Records

Stored for 12 months, then erased

Legitimate Interest (to improve customer service).

Billing & Payment Records

Stored for 5 years

Legal Obligation (tax compliance laws).

  • For legal and tax purposes, certain payment records must be retained for five years. However, this data is stored securely and separately from other personal information, ensuring it is only accessed when required by law.
    • Example: If you book a dental treatment and later delete your account, your appointment details will also be deleted. However, if you made a payment, the financial transaction record may be stored for tax compliance but without any personal identifiers.
    • How This Protects Your Privacy: By automatically deleting inactive accounts, limiting how long customer support interactions are stored, and securely handling financial records, we ensure your data is never kept longer than necessary.
  • User data deletion is handled both automatically and manually. Non-essential personal data is automatically purged after a defined period, while sensitive data deletion (e.g., medical records) undergoes a manual review for compliance purposes.
    • Example: If an account remains inactive for 12 months, it is automatically flagged for deletion, but financial transaction records are manually reviewed before being erased.
    • How This Protects Your Privacy: Combining automated deletion with manual checks ensures that personal data is removed securely and in compliance with regulatory requirements.

9. Minors, Parental Consent and Public User Content

Section summary: We do not knowingly collect data from minors under 16 in the EU or under 18 in other regions. This section explains our policies on minor data and parental consent.


9.1 Minors & Parental Consent

  • We do not knowingly collect or process data from children under 16 in the EU or under 18 in other regions without explicit parental consent. Our services are intended for adults looking for dental treatments, and we do not knowingly allow minors to book appointments or provide personal information.
  • If we accidentally receive data from a minor, we will delete it immediately upon discovery or parental request. Parents can contact us directly to verify and remove their child’s information.
    • Example: If a minor accidentally submits an appointment request, we will cancel the request and remove all associated data unless a parent or guardian confirms the booking.
    • How This Protects Your Privacy: By strictly limiting data collection from minors, requiring parental consent, and deleting data if collected mistakenly, we ensure the protection of children’s privacy.

9.2 Public User Consent

If you leave reviews or participate in community discussions, your posts may remain visible even after your account is deleted. However, you can request to remove specific content by contacting our support team.

    • Example: If you left a review about a dental clinic but later want it removed, you can send us a deletion request.
    • How This Protects Your Privacy: By giving users control over their public posts, we ensure that your online footprint aligns with your preferences.

10. Contact & Complaints

Section summary: If you have concerns about your data privacy or wish to file a complaint, this section explains how to contact us and what to expect from our response.

  • Teeth Traveler is not legally required to appoint a Data Protection Officer (DPO) under GDPR Article 37, as we do not process large-scale sensitive data or engage in systematic large-scale monitoring.
  • However, we take data privacy and security very serious and have a dedicated person that handles privacy-related inquiries. If you have questions, concerns, or requests regarding your privacy (e.g. concerns about the right to erase your data), you can contact us through the following channels:

Email: privacy@teethtraveler.com

Mailing Address: Congreso 2174 | 3B, C1428 Cdad. Autónoma de Buenos Aires, Argentina.

  • Even without a formal DPO, we maintain internal privacy governance to ensure data protection best practices.
  • If you believe that your data protection rights have been violated, please contact us directly.
  • If you wish to exercise their GDPR rights, you can email us and receive a response within 30 days.
  • As a user of our website, you have the right to file a privacy-related complaint, which will be reviewed by our Data Protection Team within 30 days of submission. If additional investigation is needed, users will be informed of the extended timeline.
    • Example: If a user believes their data was shared without consent, they can submit a complaint via email and expect a response within 30 days.
    • How This Protects Your Privacy: A structured complaint process ensures that user concerns are addressed transparently and in compliance with GDPR.
    • We take privacy complaints very seriously and will respond to all inquiries as quickly as possible. For example, if you believe that your data was shared without consent, you can file a complaint, and we will investigate the issue immediately.
    • How This Protects Your Privacy: By offering direct contact options, responding to privacy concerns quickly, and allowing users to report violations, we ensure that your privacy is respected at all times.

11. Policy Changes & Updates

Section summary: We may update this Privacy Policy over time. This section explains how and when we notify you about changes.

  • We may update this Privacy Policy from time to time to reflect changes in laws, new security measures, or improvements to our services. If a major change is made, we will notify you at least 30 days in advance via email and on our website. Minor updates will be communicated 7 days before they take effect.
    • Example: If we introduce a new security feature, such as enhanced fraud detection, we will update the privacy policy and let users know how it benefits their privacy.
    • How This Protects Your Privacy: By giving advance notice of changes, clearly explaining updates, and keeping users informed, we ensure you always know how your data is handled.

12. Effective Date & Final Agreement

This Privacy Policy is effective as of March 8, 2025. By using our platform and services, you agree to this policy and the ways in which we collect, use, and protect your data.