Legal
Data Processing Agreement
This Data Processing Agreement ("DPA") forms part of the Terms of Service between the clinic ("Controller") and [LEGAL NAME] ("Denti", the "Processor"). It is concluded under Article 28 of the GDPR and Kosovo Law No. 06/L-082, and is accepted electronically when a clinic is set up.
Roles. The clinic is the Controller of its patient and staff data and decides why it is processed. Denti is the Processor and acts only on the clinic's documented instructions.
1. Subject, nature & purpose
Denti processes personal data solely to provide the platform (appointments, patient records, treatments, payments, invoicing, inventory, analytics) for the duration of the Controller's subscription.
2. Data subjects & categories of data
- Data subjects: the clinic's patients and staff.
- Personal data: identity and contact details, appointment and billing data.
- Special-category data (Art. 9): dental/health and treatment records — processed only on the Controller's instructions.
3. Denti's obligations
- Process personal data only on the Controller's documented instructions (including these Terms).
- Ensure persons authorised to process data are bound by confidentiality.
- Implement the technical and organizational measures in Section 4.
- Assist the Controller with data-subject requests and with security, breach, and DPIA obligations.
- Make available information needed to demonstrate compliance.
4. Security measures (Art. 32)
- TLS encryption of all traffic; encryption of sensitive data where appropriate.
- Hashed passwords, role-based access control, and optional two-factor authentication.
- Strict tenant isolation — see Section 8.
- Audit logging of important actions and login/security events.
- Regular, securely stored backups.
- EU-only hosting (Section 6).
5. Sub-processors
The Controller grants general authorization for Denti to engage the sub-processors listed in our Sub-processor list (currently Hetzner Online GmbH for hosting and Resend for transactional email). Denti imposes data-protection obligations on each sub-processor and remains liable for their performance. We will give prior notice of any new sub-processor, and the Controller may object on reasonable data-protection grounds.
6. International transfers
🇩🇪 All data is stored on infrastructure in Germany (Hetzner), within the EU. Data does not leave the EU. Where any sub-processor would transfer data outside the EU/EEA, appropriate safeguards (e.g. Standard Contractual Clauses) are applied.
7. Data-subject rights & breach
Denti will assist the Controller in responding to patient/staff requests (access, rectification, erasure, portability, etc.). On becoming aware of a personal-data breach, Denti will notify the Controller without undue delay with the information needed for the Controller's own notification duties (Art. 33).
8. Tenant isolation
🔒 Denti never shares one clinic's data with another clinic. Every record is bound to a single clinic, and application and database logic enforce clinic-level access. A clinic can never see or reach another clinic's data.
9. Return & deletion of data
📤 On termination, Denti exports all of the Controller's data to the Controller in CSV/Excel files and then permanently deletes it from Denti's systems within the agreed retention window (e.g. 30 days), unless retention is required by law. The Controller is never locked in.
10. Audits
Denti will make available information reasonably necessary to demonstrate compliance with this DPA and allow for and contribute to audits, subject to reasonable confidentiality and security conditions.
11. Liability & governing law
Liability is as set out in the Terms. This DPA is governed by the laws of the Republic of Kosovo and the GDPR.
12. Acceptance
This DPA is accepted electronically by the clinic owner during clinic setup. A countersigned copy is available on request at legal@denti.app.