Dentistry Dashboard
Free Trial

Compliance, Security & GDPR (UK/EU)

Last updated: 1 Sept 2025

At a glance

  • GDPR compliant (UK GDPR & DPA 2018)
  • You control patient data (you're the Controller; we operate as your Processor)
  • UK/EU hosting on Microsoft Azure (e.g., UK South) and AWS (UK/EU regions)
  • No routine transfers outside the UK/EEA (SCCs/IDTA if ever required)
  • Encryption: TLS in transit, encryption at rest
  • Daily backups with rolling retention
  • AI Notes: no raw audio stored; Azure AI Speech transcribes in real time; Gemini (Vertex AI) helps format drafts
  • Registered with the MHRA as a Digital dictation system (documentation support only)
  • Cyber Essentials certified
Bottom line: You own the data. We secure it. You decide what stays, what's shared, and what's deleted.

What we actually do with your data

AI Notes (documentation support):

While you speak, Azure AI Speech turns your voice into text in real time. We don't keep the audio. We then use Google Cloud Vertex AI (Gemini) to help turn the transcript and your settings into a tidy draft. You review and edit before saving the final note into your practice's clinical system (PMS).

Boards, Rotas, Lab Tracker & CPD:

These are secure workspaces your team controls. Add what you need (tasks, logs, rota entries, lab cases, certificates). You can export, rename, or delete items whenever you like.

We never sell personal data. Ever.

Where your data lives

  • Hosted in UK/EU data centres: Microsoft Azure (e.g., UK South) and AWS (UK/EU regions).
  • No routine transfers outside the UK/EEA. If a specific service needs it, we use approved safeguards (SCCs/IDTA) and choose EU/UK regional options wherever possible.

Security, without the jargon

Encryption by default

TLS 1.2+ in transit, encryption at rest with cloud‑managed keys.

Access control

Role‑based permissions and least‑privilege access.

Resilience

Daily backups and region‑appropriate redundancy.

Good engineering hygiene

Secure development, change control, dependency monitoring, logging and alerts.

AI provider settings

Where supported, we disable provider training on your content and minimise retention.

Your choices & rights

  • Rename or delete your Saved Chats in AI Notes any time.
  • Ask to access, correct, delete, restrict, or port your personal data.
  • Prefer fewer cookies? Use our cookie controls on the website.
  • Need help? A human will respond at info@dentistrydashboard.com.

What Dentistry Dashboard is not

  • We don't make clinical decisions. AI Notes is for drafting documentation only. Clinicians remain in charge.
  • We don't store raw audio from dictation.
  • We don't move your data outside the UK/EEA as a matter of routine.

For practices & IG teams

Roles

Your practice = Controller (patient/practice data). Dentistry Dashboard = Processor for that data; Controller for our own account/billing data.

Hosting

Azure (e.g., UK South) & AWS (UK/EU).

AI services

Azure AI Speech (STT), Vertex AI (Gemini) (LLM drafting). EU/UK regionalisation used where available.

Sub‑processors

Core: AWS, Azure, Stripe (billing), Google Analytics/Tag Manager (site/app telemetry). Optional (you connect): Google Workspace, Zapier. Full register with regions/purposes on request.

International transfers

Not routine; when required, SCCs/IDTA used.

Retention

Saved Chats stay until users delete them. Backups follow a rolling schedule. Medical‑device governance records retained per law.

Breach response

As Processor we notify Controllers without undue delay. We support ICO 72‑hour obligations.

Legal docs

Standard DPA (Art. 28) available; DPIA support info on request.

Questions? Talk to us

Email: info@dentistrydashboard.com

Privacy Policy: View Privacy Policy

Terms: Terms & Conditions