Legal

Privacy Policy

Last updated: June 12, 2026

We follow a minimal data capture philosophy, collecting only what is necessary for the service to function. This policy explains what we do collect, why, and how it's protected.

1. Who we are

Toothmind is a clinical note-generation tool for licensed dental professionals, built and operated by Toothmind Inc. ("Toothmind," "we," "us," or "our"), a company incorporated in Canada.

This Privacy Policy describes how we collect, use, disclose, and protect information when you use Toothmind. It applies to all users of our web application and related services.

Dentists and other regulated health professionals who use Toothmind are "health information custodians" under PHIPA and equivalent provincial legislation. Toothmind acts as a service provider to those custodians. This policy describes our obligations as a service provider and how we are designed to support your compliance obligations. We recommend confirming how Toothmind fits within your practice's existing privacy program.

If you have questions about this policy, contact our privacy officer at info@toothmind.com.

2. Our privacy architecture

Toothmind is not a scribe. We do not record patient conversations or ambient audio from your clinic. We are designed to capture only the minimum procedural information necessary to produce a draft note, and nothing more. You provide the clinical context; we generate a structured note for your review, edit, and completion.

Procedural inputs (the descriptions you type or speak before generating a note) contain no patient or clinician names, no dates of birth, no health card numbers, and no appointment identifiers. They describe a procedure, not a person: tooth number, procedure type, materials used, clinical findings. Our system has no fields for identifying information, and our terms of service prohibit its entry.

Even so, a procedural input could still be considered personal health information. Rather than debate that classification case by case, we apply the same technical and contractual protections to all procedural inputs that would be required if they were personal health information. The stricter standard applies regardless.

The sections below explain exactly what data flows where, and under what protections.

3. How we handle clinical data

When you generate a note, you submit a brief procedural description: tooth number, procedure type, materials used, anything clinically relevant. This input is transmitted to our AI processing infrastructure, a note is generated and returned to you, and the input is then discarded. We do not store your procedural inputs.

If you use the voice input feature, your spoken audio is transmitted to our AI processing infrastructure for transcription, then deleted immediately. The audio never persists on any system. Only the resulting text is used for note generation and is subject to the same transient-only handling described above. If you begin a voice input and want to discard it before submission, a cancel button stops recording immediately and nothing is transmitted or processed.

If you use the cross-device dictation feature, the transcribed text exists transiently in server memory — not written to disk or stored in a database — to allow you to retrieve it from another device. It is automatically cleared once accessed, or within 15 minutes if not retrieved.

The generated note itself is returned to you and is not stored by Toothmind. You copy it into your practice management software; that copy is yours, under your custody as the health information custodian.

4. What we collect

Account information

When you create an account, we collect:

  • Your email address
  • An access token used to authenticate your sessions
  • Clinical preferences, if saved (such as note style, materials, or protocol preferences)
  • Custom note templates, if saved

Usage data

We collect limited technical data to operate the service:

  • A counter, reset daily, to prevent service abuse
  • Error logs

5. What we do not collect

Toothmind is designed around minimal data capture. We do not collect:

  • Patient names, dates of birth, health card numbers, or any other direct patient identifiers. Our system has no fields for this information and our terms of service prohibit its entry.
  • Audio recordings of patient visits. Toothmind does not record patient conversations or ambient audio from your clinic.
  • Full patient records or chart data from your practice management software. Toothmind receives only what you type or speak into it.
  • Your procedural inputs after a note is generated. They are processed transiently and immediately discarded.
  • Your generated notes. Once a note is returned to you, we do not retain a copy on our servers.
  • Tracking or advertising data. We do not use third-party advertising networks, behavioral tracking pixels, or cross-site tracking cookies.

6. How information is used

We use the information we collect to:

  • Authenticate you and maintain your session
  • Generate draft clinical notes from your transient procedural inputs
  • Monitor system health and diagnose errors using aggregated usage and error log data
  • Communicate with you about your account or material changes to this policy
  • Comply with applicable law

We do not sell your data. We do not use your inputs to train AI models. We do not share your information with third parties except as described in Section 7.

7. Third-party service providers

We share limited data with the following categories of service providers to operate Toothmind. Each processes data only as directed by us, under data processing agreements (DPAs) and, where applicable, business associate agreements (BAAs).

AI processing

Your procedural inputs are processed by AI language model infrastructure hosted in Canada. We have executed a Data Processing Addendum and a Business Associate Addendum with our AI processing provider. Under these agreements: (a) inputs are not retained after a response is returned; (b) inputs are not used to train or improve AI models; and (c) data is processed under controls aligned with PIPEDA and PHIPA requirements.

Cross-border notice: Our AI processing infrastructure is configured to use Canadian regions. However, cloud AI infrastructure may route compute across data centres, including in the United States. Data may transiently pass through U.S. infrastructure during processing before being returned to you, over the provider's private network. It is not stored there. Where this occurs, data may theoretically be subject to U.S. legal process. Under our Data Processing Addendum and Business Associate Addendum, our provider treats all processed data as personal health information and applies the corresponding protections, regardless of whether it contains identifiers. Because inputs contain no patient or clinician identifiers and are not retained after processing, the risk of meaningful exposure is minimal.

Application hosting

Our web application is hosted on cloud infrastructure in Canadian regions, under a Data Processing Addendum. This provider handles web traffic and application execution; it does not directly receive or process clinical note inputs.

Account data storage

Your account information is stored with a database provider hosted in Canadian cloud regions.

8. Data residency

Our application hosting and account data storage are located in Canada. Our AI processing infrastructure is configured to use Canadian regions. The cross-border notice regarding transient U.S. processing during AI inference is described in Section 7.

9. Data retention

  • Clinical note inputs: Not retained. Discarded after the note is generated and returned to you. Our AI processing provider is contractually prohibited from retaining inputs under our DPA and BAA.
  • Cross-device dictation text: Exists transiently in server memory only. Cleared automatically upon retrieval, or within 15 minutes if not retrieved. Never written to disk or database.
  • Generated notes: Not retained by Toothmind. Returned to you only; you control what you do with them from there.
  • Account information: Retained for the duration of your account and deleted within 30 days of account closure upon request.
  • Usage data: Retained only as long as necessary for operational purposes, then deleted.
  • Error logs: Retained only as long as necessary for diagnostic purposes, then deleted.

10. Cookies and tracking

Toothmind uses only the cookies necessary to operate the service: session authentication cookies that keep you logged in. We do not use advertising cookies, behavioral tracking pixels, or third-party analytics that track you across sites.

You can configure your browser to refuse cookies, but doing so will prevent you from logging in to Toothmind.

11. Your rights

Under PIPEDA and applicable provincial privacy legislation (including PHIPA in Ontario), you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Request deletion of your personal information, subject to legal retention obligations
  • Withdraw consent for discretionary uses of your data
  • File a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca, or with the Information and Privacy Commissioner of Ontario for matters arising under PHIPA

To exercise any of these rights, contact us at info@toothmind.com. We will respond to your request within 30 days.

Note: because procedural inputs and generated notes are not retained, we cannot retrieve or delete data you submitted for note generation, as it no longer exists on our systems.

12. Security

We protect your information using:

  • TLS encryption for all data in transit
  • Encryption at rest for stored account and usage data
  • Access controls limiting data access to authorized personnel only
  • Data processing agreements with all infrastructure providers
  • Security reviews of our application

Despite these measures, no system is completely secure. If we become aware of a privacy breach that creates a real risk of significant harm to you, we will notify you and the applicable privacy commissioner as required by law. Under PIPEDA's breach notification regulations, this notification will occur as soon as feasible after we determine the breach meets the reporting threshold.

13. Regulatory alignment

Toothmind is designed to align with:

  • The Personal Information Protection and Electronic Documents Act (PIPEDA), federal, governing account and usage data
  • The Personal Health Information Protection Act (PHIPA), Ontario, governing our role as a service provider to health information custodians

14. Changes to this policy

We may update this policy from time to time. Material changes, including changes to our infrastructure providers, data flows, or your rights, will be communicated by email or a notice within the application before taking effect. The last updated date at the top of this page reflects the most recent revision.

Continued use of Toothmind after a policy update constitutes acceptance of the revised terms. If you do not accept a material change, you may close your account directly within the application or by contacting us at info@toothmind.com.

15. Contact

For privacy-related inquiries, requests, or complaints:

Privacy Officer
info@toothmind.com

You also have the right to contact:

  • Office of the Privacy Commissioner of Canada at priv.gc.ca
  • Information and Privacy Commissioner of Ontario, for matters arising under PHIPA

If you believe your privacy rights have been violated, you may file a complaint with the applicable commissioner at any time, regardless of whether you have first contacted us.