Patientdesk Back to Home
Your data is protected

Privacy Policy

Patientdesk AI, Inc.

2261 Market Street, STE 84361, San Francisco, CA 94114

Last Updated: February 6, 2026

1. Introduction

Patientdesk AI, Inc. ("Patientdesk," "we," "us," or "our") provides an AI-powered receptionist and patient communication platform designed exclusively for dental and healthcare practices. This Privacy Policy explains how we collect, use, store, and protect information when you use our platform and services.

By using Patientdesk, you acknowledge and agree to the practices described in this policy. If you do not agree, please discontinue use of our services immediately.

2. Information We Collect

2.1 Practice Information

Information provided by the dental or healthcare practice during onboarding and ongoing use:

  • Practice name, address, and contact details
  • Staff names, roles, and work schedules
  • Office hours, appointment types, and scheduling rules
  • Treatment offerings, protocols, and pricing provided by the practice
  • Practice Management System (PMS) credentials for integration purposes
  • Insurance networks and accepted plans as provided by the practice

2.2 Patient Interaction Data

Information collected during AI-handled phone calls and communications:

  • Caller name, phone number, and date of birth (as voluntarily provided by the caller)
  • Reason for call and appointment preferences
  • Insurance member ID and carrier details (for eligibility verification only)
  • Call recordings and AI-generated transcripts
  • Appointment booking confirmations and follow-up communications

2.3 Automatically Collected Data

  • Call metadata (timestamps, duration, call disposition)
  • System usage logs and performance metrics
  • IP addresses and browser information when accessing the dashboard
  • Error logs for troubleshooting and service improvement

3. How We Use Your Information

We use collected information strictly for the following purposes:

  • Providing the Service: Answering inbound calls, booking appointments, and communicating with patients on behalf of your practice
  • Insurance Verification: Submitting eligibility checks to clearinghouses using patient-provided insurance details
  • Collections & Follow-Up: Contacting patients regarding outstanding balances or payment plans, as directed by the practice
  • PMS Integration: Syncing appointment data, patient records, and call summaries with your practice management system
  • Call Quality & Training: Reviewing call recordings to improve AI accuracy, tone, and adherence to your practice's protocols
  • Dashboard & Analytics: Providing you with call analytics, booking rates, and performance insights
  • Customer Support: Assisting with setup, troubleshooting, and ongoing account management

We never use patient data for marketing, advertising, or any purpose unrelated to delivering our contracted services to your practice.

4. No Medical Triage or Clinical Advice

Patientdesk does not perform medical triage, diagnose conditions, recommend treatments, or provide any form of clinical or medical advice.

Our AI receptionist strictly follows the scripts, protocols, and guidelines provided by your practice. All clinical decisions, emergency handling procedures, and treatment recommendations remain the sole responsibility of the healthcare provider. When a caller describes a potential emergency, our system follows your practice's specific emergency protocol (e.g., directing them to call 911 or providing your after-hours emergency number).

5. Data Security

We implement comprehensive security measures to protect all data processed through our platform:

5.1 Encryption

  • All data is encrypted in transit using TLS 1.2 or higher
  • Data at rest is encrypted using AES-256 encryption
  • Call recordings are stored in encrypted, access-controlled environments

5.2 Access Controls

  • Role-based access controls limit data visibility to authorized personnel only
  • Multi-factor authentication is enforced for internal systems
  • Practice dashboard access is protected by secure authentication

5.3 Infrastructure

  • Hosted on SOC 2-compliant cloud infrastructure
  • Regular security audits and vulnerability assessments
  • Automated monitoring for unauthorized access attempts
  • Redundant backups with geographic distribution

6. Data Sharing and Third Parties

6.1 Service Providers

We work with carefully vetted third-party providers to deliver our services, including:

  • Voice AI and telephony infrastructure providers
  • Insurance eligibility clearinghouses
  • Cloud hosting and storage providers
  • Payment processing (Stripe)

All third-party providers are bound by data processing agreements and are required to maintain security standards consistent with our own.

6.2 We Never Sell Your Data

Patientdesk does not sell, rent, lease, or trade personal information or patient data to any third party, under any circumstances.

6.3 Legal Requirements

We may disclose information only when required by law, valid legal process, or to protect the rights, safety, or property of Patientdesk, our clients, or the public.

7. Data Retention

  • Call recordings and transcripts: Retained for the duration of your active subscription plus 90 days after termination, unless a longer retention period is required by applicable law or requested by the practice
  • Practice account data: Retained for the duration of the subscription and deleted within 90 days of account closure upon written request
  • System logs: Retained for up to 12 months for security and operational purposes

You may request early deletion of specific data by contacting us at info@patientdesk.ai.

8. Healthcare Data Compliance

Patientdesk is designed with healthcare data handling in mind:

  • We maintain administrative, physical, and technical safeguards for protected health information (PHI)
  • We enter into Business Associate Agreements (BAAs) with healthcare practices as required under HIPAA
  • Patient data is accessed only on a need-to-know basis to provide the contracted services
  • We do not use PHI for any purpose other than delivering services to the practice
  • Staff with access to PHI undergo security training and are bound by confidentiality obligations

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request details about the personal information we collect and how it is used
  • Right to Delete: Request deletion of your personal information, subject to legal and contractual exceptions
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: We do not sell personal information, so this right is satisfied by default
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, email us at info@patientdesk.ai. We will respond within 45 days as required by law.

10. Cookies and Website Tracking

Our website and dashboard may use:

  • Essential cookies: Required for authentication and basic site functionality
  • Analytics cookies: Used to understand how visitors interact with our website (e.g., Google Analytics)
  • Marketing pixels: Used on our marketing pages only (not within the practice dashboard or patient-facing systems)

No cookies or tracking technologies are used within the AI call system itself.

11. Children's Privacy

Patientdesk does not knowingly collect personal information from individuals under 13 years of age. When our AI interacts with a minor's parent or guardian regarding a child's appointment, the information collected relates to the scheduling request and is handled under the practice's authority and in accordance with applicable law.

12. International Data

Our services are primarily hosted and operated within the United States. If data is processed by sub-processors located outside the United States, we ensure appropriate safeguards are in place, including standard contractual clauses and data processing agreements.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to the practice administrator on file, and the updated policy will be posted on our website with a revised "Last Updated" date. Continued use of our services after changes take effect constitutes acceptance of the revised policy.

14. Contact Us

For questions, concerns, or requests related to this Privacy Policy or your data, contact us at:

Patientdesk AI, Inc.

2261 Market Street, STE 84361, San Francisco, CA 94114

Email: info@patientdesk.ai

15. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the State of California, United States, without regard to conflict of law principles.