logo

HammTek™

HammTek-Business Privacy Policy

Effective Date: 12/03/2024

Introduction

Welcome to HammTek, where innovation meets dental health management. Our business application, alongside our web platform, serves as a cornerstone for dental professionals and administrators, providing them with cutting-edge tools to manage patient care effectively. This Privacy Policy is dedicated to outlining our steadfast commitment to safeguarding the privacy and security of the information within our ecosystem, catering to both our application and platform users.

Our solution is engineered to support a dynamic range of functionalities tailored to specific user roles, including admin tenants, doctors, and operators. These roles are pivotal in facilitating seamless patient management and dental health monitoring:

Our commitment extends to the meticulous handling of data collected through our business application and web platform. Adhering to the highest standards of privacy and data protection laws, including the General Data Protection Regulation (GDPR), this Privacy Policy elucidates our practices regarding the collection, use, safeguarding, and sharing of your data.

By engaging with our business application, you consent to the data practices described in this Privacy Policy. We are dedicated to transparency, security, and the respectful treatment of your data, ensuring a trust-filled relationship with all our stakeholders.

Consent

At HammTek, we prioritize the privacy of our users and their patients, adhering to stringent data protection standards. Understanding the unique structure of our business application, where user profiles are created by an organizer's admin tenant and not through individual registration, our approach to consent is tailored to respect this framework while ensuring compliance with applicable data protection laws.

Consent Process and Responsibilities:

Admin Tenant Initiated: User profiles within our business application are created exclusively by the organizer's admin tenant. This process involves collecting necessary personal and professional information to set up accounts for doctors, operators, and other relevant roles. It is the responsibility of the admin tenant to obtain any required consents from individuals before creating their profiles.

Patient Data: In cases where patient information, including sensitive health data, is entered into our system, it falls under the admin tenant’s responsibility to secure informed consent from patients or their legal guardians. HammTek provides guidelines and templates to support admin tenants in this process, ensuring that patient data handling complies with privacy regulations and respects patient rights.

Limited Access by HammTek: HammTek is designed to ensure that we do not have direct access to patient or user information stored within the application by our clients. Our role is to provide the technological framework for dental health management while safeguarding data privacy and security. Our access to data is strictly limited to what is necessary for providing support and maintenance of the application, always in compliance with our data protection obligations.

Rights and Control:

User and Patient Rights: Both users and patients have rights concerning their personal data, including the right to access, rectify, or erase their information, as well as the right to withdraw consent. Since HammTek operates under the admin tenant's management, requests to exercise these rights are facilitated through the admin tenant who manages the application's user and patient data.

Transparency and Accountability: We commit to transparency in our data handling practices. Although HammTek does not directly collect or manage user and patient data, we ensure our platform supports compliance with data protection laws, providing features that enable admin tenants to manage consent and data rights effectively.

Consent for Minors: Special attention is given to data concerning minors. Admin tenants are advised to follow enhanced consent procedures, obtaining explicit consent from parents or legal guardians, in alignment with legal requirements before entering minors' data into the application.

By leveraging HammTek's business application, all parties acknowledge and agree to these consent and data handling practices, ensuring a secure and compliant environment for managing dental health information.

Information We Collect

We collect the minimal necessary information to provide our Services effectively, which includes:

Profile Information: Name, email, date of birth, and address.

Health Data: Dental analysis reports without storing images or videos post-analysis.

App Usage Data: Information on how the Services are accessed and used, such as device information and log data.

Use of Information

HammTek's business application facilitates comprehensive dental health management by enabling the creation and management of user profiles by admin tenants and the collection of patient information. Below is a detailed overview of the types of information collected within our system:

User Information:

When an admin tenant creates a user profile, the following information is required:

This information is necessary for setting up user accounts, enabling access to the application, and ensuring users can perform their designated roles effectively.

Patient Information:

In managing patient care, the application allows for the collection of the following types of patient information:

The collection of patient information is pivotal in providing high-quality, personalized dental care. It enables healthcare professionals to make informed decisions based on comprehensive health profiles and dental assessments.

Use of Information:

The information collected is used strictly for the purposes of facilitating dental health management through our application. This includes enabling healthcare professionals to access patient histories, conduct analyses, and plan treatments effectively. User information is utilized to manage access to the application and ensure each user can fulfill their role within the system, enhancing the overall functionality and efficiency of dental health management services provided by our clients.

HammTek is committed to protecting the privacy and security of all personal and sensitive information collected through our application. We implement rigorous data protection measures and adhere to applicable privacy laws and regulations, ensuring the information is handled with the utmost care and responsibility.

Sharing of Information

HammTek is dedicated to maintaining the confidentiality and integrity of the information collected through our business application. The sharing of information is governed by strict policies and protocols to ensure data privacy and security, aligning with our commitment to our users and their patients. Below, we outline the circumstances under which information may be shared within our platform:

Within the Application:

Admin Tenants to Doctors and Operators: Admin tenants have the capability to assign patients to doctors, which necessitates sharing patient information, including basic personal details, dental and medical history, and dental videos, with the assigned doctors. This sharing enables doctors to access the necessary information to provide personalized and effective dental care. Operators, although they can define patients, may have limited access to patient information based on their specific operational role and permissions set by the admin tenant.

With Service Providers:

Technical Support and Development: HammTek may share limited user information with trusted third-party service providers who assist in the maintenance and enhancement of our application. This includes IT support services, cloud hosting, and software development partners. All service providers are bound by confidentiality agreements and are required to use the information solely for the purpose of providing the contracted services, ensuring the ongoing integrity and security of the application.

Patient Consent and Privacy Rights:

Consent-Based Sharing: Any sharing of patient information beyond the direct care team (admin tenants, doctors, and operators) within the application will be based on explicit consent obtained from the patient or their legal guardian. Patients have the right to review, amend, or withdraw their consent at any time, which may affect the availability of certain application functionalities or services.

HammTek ensures that all information sharing is conducted with the highest level of data protection and privacy standards in mind. Our policies are regularly reviewed and updated to reflect best practices and compliance with evolving data protection laws and regulations.

Data Security

At HammTek, safeguarding the confidentiality, integrity, and availability of the information within our business application is paramount. We employ a comprehensive approach to data security, incorporating advanced technological measures, stringent operational protocols, and continuous vigilance to protect against unauthorized access, disclosure, alteration, and destruction of information.

Technical Safeguards:

Encryption: We use strong encryption methods for data both in transit and at rest, ensuring sensitive information is securely encoded and protected from interception or unauthorized access.

Access Control: Access to information within our application is strictly controlled and based on user roles (admin tenant, doctor, operator).

Data Segmentation: Patient and user data are segmented within our systems, ensuring that information is accessible only to authorized individuals based on their specific roles and the necessity of access for their function.

Operational Measures:

Data Minimization: We adhere to the principle of data minimization, collecting only the information necessary for the intended purposes of dental health management, thereby reducing potential risks to data privacy.

Regular Audits and Assessments: Our systems and security practices undergo regular audits and risk assessments to identify potential vulnerabilities and implement corrective measures promptly.

Employee Training: All employees and contractors are regularly trained on data protection policies and best practices for handling sensitive information, reinforcing our culture of security and privacy.

Compliance and Standards:

Regulatory Compliance: HammTek is committed to complying with applicable data protection laws, including the GDPR, ensuring that our data handling practices meet legal requirements and industry standards.

Certifications and Standards: We strive to maintain certifications and adhere to industry standards relevant to data security and privacy, continuously improving our systems and processes to align with best practices.

At HammTek, we recognize the importance of trust in our relationship with clients and their patients. Therefore, we are committed to transparently communicating our data security measures and continuously enhancing our defenses to protect against emerging threats and vulnerabilities.

Your Rights

As a user or patient within the HammTek business application ecosystem, you have specific rights concerning your personal data:

To exercise any of these rights, please contact the admin tenant who manages your data within our application. They will facilitate your request in accordance with our internal policies and applicable laws.

Data Retention

HammTek is committed to not retaining personal data longer than necessary for the purposes for which it was collected, including for satisfying any legal, accounting, or reporting requirements.

Our data retention practices are regularly reviewed to ensure compliance with applicable laws and regulations. If you have any questions about our Data Retention policy, please contact the admin tenant or our data protection office.

Changes to Privacy Policy

HammTek is committed to continuously reviewing and updating our privacy policy to reflect changes in our practices, technology, legal requirements, and users’ feedback. As our business application evolves, and as we expand or modify our services, it may become necessary to make changes to this Privacy Policy.

Notification of Changes:

Updates: Should there be any significant changes to our privacy practices or this policy, we will provide clear and prominent notice within our business application, on our website, or through direct communication with our users, depending on the nature of the change.

Review: We encourage all users and admin tenants to review this policy periodically for any updates. The date of the last update will always be posted at the top of this policy, helping you to know when it was last revised.

Your Continued Use Constitutes Agreement:

Acceptance of Changes: By continuing to use the HammTek business application and services after these changes are posted, you agree to the revised policy. If you do not agree to the changes, you should discontinue your use of the application and services.

VERSION OF THIS PRIVACY POLICY 

 This policy was last updated in March 2024. HammTek will keep this privacy policy continuously under review and reserves the right to modify this document. We recommend you to regularly consult this document for the latest updates, and at least when we have notified you about changes, we made.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

support@hammtek.com

HammTek Oy

Kuortaneenkatu 2,

00510 Helsinki, Finland

Website: www.hammtek.com