askadent is a dental triage service operated by askadent Pty Ltd (ABN [ABN]) in Australia ("we", "us", "our"). When you use askadent we collect and handle health information about you, which is sensitive information under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where state-level health records legislation imposes a stricter standard (for example the NSW Health Records and Information Privacy Act 2002 or the Vic Health Records Act 2001) we follow that stricter standard.
What we collect
Your photos, your answers on the intake form, and your email address. We also store the dentist's assessment, any follow-up question and reply, an anonymous marker of how you reached us, and a small set of technical records (IP address, browser/device type, access timestamps) needed to operate the service securely and produce the audit log referenced under "Security".
We do not collect: your home address, date of birth, Medicare number, or any other government identifier; your bank or card details (when payment is enabled, that goes directly to a third-party payment provider); or anything about your health beyond what you tell us yourself.
Why we collect it
To produce your assessment and deliver it to you. We do not use your information for marketing.
Where it lives, and who runs it
We use a small number of service providers to operate askadent. The categories, locations, and what they handle are:
| Service | Location | What it handles |
|---|---|---|
| Application servers, scheduled background jobs, database, rate-limit counters | Sydney, Australia | The website itself, your case record, intake answers, dentist's assessment |
| Photo object storage | Sydney, Australia | Your photos, accessed only via short-lived signed links |
| Transactional email delivery | United States | The email that contains your assessment link |
| Server-side error monitoring | United States | Error reports with personal information removed before they leave our infrastructure |
| Payment processing (when enabled) | Australia | Card transactions; we never see your card number |
Where a provider is located outside Australia we have taken reasonable steps under APP 8.1(a) to satisfy ourselves that they handle personal information consistently with the APPs. The practical mitigations are: (a) the email we send you contains a link, never the assessment text; (b) personal information is stripped from error reports before they leave our infrastructure; (c) each provider has signed a contract with us including confidentiality and security obligations.
We will provide the current list of specific organisations on request — email privacy@askadent.com.
Who can see it
The reviewing dentist (verified at AHPRA at onboarding); a small named team of administrators who operate the service and action your support and privacy requests; our service providers in the course of providing their service. We do not sell, rent, or share your information with advertisers, brokers, insurers, or any other third party for marketing.
How long we keep it
Your case (intake answers, photos, dentist assessment, follow-up Q&A) is kept for 7 years from submission, in line with the NSW Health Records and Information Privacy Act convention, and then permanently deleted by an automated daily process. You can request earlier deletion at any time.
Security
We use industry-standard controls including encryption in transit and at rest, strong (passkey-based) clinician sign-in with idle revocation, per-case unique access links rotated each time we email you, an append-only audit log of every clinician sign-in and case action, rate limiting on every sensitive endpoint, and a kill switch to take the service offline immediately if needed.
Cookies
We use a small number of cookies that are strictly necessary to keep your case bound to your browser through the intake and result-page flow. We do not use advertising or tracking cookies and we do not embed third-party tracking pixels. We do not use session-replay tools, mouse-movement analytics, or any third-party tool that records your interactions with the service. There is no cookie banner because there are no non-essential cookies to opt into.
Your rights
You can request access to the personal information we hold about you (APP 12), correction of anything that is wrong (APP 13), and deletion of your case before the 7-year retention period expires. Use the form on your case page (preferred — it carries your case reference) or email privacy@askadent.com. We acknowledge within 7 days, respond substantively within 30 days, and never charge.
Data breaches and complaints
Under the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act) we will notify you and the Office of the Australian Information Commissioner if an eligible data breach is likely to result in serious harm to you. If you believe your information has been mishandled, contact us at privacy@askadent.com first. If you are not satisfied with our response, you can complain to the OAIC on 1300 363 992 or at https://www.oaic.gov.au.
Changes to this policy
When we materially update this policy we publish a new version. The version current at the moment you submit your case is recorded against your case so we can always reproduce the exact text you agreed to.
Contact
- Privacy: privacy@askadent.com
- Security: security@askadent.com
- Entity: askadent Pty Ltd (ABN [ABN])