Privacy Policy

Sacramento Dentistry Group ("we," "us," or "our") respects your privacy. This Privacy Policy explains what information we collect when you visit https://sacramentodentistry.com or interact with our practice, how we use that information, and the rights you have under federal and California law.

Scope of this policy

This Privacy Policy applies to information collected through our Website and through non-clinical interactions with our practice such as appointment requests, contact forms, phone calls, and email communications. Your protected health information (PHI), including clinical records, diagnoses, treatment plans, and insurance claims, is governed separately by the Health Insurance Portability and Accountability Act ("HIPAA") and our Notice of Privacy Practices, which is available at our front desk or by request. If there is any conflict between this Privacy Policy and our HIPAA Notice of Privacy Practices regarding your health information, the HIPAA notice controls.

Information we collect

Information you provide directly

We collect personal information when you book an appointment, submit a contact form, call our office, email us, request medical records, or provide insurance information. This may include your name, address, phone number, email address, date of birth, insurance details, and any other information you choose to provide.

Information collected automatically

When you visit our Website, our hosting and content-delivery provider (Cloudflare) processes limited technical connection data, including IP address, browser type, device type, operating system, and the pages requested. This is the same connection data every website host necessarily receives in order to serve and secure a website. We use it, in aggregate, to understand general traffic patterns and to protect the site against abuse.

We do not use Google Analytics, the Meta (Facebook) pixel, the TikTok pixel, session-replay or "heat map" tools, or any third-party advertising or cross-site tracking technology on this Website. Our traffic measurement is performed by Cloudflare at the network edge: it is cookieless, runs no code in your browser, does not transmit anything from your device to a separate analytics company, does not track you across other websites, and is not used to identify you or build a profile.

Information from third parties

We may receive information about you from NexHealth (our online scheduling platform), insurance carriers, referring dental or medical providers, and payment processors in connection with your care or account.

How we use your information

• To schedule, deliver, and follow up on dental care.
• To verify your insurance coverage and process claims and payments.
• To respond to your questions, requests, and communications.
• To send appointment reminders, treatment plan updates, and recall notices.
• To improve the security, performance, and content of our Website.
• To comply with legal, regulatory, and HIPAA obligations.
• To detect and prevent fraud or unauthorized access to our systems.

We do not use your personal information for automated decision-making or profiling. We do not use your information to serve you targeted advertising.

Cookies and tracking technologies

This Website does not use cookies for analytics, advertising, or cross-site tracking, and it does not load any third-party advertising or analytics scripts. We do not use Google Analytics or any similar third-party measurement tool.

The only information stored on your device is kept locally in your browser (using local storage) for two functional purposes: to remember your accessibility-toolbar preferences, and to remember that you have dismissed our privacy notice. This information stays on your device, is never transmitted to us or to any third party, and is not used to track you. You can clear it at any time through your browser settings.

Two features connect to outside services only when you choose to use them. Our location maps load from Google Maps only after you click to load them (nothing is sent to Google when the page first loads), and the payment calculator on our financing page is provided by Cherry Technologies, Inc. Each is described where it appears, and each is governed by that provider's own privacy policy.

How we share your information

We do not sell your personal information. We share information only as necessary to operate our practice and serve you, including with:

• Service providers that help us schedule appointments (NexHealth), process payments, and host, secure, and measure traffic to our Website (Cloudflare, which serves as our hosting, content-delivery, and edge-analytics provider). These providers act on our behalf, receive only the information needed to perform their services, and are contractually required to protect it and not use it for their own purposes.
• Insurance carriers and clearinghouses when necessary to verify coverage and submit claims on your behalf.
• Other healthcare providers involved in your care, including referrals to specialists, as permitted by HIPAA.
• Patient financing providers (Cherry, CareCredit) if you choose to apply for financing. Your decision to apply is voluntary, and those providers have their own privacy policies.
• Government authorities and law enforcement when required by law, subpoena, court order, or to comply with regulatory requirements.

Your California privacy rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act give you the following rights regarding personal information that is not protected health information under HIPAA (which is governed by our separate HIPAA Notice):

• Right to know. You may request a copy of the categories and specific pieces of personal information we have collected about you in the past 12 months.
• Right to delete. You may request deletion of personal information we have collected from you, subject to legal exceptions (for example, records we are legally required to retain).
• Right to correct. You may request that we correct inaccurate personal information we hold about you.
• Right to opt out of sale or sharing. We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We run no advertising trackers and no third-party analytics, so there is nothing to opt out of in this regard. We also honor the Global Privacy Control ("GPC") browser signal as described below.
• Right to non-discrimination. We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, contact us using the details at the bottom of this page. We will verify your identity before processing your request. We aim to respond within 45 days as required by law.

Your California privacy choices

Because this Website uses no advertising trackers, no third-party analytics, and no tracking cookies, there is no sale or sharing of your personal information to opt out of. Traffic measurement is cookieless and performed by our hosting provider at the network edge, and it does not identify you. If your browser sends a Global Privacy Control ("GPC") signal, we honor it; there is no cross-site tracking or advertising activity on this site for it to disable. If you have any question about your privacy choices, contact us using the details below and we will help.

Data retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy, to comply with legal and regulatory obligations, to resolve disputes, and to enforce our agreements. Dental and medical records are retained in accordance with California law, which generally requires retention for at least seven years after the last date of service, or longer for patients who were minors at the time of treatment.

Data security

We use reasonable administrative, physical, and technical safeguards to protect your personal information. These include encrypted data transmission (HTTPS), restricted access to clinical systems, role-based access controls, and HIPAA-compliant electronic health record software. While no system can guarantee absolute security, we take the protection of your information seriously and review our security practices regularly.

Children's privacy

We treat pediatric dental patients regularly. Personal information about patients under 13 is collected from a parent or legal guardian and is handled in accordance with HIPAA and the Children's Online Privacy Protection Act ("COPPA"). We do not knowingly collect personal information from children under 13 through our Website without parental consent.

Third-party links and embedded services

Our Website may contain links to, or optional features that connect to, external websites and services we do not control, including NexHealth (online scheduling), Google Maps (our location maps, which load only when you click to load them), patient financing providers (Cherry and CareCredit), and social media platforms. We are not responsible for the privacy practices of those websites and services. We encourage you to review their privacy policies before providing personal information.

Changes to this policy

We may update this Privacy Policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. If we make material changes to how we handle your personal information, we will post the updated policy on this page.

Contact us

For privacy-related questions, to exercise any of the rights described above, or to request a copy of our HIPAA Notice of Privacy Practices:

• Phone: (916) 538-6900
• Email: [email protected]
• Mail: Sacramento Dentistry Group, 1105 E Street, Sacramento, CA 95814