Privacy Policy

Kluse is operated by [legal entity / Milton Penelas], based in Hamburg, Germany. Final legal entity, registered address, and privacy contact must be confirmed before launch.

This policy applies to the Kluse website, SaaS platform, account users, dental practice data, pilot workflows, support communications, and patient reactivation features.

We may process website and analytics data, account and admin user data, practice profile and billing data, patient contact data provided by the practice, campaign configuration data, AI voice call metadata, email outreach metadata, support communications, and payment data processed by payment providers.

Kluse must not process PHI/ePHI until the customer has completed required onboarding steps, including acceptance of applicable agreements and, where required, execution of a Business Associate Agreement.

We use data to provide and operate the service, authenticate users, prepare approved reactivation workflows, send approved communications, provide support, process payments, maintain security and audit logs, and comply with legal obligations.

For EU/EEA data, processing may rely on contract performance, legitimate interests, legal obligations, and customer instructions where Kluse acts as a processor.

Dental practices are responsible for ensuring they have the required rights, permissions, authorizations, and notices to upload patient data and contact patients.

Kluse uses trusted service providers to operate hosting, authentication, payments, communications, AI voice, analytics, and support. See /subprocessors for the current list and review status.

Data may be processed in the United States and other countries by infrastructure and service providers. Appropriate contractual and technical safeguards must be used where required.

Account, billing, practice, patient, campaign, call, and email records are retained only as needed to provide the service, comply with law, resolve disputes, and enforce agreements. Exact retention periods remain a legal TODO.

Kluse uses encryption in transit, access control, audit logging, role-based access, environment separation, backups, vendor review, and incident response processes at a high level. Kluse does not claim external certification unless actually obtained.

Where applicable, you may request access, correction, deletion, objection, restriction, portability, or lodge a complaint with a supervisory authority. Healthcare privacy requests involving patient data should usually go through the dental practice as the covered entity/controller unless Kluse is legally required to respond directly.

Kluse is not intended for direct use by children. Privacy contact email: [legal/contact email].