Legal

Privacy Policy

How BioLign collects, uses, and protects your information across our products and services.

Last updated: June 1, 2026

This Privacy Policy describes how BioLign ("we", "us", or "our") collects, uses, stores, and shares your personal information when you use our products and services, including:

  • BioLign Track — mobile companion app for orthodontic aligner treatment tracking (iOS and Android)
  • BioLign Cloud — web-based practice management system and lab coordination platform
  • BioLign3D — AI-powered 3D treatment planning software
  • biolign.ca — our website

By using any BioLign product, you agree to the collection and use of information as described in this policy.

1. Information We Collect

Account Information

  • Full name and email address
  • Phone number (doctors and practice staff; optional for patients)
  • Date of birth, used solely to verify minimum age and obtain parental consent where required by law
  • Consent record (timestamp of when you accepted the Terms of Service and Privacy Policy)
  • Authentication credentials, managed by Auth0 (an Okta company). BioLign does not see or store your password.

Patient Treatment Data BioLign Track BioLign Cloud

  • Current tray number, total trays per arch (upper / lower), days per tray, and daily wear target
  • Treatment start date, estimated end date, and treatment status (active, pending, complete)
  • Bout history (multiple treatment phases over time)
  • Daily wear time logs (minutes per day, with timestamps)
  • Wear sessions (start and stop times when actively tracking)
  • Tray change history (dates, which arch changed, fit status, clinical notes)
  • Computed treatment compliance metrics (total compliance, 7-day rolling average, streaks)

Clinical and Health Data BioLign Cloud

  • Medical alerts and clinical notes recorded by your provider
  • Treatment photos uploaded by you or your provider (categorized as intraoral, extraoral, X-ray, smile, with aligners, or other)
  • 3D dental models (STL meshes) used for treatment planning
  • Treatment plans, case records, and fabrication orders
  • Insurance and billing information, when applicable (BioLign Cloud only; not collected by BioLign Track)

Communication Data

  • Doctor-patient messages (text content, attached photos, timestamps)
  • Consultation requests sent from the Discover directory (patient-initiated only)
  • Appointment booking and scheduling data (dates, times, notes)

Community / Discover Content BioLign Track

If you choose to use the in-app Discover feed:

  • Posts, comments, and likes you create (visible to other signed-in users)
  • Optional treatment-context tags attached to posts (e.g., "Tray 5 of 12 - Day 14")
  • If you post anonymously, your name is hidden from other users but BioLign retains the link between the post and your account for moderation and abuse-prevention purposes
  • Photos you attach to posts, including before/after case studies (case studies require explicit patient consent before upload, with an audit record of who affirmed consent and when)
  • Reports you file against other users' content, including the reason category and any free-text explanation

Doctor Public Profile Data BioLign Track

If you are a doctor who opts into the public directory:

  • Display name, specialty/specialties, bio, and credentials shown in your public profile
  • Profile and cover photos (uploaded by you)
  • Gallery and case study images you choose to publish
  • Practice location: city, province/state, country, country code, and approximate latitude/longitude. Coordinates are used to power patient "Near Me" searches and are visible only at city granularity; the exact lat/lng is never shown to other users.

Location Data BioLign Track

  • Patients searching for doctors near them may grant the app permission to access device GPS. When granted, your latitude and longitude are sent to BioLign servers only at the moment you perform a "Near Me" search; they are used to compute distance to listed doctors and are not stored long-term against your account.
  • Alternatively, you may search by city; in that case, only the city you select is processed.
  • Location access is opt-in. If you deny the permission, the app falls back to manual city search.

Authentication Method Data

  • If you choose to enroll a passkey (Face ID, Touch ID, or device passcode) for sign-in, the cryptographic public key is stored on Auth0's servers. The corresponding private key, and the biometric template itself, never leave your device; iOS's Secure Enclave and equivalent on Android are responsible for that data.
  • The BioLign app uses biometric authentication only for unlocking the app after inactivity, satisfying HIPAA's automatic-logoff safeguard. The biometric check is performed locally by your operating system; BioLign receives only a yes/no result.

Practice Information BioLign Cloud

  • Practice name, phone number, and address
  • Office hours and scheduling preferences
  • Staff profiles, roles, and permissions
  • Fabrication orders and lab coordination data

Device and Technical Data

  • Device push notification token (used by BioLign servers to deliver notifications via Apple Push Notification Service on iOS or the equivalent Android service)
  • Notification preferences (per-category enable / disable settings)
  • Calendar access (only when you tap "Add to calendar" for a tray change; BioLign does not read your existing calendar entries)
  • Camera and photo library access (only when you take or pick a treatment photo)
  • App version, OS version, and device model, used for support and crash reporting
  • Application error logs and performance telemetry (no PHI is included in these logs)

2. How We Use Your Information

We use the information we collect to:

  • Provide treatment tracking and compliance monitoring for aligner patients
  • Enable communication between patients and their orthodontic providers
  • Facilitate appointment scheduling and reminders
  • Send wear time reminders, tray change notifications, and other in-app or push notifications you have enabled
  • Visualize treatment progress for patients and their providers
  • Power the in-app Discover feed and the doctor directory, including "Near Me" search when you have granted location permission
  • Allow patient-initiated consultation requests to doctors who have published a public profile (doctors cannot initiate outreach to patients)
  • Review user reports of community content and take moderation action on posts and comments that violate our policies
  • Manage practice operations, patient records, and lab coordination
  • Generate 3D treatment plans and clinical workflows
  • Process payments and manage billing (BioLign Cloud only)
  • Verify age requirements and obtain parental consent where the law requires it
  • Authenticate sign-in attempts and maintain session security, including in-app biometric lock
  • Improve our products through error tracking and performance monitoring
  • Detect and prevent fraud, abuse, and security incidents
  • Provide customer support
  • Comply with legal obligations and respond to lawful requests from regulators

BioLign does not use your personal information for advertising, behavioral targeting, or to train artificial intelligence models that are sold or shared outside the BioLign platform.

3. How We Share Your Information

With Your Orthodontic Provider

If you are a patient, your treatment data, wear compliance, tray history, and messages are shared with your linked orthodontic provider (doctor or practice). This sharing is essential for your provider to monitor your treatment progress and communicate with you. Your provider can only see data for patients who are linked to them.

Within a Practice (BioLign Cloud)

Staff members at your linked practice can access your patient record based on their assigned role and permissions. Corporate administrators can view data across all practices within their organization. Practice-level data isolation ensures that staff at one practice cannot access patient records at another practice unless they have been explicitly granted access.

Publicly in the Discover Feed and Doctor Directory BioLign Track

If you post in the Discover feed, your post, comments, and likes are visible to all signed-in BioLign Track users. Anonymous posting hides your display name from other users but does not hide your content. If you publish a doctor public profile, the information in it (including city-level location, specialties, bio, and gallery) is visible to all users browsing the directory.

You can delete your own posts and comments at any time. Deleted content is soft-deleted (hidden from other users) and may be retained for a limited period for moderation, dispute resolution, or legal purposes.

We Do Not

  • Sell your personal information to third parties
  • Use your data for advertising or marketing profiling
  • Share your data with third parties for their own marketing purposes
  • Transmit biometric data (Face ID, Touch ID, fingerprint templates) anywhere off your device

Third-Party Service Providers

We use the following third-party services to operate our platform. These providers process data on our behalf under written contracts that require them to protect your information:

  • Auth0 (an Okta company) — authentication, identity management, and passkey credential storage
  • Microsoft Azure — cloud hosting, database storage, and application infrastructure (Canada region)
  • Azure Blob Storage — secure storage of treatment photos, 3D models, gallery images, and documents, served via time-limited signed URLs
  • Azure SQL Database — encrypted relational storage of account, treatment, and clinical data
  • Stripe — payment processing (BioLign Cloud only). BioLign does not store credit card numbers; Stripe handles all card data under PCI DSS.
  • Azure Communication Services — transactional email delivery (account verification, treatment plan notifications, etc.)
  • Microsoft Application Insights — application performance monitoring and error tracking
  • Expo Push Service — mobile push notification relay to Apple Push Notification Service (iOS) and Google services (Android)
  • GeoNames — worldwide city dataset used by our backend to power city search (no personal data is sent to GeoNames)
  • Calendly — appointment scheduling integration used by linked practices that have opted in (BioLign Track only when explicitly enabled by the practice)

BioLign does not currently use Google Firebase, Google Analytics, Facebook SDKs, or any advertising network in our mobile apps.

Legal Disclosure

We may disclose personal information when required to do so by law, court order, or government request, or when we believe in good faith that disclosure is necessary to protect our rights, the safety of our users, or to investigate fraud or security incidents. Where permitted by law, we will notify you before complying with such a request.

4. Data Storage and Security

We take the security of your data seriously and implement multiple layers of protection:

  • Encryption in transit: All data between the app and our servers is sent over TLS 1.2+ (HTTPS).
  • Encryption at rest: Databases and blob storage are encrypted at rest by Microsoft Azure.
  • Data residency: Our production databases and blob storage are hosted in the Microsoft Azure Canada region.
  • Secure token storage: Authentication tokens are stored in iOS Keychain (via Expo SecureStore) on iOS and the Android Keystore on Android; web sessions are held in memory only.
  • Biometric data: Face ID, Touch ID, and fingerprint data never leave your device. They are processed by your operating system's secure enclave; BioLign and Auth0 receive only a pass/fail result of the local biometric check.
  • Passkey credentials: When you enroll a passkey, only the public key is stored on Auth0's servers; the private key remains in your device's secure storage (and may be synced via iCloud Keychain or your platform's equivalent under your control).
  • Role-based access controls: Patients see only their own data; doctors and staff see only the patients assigned to them or their practice.
  • Multi-tenant isolation: Each practice organization has isolated data that cannot be accessed by other organizations.
  • In-app session lock: When biometric or device passcode is enrolled on your device, the app automatically locks after 15 minutes of inactivity in the foreground or 5 minutes in the background, requiring Face ID, Touch ID, or your device passcode to resume. This satisfies HIPAA's automatic-logoff safeguard while preserving session continuity. On devices without any biometric or passcode set, the app falls back to a full sign-out on the same timeline.
  • Absolute session cap: Even with an active session, you are required to fully re-authenticate at least every 30 days.
  • Secure file storage: Treatment photos, 3D models, and gallery images are stored in Azure Blob Storage and served only via time-limited signed URLs.
  • Audit logging: Authentication events, treatment changes, and administrative actions are logged for security and compliance review.

5. Your Rights and Choices

Account Deletion

You can delete your account at any time:

  • BioLign Track: Go to Profile and select "Delete Account." This permanently removes your personal data, treatment records, wear logs, messages, appointments, posts (soft-deleted from public view), and your account in Auth0. Your email becomes available for re-registration.
  • BioLign Cloud: Contact your practice administrator or email us at [email protected] to request account deletion.

Some data may be retained in backups or audit logs for a limited period after deletion, where required for security, fraud prevention, or legal compliance, before being purged.

Leave Your Provider

In BioLign Track, you can leave your linked doctor or practice at any time from your Profile settings. This ends the data-sharing relationship with that provider; your tracking history with them is retained on the doctor's side per their practice records, and your future logs stop being shared with them.

Export Your Data

Every BioLign Track user (patient, standalone doctor, or clinic staff) can request a complete export of their personal data directly from the in-app Profile screen. The export is delivered as a JSON file you can save, share, or transmit to another controller in compliance with GDPR Article 20.

  • For patients, the export includes account information, every treatment record, all wear logs, tray changes, wear sessions, bout history, photos (as URLs), 3D meshes (as URLs), clinical notes recorded about you, medical alerts, appointments, all messages (PMS and standalone), consultation requests you sent, and your Discover activity (including posts, comments, likes, and reports).
  • For doctors and clinic staff, the export includes account information, professional profile, practice metadata, the list of your patient relationships (without patient PHI, which belongs to the patient's own export), invitations you sent, messages you authored, your public doctor profile (if any), consultation requests you received, and your Discover activity.
  • Device push notification tokens are intentionally excluded to prevent credential leakage if the file is mishandled. You can manage registered devices from the in-app notification settings.

Manage Your Community Content

  • You can edit or delete your own posts and comments in the Discover feed at any time, including those posted anonymously.
  • You can report another user's post or comment for review by tapping the report option on the item.
  • Doctors can disable their public profile at any time from the in-app profile setup screen.

Notification Controls

You can control which notifications you receive (wear reminders, tray change alerts, appointment reminders, message alerts, consultation updates, fabrication alerts) through the app's notification settings. You can also revoke notification permission entirely through your device settings.

Location and Calendar Permissions

The app requests device location only when you tap "Near Me" in the doctor directory, and device calendar only when you tap "Add to calendar" for a tray change. You can deny or revoke these permissions in your device settings at any time without affecting your ability to use the rest of the app.

Access and Correction

You can view and update your personal information through your profile in any BioLign product. If you need to correct data you cannot update yourself, contact us at [email protected].

Withdraw Consent

You can withdraw consent for the sharing of treatment data with your provider at any time by leaving the practice or deleting your account. Note that withdrawing consent does not affect the lawfulness of processing that occurred before your withdrawal, and some processing may continue where the law requires it (for example, audit logs).

6. Data Retention

  • Your data is retained for as long as your account is active
  • Upon account deletion, your personal data and treatment records are permanently removed from our systems
  • If you leave a doctor or practice, your relationship is marked as inactive, but your account data is retained until you delete your account
  • We may retain anonymized, aggregated data that cannot identify you for product improvement purposes

7. Children's Privacy

BioLign Track collects the user's date of birth during account creation and uses it to enforce minimum age requirements:

  • Users under 13 cannot create an account. This satisfies the U.S. Children's Online Privacy Protection Act (COPPA) and similar laws.
  • Users aged 13 to 15 (16 in jurisdictions covered by GDPR Article 8, where applicable) must confirm that a parent or legal guardian has reviewed the Terms of Service and Privacy Policy and consented to their use of the app.
  • Aligner treatment is a clinical decision; minors should always use BioLign Track in coordination with their orthodontic provider and a parent or guardian.

BioLign Cloud is intended for orthodontic professionals and is not intended for use by children.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, contact us at [email protected] and we will delete the account and associated data promptly.

8. Healthcare Privacy

Because BioLign products handle health-related information, additional protections apply depending on where you live and where your provider practices:

  • Canada: BioLign is based in Alberta, Canada. We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), Alberta's Personal Information Protection Act (PIPA), and applicable provincial health-information statutes such as Ontario's Personal Health Information Protection Act (PHIPA) when serving patients of providers in those provinces.
  • United States: When BioLign processes Protected Health Information (PHI) on behalf of an orthodontic provider that is a HIPAA-covered entity, we act as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA) and the HITECH Act, subject to a Business Associate Agreement with the provider. We have implemented the technical, physical, and administrative safeguards required by the HIPAA Security Rule, including encryption in transit and at rest, role-based access controls, audit logging, and automatic session lock-out.
  • European Economic Area / United Kingdom: Where the General Data Protection Regulation (GDPR) or the UK GDPR applies, BioLign acts as a data processor on behalf of your provider (controller) and as a controller for account, billing, and product-improvement purposes. Health data is treated as special-category personal data under GDPR Article 9 and is processed only with explicit consent or where another lawful basis applies.

Under these laws, you have the right to:

  • Know what personal information we hold about you
  • Access and obtain a copy of your personal information
  • Request correction of inaccurate information
  • Request deletion of your personal information (subject to legal or clinical retention requirements)
  • Withdraw consent for the collection, use, or disclosure of your information (subject to legal or contractual limitations)
  • Restrict or object to certain processing, and request data portability where applicable
  • File a complaint with your applicable regulator, including the Office of the Privacy Commissioner of Canada, the Office of the Information and Privacy Commissioner of Alberta, your provincial health-information regulator, the U.S. Department of Health and Human Services Office for Civil Rights, or your supervisory authority in the EU/UK

9. Cross-Border Data Transfers

BioLign's production infrastructure is hosted in the Microsoft Azure Canada region. Some third-party service providers (for example, Auth0, Stripe, and Expo) may process data in the United States or other countries. When personal information is transferred outside Canada, we ensure appropriate safeguards are in place, including contractual commitments to standards comparable to PIPEDA, and where applicable, GDPR Standard Contractual Clauses.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you through the app or by email. Your continued use of BioLign products after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, your data, or your privacy rights, contact us at: