Privacy Notice

We treat Protected Health Information as the most sensitive data we handle. This notice summarizes how we collect, use, store, and protect information.

Data we hold

Account info, billing data via Stripe, clinic configuration, call recordings and transcripts, and patient records that the AI receives on calls. Patient records are scoped to a single clinic.

How we protect it

TLS 1.2+ in transit, AES-256 at rest, row-level access controls, audit logging, least-privilege service accounts, BAAs with all subprocessors that touch PHI.

Your rights

Patients of clinics that use Benvai should direct privacy requests to their dental practice as the Covered Entity. Practice owners may request data export or deletion at any time.