1. Introduction
Dolos Technologies, Inc. ("Dolos," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our fraud detection platform, or engage with our services (collectively, the "Services").
Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.
2. Information We Collect
2.1 Personal Information
We may collect personal information that you voluntarily provide, including:
- Name, email address, phone number, and business contact information
- Account credentials (username and password)
- Billing and payment information
- Professional credentials and practice information
- Communications you send to us
2.2 Practice Management Data
To provide our fraud detection services, we may access and process data from your practice management system (PMS), including:
- Financial transaction records and payment data
- Employee access logs and activity records
- Scheduling and appointment information
- Inventory and supply chain data
- Other operational data necessary for fraud detection
Important: We do not access, collect, or store Protected Health Information (PHI) as defined under HIPAA. Our systems are designed to analyze financial and operational patterns without requiring access to patient medical records.
2.3 Automatically Collected Information
When you access our Services, we automatically collect:
- Device information (browser type, operating system, device identifiers)
- IP address and geographic location
- Usage data (pages visited, features used, time spent)
- Cookies and similar tracking technologies
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our fraud detection Services
- Detect anomalies, suspicious patterns, and potential fraudulent activity
- Generate alerts, reports, and analytics for your practice
- Process transactions and manage your account
- Communicate with you about your account, updates, and support
- Send marketing communications (with your consent)
- Comply with legal obligations and enforce our agreements
- Protect against fraud, unauthorized access, and security threats
- Develop new features and improve our algorithms
4. How We Share Your Information
We may share your information in the following circumstances:
4.1 Service Providers
We share information with third-party vendors who perform services on our behalf, such as cloud hosting, payment processing, analytics, and customer support. These providers are contractually obligated to protect your information and use it only for the purposes we specify.
4.2 Legal Requirements
We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.
4.4 With Your Consent
We may share your information for other purposes with your explicit consent.
We do not sell your personal information to third parties.
5. Data Security
We implement industry-standard security measures to protect your information, including:
- Encryption of data in transit (TLS/SSL) and at rest (AES-256)
- Multi-factor authentication and role-based access controls
- Regular security audits and penetration testing
- Continuous monitoring for unauthorized access
- Employee training on data protection practices
- Secure data centers with physical access controls
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
6. Data Retention
We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy. Specific retention periods include:
- Account information: Duration of your account plus 7 years for legal compliance
- Transaction data: As required by applicable financial regulations
- Usage logs: 24 months from collection
- Marketing preferences: Until you opt out or request deletion
Upon termination of your account, we will delete or anonymize your data within 90 days, unless retention is required by law.
7. Your Rights and Choices
Depending on your location, you may have the following rights:
7.1 Access and Portability
You may request a copy of the personal information we hold about you in a portable format.
7.2 Correction
You may request that we correct inaccurate or incomplete personal information.
7.3 Deletion
You may request that we delete your personal information, subject to legal retention requirements.
7.4 Opt-Out
You may opt out of marketing communications at any time by clicking "unsubscribe" in our emails or contacting us directly.
7.5 Do Not Track
Our Services do not currently respond to "Do Not Track" browser signals.
To exercise any of these rights, please contact us at privacy@dolos.tech.
8. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect, use, and disclose
- Right to delete personal information (with exceptions)
- Right to opt out of the sale of personal information (we do not sell your data)
- Right to non-discrimination for exercising your privacy rights
To submit a request, contact us at privacy@dolos.tech or call us at your designated contact number.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards, such as Standard Contractual Clauses, to protect your information.
10. Children's Privacy
Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will take steps to delete it promptly.
11. Third-Party Links
Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on our website and updating the "Last Updated" date. Your continued use of our Services after such changes constitutes your acceptance of the updated Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: