Privacy Policy

For the purposes of this Privacy Policy: "Personal Information" refers to any information that identifies, relates to, describes, or could reasonably be linked with an identifiable natural person, such as names, addresses, email addresses, IP addresses, or payment information. "Processing" means any operation performed on personal information, whether or not by automated means, including collection, storage, use, disclosure, transfer, or deletion. This Privacy Policy applies to individuals who visit our website, place orders, contact customer support, subscribe to newsletters, interact with ads or analytics tools, and otherwise engage with our Services.

We collect personal information in several ways, including directly from users, automatically through technical means, and from third-party sources where permitted by law.

We process personal information for explicit, legitimate, and necessary purposes, including:

For users in the European Union and EEA, GDPR requires that we identify lawful bases for each processing activity: Performance of a Contract: To fulfill orders and provide Services you request Legal Obligation: To comply with legal requirements such as tax, accounting, or consumer protection laws Consent: Where you agree to certain types of processing, such as marketing communications Legitimate Interests: To run our business responsibly, improve Services, secure systems, and prevent fraud, provided such interests do not override your fundamental rights and freedoms We only process data where a valid legal basis exists.

If you are located in the EU/EEA, you have the following robust rights under GDPR: Right of Access: You may request confirmation of whether we hold your personal data and obtain a copy Right to Rectification: You may request correction of inaccurate or incomplete data Right to Erasure: You may request deletion of data where processing is no longer necessary or lawful Right to Restrict Processing: You may limit how we use your data in specified circumstances Right to Data Portability: You can receive your data in a structured, machine-readable format Right to Object: You may object to processing based on our legitimate interests or direct marketing Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing To exercise any of these rights, please contact us at the address below. Requests will be handled in accordance with GDPR timelines and verification procedures.

If you are a California resident, the California Consumer Privacy Act grants additional protections, including: Right to Know: You may request information about categories of personal data collected, sources, purposes, and third-party disclosures Right to Access: You may request a copy of specific pieces of personal data collected about you Right to Deletion: You may request deletion of your personal data, subject to specific exceptions Right to Opt-Out: You may opt out of personal data "sale" or sharing for cross-context behavioral advertising. (We do not sell personal data) Non-Discrimination: You are protected from discriminatory treatment for exercising your CCPA rights Verification of identity is required for CCPA requests.

We use cookies, pixel tags, web beacons, and similar technologies to: • Enable essential site functionality • Improve performance and analytics • Understand user behavior across sessions • Tailor marketing and relevant content You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our Services.

We do not sell your personal information. We may share personal information with: Service Providers: Trusted third parties who assist in operating our website, business, or services (e.g., payment processors, shipping partners, analytics providers), bound by confidentiality obligations. Legal Requirements: Government authorities or law enforcement when required by applicable law or to protect our legal rights. Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. All third parties with whom we share data are required to maintain the confidentiality and security of your information.

Cerahi Dentistry implements appropriate technical and organizational security measures to protect your personal information against unauthorized access, loss, destruction, or alteration, including: • SSL/TLS encryption for data in transit • Restricted access controls for data in storage • Regular security reviews and audits We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements. When no longer required, data will be securely deleted or anonymized.

Cerahi Dentistry reserves the right to amend this Privacy Policy at any time. The updated version will be published on our website with a revised "Last Updated" date. Continued use of our Services after any such change constitutes acceptance of the updated Privacy Policy. If material changes are made, we may notify you directly via email or prominent notice on our website.