Last Updated: February 7, 2024
Data Privacy Framework Statement
Among the U.S. entities of Ultradent Products Incorporated, Oratech, LLC also adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles), including as applicable under the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF Principles and is covered by Ultradent Products Incorporated's DPF submission.
Personal Data may be transferred internationally, including to, and from, the United States. This may include transfers to countries without data protection laws similar to those in place in your country of residence. By voluntarily sharing your Personal Data with Ultradent, you understand that your Personal Data may be stored and processed in, and outside of, the United States.
Data Privacy Framework for EEA and UK Personal Data Transferred to the US
Ultradent acknowledges the right of EEA and UK individuals to access their personal data pursuant to the Data Privacy Framework. Individuals may view and edit their Personal Data by logging into their account profile or by contacting Ultradent as described below.
Ultradent is responsible for the processing of Personal Data it receives and the subsequent transfers of such Personal Data to third parties acting as agents on its behalf. Ultradent complies with the Data Privacy Framework Principles for onward transfers of Personal Data from the EEA and UK, including the onward transfer liability provisions. Pursuant to the Data Privacy Framework, Ultradent Product’s Inc. remains liable for the transfer of personal data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages.
Under certain circumstances, Ultradent may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Renewal and Verification
Ultradent will renew its EU-US Privacy Program annually, unless Ultradent subsequently determines that it no longer needs such certification or decides to employ a different adequacy mechanism. Prior to re-certification, Ultradent will conduct an in-house verification to ensure that its attestations and assertions with regard to its treatment of Personal Data are accurate and that Ultradent has appropriately implemented these practices. As part of the verification process, Ultradent will:
- review the processes and procedures used by Ultradent for training Ultradent personnel about Ultradent’s participation in the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF and the appropriate collection, processing, and storage of Personal Data.
Ultradent will prepare an internal verification statement on an annual basis.
Data Privacy Framework Enforcement and Dispute Resolution
With respect to Personal Data received or transferred in accordance with the Data Privacy Framework, Ultradent is subject to the regulatory enforcement powers of the Federal Trade Commission (“FTC”).
In compliance with EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Program’s Principles, Ultradent is committed to resolving complaints relating to the privacy, collection, and use of Personal Data transferred to the United States pursuant to the DPF Principles. Individuals with questions or concerns about Ultradent’s use of their Personal Data and DPF inquiries can contact Ultradent using the contact information provided below.
Via Email: Privacyde@Ultradent.com
Via Post: Ultradent Products, Inc.
Attn: Legal Department
505 West Ultradent Drive
South Jordan, UT 84095
Ultradent has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ultradent commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.
If you are a citizen of an EEA or UK country or are located in the EEA or UK and did not receive a timely acknowledgement to your complaint regarding employment relationship data, or if your complaint regarding employment relationship data was not satisfactorily addressed, then you may contact the below third-party dispute resolution provider for further assistance:
Landesbeauftragte für Datenschutz und
Postfach 20 04 44
Under certain circumstances, you may invoke binding arbitration to resolve a Data Privacy Framework related dispute. In order to invoke arbitration, you must take the following steps prior to initiating an arbitration claim: (1) raise your complaint directly with Ultradent and provide Ultradent the opportunity to resolve the issue; (2) make use of the independent dispute resolution mechanism, in this case the Council of Better Business Bureaus; and (3) raise the issue through your relevant data protection authority and allow the U.S. Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see the U.S. Department of Commerce’s Data Privacy Framework: https://www.dataprivacyframework.gov/s/.
The information collected by Ultradent is limited to the specific data required for Ultradent to pursue its legitimate interests (including to establish and maintain relationships with its customers, provide products and services, and to administer its business) and to ensure compliance with regulatory bodies and local, state, national, and international laws.
Examples of the information collected by Ultradent include, but are not limited to, an individual’s name, business name, email address, street address, telephone number, and credit card information (only when a purchase is made).
Ultradent may contact you periodically by e-mail or social media to provide you with information regarding events, products, services and content that may be of interest to you. If applicable law requires that Ultradent receive your explicit consent before sending you certain types of marketing communications, Ultradent will only send you those types of communications after obtaining your explicit consent.
A user may, at any time, withdraw their consent by completing and submitting to Ultradent the appropriate consent withdrawal request using the Privacy Management Links Data Portal for Self Service Requests and Maintenance at https://www.opalescence.eu/privacy-management.
In general, the Personal Data that Ultradent collects allows it to provide services to its customers and employees, comply with legal obligations, resolve disputes, and enforce agreements. Ultradent’s collection of Personal Data also allows Ultradent to keep its customers, employees, and associated third parties up to date on various topics relating to Ultradent, such as the latest product announcements, upcoming Ultradent events, and to send important notices, such as communications about purchases and changes to Ultradent’s terms, conditions, and policies. Ultradent also uses Personal Data to maintain and support its products, deliver requested services and products to customers, help create, develop, operate, deliver, and improve Ultradent’s websites, products, services, content, and customer communications, and to improve marketing, advertising, and sales efforts. Ultradent may also use predetermined Personal Data on file to assist with the identification of users, and for internal purposes such as auditing, data analysis, and research.
Data Transfers and Sharing
Ultradent is an international organization with contracts and business relationships all over the world. Consequently, it may be necessary for Personal Data to be transferred internationally. In such cases, and where required, Ultradent will obtain an adequacy decision as outlined in the General Data Protection Regulation. In the absence of an adequacy decision, Ultradent will comply with generally accepted industry standards for safeguarding the transfer of Personal Data.
- as required or permitted by law, such as to comply with a subpoena or similar legal process;
- when Ultradent believes in good faith that disclosure is necessary to protect its rights, protect the safety of the individual, protect the safety of others, investigate fraud, or respond to a government request;
- to a third party with your prior consent to do so; and
- in the event Ultradent goes through a business transition such as a merger, acquisition by another company, or the sale of all or a portion of its assets.
Additional information regarding the safeguards employed by Ultradent may be obtained by contacting Ultradent as described below.
Data Rights and Recourse for EEA and UK Individuals
Ultradent makes a good faith effort to provide individuals with access to their Personal Data that is collected, processed, and stored by Ultradent. Individuals in the EEA or UK have certain data subject rights which may be subject to limitations and/or restrictions. These rights include the right to request access to and rectification or erasure of their Personal Data, obtain restriction of processing or to object to processing of their Personal Data, ask for a copy of their Personal Data to be provided to them, or to a third party. If you wish to exercise any of these rights, please send Ultradent your request to the contact details provided below.
Individuals in the EEA or UK also have the right to lodge a complaint about the processing of their Personal Data with the appropriate Data Protection Authority (“DPA”). EEA and UK individuals wishing to find out more about the area DPA’s may do so by going to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm. Ultradent will handle all requests as required by applicable law and in accordance with Ultradent’s internal security and privacy policies.
We collect the following categories of Personal Data directly from you and indirectly from you (e.g., by observing your actions on our website): (i) Identifiers, which includes the following specific pieces of Personal Data: name, email address, street address, and telephone number; (ii) Bank Card Information, which includes the following specific pieces of Personal Data: name, card number and other financial information; (iii) Commercial Information, which includes the following specific pieces of Personal Data: products or services purchased or considered, or other purchasing or consuming history or tendency; and (iv) Internet or other electronic network activity information, which includes the following specific pieces of Personal Data: browsing history, search history, and information regarding your interaction with Ultradent’s website.
In the preceding twelve months, we have:
- collected the following categories of Personal Data: (i) Identifiers; (ii) Bank Card Information; (iii) Commercial Information; (iv) Geo Location Data; (v) Biometric or Audio Information; (vi) Professional or Employment related Information; (vii) Education Information; (viii) Internet or other electronic network activity information and (ix) Internet or other electronic network activity information.
- “sold” (as defined by the CCPA) the following categories of Personal Data: Identifiers, Commercial Information, Internet or other electronic network activity information, Geo Location Data, Biometric or Audio Information, Professional or Employment-related Information, Education Information, and Inferences from the above categories used to create a profile.
- disclosed for a business purpose the following categories of Personal Data: Identifiers, Commercial Information, Internet and other electronic network activity information, Geo Location Data, Biometric or Audio Information, Professional or Employment-related Information, and Education Information.
- collected Personal Data from the following categories of sources: directly from you and indirectly from you.
- shared Personal Data with the following categories of third parties: service providers that help facilitate our business, advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and consumer data resellers.
California Civil Code Section 1798.83 permits users of this website who are California residents to request certain information regarding Ultradent’s disclosure of Personal Data to third parties for direct marketing purposes. To make such a request, please contact Ultradent as described below.
For All Individuals Whose Personal Data We Handle
When a request is made to Ultradent with regard to Personal Data, and before Ultradent processes the request, the individual making the request is required to identify themselves and to identify the information requested to be accessed, corrected, or removed. In making modifications to their Personal Data, individuals are required to provide truthful, complete, and accurate information. When receiving a request in accordance with this provision, Ultradent will take into consideration, among other things, the burden or expense of providing the requested access, the potential risks to the individual’s privacy, and whether the rights of persons other than the individual making the request would be violated. Ultradent will respond to requests within a reasonable timeframe.
Individuals may view and edit their Personal Data by logging into their account profile or by contacting Ultradent. To request erasure of Personal Data, individuals must submit a written request using the contact information below.
Ultradent has implemented processes and physical and technical safeguards to protect against unauthorized access to Personal Data collected and stored by Ultradent, and to prevent unauthorized use, alteration, corruption, or disclosure of that Personal Data. Personal Data stored by Ultradent is maintained behind firewalls. Ultradent’s servers are located within facilities that are subject to physical security measures including user authentication passwords and other similar means, each designed to prevent unauthorized access. With respect to certain categories of Personal Data, Ultradent also uses secure encryption technology to further safeguard the Personal Data received.
While Ultradent believes that its policies and practices regarding information security and integrity are reasonable, Ultradent cannot guarantee that the security and/or integrity of Personal Data will not be breached or that such Personal Data will not be subject to unauthorized access, alteration, corruption, or disclosure. Ultradent reviews its information security policies and practices periodically and may update them as it determines reasonably necessary to achieve information security and integrity consistent with industry standards.
Responsibilities and Management
If you are located in the EEA or UK, please contact Ultradent’s Data Protection Officer at Privacyde@Ultradent.com.
If you are located outside the EEA or UK, please contact Ultradent at Privacy@Ultradent.com.
Ultradent Products, Inc.
Attn: Legal Department
505 West Ultradent Drive
South Jordan, UT 84095
Toll Free # 1.888.230.1420