Privacy Policy

Last updated: June 2026

1. Introduction

Stelliq Tech ("we", "our", "the Service") operates a SaaS dental clinic management platform accessible at stelliq.tech. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the Israeli Protection of Privacy Law, 5741-1981 (PPPA) and its regulations, as well as applicable data protection principles.

By using Stelliq Tech, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Data Controller

The data controller for this Service is Stelliq Tech, operated by Amit Rodak. For privacy-related inquiries, contact us at: clinic@dent-a.online

3. What Data We Collect

We collect the following categories of data:

  • Clinic account data: Name, email address, password (hashed), clinic name, phone number.
  • Patient data: Name (Hebrew and/or English), phone number, date of birth, city, insurance type, medical notes and allergies, balance, appointment history.
  • Appointment data: Date, time, treatment type, duration, status.
  • Usage data: Log data, browser type, IP address, pages visited, time spent.

Patient data is entered by the clinic and is considered sensitive personal information under Israeli law.

4. Legal Basis for Processing

We process personal data on the following legal bases:

  • Contract performance: Processing necessary to provide the Service to registered clinics.
  • Legitimate interests: Improving the platform, ensuring security, and preventing fraud.
  • Consent: Where you have given explicit consent for specific processing activities.
  • Legal obligation: Where processing is required by applicable Israeli law.

5. How We Use Your Data

  • To provide and operate the clinic management platform
  • To generate AI-powered patient insights (processed via Anthropic's Claude API)
  • To send appointment reminders via WhatsApp (when enabled)
  • To generate reports and analytics for the clinic
  • To respond to support requests
  • To ensure platform security and prevent unauthorized access
  • To comply with legal obligations

6. AI Processing

Stelliq Tech uses Claude AI (by Anthropic) to generate patient insights. When you open a patient profile, anonymized patient data (appointment history, notes, medical flags) is sent to Anthropic's API for processing. Anthropic processes this data solely to generate the requested insights and does not use it to train AI models. Anthropic is bound by its own privacy policy and data processing agreements.

You can disable AI insights at any time by not using the insight feature.

7. Data Storage and Security

All data is stored in Supabase (PostgreSQL) hosted on AWS infrastructure in Europe. We implement the following security measures:

  • Row-Level Security (RLS) — each clinic can only access its own data
  • Encrypted connections (HTTPS/TLS) for all data in transit
  • Hashed passwords — we never store plain-text passwords
  • JWT-based authentication with short-lived session tokens
  • Rate limiting on sensitive API endpoints
  • Login attempt throttling with automatic lockout

8. Data Retention

We retain your data for as long as your clinic account is active. If you cancel your account:

  • Your clinic and patient data will be deleted within 30 days of account closure
  • Anonymized usage logs may be retained for up to 12 months
  • You may request immediate deletion by contacting us at clinic@dent-a.online

9. Sharing of Data

We do not sell your data. We share data only with:

  • Supabase: Database and authentication infrastructure
  • Anthropic: AI processing for patient insights (anonymized)
  • Vercel: Hosting and CDN
  • Law enforcement: Only when required by valid legal process under Israeli law

10. Your Rights Under Israeli Law

Under the Israeli Protection of Privacy Law, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to specific processing activities
  • Withdraw consent at any time

To exercise any of these rights, contact us at clinic@dent-a.online. We will respond within 30 days.

11. Cookies

We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies. No cookie consent banner is required as we use only strictly necessary cookies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered clinic accounts by email at least 14 days before any material changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

13. Contact

For any privacy-related questions or to exercise your rights:

Email: clinic@dent-a.online

Service: Stelliq Tech — stelliq.tech