Contacts
+90 540 082 52 52
Sign In/Up
Close
Select Language:
Tel: +90 540 082 52 52
Sign In/Up
Sign In/Up

Privacy Policy

JUST ALIGNER PRIVACY NOTICE

Last updated: 17.1.2025

This Privacy Notice (“Notice”) describes how Mac Dental Dis Protez Laboratuvarlari A.S., its global affiliates, brands, and subsidiaries (collectively, “Just Aligner”, “we”, “our” or “us”) collect, use, disclose, and otherwise process personal data and the rights and choices individuals have regarding such personal data.

Table of Contents

  1. Scope. 1
  2. Important Information and Who We Are. 2
  3. Personal Data Collected. 2
  4. Our Purposes and Legitimate Basis for Collecting and Processing. 5
  5. Disclosures of Personal Data. 8
  6. International Data Transfers. 8
  7. Aggregate and De-Identified Information. 9
  8. Direct Marketing. 9
  9. Cookies and Tracking Technologies. 9
  10. Manage Your Privacy Preferences. 9
  11. Data Security. 10
  12. Data Retention. 10
  13. Third-Party Links. 10
  14. Your Legal Rights. 10
  15. Complaints. 12
  16. Changes to the Privacy Notice. 12
  17. Contact Us. 12
  18. Scope

This Notice applies to the personal data Just Aligner collects and processes related to your use of our website available at https://justaligner.com and mobile application (collectively, the “Platform”), other online and offline services, and other products or services we make available to you (collectively, “Services”).

It is important that you understand who we are, how we use your personal data and that we take our obligations in this regard very seriously. You should read this page in full, but below are the key highlights:

  • Just Aligner provides an advanced digital platform designed to assist healthcare professionals, such as doctors and clinics, to streamline their orthodontic treatment processes. Through our Platform, professionals can securely upload patient scan data, which we analyse to design and manufacture customised aligners. These aligners are then delivered to the healthcare providers for seamless integration into their patients’ treatment plans.

In some cases, additional or separate privacy notices may be provided for certain Services, programmes or events that we offer. In those circumstances, the notice(s) provided should be interpreted as a supplement to the information contained in this Notice. If you have any questions about us processing your personal data, contact us via our Digital Form.

  1. Important Information and Who We Are

Just Aligner is the controller and is responsible for your personal data. We process personal data in compliance with applicable data protection laws, including, where relevant, the General Data Protection Regulation (EU GDPR) and the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) as defined in the Data Protection Act 2018 (UK GDPR).

  1. Personal Data Collected

The personal data we collect about you varies based on your interactions with our Platform and Services. This information is obtained directly from you, from authorised third-party sources, and automatically through your use of the Platform and Services, as detailed further below.

  • Information you provide to us

You may provide us with your personal data through various means, such as by filling in online forms or communicating with us via post, phone, email, or other methods. This includes personal data you provide when you; create an account on the Platform, access and use our Services, place an order through the Platform, make inquiries regarding your orders, request marketing communications and give us feedback and contact us.

  • Contact Information: When you contact us via email, phone, or other channels, we collect certain personal data from you. This may include your name, mailing address, phone number, email address, postal address, practice name, and we collect certain personal data from you. When you place orders for our products related to orthodontic treatment through the Platform, you may provide contact information (shipping address) necessary for processing and delivery.
  • Account Information: When you manage your account on the Platform, we collect certain personal and professional details necessary for account creation, maintenance, verification, and security. This may include (i) login credentials, such as usernames and passwords, (ii) authentication details, including identity verification documents or proof of professional qualifications, to validate your credentials and ensure compliance with applicable regulations (iii) any preferences and settings you establish within your account.
  • Customer Transaction Information: We may collect details related to transactions conducted through the Platform, such as order details, payment information, billing addresses, and transaction history. This information is used to process payments, manage orders, and ensure accurate delivery of products or services.
  • Professional information: If you are a healthcare provider, we may collect professional details such as your practice name, address, professional registration number, diploma code, and contact information. This data is used to establish and maintain your account, verify your credentials, and facilitate the delivery of our Services. If you are registering on behalf of a clinic, we may also collect clinic-specific details, including the clinic’s name, address, and relevant credentials. Additionally, we may collect authentication details, such as identity verification documents or proof of professional qualifications, to validate your credentials and ensure compliance with regulatory requirements.
  • Comminication and interactions: We may process information related to your communications with us, including emails, phone calls, or messages submitted through webforms. This may include your contact details, the content of your inquiries or feedback, and any follow-up correspondence. This information helps us respond to your questions, resolve issues, and improve our services.
  • Additional information you submit to us: We may collect any additional information you choose to provide, such as responses to surveys, feedback, or information shared through forms or other submissions on the Platform. This data is used to enhance our Services and better understand your needs.

We may process patients’ health-related information, such as physical conditions or treatment requirements, provided by healthcare provider. This data is essential for designing, manufacturing, and delivering customised products or services tailored to treatment plans. This includes processing visual data, such as photographs, dental scans, or facial images, to ensure accurate and personalised orthodontic product creation. As a data processor, Just Aligner processes patient data strictly under healthcare providers’ instructions, fully complying with the GDPR to safeguard its security and confidentiality.

  • Information collected automatically

We may automatically collect certain information when you interact with our Platform or Services. This includes:

  • Device and Browsing Information: We collect information about your device, including login data, browser type and version, time zone setting, approximate location, browser plug-in types and versions, operating system, platform, device type, device ID, IP address, and other unique device identifiers. We also collect personal data automatically using cookies, log files, pixel tags, and other tracking technologies when you access or use our Platform and Services. For more details, please refer to Section 9 Cookies and Tracking Technologies.
  • Usage Data: We collect information about how you interact with the Platform, including pages viewed, features accessed, time spent on the Platform, navigation patterns, search queries, and traffic data.
  • Log Information: We may collect data about your activity on the Platform, such as login times, error reports, and diagnostic information, to monitor and improve Platform functionality and security.

This information helps us enhance the user experience, improve our Services, and ensure the security and integrity of the Platform.

  • Information we obtain from third parties

We may receive personal data about you from third parties, which is used to provide and enhance our Services. This may include:

  • Technical and Customer Transaction Data: We may collect your technical and customer transaction data from technical, payment, and delivery service providers.
  • Prospect information: We may receive lead and prospect information, such as names, email addresses, and contact information from third parties about individuals who may be interested in engaging with us.
  • Social Media Information: We may collect information from social media platforms if you interact with us through those platforms. This may include your profile information, public posts, and other details made available to us based on your privacy settings on the social media platform.
  • Publicly Available Company Information: We may collect company details from publicly accessible sources, such as professional directories, online registries to verify credentials, identify business opportunities, and improve our Services.
  1. Our Purposes and Legitimate Basis for Collecting and Processing

We use your personal data to develop, operate and deliver our Services, to provide you with a secure and efficient experience, and for our legal obligations. The law requires us to have a legal basis for collecting and using your personal data.

We have outlined below, in a table format, a detailed description of the various ways we intend to use your personal data and the corresponding legal bases we rely on for each use.

Our Purpose

Personal Data

Legal Bases for Processing

Account Registration. To facilitate the creation and management of accounts on our Platform for healthcare providers, including doctors and clinics. This includes registering clinics, assigning separate accounts for individual healthcare providers, managing account access, and ensuring proper authentication for secure use of the Platform.

Contact information; professional information; account information.

Performance of our contract with you where necessary to fulfil the terms of our contract or agreement, or to take steps leading to such a contract; For our legitimate interest in efficiently optimising and organising our business operations, ensuring functionality and long-term sustainability.

Daily Operation. To provide and operate our Services, respond to your enquiries, fulfil your requests, communicate with you, manage your account, gather feedback and support day-to-day operations.

Contact information; account information;

professional information; transaction information; and

communications information.

Performance of our contract with you where necessary to fulfil the terms of our contract or agreement; For our legitimate interest in efficiently optimising and organising our business operations.

Customer Support. To provide healthcare providers with comprehensive support, including technical assistance, training, onboarding guidance, and resolving issues related to account management, order processing, or product delivery. This ensures a smooth and efficient user experience for all providers using our Platform.

Contact information; account information;

professional information; transaction information; and

communications information.

Performance of our contract with you where necessary to fulfil the terms of our contract or agreement, or to take steps leading to such a contract; For our legitimate interest in efficiently optimising and organising our business operations.

Customisation and Personalisation. To tailor the functionality of our Platform and Services to meet the specific needs of healthcare providers. This includes optimising user experience, providing personalised recommendations, and ensuring access to features that enhance efficiency and usability.

Contact information; professional information; communications; account information; preferences; device and browsing information; usage information.

Consent, where required by law (such as where we obtain consent via cookies and other tracking technologies); In all other cases, we have a legitimate interest in promoting our products and Services in order to expand our outreach and customer base.

 

Processing Orders and Deliveries. To process orders for customised aligners and retainers, facilitate communication regarding orders and updates, and manage returns or exchanges. This includes generating invoices, ensuring timely delivery, and maintaining clear communication throughout the process.

Contact information; account information;

professional information; transaction information; and

communications information.

Performance of our contract with you where necessary to fulfil the terms of our contract or agreement, or to take steps leading to such a contract; For our legitimate interest in efficiently optimising and organising our business operations.

Analytics and Improvement. To provide functionality, analyse performance, fix errors, and improve usability and effectiveness of our Services and Platform.

Preferences; device and browsing information; usage information; and communication information.

We have a legitimate interest in improving our products and Services to expand our outreach and customer base.

Risk and Fraud Management. To verify healthcare provider credentials, monitor transactions, and prevent fraudulent activities. This also includes ensuring compliance with applicable laws and internal policies to safeguard our business and users.

Contact information; professional information; communications; account information; preferences; device and browsing information; usage information.

We have a legitimate interest in conducting our activities in a lawful manner and protecting our rights and interests.

Legal and Regulatory Compliance. To comply with legal and regulatory responsibilities, including compliance with data protection laws such as GDPR, conducting audits, maintaining records, and responding to lawful requests such as subpoenas or regulatory inquiries.

Contact information; professional information; communications; account information; preferences; device and browsing information; usage information; and transaction information.

Legal obligation, where we need to comply with EEA, Swiss or UK law; In all other cases, we have a legitimate interest in ensuring that our business practices comply with applicable law in the jurisdictions where we operate and do business.

Marketing and Communications. To inform healthcare providers about new features, promotions, or updates related to our Services. This includes sending marketing communications, managing promotional campaign.

Contact information; professional information; communications; account information; preferences; device and browsing information; usage information.

Consent, where required by law (such as where we obtain consent via cookies and other tracking technologies); In all other cases, we have a legitimate interest in promoting our products and Services in order to expand our outreach and customer base.

General Business and Operational Support. To support the effective administration of our organisation, including evaluating or undertaking corporate transactions such as mergers, acquisitions, or financing activities. This also encompasses managing functions like accounting, auditing, compliance, and recordkeeping necessary for business operations.

Contact information; professional information; communications; account information; preferences; transaction information; device and browsing information; and usage information.

For our legitimate interest in efficiently optimising and organising our business operations.

  1. Disclosures of Personal Data

We may share your personal data where necessary with the parties listed below for the purposes set out in Section 4 Our Purposes and Legal Bases for Collecting and Processing for which we will use your personal data above.

  • Vendors and service providers. We may share the personal data with third parties that we use in connection with the running of our business, including web and mobile analytics services, advertisers, IT partners, payment service providers, hosting and software providers, and sales and marketing products, and courier or postal services providing delivery solutions.
  • Law Enforcement. We may disclose your personal data to courts, law enforcement agencies, regulatory bodies, or government officials when required by law or when necessary to establish, exercise, or defend a legal or equitable claim.
  • Business Management. We may share your personal data with any third party to whom we sell, transfer, or merge parts of our business or assets. Alternatively, we may seek to acquire or merge with other businesses. If such a change occurs, the new owners may use your personal data in accordance with this Privacy Notice.

When we share information with third-party service providers in this capacity, we require them to use your information on our behalf in accordance with our instructions and terms and only process as necessary for the purpose of the contract.

  1. International Data Transfers

In some cases, your personal data may be transferred to countries outside of the EMEA region (including residents of the European Economic Area (EEA), the United Kingdom (UK), and Switzerland). When this happens, we ensure that appropriate safeguards are in place to protect your data. These safeguards include Standard Contractual Clauses (SCCs) approved by the European Commission, which ensure that personal data is afforded the same level of protection it receives within the EMEA.

By using our Services, you understand and agree that your personal data is transferred to countries outside of the EMEA region.

  1. Aggregate and De-Identified Information

We may collect and use aggregated data, such as statistical or demographic information, for any purpose. While aggregated data may be derived from your personal data, it is not considered personal data because it does not directly or indirectly reveal your identity. For instance, we may aggregate Usage Data to calculate the percentage of users who access a specific Website or App feature. However, if we combine or link aggregated data with your personal data in a manner that allows for your direct or indirect identification, we will treat the combined data as personal data and handle it in accordance with this Privacy Notice.

  1. Direct Marketing

We may send you promotional communications, such as emails, to inform you about updates, special offers, or other information related to our Platform and Services. You can opt-out of receiving such communications at any time by following the unsubscribe instructions provided in each message or by contacting us directly. Please note that even if you opt-out of promotional communications, we may still send you service-related messages that are necessary for the operation of your account or our services.

  1. Cookies and Tracking Technologies

We use cookies, pixel tags, and other tracking technologies to automatically collect information about browsing activity, device type, and similar information within Platform and Services. These technologies are used generally to remember your preferences, settings, and customisations for a more personalised experience, to understand how our Platform and Services are used and improve functionality, performance, and content, and to enhance security and support authentication processes. For more information about the cookies we use and how to change your cookie preferences, please see Cookie Notice.

  1. Manage Your Privacy Preferences

If you do not wish to accept cookies, you can adjust your browser settings to refuse all cookies or only third-party cookies, and you can also delete cookies that have already been placed. Please note that these settings need to be applied separately for each browser and device you use. Visitors to our Site who disable cookies will be able to browse the Site, but some features may not function. For more information about managing cookies, please see our Cookie Notice.

  1. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to employees, agents, contractors, and other third parties who have a legitimate business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  1. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, accounting or other requirements.

In some circumstances you can ask us to delete your data: see paragraph 11 below for further information.

  1. Third-Party Links

The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy policy / notice of every website you visit.

  1. Your Legal Rights

To the extent permitted by applicable data protection laws and regulations, you have the following rights in relation to your personal data:

  • Request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data in certain circumstances. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object.
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
  • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.
  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in one of the following scenarios:
  • If you want us to establish the data’s accuracy;
  • Where you believe our use of the data is unlawful but you do not want us to erase it;
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
  • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

If you wish to exercise any of the rights set out above, please refer to Section 17 Contact us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

  1. Complaints

We hope we will be able to resolve any issues you may have. If you have a concern about how we use your personal data, we would like to work with you to resolve it.

You have the right to make a complaint at any time to your local data protection authority, such as the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). For a list of EEA data protection supervisory authorities and their contact details, see here. We would, however, appreciate the chance to deal with your concerns before you approach the relevant data protection authority so please contact us in the first instance.

  1. Changes to the Privacy Notice

We reserve the right to update this Privacy Notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.

  1. Contact Us

Questions, comments and requests regarding this Notice are welcomed and should be addressed to Privacy Team and EU Representative, [email protected]

Just Magazine