Second Opinion First PLC is a professional limited liability company organized under the laws of the State of Arizona. We operate the website asecondopinionfirst.com and provide an educational dental record review service. References to "we," "us," "our," or "Company" refer to Second Opinion First PLC.
For privacy inquiries, contact us at: [email protected]
We collect information you provide directly to us and information generated by your use of our service.
| Category | Examples | Purpose |
|---|---|---|
| Identity Information | First name, last name | To identify your case and communicate with you |
| Contact Information | Email address, phone number (optional) | To deliver your review and respond to questions |
| Location Information | State of residence | To verify eligibility (Arizona residents only) |
| Health-Related Information | Dental X-rays, treatment plans, clinical notes, intraoral photos, described symptoms and concerns | To conduct your educational dental record review |
| Payment Information | Credit/debit card data (processed by Stripe — we do not store card numbers) | To process payment for your review |
| Communications | Emails and messages you send to us | To respond to inquiries and support requests |
When you visit our website, we may automatically collect certain technical information, including:
This information is collected through standard web server logs and may be collected by third-party analytics tools. See Section 10 (Cookies) for more information.
We use the information we collect for the following purposes:
We do not sell your personal information. We do not use your personal or health information for advertising purposes. We do not share your information with insurance companies, dental offices, or data brokers.
Second Opinion First PLC takes the privacy of your health information seriously. While we are an educational service and the nature of our relationship with users means a formal HIPAA covered entity / business associate framework may not apply in the traditional sense, we voluntarily adopt HIPAA-aligned standards as a matter of best practice and professional responsibility.
Because Second Opinion First PLC provides an educational — not clinical — service, and no dentist-patient relationship is created, the full scope of HIPAA protections that apply to treating dental providers may not apply identically to this service. You acknowledge this limitation by using the service.
All dental records are uploaded and transmitted through Spruce Health, a HIPAA-compliant healthcare communication platform. Spruce Health operates under its own Privacy Policy and Business Associate Agreement framework. By uploading your records, you agree to Spruce Health's applicable terms.
We do not sell, rent, or trade your personal information. We share your information only in the following limited circumstances:
Your case information and dental records are shared with the licensed Arizona dentist assigned to review your case. Reviewing dentists are bound by professional confidentiality obligations and are contractually required to use your information solely for the purpose of completing your educational review.
We share information with third-party vendors who help us operate our service (see Section 6). These vendors are contractually prohibited from using your information for any purpose other than providing services to us.
We may disclose your information if required to do so by law, court order, subpoena, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or investigate fraud.
If Second Opinion First PLC is involved in a merger, acquisition, asset sale, or similar transaction, your information may be transferred as part of that transaction. We will notify you via email or prominent website notice if such a transfer occurs and your information will be subject to a different privacy policy.
We may share your information with third parties when you have given us explicit consent to do so.
We will never share your dental records or personal health information with your treating dentist, dental insurance carrier, employer, or any other party without your explicit written consent.
We use the following third-party service providers to operate our service. Each provider has its own privacy policy governing their use of data:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Name, email, payment card data |
| Spruce Health | HIPAA-secure file transfer and storage | Name, email, dental records |
| Netlify | Website hosting and form processing | Intake form data, IP address |
| Google (Gmail / Workspace) | Internal email communications | Email content and metadata |
| ImprovMX | Email forwarding | Email metadata (not content) |
We do not use advertising networks, social media tracking pixels, or behavioral analytics platforms on this website.
We implement technical, administrative, and physical safeguards designed to protect your personal and health information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:
Despite our best efforts, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. In the event of a data breach that affects your information, we will notify you as required by applicable law.
We retain your information for the following periods:
You may request deletion of your information at any time (subject to legal retention requirements) by contacting us at [email protected].
Depending on your location and applicable law, you may have the following rights regarding your personal information:
You may request a copy of the personal information we hold about you.
You may request that we correct inaccurate or incomplete information we hold about you.
You may request deletion of your personal information, subject to our legal obligations to retain certain records (such as dental records and financial records).
You have the right to request a copy of the dental records you submitted to us at any time. We will provide copies within 30 days of a written request.
Where we process your information based on consent, you may withdraw consent at any time. Withdrawal of consent will not affect the lawfulness of processing conducted prior to withdrawal.
To exercise any of these rights, contact us at [email protected] with a written request. We will respond within 30 days. We may require identity verification before fulfilling your request.
Our website uses minimal tracking technologies. We do not use advertising cookies, behavioral tracking pixels, or social media trackers.
Our website hosting provider (Netlify) may set technical cookies necessary for the website to function, including session and security cookies. These cannot be disabled without affecting website functionality.
We may use basic, privacy-respecting analytics to understand aggregate website usage patterns (e.g., pages visited, traffic sources). We do not use Google Analytics or other behavioral advertising analytics platforms.
Our website respects Do Not Track browser signals to the extent technically feasible.
This service is intended for use by individuals 18 years of age or older. We do not knowingly collect personal information directly from children under 13. If a parent or legal guardian submits information on behalf of a minor patient, the parent or guardian is responsible for ensuring they have authority to do so and that the submission complies with applicable law.
If you believe we have inadvertently collected information from a child under 13 without parental consent, please contact us immediately at [email protected] and we will promptly delete the information.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will update the "Last Updated" date at the top of this page.
We encourage you to review this policy periodically. Your continued use of the service after any changes constitutes your acceptance of the updated Privacy Policy. If the changes are significant, we may also provide a more prominent notice or request your consent where required by law.
If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:
Second Opinion First PLC — Privacy Officer
State of Arizona
Email: [email protected]
Website: asecondopinionfirst.com
We will respond to privacy-related inquiries within 30 days. For urgent matters involving potential data breaches or unauthorized access to your health information, we will respond as promptly as possible.
This Privacy Policy was prepared for informational purposes. Second Opinion First PLC recommends consulting with a licensed attorney experienced in healthcare privacy law to ensure this policy remains appropriate and compliant with current applicable law, including any amendments to HIPAA, Arizona state privacy law, or federal telehealth regulations.