Last Updated: March 4, 2026
This Privacy Policy describes the privacy practices of Bench7, Inc. (“Bench7,” “we,” “us,” and “our”) in relation to your use of the Sugarbot Notes web application and related services (collectively, the “Service”). Sugarbot Notes is an artificial intelligence-powered clinical documentation tool designed to assist dental professionals in generating clinical notes from patient encounters.
This Privacy Policy explains how we collect, use, disclose, transfer, secure, and retain information about you in connection with your use of the Service, and the rights and choices you have regarding these activities. By using the Service, you acknowledge that you have read and understand this Privacy Policy. If you do not agree with our privacy practices as described herein, you should not use the Service.
By using the Service, you acknowledge that we will store and process your information in the United States. Please be aware that the privacy laws and standards in certain countries may differ from those that apply in the country in which you reside.
This Privacy Policy should be read in conjunction with our Terms of Use and, to the extent applicable, our Business Associate Agreement, which are incorporated herein by reference.
We collect information about you in the following ways:
To use the Service, you must register an account and provide certain personal information such as your name, email address, professional credentials, dental specialty, and practice information (“Registration Information”). You may update your Registration Information at any time through your account settings.
When you subscribe to the Service, payment is processed by our third-party payment processor, Stripe. We do not directly collect or store your full credit card number or banking details. Stripe may collect your payment card information, billing address, and other payment-related details in accordance with its own privacy policy. We receive limited transaction information from Stripe, such as the last four digits of your card, card type, and transaction confirmation.
When you use the Service, it may temporarily capture audio from patient encounters for the sole purpose of generating transcripts and clinical notes. Audio recordings are not permanently stored; they are deleted upon completion of transcription. Only the resulting transcripts and clinical notes are retained within the Service (“Clinical Data”). Clinical Data may contain Protected Health Information (“PHI”) as defined by HIPAA. Our handling of PHI is governed by the Business Associate Agreement between you and Bench7.
We automatically collect information about how you interact with the Service, including the features you use, the frequency and duration of your sessions, the number of notes generated, actions taken within the application, and the dates and times you access the Service.
When you access the Service, we automatically collect certain technical information, including your IP address, browser type and version, operating system, device type, and referring URLs.
We use a limited set of cookies and similar technologies in connection with the Service:
When you contact us for support or otherwise communicate with us, we collect the information you provide, including your name, email address, and the content of your communication.
If you use practice configuration features of the Service, you may upload de-identified example notes, custom templates, style preferences, and other practice-specific settings (“Practice Configuration Data”). Practice Configuration Data is stored separately from Clinical Data and PHI and is used solely to customize the Service for your practice. You are responsible for ensuring that any example notes or other materials you upload as Practice Configuration Data have been fully de-identified in accordance with 45 C.F.R. § 164.514 before upload; Bench7 does not treat Practice Configuration Data as PHI.
We use the information we collect for the following purposes:
We use your Registration Information and Clinical Data to provide, operate, and maintain the Service, including processing patient encounter audio, generating transcripts and clinical notes, and making those notes available to you for review and approval.
We use your Registration Information to create and manage your account, process your subscription and payments, and provide customer support.
We use your email address to send you:
We use Usage Information and Device and Technical Information to analyze how the Service is used, diagnose technical issues, and improve the performance, functionality, and user experience of the Service.
We may create de-identified, aggregated, or anonymous data from the information collected through the Service, in accordance with applicable law including HIPAA de-identification standards (45 C.F.R. § 164.514). Such de-identified data is no longer considered PHI or personal information and may be used by Bench7 for any lawful purpose, including product improvement, research, analytics, and other business purposes.
We use your information to detect, investigate, and prevent fraudulent, unauthorized, or illegal activity, to protect the security and integrity of the Service, and to enforce our Terms of Use.
We use your information as necessary to comply with applicable laws, regulations, legal processes, or governmental requests.
We do not sell your personal information to third parties. We do not share your personal information with third parties for their marketing purposes. We may share your information only in the following limited circumstances:
We work with third-party service providers who assist us in operating and providing the Service. These service providers may have access to your information solely to perform services on our behalf and are obligated to protect your information. Our current key service providers include:
We require that all service providers agree to limit their use of personal information to the fulfillment of their responsibilities to us.
We may share your information with our legal, accounting, and other professional advisors as needed for our business operations.
In connection with a corporate change in control resulting from, for example, a sale to or merger with another entity, or in the event of a sale of assets or a bankruptcy, we reserve the right to transfer your personal information to the new party in control or the party acquiring assets. In the event of such a change, your personal information will continue to be treated in accordance with this Privacy Policy, as may be modified as described in Section 9 below.
We may disclose your information when we believe disclosure (i) is required to comply with valid legal requirements such as a law, regulation, search warrant, subpoena, or court order; (ii) is necessary to meet national security or law enforcement requirements; or (iii) is reasonable to protect the rights, property, or safety of Bench7, our users, or others.
We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for any lawful purpose, including research, analytics, and business purposes.
We may share your information with third parties when you have given us your explicit consent to do so.
We have implemented appropriate technical and organizational security measures to protect the personal information and Clinical Data under our control from unauthorized access, use, disclosure, and accidental loss. These measures include:
When you enter personal information, we encrypt the transmission of that information using SSL/TLS technology. You are solely responsible for maintaining the security and confidentiality of your account username and password.
No method of transmission over the internet or method of electronic storage is completely secure. Therefore, while we strive to protect your information, we cannot guarantee its absolute security.
We retain your Registration Information and account data for as long as your account is active and for up to one (1) year after account deactivation, subject to applicable law. Upon termination of your account, we will make your Clinical Data available for export for a period of thirty (30) days, consistent with our Terms of Use and Business Associate Agreement.
After the applicable retention period, your data will be securely deleted or de-identified in accordance with our data retention policies, applicable law, and the Business Associate Agreement, except to the extent we are required to retain certain information to comply with legal obligations.
De-identified and aggregated data may be retained indefinitely.
You may update your Registration Information at any time through your account settings. You may also contact us at support@bench7tech.com to request updates to your information.
You may request deletion of your account by contacting us at support@bench7tech.com. Note that upon deletion we may retain certain de-identified information for internal business purposes including research, analytics, and reporting, and may retain information as required by law or our Business Associate Agreement obligations.
You may opt out of marketing email communications at any time by clicking the “unsubscribe” link at the bottom of any marketing email or by contacting us at support@bench7tech.com. Please note that even if you opt out of marketing emails, we will continue to send you transactional and service-related communications necessary for the operation of your account.
Most browser software can be set to reject cookies. If you choose to reject our cookies, your ability to access and use the Service may be limited. You may opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout.
The Service is designed and intended for use by dental professionals and is not intended for nor designed to be used by children under the age of 18. We do not knowingly collect personal information from any person under the age of 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.
If you are a California resident, the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), may provide you with additional rights regarding our use of your personal information. These rights include:
To exercise your rights under California law, please contact us at support@bench7tech.com.
Residents of other states may have additional privacy rights under applicable state law. If you wish to exercise any privacy rights available to you under your state’s laws, please contact us at support@bench7tech.com.
We reserve the right to modify this Privacy Policy at any time and any changes will be effective upon posting of the modified Privacy Policy. If we make any material changes, we will notify you by email (sent to the email address associated with your account) and/or by posting a notice on the Service before the change becomes effective. We encourage you to periodically review this Privacy Policy. By continuing to use the Service after changes are made, you agree to such changes.
If you have questions about this Privacy Policy, your account, or how your personal information is used in connection with the Service, please contact us at:
Bench7, Inc.
support@bench7tech.com