Privacy Policy
What information we collect, how we use it, and your rights under Amendment 13 to the Privacy Protection Law.
Last updated: May 26, 2026
This is a courtesy translation. The Hebrew version is the binding original; in any conflict, the Hebrew prevails.
1. Who we are
Boaz Dental Lab ("the lab", "we") operates in Hadera, Israel. For any question or request regarding data protection and privacy, you can reach us at privacy@boazdental.co.il.
2. What we collect
- Information you provide: name, phone, email, clinic details, practitioner licence, a description of the issue, photos you upload.
- Medical information: treatment records, scans, before/after photos, treatment plans.
- Technical information: IP, browser, page visits, cookies (subject to consent).
- Marketing information: ad clicks, referral source, social-media interactions (subject to consent).
3. Why we collect it
| Use | Legal basis |
|---|---|
| Providing the service (treatment and communication) | Contract |
| Medical file | Regulatory obligation |
| Reaching out to new patients (marketing) | Explicit consent |
| Before/after photos for the marketing portfolio | Explicit consent + 4 anonymisation levels |
| Site analytics and experience improvement | Legitimate interest |
4. Who sees the information
Inside the organisation: the lab team + the data coordinator.
Outside the organisation (limited): technology vendors (Sanity, Cloudflare, Resend, Wassenger) — subject to a DPA + authorities upon legal demand only.
Not shared with: external marketing companies, advertising mailing-list vendors, or third parties for advertising without consent.
5. Your rights (Amendment 13/2025)
- Right of access — to see the information we hold (free of charge, within 30 days)
- Right to rectification — to correct inaccurate information
- Right to erasure — to delete (subject to medical retention obligations)
- Right to restriction — to ask that we use the information less
- Right to object — to refuse processing (including marketing)
- Right to portability — to transfer it to another data holder
How to exercise: email privacy@boazdental.co.il. A reply within 30 days.
6. Before/after photos — a special section
B/A photos are published on the site only under written consent (form LEGAL/consent-form-HE). Four publication levels:
- Anonymous — smile only
- Eye-band — full face with a band
- First name — full face, first name only
- Heroine — full face, surname (by choice)
Right of withdrawal: a written request → removal within 48 hours.
7. Cookies
We use 3 categories:
- Essential — site operation (always on)
- Analytics — Plausible (cookieless) + GA4 (subject to consent)
- Marketing — Meta Pixel + CAPI + remarketing (subject to consent)
You can update preferences at any time via the "Manage cookies" link in the footer.
8. Data retention
| Type | Duration |
|---|---|
| Medical file | 25 years (IL regulatory obligation) |
| Marketing information | 5 years from discontinuation |
| Technical logs | 90 days |
| B/A photos | until withdrawal (otherwise — 10 years) |
9. International transfers
Some of our vendors (Cloudflare, Sanity) operate in the cloud with POPs in Europe / the US. The transfer is under GDPR standards + a DPA. There is no transfer to countries lacking a comparable level of protection.
10. Changes to this policy
Every update will be published on this page with an update date. For material changes — we will send a notice by email/WhatsApp.
11. Complaints
If we have not responded to you within 30 days, or you are not satisfied with the response — you may contact the Database Registrar, Ministry of Justice (gov.il).