Sugarbot

Privacy Policy

Last updated: October 15, 2025

This Privacy Policy describes our policies and procedures on the collection, use, and disclosure of your information when you use the Service and explains your privacy rights. We use your personal data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

Words with an initial capital letter have meanings defined under the following conditions. The following definitions have the same meaning whether they appear in singular or plural.

Definitions

  • Account means a unique account created for you to access our Service or parts of our Service.
  • Affiliate means an entity that controls, is controlled by, or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest, or other securities entitled to vote for election of directors or other managing authority.
  • Application refers to Sugarbot, the software program provided by the Company.
  • Business, for the purpose of CCPA/CPRA, refers to the Company as the legal entity that collects consumers’ personal information and determines the purposes and means of processing.
  • CCPA / CPRA refers to the California Consumer Privacy Act and the California Privacy Rights Act of 2020.
  • Company (referred to as either “the Company”, “we”, “us” or “our”) refers to Bench7, Inc., 929 Parkview Drive, Bismarck, ND 58501. For the purpose of the GDPR, the Company is the Data Controller.
  • Consumer, for the purpose of the CCPA/CPRA, means a natural person who is a California resident.
  • Country refers to: North Dakota, United States.
  • Data Controller, for the purposes of the GDPR, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of personal data.
  • Device means any device that can access the Service such as a computer, cellphone, or digital tablet.
  • Do Not Track (DNT) is a concept promoted by U.S. regulatory authorities for a mechanism allowing internet users to control tracking across websites.
  • GDPR refers to the EU General Data Protection Regulation.
  • Personal Data is any information that relates to an identified or identifiable individual. For GDPR, this includes identifiers such as name, ID number, location data, and online identifiers. For CCPA/CPRA, it includes information that identifies, relates to, or could reasonably be linked with you.
  • Service refers to the Application.
  • Service Provider means any natural or legal person who processes the data on behalf of the Company (data processors under the GDPR).
  • Usage Data refers to data collected automatically, generated by use of the Service or the Service infrastructure itself.
  • You means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you, including:

  • Email address
  • First and last name
  • Phone number
  • Address, State/Province, ZIP/Postal code, City
  • Usage Data

Usage Data

Usage Data is collected automatically when using the Service and may include IP address, browser type and version, pages visited, timestamps, time spent, device identifiers, and other diagnostic data. When accessing via mobile, we may collect device type, unique ID, IP, OS, browser type, identifiers, and diagnostics.

Clinical Images and PHI

Sugarbot processes dental X-ray images locally on your device. X-rays and related PHI are not uploaded to our servers for inference. We may receive limited diagnostic or crash information about the Application’s performance, but not the images themselves, unless you explicitly share them with us for support.

Use of Your Personal Data

  • To provide and maintain our Service, including monitoring usage.
  • To manage your Account.
  • For the performance of a contract.
  • To contact you about updates or information related to functionalities, products, or services.
  • To provide you with news, offers, and information about similar goods, services, and events (unless you opt out).
  • To manage your requests.
  • For business transfers (e.g., merger or acquisition evaluations).
  • For other purposes such as analysis, trend identification, campaign effectiveness, and improvements.

We may share personal information with Service Providers, in business transfers, with Affiliates, with business partners, with other users in public areas, and with your consent.

Retention of Your Personal Data

We retain Personal Data only as long as necessary for the purposes set out in this Policy, to comply with legal obligations, resolve disputes, and enforce agreements. Usage Data is generally retained for a shorter period unless needed to improve security/functionality or required by law.

Transfer of Your Personal Data

Your information may be transferred to and maintained on computers outside of your jurisdiction. We take reasonable steps to ensure secure treatment and no transfer occurs without adequate controls.

Delete Your Personal Data

You may request deletion of Personal Data we have collected. Some information can be managed within the Service. You can also contact us to access, correct, or delete personal data. We may retain certain information when we have a legal obligation or lawful basis to do so.

Disclosure of Your Personal Data

Business Transactions

In a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before the transfer and new policy takes effect.

Law Enforcement & Other Legal Requirements

We may disclose Personal Data if required by law or in good faith to: comply with legal obligations; protect Company rights or property; prevent or investigate wrongdoing; protect users/public safety; or protect against legal liability.

Security of Your Personal Data

We strive to use commercially acceptable means to protect Personal Data, but no method of transmission or electronic storage is 100% secure.

Detailed Information on Processing

Service Providers may access your Personal Data in accordance with their privacy policies to collect, store, use, process, and transfer information about your activity on our Service.

Payments

We may use third-party payment processors. We do not store payment card details; data is provided directly to processors that adhere to PCI-DSS standards.

GDPR Privacy

Legal Basis

  • Consent
  • Performance of a contract
  • Legal obligations
  • Vital interests
  • Public interests
  • Legitimate interests

Contact us to clarify the applicable legal basis in specific situations.

Your Rights

  • Access, update, delete data
  • Correction
  • Objection (including to direct marketing)
  • Erasure
  • Portability
  • Withdraw consent

You may exercise these rights by contacting us. You may also lodge a complaint with your local Data Protection Authority.

CCPA/CPRA Privacy Notice (California)

Categories Collected (last 12 months)

  • A: Identifiers — Collected: Yes
  • B: Customer Records — Collected: Yes
  • C: Protected classifications — Collected: No
  • D: Commercial information — Collected: Yes
  • E: Biometric — Collected: No
  • F: Internet/network activity — Collected: Yes
  • G: Geolocation — Collected: No
  • H: Sensory — Collected: No
  • I: Professional or employment — Collected: No
  • J: Education — Collected: No
  • K: Inferences — Collected: No
  • L: Sensitive personal information — Collected: Yes

Sources

Directly from you; indirectly/automatically from your use of the Service; from Service Providers.

Use & Disclosure

See “Use of Your Personal Data.” We may disclose categories A, B, D, and F for business or commercial purposes. We may share (and may have shared in the past 12 months) with Service Providers, payment processors, affiliates, partners, and authorized third parties.

Sale/Sharing

We do not sell personal information as commonly understood. Certain uses by Service Providers may be deemed a “sale” or “sharing” under CCPA/CPRA. Categories potentially “sold/shared” in the past 12 months: A, B, D, F.

Your California Rights

  • Notice; Know/Access; Opt-out of sale or sharing
  • Correct; Delete; Limit use/disclosure of sensitive personal information
  • Non-discrimination

To exercise rights, email support@sugarbotai.com. We may need to verify your identity. We aim to respond within 45 days (extendable once by 45 days with notice).

“Do Not Track”

Our Service does not respond to DNT signals. You can set preferences in your browser to communicate tracking choices to third-party sites you visit.

Children’s Privacy

We do not knowingly collect information from anyone under 13. If you believe a child has provided Personal Data, contact us so we can remove it. Where consent is required by law, we may require parental consent.

Links to Other Websites

Our Service may contain links to third-party sites. We are not responsible for their content or privacy practices. Review each site’s privacy policy.

Changes to this Privacy Policy

We may update this Policy from time to time and will post the new Policy here and update the “Last updated” date. We may also notify you via email and/or a prominent notice prior to changes becoming effective.

Contact Us

If you have questions about this Privacy Policy, you can contact us at support@sugarbotai.com.

Back to top ↑