Skip to main content

Privacy Policy

Effective Date: May 8, 2026  |  Last Updated: May 8, 2026

Cuspra is a product of Qiaben LLC (“Qiaben,” “Cuspra,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit cuspra.com or use the Cuspra dental practice management platform and related services (collectively, the “Services”).

1. Scope

This policy covers our marketing website, the Cuspra application, and any APIs, integrations, and support channels we operate. It does not cover third-party websites or services that link to or from Cuspra.

2. Information We Collect

Information you provide

  • Account information: name, email, phone, practice name, role, and credentials when you sign up or are invited.
  • Practice configuration: operatories, providers, fee schedules, schedule rules, and other settings you configure.
  • Communications: messages, attachments, and support tickets you send to us.
  • Billing information: payment details processed by our payment processors. We do not store full card numbers.

Information collected automatically

  • Usage data: pages and features accessed, IP address, device, browser, and timestamps.
  • Cookies: we use cookies and similar technologies for authentication, preferences, and product analytics. We do not sell your information for advertising.
  • Logs and telemetry: application logs and error reports for reliability and security.

Patient health information (PHI)

Cuspra is designed to handle Protected Health Information for dental practices. PHI is processed under your direction as a covered entity or business associate. We process PHI strictly to provide the Services and as governed by a Business Associate Agreement (BAA) with your organization.

3. How We Use Information

  • To provide, operate, secure, and improve the Services.
  • To authenticate users and prevent fraud or abuse.
  • To provide customer support and respond to inquiries.
  • To send service updates, billing notices, and security alerts.
  • For product analytics in aggregated, de-identified form to improve usability and reliability.
  • To comply with legal and regulatory obligations.

We do not sell personal information, and we do not use PHI for marketing.

4. HIPAA and Patient Data Protection

Cuspra is built to support HIPAA-regulated workflows. Practices that process PHI through Cuspra must enter into a BAA with Qiaben. We implement administrative, physical, and technical safeguards including encryption in transit and at rest, role-based access control, audit logging, and least-privilege production access.

5. Sharing and Disclosure

We share information only as needed to operate the Services:

  • Subprocessors: cloud hosting, email and SMS providers, payment processors, and analytics tools that operate under contractual data-protection obligations.
  • At your direction: integrations and exports you initiate (for example, claims clearinghouses or imaging systems).
  • Legal requirements: when required by law, subpoena, or valid legal process.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, subject to confidentiality protections.

A current list of subprocessors is available on request from privacy@qiaben.com.

6. Data Retention

We retain personal information for as long as your account is active or as needed to provide the Services and to comply with legal obligations, resolve disputes, and enforce agreements. PHI retention follows the terms of the applicable BAA and the customer's record-retention requirements.

7. Security

We use industry-standard safeguards including TLS encryption in transit, encryption at rest, MFA for administrative access, audit logging, vulnerability scanning, and regular access reviews. No system is perfectly secure; we maintain an incident response process and notify affected customers consistent with applicable law and our BAA.

8. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or port your personal information, or to object to or restrict certain processing. To exercise these rights, contact privacy@qiaben.com. For PHI, contact your practice — we act on PHI only at the direction of the covered entity.

9. International Users

Cuspra is operated from the United States. If you access the Services from outside the U.S., you understand that your information may be transferred to and processed in the U.S.

10. Children's Privacy

Cuspra is intended for use by dental practices and is not directed to children under 13. We do not knowingly collect personal information directly from children. PHI about minor patients is processed under the direction of the practice.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Services or by email. The “Last Updated” date at the top reflects the most recent revision.

12. Contact