1. Introduction

Digiray Co., Ltd. ("Digiray") is committed to protecting the privacy of users of the Hera Dent Vet AI Service. This Privacy Policy explains what data we collect, how we use it, and your rights with respect to your personal and clinical data.

This policy applies to all users of the Hera Dent Vet AI Service, including veterinary professionals accessing the Service through the Hera Dent Vet software platform.

2. Data We Collect

2.1 Account and Identity Data

• Name and professional title
• Clinic or practice name and address
• Business email address
• Veterinary licence number (where required for verification)
• Payment and billing information (processed by Paddle; Digiray does not store full card numbers)

2.2 Radiographic Image Data

When you use the AI analysis function, the following data is transmitted to Digiray's data centre:

• Intraoral dental radiographic images in DICOM or proprietary PSP format
• Metadata associated with the image (acquisition date, scanner model, image parameters)
• An anonymised patient reference identifier (no patient name or personal information is transmitted unless explicitly included by the user)

2.3 Usage and Technical Data

• Number and timing of AI analyses performed
• Software version, device type, and operating system
• Anonymised error logs and diagnostic telemetry
• Credit Point balance and transaction history

3. How We Use Your Data

3.1 Service Delivery

• To process radiographic images and generate AI diagnostic reports
• To manage your account, Credit Point balance, and transaction history
• To provide customer support and respond to enquiries

3.2 Service Improvement

• To train, validate, and improve the AI diagnostic model (using de-identified image data only, subject to your consent where required)
• To analyse usage patterns and improve the software experience
• To diagnose and fix technical issues

3.3 Legal and Compliance

• To comply with applicable laws and regulations in the Republic of Korea and other jurisdictions
• To process refund requests and resolve billing disputes
• To enforce our Terms of Service

4. Data Sharing

Digiray does not sell, rent, or trade your personal data to third parties. We may share data with:

• Paddle.com Market Limited: for payment processing as Merchant of Record
• Cloud infrastructure providers: for secure data centre operations (data remains within contracted secure facilities)
• Legal authorities: where required by applicable law or court order

All third-party processors are bound by data processing agreements consistent with applicable privacy law.

5. Patient Data Protection

Digiray operates on a privacy-by-design principle for patient data. We strongly recommend that users:

• Do not include patient names, national ID numbers, or other directly identifiable information in image metadata before submission
• Use anonymised or pseudonymised patient reference codes within the Hera Dent Vet software

Radiographic images processed by the AI are used solely for the purpose of generating the requested diagnostic report. They are not shared with other users or used for commercial purposes without explicit consent.

6. Data Security

Digiray implements industry-standard technical and organisational measures to protect your data, including:

• TLS 1.3 encryption for all data in transit between the Hera Dent Vet software and Digiray servers
• Encryption of stored radiographic images at rest
• Access controls limiting data access to authorised Digiray personnel only
• Regular security audits and vulnerability assessments

7. Data Retention

Account and identity data is retained for the duration of your active account and for up to three (3) years after account closure, as required for legal and compliance purposes.

Radiographic images and associated AI analysis results are retained for a period of seven (7) years from the date of analysis to support longitudinal clinical use, unless you request earlier deletion.

You may request deletion of your data at any time by contacting us at privacy@digiray.co.kr. Deletion requests will be processed within thirty (30) days.

8. International Data Transfers

Digiray is based in the Republic of Korea. Your data may be processed on servers located in South Korea and, where applicable, in other jurisdictions where our infrastructure providers operate. We ensure that any international transfers comply with applicable data protection laws.

9. Your Rights

Subject to applicable law, you have the following rights regarding your personal data:

• Right of access — to receive a copy of the personal data we hold about you
• Right to rectification — to correct inaccurate or incomplete data
• Right to erasure — to request deletion of your data, subject to legal retention obligations
• Right to data portability — to receive your data in a structured, machine-readable format
• Right to object — to object to certain uses of your data, including AI model training

To exercise any of these rights, please contact us at privacy@digiray.co.kr.

10. Cookies and Local Storage

The Hera Dent Vet software uses local storage on your device to maintain session preferences and account state. No third-party tracking cookies are used within the software.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated to users via in-software notification. The updated policy will indicate the revised effective date.

12. Contact Us

Digiray Co., Ltd. — Privacy Officer

• Email: privacy@digiray.co.kr
• Website: www.digiray.co.kr
• Republic of Korea