Privacy Policy
Last Updated: November 11, 2025
Information We Collect
1. Authentication Information
- User credentials (email and encrypted password) for login purposes
- Authentication tokens generated by AWS Cognito
- Session information to maintain your logged-in state
2. Practice and Patient Data
- Patient names and IDs from Dentrix Ascend
- Referral information you create or manage
- Appointment data related to referrals
- Treatment plans and dental procedure codes
- Comments and notes added to referrals
3. Usage Information
- Current location within Dentrix Ascend
- Active tab information to provide contextual features
- Extension preferences and settings
- Token refresh timestamps for security purposes
4. Technical Information
- Chrome browser storage for caching and offline functionality
- Extension version information
- Error logs for troubleshooting
How We Use Your Information
We use the collected information to:
1. Provide Core Functionality
- Authenticate users securely
- Display and manage dental referrals
- Synchronize data between Dentrix Ascend and our backend
- Send notifications about referral status changes
2. Improve User Experience
- Maintain user sessions across browser restarts
- Remember user preferences
- Provide contextual information based on current patient
3. Security and Compliance
- Maintain secure authentication with automatic token refresh
- Protect against unauthorized access
- Comply with healthcare data protection requirements
4. Technical Operations
- Debug and fix technical issues
- Monitor system performance
- Ensure data synchronization
Data Storage and Security
Local Storage
- Authentication tokens are stored locally in your browser using Chrome's secure storage API
- User preferences are cached locally for faster access
- No sensitive patient data is permanently stored in the browser
Remote Storage
- Patient and referral data is transmitted to and stored on our secure servers at https://bs-api.getfurca.com
- All data transmission uses HTTPS encryption
- Our backend infrastructure is hosted on AWS with enterprise-grade security
Third-Party Services
We use the following third-party services:
AWS Cognito
For secure user authentication and authorization
Data Sharing and Disclosure
We MAY share data only in these limited circumstances:
- With Your Consent:When you explicitly authorize sharing
- Legal Requirements:If required by law or legal process
- Service Providers:With trusted partners who help operate our service (under strict confidentiality)
- Business Transfer:In the event of a merger or acquisition (users will be notified)
Healthcare Compliance
HIPAA Considerations
- We implement appropriate safeguards for protected health information (PHI)
- Access controls and audit logs are maintained
- Business Associate Agreements (BAAs) are established with covered entities
- Users are responsible for ensuring their use complies with their organization's HIPAA policies
Data Minimization
- We only collect data necessary for referral management functionality
- Patient data is only accessed when you navigate to specific pages in Dentrix Ascend
Your Rights and Choices
Access and Control
- View Your Data: Access all your referral data through the extension
- Modify Data: Edit or update referrals at any time
- Delete Data: Remove referrals you've created
- Export Data: Request a copy of your data by contacting support
Account Management
- Logout: Clear local session data at any time
- Uninstall: Remove the extension and all local data
- Account Deletion: Request complete account deletion by contacting support
Opt-Out Options
- Disable notifications in extension settings
- Choose not to use certain features
- Control which data syncs with our backend
Permissions Explained
Our extension requests the following Chrome permissions:
Host Permissions
*.dentrixascend.com- To access and enhance Dentrix Ascend pagesstorage- To save your preferences and session datatabs- To detect when you navigate within Dentrix Ascend
Data Retention
- Active Data:Retained while your account is active
- Authentication Tokens:Expire after 60 minutes, automatically refreshed
- Cached Data:Cleared when you logout or uninstall
- Account Deletion:All data permanently deleted within 30 days of request
Children's Privacy
Our service is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children.
International Data Transfer
Our services are hosted in the United States. By using our extension, you consent to the transfer of your data to the United States, which may have different data protection laws than your country.
Changes to This Policy
We may update this Privacy Policy periodically. We will notify users of significant changes by:
- • Updating the "Last Updated" date
- • Displaying a notification in the extension
- • Sending email notifications for material changes
Continued use after changes indicates acceptance of the updated policy.
Your California Privacy Rights
If you are a California resident, you have additional rights under CCPA:
- • Right to know what personal information is collected
- • Right to know if personal information is sold or disclosed
- • Right to opt-out of the sale of personal information (we do not sell data)
- • Right to deletion of personal information
- • Right to non-discrimination for exercising your rights
To exercise these rights, contact us at privacy@getfurca.com.
GDPR Rights (European Users)
If you are in the European Economic Area, you have rights under GDPR:
- • Right to access your personal data
- • Right to rectification of inaccurate data
- • Right to erasure ("right to be forgotten")
- • Right to restrict processing
- • Right to data portability
- • Right to object to processing
- • Right to withdraw consent
To exercise these rights, contact us at support@getfurca.com.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data:
For data access, modification, or deletion requests, please contact us with your account information.