Privacy Policy
Version privacy-2026-07-17-v1 · Effective July 17, 2026
Flossee is operated by Sparrow Materials Group, the controller responsible for the information described here. This policy covers Flossee visitors, dental-practice contacts, customers, and business outreach in the United States, Philippines, United Kingdom, and Ireland.
What We Collect and Why
- Requests and customers: name, practice, email, phone, website, message, order, consent version, payment reference, and service communications—to answer requests, quote, contract, deliver, support, invoice, and keep transaction records.
- Public business research: practice name, public office contacts, website, address, services, and online presence—to identify dental practices and prepare relevant business recommendations.
- Site and security data: request time, IP-derived security signals, browser, page, and submission metadata—to serve and secure the site, prevent abuse, diagnose faults, and measure aggregate performance.
- Outreach and preferences: business communications, call notes, replies, and opt-out status—to conduct relevant business outreach and honor do-not-contact requests.
Legal Bases
We process information to take requested steps and perform contracts; to meet tax, accounting, and legal duties; with consent where law requires it; and for legitimate interests in operating, securing, improving, and marketing our business-to-business services. We balance those interests against individual rights and stop direct outreach when asked.
Who Receives Information
We disclose only what is needed to providers that operate the service: Cloudflare for site delivery, security, analytics, and data storage; Stripe and PayPal for checkout and payment records; and our email and operational systems for customer communication and service delivery. Payment providers receive payment details directly; Flossee does not receive full card numbers. Providers act under their own policies where they independently control payment or account data.
We do not sell personal information. We do not give it to data brokers or advertising networks for their independent marketing.
International Processing
Flossee serves practices across several countries, and providers may process information in other countries. Where required, transfers rely on adequacy decisions, contractual safeguards, or another lawful transfer mechanism. You may ask for information about safeguards that apply to your data.
Cookies and Analytics
Flossee does not currently set advertising or analytics cookies. Cloudflare Web Analytics receives limited page and device signals without using cookies or browser storage; Cloudflare states that visitor IP addresses are discarded at its network edge. Stripe or PayPal may use their own technologies after you choose their checkout.
Retention
- Unconverted requests and ordinary outreach records: up to 24 months after the last meaningful interaction.
- Customer, order, consent, invoice, and payment-reference records: up to 7 years after the relationship ends, where needed for accounting, disputes, and legal obligations.
- Operational security logs: normally up to 12 months.
- Do-not-contact records: retained as long as needed to keep honoring the request.
We may keep a record longer when a dispute, investigation, legal hold, or mandatory law requires it, then delete or anonymize it when that reason ends.
Patient Information
Do not submit patient records, protected health information, treatment details, or other sensitive patient information through our forms or ordinary email. Regulated patient-data work requires a separate written agreement first.
Your Rights
Depending on your location, you may ask to access, correct, delete, restrict, object to, or receive a portable copy of your information; withdraw consent; and learn about processing or transfer safeguards. You may also opt out of calls or email at any time. Some rights have legal exceptions. We may verify identity and will respond within the period required by applicable law.
UK residents may complain to the Information Commissioner’s Office. Irish residents may complain to the Data Protection Commission. Philippine residents may complain to the National Privacy Commission. You may contact us first, but you do not have to.
Security
We use access controls, encrypted transport, provider-managed payment collection, and limited operational access. No system is perfectly secure, and we cannot guarantee absolute security.
Contact and Changes
For privacy questions or rights requests: Sparrow Materials Group, operating as Flossee
Email: [email protected]
We will post a new version and effective date when this policy changes. Material changes apply prospectively.