1. Introduction

BOXDENTAL S.A.S. recognizes that the personal information of its patients, clients, employees, and suppliers is one of its most important assets. As such, we commit to processing personal, private, and sensitive information in accordance with the regulatory framework in Colombia, including Law 1581 of 2012 and Chapter 25 of Decree 1074 of 2015, as well as international best practices for handling health-related data.

By providing your personal information through our website, forms, WhatsApp, SMS, email, social media, or during in-person consultations, you acknowledge and accept the terms of this Privacy Policy.

 

2. Data Controller

BOXDENTAL S.A.S.
Address: Calle 36 Norte # 6A-65, Pacific Center Shopping Center, 12th Floor, Offices 1217–1218, Cali, Colombia
Email: info@dradriansarria.com
Phone / WhatsApp: +57 300 890 1313

BOXDENTAL S.A.S. acts as the Data Controller, responsible for the lawful processing and protection of personal data.

 

3. Scope of This Policy

This policy applies to all personal data processed by BOXDENTAL S.A.S. in its capacity as Data Controller, including information collected from:

​

• Patients and prospective patients

• Website visitors

• Individuals interacting through WhatsApp, SMS, email, social media, Meta platforms, Google Ads, or online forms

• Employees and suppliers

 

4. Personal Data We Collect

Depending on the relationship you have with us, BOXDENTAL S.A.S. may collect the following categories of data:

 

4.1 Public Data

• Identification number and type

• Marital status

• Profession or occupation

• Public email or corporate contact details

4.2 Private Personal Data

• Home address

• Personal phone number

• Personal email

• Employment information

• Digital behavior (cookies, analytics, website use)

• Consumer habits and preferences

4.3 Sensitive Data (Health & Medical Information)

Collected only with explicit consent:

• Medical history

• Dental history

• Clinical photographs

• Diagnostic images

• Information related to oral or general health

4.4 Automatically Collected Data

• IP address

• Device identifiers

• Browsing activity

• Interaction with ads or landing pages

4.5 Communication Data

• WhatsApp messages

• SMS

• Email communications

• Voice notes or call details (not recorded unless expressly stated)

 

5. Purposes of Data Processing

BOXDENTAL S.A.S. processes personal and sensitive information for the following legitimate, informed, and authorized purposes:

 

5.1 Clinical and Healthcare Purposes

1. Scheduling and confirming appointments

2. Conducting evaluations and diagnostic assessments

3. Creating and managing clinical records

4. Treatment planning and procedures

5. Post-treatment follow-up

6. Clinical audits and quality assurance

7. Risk assessment and patient safety

5.2 Administrative and Operational Purposes

1. Billing, invoicing, and financial management

2. Maintaining internal records

3. Improving overall service quality

4. Internal training and operational procedures

5.3 Scientific and Research Purposes

• Conducting research and academic analysis

• Disclosing results anonymously without identifying patients

5.4 Marketing and Commercial Purposes (With Consent)

1. Sending promotional information about services, offers, or events

2. Conducting remarketing campaigns via Meta, Google, email, or SMS

3. Analyzing digital behavior and consumption habits

4. Customizing communications and service recommendations

5.5 Authorized Sharing of Information

Your data may be shared with:

• Dental laboratories

• Technology service providers

• Cloud storage platforms

• CRM and marketing platforms

• Strategic allies assisting in treatment or service delivery

BOXDENTAL S.A.S. does not sell, trade, or rent personal data to third parties.

 

6. Legal Basis for Processing

The processing of personal data is carried out based on:

• Express and informed consent from the data subject

• Legal and contractual requirements related to healthcare provision

• Legitimate interest in ensuring quality and operational functioning

• International data transfer safeguards, when applicable

Sensitive data is processed only with explicit prior authorization.

 

7. Image, Photo, and Video Authorization

7.1 Authorization for Clinical Use

By submitting images or allowing us to capture photos or videos during evaluations or procedures, you authorize BOXDENTAL S.A.S. to use them for:

• Diagnosis and treatment planning

• Internal clinical documentation

• Before-and-after comparison

• Patient safety monitoring

• Internal training and quality control

This authorization is strictly for clinical purposes.

7.2 Authorization for Marketing and Public Use (Optional)

Marketing use is strictly optional and requires separate, explicit consent.
If granted, images may be used for:

• Social media content

• Educational material

• Website publications

• Promotional and marketing campaigns

• Testimonials

Refusal to authorize marketing use does not affect treatment or service access.

7.3 Revocation of Authorization

You may revoke authorization at any time by writing to:
📧 info@dradriansarria.com

Revocation applies to future publications. Previously published content may remain archived.

 

8. WhatsApp, SMS, Email, and Phone Communication Policy

By providing your contact information, you authorize BOXDENTAL S.A.S. to contact you for:

• Appointment confirmation

• Treatment coordination

• Clinical instructions and reminders

• Administrative communications

• Optional promotional messages

8.1 SMS Marketing Consent

If you opt into SMS marketing:

• You agree to receive SMS messages containing updates, reminders, dental tips, and promotional offers

• Message frequency may vary

• Standard data and messaging rates may apply

• Consent is not a condition of treatment

Opt-Out Mechanism

You may stop receiving SMS at any time by replying STOP.

For WhatsApp, you may send “Unsubscribe” or request removal.

 

9. Data Subject Rights

Under Colombian law (Law 1581/2012), you have the right to:

• Access your personal data

• Update or correct inaccurate data

• Request deletion when appropriate

• Revoke authorization at any time

• Know how your data is being processed

Requests may be submitted to:
📧 info@dradriansarria.com

 

10. Security Measures

BOXDENTAL S.A.S. implements administrative, technical, and physical security controls, including:

• Encrypted data storage

• Restricted access to authorized personnel

• Confidentiality agreements

• Secure digital platforms

• Periodic system audits

 

11. Delivery of Information to Service Providers

To fulfill clinical, administrative, or operational functions, BOXDENTAL S.A.S. may share personal or sensitive data with specialized third parties, including:

• Dental laboratories

• Clinical software providers

• Cloud-based services

• Professional consultants

• Marketing and communication platforms

All providers must sign confidentiality and data protection agreements.

 

12. Data Retention

Personal data will be stored:

• For as long as required by law

• For the duration necessary to fulfill the purposes described in this policy

• Clinical records will be kept for the minimum legal retention period in Colombia

• Marketing data will be retained until the user opts out

• Image authorizations remain valid until revoked

 

13. Modifications to This Policy

BOXDENTAL S.A.S. reserves the right to update this policy at any time to comply with legal, technical, or service requirements. Updates will be published on our website.

 

14. Acceptance of This Policy

By providing your information, interacting through our digital channels, or using our clinical services, you acknowledge that you have read and understood this Privacy Policy and authorize the processing of your personal data as described herein.