tuth.appRetour à l'accueil

Dernière mise à jour 29 avril 2026

Accord de traitement des données

Modèle provisoire — en cours de révision juridique avant le lancement public.
Actuellement disponible en anglais uniquement. Les traductions suivront la revue juridique.

1. Roles

In this Agreement, the customer (the dental clinic) is the "Controller" and Yet Another Artificial Intelligence Company (SARL-S), 15 Avenue Dr Klein, L-5630 Mondorf-les-Bains, Luxembourg — RCS Luxembourg B232060 — TVA LU36410809, operating tuth.app, is the "Processor" within the meaning of Article 28 GDPR.

This Agreement applies whenever you process personal data using tuth.app.

2. Subject matter and duration

Subject matter: provision of the tuth.app service for tracking dental prosthetic cases.

Duration: for as long as the customer's account is active, plus the retention windows described in the Privacy Policy.

Nature and purpose: storage, organisation, retrieval, transmission to dental laboratories, and timeline tracking of patient case data.

3. Data subjects and categories

Data subjects: patients of the customer's clinic, and the dentists and staff who use the service.

Categories: identifying data (name, optional patient number), health data within the meaning of Article 9 (work type, tooth, shade, clinical notes), and contact data for laboratories.

4. Processor obligations

We process personal data only on documented instructions from the customer, including via the application interface.

We ensure that anyone authorised to process the data is bound by confidentiality.

We implement appropriate technical and organisational measures, including encryption in transit and at rest, tenant isolation at the row level, restricted production access with MFA, and security event logging.

We assist the customer in responding to data subject requests and in fulfilling Article 32-36 obligations, taking into account the nature of the processing.

On termination, we delete or return all personal data within 30 days, unless retention is required by law.

5. Subprocessors

The customer authorises tuth.app to engage the subprocessors listed in the Privacy Policy. We will give 14 days' prior written notice (by email or in-app banner) before adding or replacing a subprocessor and will allow the customer to object on reasonable grounds.

6. International transfers

All processing takes place in the European Union. We will not transfer personal data outside the EU/EEA without first putting an Article 46 transfer mechanism in place and notifying the customer.

7. Breach notification

We will notify the customer without undue delay, and in any event within 72 hours, after becoming aware of a personal data breach affecting their data.

8. Audit

On reasonable request and at customer expense, we will provide information necessary to demonstrate compliance with Article 28 GDPR. Audits requiring on-site access must be agreed in writing in advance.

9. Liability and governing law

Liability under this Agreement follows the limits and the governing-law clause of the Terms of Service.

Une question ? Écrivez-nous à tuth@yet.lu.