Last updated: 2 June 2026
This Data Processing Agreement ("DPA") forms part of, and is incorporated by reference into, the Terms of Service between the dental clinic, practice, or organisation that uses the Service (the "Customer") and Smart Dental Desk, a product of Yeshika Enterprises, a registered proprietorship firm ("Smart Dental Desk", "we", "us"). It applies whenever we process Personal Data on the Customer's behalf in connection with the Service. The Customer does not need to sign this DPA separately; by accepting the Terms of Service or using the Service, the Customer agrees to this DPA.
For the patient data and other personal data processed through the Service, the Customer is the data controller (it determines why and how the data is processed) and Smart Dental Desk is the data processor (it processes the data only on the Customer's documented instructions). For the Customer's own account, billing, and staff data, Smart Dental Desk acts as a controller as described in the Privacy Policy.
The Customer is responsible for obtaining and maintaining a valid lawful basis (including patient consent where required) for processing this data and for transferring it to us.
The Customer authorises Smart Dental Desk to engage the sub-processors listed below to process Personal Data. Each is bound by data-protection obligations no less protective than this DPA. We remain responsible for their performance and will give reasonable notice of any new sub-processor.
Smart Dental Desk is operated from India and hosts data on cloud infrastructure that may be located in India or other regions. Where a Customer is located outside India (for example, in Georgia, the European Union, or elsewhere), Personal Data will be transferred to and processed in these locations. By using the Service, the Customer instructs and authorises such transfers and confirms that it has a lawful basis for them under the laws applicable to it — including, where required, the consent of the relevant data subjects or appropriate contractual safeguards. We apply the security measures in Section 6 to all data regardless of where it is processed. On request, we will cooperate in putting in place additional transfer safeguards (such as standard contractual clauses) where a Customer's local law requires them.
We will notify the Customer without undue delay after becoming aware of a Personal Data breach affecting the Customer's data, and will provide the information reasonably available to help the Customer meet its own notification obligations to regulators and data subjects.
The Service provides tools that allow the Customer to access, correct, export, and delete patient data. Where a data subject contacts us directly, we will refer them to the relevant Customer. We will provide reasonable assistance to the Customer in responding to requests to exercise rights of access, rectification, erasure, restriction, portability, and objection.
The Customer may export its data at any time using the in-app data export feature. On termination of the subscription, we will delete or return the Customer's Personal Data in accordance with the retention periods stated in the Privacy Policy, after which backup copies are purged, unless retention is required by law.
We will make available, on reasonable written request and no more than once per year (unless required by a regulator), the information reasonably necessary to demonstrate compliance with this DPA, subject to confidentiality obligations.
This DPA is governed by the law stated in the Terms of Service. In the event of a conflict between this DPA and the Terms of Service in respect of the processing of Personal Data, this DPA prevails. All other terms of the Terms of Service remain in full effect.
For data-protection matters, contact our Data Protection Officer at support@smartdentaldesk.com.
Smart Dental Desk is a product of Yeshika Enterprises, a registered proprietorship firm.