Legal
Privacy Policy
What we collect, why we collect it, who we share it with, how long we keep it, and how you can exercise your rights — written in plain English.
Last updated: February 2026
Written by ImplantAuthority Editorial TeamMedically reviewed by Pending legal review by [TBD]Last reviewed February 2026
ImplantAuthority, LLC ("ImplantAuthority," "we," "us," or "our") operates the ImplantAuthority website and related services (the "Service"). This Privacy Policy explains how we handle personal information when you visit our site, request a smile preview, submit a lead, look up a dentist, or otherwise interact with us. We are a consumer information and editorial service. We are not a dental practice, not a lender, not a broker, and not a credit-decision provider.
Who we are
ImplantAuthority is an independent consumer authority focused on full-mouth dental implants. We help patients understand their options, see realistic pricing, and find manually-vetted implant dentists in their area. We earn revenue from listing fees and referral fees from vetted providers and financing partners; we publish that disclosure on every page where it could be material. (See our Affiliate Disclosure.)
What information we collect
We collect only what's needed to deliver the Service. Specifically:
Lead and contact data
When you use the "Visualize Your New Smile" funnel, submit a contact request on a dentist profile, ask for a listing to be removed, or join the area waitlist, we collect: your first and last name (where provided), email address, phone number (optional in most flows), ZIP code, and the answers you give us about your needs (which arch, your timeframe, your budget range). We do not collect Social Security numbers, financial account numbers, full medical history, or treatment plans.
Smile photos
Our "Visualize Your New Smile" flow hands off to our partner Sonrie (sonrie.ai) for the actual photo simulation. We do not ourselves store the photos you submit to Sonrie long-term. Sonrie operates under its own privacy policy, which you should review before using their simulator. If Sonrie returns processed images to us in a future product version, we will update this policy and notify you.
Verification queries
When you use the "Verify Your Dentist" tool we record the dentist name and location you searched for, the public-record findings our vetting agent returned, and (optionally) the share token you generated. We do not record the name of the user who ran the verification unless you supply it separately.
Usage data
We collect basic, aggregated traffic metrics — pages visited, referral source, device class, country — through our own first-party analytics system. We do not use Google Analytics, Mixpanel, or any other third-party tracker, and we do not fingerprint your browser. All analytics events are sent to our own backend and stored under a 90-day retention window; older raw events are automatically deleted. We hash IP addresses with a daily-rotating salt before storage so a given IP cannot be linked across days, and we never store the contents of forms (e.g. email, name, phone) inside analytics events. If you opt out of analytics via our cookie banner, only essential `page_view` events are recorded so we can debug routing and SEO — funnel and behavior events are dropped.
Cookies and similar technology
We use a small set of first-party cookies that are strictly necessary (session, CSRF protection, your saved cookie-preferences themselves) and, if you opt in, an analytics visitor identifier (ia_visitor_id) and a short-lived session identifier (ia_session_id) that let us count unique visitors and reconstruct page-to-page journeys. We do not currently set any marketing or advertising cookies. See "Cookies" below.
How we use your information
We use the information we collect for the following purposes:
- Service delivery. Matching you with vetted dentists in your area, returning verification results, and routing your inquiries to the appropriate parties (with your consent).
- Communication. Sending you the information you asked for — a smile-preview link, a list of matched dentists, an answer to your contact form, or a notification when we add a vetted dentist in your area if you joined the area waitlist.
- Editorial improvement. Understanding which topics patients want covered, what searches return zero results so we can fill the gap, and which education pages are most useful.
- Fraud prevention and security. Detecting and blocking abuse, spam, and automated scraping; preserving the integrity of our verification and listing data.
- Legal compliance. Responding to lawful requests, enforcing our Terms, and protecting our rights and those of others.
Who we share information with
We share information only as described below. We do not sell your data.
- Matched dentists. When you ask to be connected with a vetted dentist, we forward your contact details and your stated needs (arch, timeframe, budget range, ZIP) to the practice(s) we match you with. We do not share photos. We disclose every match.
- Financing partners. Only if you explicitly start a financing flow with a partner. We disclose any financial benefit we receive. We are not a lender.
- Service providers. Hosting providers (cloud infrastructure), our analytics provider (Plausible), our editorial AI providers used for due-diligence reports (currently Anthropic), and Google (for public Places lookups). These providers operate under contracts that limit their use of your data to providing services to us.
- Sonrie. If you choose to open the Sonrie smile simulator from our funnel, the act of opening it (and any data you provide directly to Sonrie) is governed by Sonrie's own privacy policy.
- Law enforcement and legal requests. When required by law or to protect our or others' rights, safety, or property.
- Corporate transactions. If we are acquired or merge with another company, your information may transfer to the successor; we will notify you and let you exercise applicable rights before materially changing how the data is used.
How long we keep information
We retain lead and contact data for up to 36 months from the date you submitted it, or until you ask us to delete it, whichever is sooner. Verification queries are retained for up to 12 months. Aggregated, non-identifiable analytics data may be retained indefinitely. We delete or anonymize personal information when we no longer need it for the purposes described in this policy.
Your privacy rights
Depending on where you live, you may have the following rights with respect to your personal information. We honor these rights for all visitors, regardless of residency, where reasonable.
- Right to know / access. Request a copy of the personal information we hold about you.
- Right to correct. Ask us to fix inaccurate information.
- Right to delete. Ask us to delete your information, subject to certain limited exceptions (e.g., legal-hold requirements).
- Right to opt out of "sale" or "sharing" (CCPA/CPRA terms of art). We do not sell or "share" personal information for cross-context behavioral advertising. If that ever changes, we will provide a clear opt-out mechanism.
- Right to limit use of sensitive personal information. We do not collect sensitive personal information (as defined under CPRA) beyond what is necessary to deliver the requested Service.
- Right to non-discrimination. We will not penalize you for exercising any of these rights.
To exercise any of these rights, email privacy@implantauthority.com with enough detail to identify the record (the email address you used, approximate date, and the nature of your request). We will respond within the timelines required by applicable law (generally 45 days under CCPA; we typically respond faster).
State-specific privacy notices
California (CCPA / CPRA): California residents have the rights summarized above, plus the right to know the categories of personal information we collect, the categories of sources, the categories of third parties with whom we share information, and the business or commercial purposes for which we collect or share it. We have not "sold" or "shared" (as those terms are defined under CPRA) personal information in the prior 12 months.
Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other state laws: Residents of these states have substantially similar rights — access, correction (where applicable), deletion, portability, and the right to opt out of targeted advertising, the sale of personal data, and profiling for certain consequential decisions. We do not engage in targeted advertising, sale of personal data, or consequential-decision profiling.
If your state's privacy law gives you specific rights not described above, you may still exercise them by contacting us at the email above — we honor all applicable consumer privacy rights.
Children's privacy
Our Service is not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with personal information, please email us at privacy@implantauthority.com and we will delete it promptly.
Security
We use reasonable administrative, technical, and physical safeguards to protect personal information, including encryption in transit (TLS), encrypted-at-rest API key vaults, principle-of-least-privilege access controls, audit logging for administrative actions, and regular review of our infrastructure. No system is perfectly secure, and we cannot guarantee absolute security.
International users
ImplantAuthority operates in the United States. If you access the Service from outside the US, you understand and consent to having your information transferred to, processed in, and stored in the United States.
Cookies and similar technology
See the persistent cookie banner at the bottom of the page (or the "Cookie preferences" link in the site footer) to view and change your cookie choices at any time. We currently use:
- Strictly necessary. Session, CSRF protection, your saved cookie preferences. Always active — required for the site to function.
- Analytics (optional). Our own first-party analytics — a 1-year visitor identifier (
ia_visitor_id) and a 30-minute session identifier (ia_session_id) — set only after you accept analytics in the cookie banner. We never share these with third parties. Off if you have opted out. - Marketing (optional). None today. If we add any, they will be off by default and visible in your preferences.
Changes to this policy
We will update this policy as our practices evolve. The "Last updated" date at the top of this page reflects the most recent change. For material changes we will provide a more prominent notice — for example, a banner on the homepage or an email to addresses we hold on file.
Contact us
Questions about this Privacy Policy or our privacy practices? Email privacy@implantauthority.com or write to ImplantAuthority, LLC, Attention: Privacy, [mailing address to be added once entity formation is complete].