AlignerSteps

Privacy Policy

Last updated: March 2026

1. Data Controller

The data controller responsible for the processing of your personal data on this website in accordance with the General Data Protection Regulation (GDPR) is:

Aligner Steps GmbH

Email: info@alignersteps.com

Website: www.alignersteps.com

2. Hosting

Our website is hosted by external service providers. Personal data collected on this website is stored on the host's servers. This may include IP addresses, contact inquiries, meta and communication data, contract data, contact details, names, website access, and other data generated via a website.

3. Your Rights as a Data Subject

You have the following rights regarding your personal data:

  • Art. 15 GDPR: Right of access to your personal data.
  • Art. 16 GDPR: Right to rectification of inaccurate data.
  • Art. 17 GDPR: Right to erasure ("right to be forgotten").
  • Art. 18 GDPR: Right to restriction of processing.
  • Art. 20 GDPR: Right to data portability.
  • Art. 21 GDPR: Right to object to processing.
  • Art. 7(3) GDPR: Right to withdraw consent at any time.
  • Art. 77 GDPR: Right to lodge a complaint with a supervisory authority.

4. Collection of Data (Server Log Files)

When you visit our website, the browser automatically sends information to the server. This is stored in temporary log files:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

5. Cookies

We use cookies to improve user experience. Some cookies are technically necessary (Art. 6(1)(f) GDPR), while others require your consent (Art. 6(1)(a) GDPR).

6. Contact via Email

If you contact us via email, we process your email address and message content to handle your inquiry (Art. 6(1)(b) or (f) GDPR). Data is deleted once the inquiry is resolved.

7. Contact Form

When using our contact form, we process your name, email, and message content based on your consent (Art. 6(1)(a) GDPR).

8. Applications (Recruitment)

Application data is processed for the recruitment process (Art. 6(1)(b) GDPR) and deleted within 2–6 months unless consent for longer storage is given.

9. Registration and User Accounts

For registered users, we process name, email, and login data to provide access to our services (Art. 6(1)(b) GDPR).

10. Processing of Health Data

As part of our orthodontic treatment and clear aligner services, we process health-related data (teeth scans, treatment plans). This is based on explicit consent (Art. 9(2)(a) GDPR) or healthcare purposes (Art. 9(2)(h) GDPR).

11. Data Sharing and Processors

We share data with IT providers, technical partners, and manufacturing partners necessary for business operations under strict data processing agreements.

12. Data Transfers to Third Countries

If data is transferred outside the EU/EEA, we ensure adequate safeguards through Standard Contractual Clauses (SCCs).

13. Security Measures

We implement SSL/TLS encryption and strict access controls to protect your data.

14. Updates to this Privacy Policy

We reserve the right to update this policy to comply with legal requirements or changes in our services.

15. Dentist Portal and Patient Processing

Aligner Steps GmbH provides digital orthodontic services including treatment planning and aligner manufacturing.

Controller Roles:

Aligner Steps GmbH acts as a controller for patient data collected directly. Dental professionals may act as independent or joint controllers.

Purpose & Legal Basis:

Processing health data for treatment purposes (Art. 9(2)(h) GDPR) and explicit consent (Art. 9(2)(a) GDPR).