Sign In Join Waitlist

Mandible Privacy Policy

Effective date: June 10, 2026

This Privacy Policy explains how WeirdBrains, the company that operates Mandible ("Mandible," "we," "us," or "our"), collects, uses, and shares information in connection with the Mandible applications, websites, and related services (the "Services"). The Services are built for dental professionals. By using the Services, you agree to this Privacy Policy and our Terms of Service.

Summary (the full policy controls):

  • We collect the information you give us (profile, credentials, cases, posts) and basic usage and device information.
  • Clinical content you post must already be de-identified; the platform is not for identifiable patient information.
  • AI features process the images and case information you submit in order to generate suggestions for your review. Our cloud AI provider operates under a business associate agreement with us and is configured so that your content is not used to train the provider's models.
  • We develop and improve our own AI using only data that has been de-identified consistent with the HIPAA Safe Harbor standard. We do not use identifiable information to train AI models, and we do not sell your personal information.
  • You can access, update, and delete your information. Material changes to our data practices apply going forward, not retroactively.

1. Information We Collect

Information you provide:

  • Account and profile information: name, email address, password, professional credentials and affiliations (such as position, education, residency, and license or NPI information you choose to provide), profile photo, location (city and state), and bio.
  • Content you create: cases and case information (titles, descriptions, images such as radiographs, procedure codes, tooth charting information, captions), comments, messages, posts in spaces, and your confirmations or corrections of AI suggestions.
  • Communications with us, such as support requests, and information you submit on our waitlist or signup forms.
  • Payment information, if you purchase paid features: payments are processed by our payment processor (Stripe); we receive transaction records but do not store full card numbers.

Information collected automatically:

  • Usage information: pages and features used, actions taken, and interaction with content.
  • Device and technical information: IP address, device and browser type, operating system, app version, identifiers needed to deliver push notifications, and log data.
  • Location: with your permission, your device location while you are using the app, used to power location-based discovery such as finding colleagues and practices near you. You can turn off location access at any time in your device settings.
  • Error and performance data: crash reports and diagnostics that help us fix problems.

We do not ask for, and you must not submit, identifiable patient information. Clinical content must be de-identified before posting, as described in our Terms of Service.

2. How We Use Information

  • To provide and operate the Services: accounts, profiles, case sharing, community features, messaging, notifications, and support.
  • To provide AI features: when you use an AI feature, the images and case information you submit are processed to generate output for your review, such as suggested tooth numbering and notation of existing dental work. AI suggestions are administrative assistance only; you review and confirm or correct them.
  • To create and use de-identified data: we may create de-identified versions of content consistent with the HIPAA Safe Harbor standard (45 C.F.R. § 164.514(b)), including removing identifier categories and screening images for embedded identifying information. We use de-identified data for research, analytics, benchmarking, service improvement, and the development and training of machine-learning models and new features. We do not use identifiable information to train AI models.
  • To communicate with you: service messages, notifications you have enabled, and product updates. You can manage notification preferences and opt out of non-essential communications.
  • To keep the Services safe: security, fraud and abuse prevention, enforcing our Terms, and verifying professional credentials.
  • To improve the Services: internal analytics, debugging, and research on how features are used.
  • To comply with law and to establish, exercise, or defend legal claims.

3. How We Share Information

We do not sell your personal information, and we do not share it with third parties for their own advertising.

  • Other users: your profile and the content you post are visible to other users according to the feature you use and your sharing settings. Community content should be treated as not confidential.
  • Service providers (processors): companies that process information on our behalf under contractual protections, currently including: Google Cloud Platform (hosting, storage, databases, and AI infrastructure, under a business associate agreement with us; our cloud AI is configured so that your content is not used to train the provider's models), OneSignal (push notifications and transactional email), Sentry (error and crash reporting), Google Maps (map display for location-based discovery), and Stripe (payment processing). We share with each provider only what it needs to perform its service.
  • De-identified and aggregated information: we may use and share information that does not identify you or any patient, such as aggregate statistics and de-identified datasets, as described in Section 2 and our Terms of Service.
  • Legal and safety: if required by law or legal process, or to protect the rights, safety, or property of Mandible, our users, or the public.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, with notice to you and subject to this policy's commitments, including the prospective-only rule in Section 8.

4. Your Choices and Rights

  • Access and update: you can view and edit your profile and content in the app.
  • Deletion: you can request account deletion at any time by contacting us or using in-app controls. We will delete or de-identify your information as described in Section 5.
  • Notifications: you can manage push and email preferences in settings or via unsubscribe links.
  • State privacy rights: depending on where you live, you may have rights to access, correct, delete, or obtain a copy of your personal information, and to not be discriminated against for exercising them. We honor applicable rights; contact us at team@mandible.io and we will verify and respond as required by law.

5. Data Retention

We retain personal information for as long as your account is active and as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. When you delete content or your account, we delete or de-identify your information within a commercially reasonable period, except that we may retain: records required by law or for legitimate business purposes such as security and completion of backup cycles; content other users have legitimately interacted with, which may be reattributed to a deleted-account placeholder; and de-identified data, which does not identify you or any patient and may be retained and used as described in Section 2.

6. Security

We use administrative, technical, and physical safeguards designed to protect information, including encryption in transit and at rest, access controls, audit logging, and infrastructure hosted on Google Cloud Platform under a business associate agreement. No system is perfectly secure; please use a strong password and notify us at team@mandible.io of any suspected unauthorized access.

7. Children

The Services are for professional use by adults. We do not knowingly collect information from anyone under 18. If you believe a minor has provided us information, contact us and we will delete it.

8. Changes to this Policy

We may update this Privacy Policy. If a change is material, we will notify you at least 30 days before it takes effect, by email or in-app notice, and where the change involves a new or materially expanded use of previously collected information, we will ask for your affirmative consent before applying it to that information. New data practices otherwise apply prospectively.

9. Contact Us

Questions about this Privacy Policy or your information: team@mandible.io