Yafa FixBack to home

Privacy Policy

Last updated: June 26, 2026

This Privacy Policy explains how [Yafa Fix legal entity name] (“Yafa Fix,” “we,” “us”) collects, uses, and shares information when you use the Yafa Fix web application and mobile apps (collectively, the “Service”). Yafa Fix is a service-operations platform used by dental practices and our field technicians to manage equipment maintenance, service requests, loaner devices, invoices, and payments.

1. Information we collect

We collect the following categories of information:

  • Account information — your name, email address, phone number, profile photo, role, and the office/practice you belong to.
  • Office & service data — practice and branch details, service requests, appointments, equipment/asset records, loaner reservations, comments, and uploaded photos or signatures.
  • Location data — for Yafa Fix technicians only, we record GPS coordinates at clock-in/clock-out and during on-site work sessions to verify service visits and surface a live operations map. We do not track customer locations.
  • Payment information — when you pay an invoice, card details are collected and processed directly by our payment processor (Stripe). We never receive or store full card numbers; we retain only a payment record (amount, method, status, and a processor reference).
  • Device & notification data — push-notification tokens, device type, and app/usage logs needed to deliver alerts and keep the Service reliable.

2. How we use information

  • To provide, operate, and secure the Service.
  • To create and route service requests, projects, loaners, invoices, and payments.
  • To send transactional messages (e.g., invoice notifications, estimate links, account emails) and push notifications you have not disabled.
  • To verify field work and prevent fraud or abuse.
  • To provide customer support and respond to your requests.
  • To comply with legal obligations and enforce our Terms.

3. How we share information

We do not sell your personal information. We share it only as needed to run the Service:

  • Within your organization — staff and managers in your office see the requests, invoices, and people associated with that office, according to their role and permissions. Office staff cannot see financial data unless granted access.
  • Service providers (subprocessors) — we rely on Supabase (database, authentication, and file storage), Stripe (payment processing), Resend (transactional email), Google Firebase Cloud Messaging (push notifications), and Google Maps (directions). Each processes data only on our instructions.
  • Legal & safety — when required by law, or to protect the rights, property, or safety of Yafa Fix, our users, or the public.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this Policy.

4. Data retention

We retain information for as long as your account is active and as needed to provide the Service, comply with our legal and tax obligations, resolve disputes, and enforce our agreements. You may request deletion of your account as described below; some records (e.g., invoices and payments) may be retained where required by law.

5. Security

We protect information using row-level access controls scoped to your office, encryption in transit, and least-privilege access for our staff. Payment card data is handled entirely by Stripe (PCI-DSS Level 1). No method of transmission or storage is 100% secure, but we work to protect your information and continuously improve our safeguards.

6. Your rights & choices

  • Access & correction — you can view and update most profile information in the app, or contact us for help.
  • Notifications — you can disable push notifications in your device settings or your in-app notification preferences.
  • Deletion — you may request deletion of your account and associated personal data by contacting us.
  • State privacy rights — depending on your U.S. state of residence, you may have additional rights to access, delete, or limit the use of your personal information. We honor verified requests as required by applicable law.

7. Children’s privacy

The Service is intended for business use by dental practices and Yafa Fix personnel and is not directed to children under 13. We do not knowingly collect personal information from children.

8. International users

The Service is operated from the United States. If you access it from outside the U.S., you understand your information will be processed in the United States, where data-protection laws may differ from those in your country.

9. Changes to this Policy

We may update this Policy from time to time. We will post the updated version here and revise the “Last updated” date. Material changes will be communicated through the Service or by email.

10. Contact us

Questions about this Policy or your information? Contact us at [privacy@yafafix.com], or by mail at [Company mailing address, Virginia, USA].