Privacy Policy
How information is collected, used, and protected within Seraph — the academic-clinical operating system for university dental faculties.
Our commitment: Seraph is operated by Tomorrow S.A.R.L. as a governed platform for academic dental institutions. We are committed to protecting the privacy and security of the personal, academic, and clinical information processed on behalf of the institutions we serve, in line with applicable data-protection laws and the agreements we hold with each institution.
1. Scope of This Policy
This policy explains how Tomorrow S.A.R.L. ("we", "us") handles information in connection with the Seraph platform and the Seraph marketing website. Seraph is used by university dental faculties, dental schools, and academic dental clinics. Within those institutions, the platform processes information about students, faculty, supervisors, administrative staff, and patients treated in academic clinical settings.
For most institutional data, the academic institution is the data controller and Tomorrow S.A.R.L. acts as a data processor under a written agreement. This policy describes our general practices and applies in addition to those institutional agreements.
2. Information We Collect
Account & Contact Information
When you request a demo or interact with us directly, we may collect:
- Name, email address, phone number, and job title
- Institution or faculty name and details
- Professional role and credentials
- Communication preferences and demo requests
Institutional & Clinical Data
When the platform is used by an academic dental institution, we may process the following on the institution's behalf and under its instructions:
- Student, faculty, and staff records relevant to academic and clinical activity
- Patient records and clinical data managed within the academic clinic
- Treatment plans, procedures, approvals, and supervision history
- Scheduling, session, and clinic operations data
- Billing and financial records related to clinic services
Technical Information
- IP addresses, browser type, and device information
- Website usage patterns and analytics
- System logs and performance data
- Cookies and similar technologies
3. How We Use Information
We use information for the following purposes:
- Providing, maintaining, and improving the Seraph platform
- Processing demo requests and responding to enquiries
- Supporting academic governance, supervision, scheduling, and clinic operations
- Providing assisted documentation and training support, which operates as assisted intelligence and never makes autonomous clinical decisions
- Ensuring platform security and preventing unauthorized access
- Complying with legal and contractual obligations
- Performing research and product development using anonymized or aggregated data only
4. Our Role as a Processor
Data processing agreements: For institutional and clinical data, Tomorrow S.A.R.L. acts as a data processor and will enter into appropriate data processing agreements with each institution, processing information only on documented instructions and for the purposes defined by that institution.
Our safeguards include:
- Administrative, physical, and technical controls
- Access controls and user authentication
- Audit logs and monitoring
- Encryption of data in transit and at rest
- Regular security review and staff training
- Incident response and notification procedures
5. Data Sharing and Disclosure
We do not sell personal, academic, or clinical information. We may share information only in the following circumstances:
- On institutional instruction: as directed by the academic institution that controls the data
- With your consent: when you explicitly authorize disclosure
- Service providers: with vendors who support platform operations under strict confidentiality and data-protection terms
- Legal requirements: when required by law or valid legal process
- Business transfers: in the event of a merger or acquisition, with continued privacy protections
6. Data Security
We apply layered security measures, including:
- Encryption of data in transit and at rest
- Role-based access controls and multi-factor authentication
- Regular security assessment and testing
- Ongoing monitoring and threat detection
- Secure, access-controlled infrastructure
7. Data Retention
We retain information for as long as needed to provide the platform and to meet legal and contractual obligations:
- Account & contact information: for as long as necessary to provide and support the service
- Institutional & clinical data: in line with the institution's instructions and applicable record-retention requirements
- Technical logs: typically retained for a limited period for security and performance analysis
- Marketing data: until you opt out or request deletion
8. Your Rights
Subject to applicable law and the relevant institutional agreement, you may have the right to:
- Access: request a copy of your personal information
- Correction: request correction of inaccurate information
- Deletion: request deletion of your personal information
- Portability: request transfer of your data
- Opt-out: unsubscribe from marketing communications
- Restriction: request limitation of processing
Where data is controlled by an academic institution, such requests are generally directed to that institution, and we will support it in responding.
9. International Data Transfers
Information may be processed in locations where we or our service providers operate. Where data is transferred across borders, we put appropriate safeguards in place consistent with applicable data-protection law.
10. Children's Privacy
The Seraph platform is intended for use by academic dental institutions and their authorized users, not for direct use by children. Any information about minors who are patients within an academic clinic is processed solely on behalf of, and under the instructions of, the institution.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will indicate the date of the most recent revision above and, where appropriate, notify affected institutions of material changes.
12. Contact Us
Privacy enquiries
For questions about this Privacy Policy or to exercise your rights, contact us:
Email: samir@tomorrow.services
Operated by: Tomorrow S.A.R.L.
For institutions: if you are an academic dental institution evaluating Seraph, contact us to discuss data processing agreements and the privacy protections specific to your deployment.
See Seraph in your institution's context
Request a demo to see how Seraph governs academic, clinical, and operational data in one platform.
Request a Demo