Online Privacy

Privacy Policy

How we collect, use, and protect your information when you visit our website and use our online services.

We do not sell your personal information. Your data is handled transparently and in accordance with California privacy laws.
Effective Date: May 15, 2026
Last updated: May 15, 2026 (v2 — switched to Plausible Analytics)

Introduction

Dr. Alan S. Lee, DDS ("we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and protect information when you visit our website at dralanlee.com (the "Site"), use our online services, or interact with our practice digitally.

This Privacy Policy applies to our website and online services only. For information about how we handle your protected health information (PHI) in our dental practice, please see our HIPAA Notice of Privacy Practices.

Data Collection

Information We Collect

Information You Provide Directly

When you use our website, you may voluntarily provide us with the following types of information:

  • Contact Information: Name, email address, phone number, and mailing address when you fill out contact forms, appointment requests, or subscribe to communications.
  • Appointment Requests: Preferred dates, times, and service types when you request an appointment through our online scheduling system.
  • Health Information: Limited health information you voluntarily provide through our HIPAA-compliant forms (processed by JotForm). This information is handled in accordance with our HIPAA Notice of Privacy Practices.
  • Feedback and Communications: Messages, reviews, or feedback you submit through our website or contact forms.

Information Collected Automatically

When you visit our website, certain information is collected automatically:

  • Device and Browser Information: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage Data: Pages visited, time spent on pages, links clicked, referring URLs, and navigation patterns through our website.
  • Cookies and Similar Technologies: Small data files stored on your device that help us analyze web traffic and improve your experience. See our Cookies section below for details.

Information from Third-Party Services

We may receive information from third-party services that help us operate and improve our website:

  • Plausible Analytics: We use Plausible Analytics to understand how visitors interact with our website. Plausible is a privacy-first analytics service that does not use cookies, does not collect personal data, and is fully compliant with HIPAA, GDPR, and CCPA. Plausible collects only anonymous, aggregated page view data — no personally identifiable information is ever collected or stored. For more information, visit Plausible's Privacy Policy.
  • JotForm: Our HIPAA-compliant forms are powered by JotForm, which processes form submissions in accordance with HIPAA requirements. JotForm's data processing is governed by a Business Associate Agreement (BAA). For more information, visit JotForm's Privacy Policy.
  • Cloudflare: We use Cloudflare for website security, performance optimization, and analytics. Cloudflare may collect IP addresses and other technical data for security and performance purposes. Cloudflare's data processing is governed by a Data Processing Agreement (DPA). For more information, visit Cloudflare's Privacy Policy.
Our Purpose

How We Use Your Information

Dental Care Services

To process appointment requests, communicate about your dental care, and provide services you have requested.

Website Improvement

To analyze website usage patterns, improve our website's functionality and content, and enhance your browsing experience.

Communication

To respond to your inquiries, send appointment reminders, and provide information about our services.

Security

To protect our website from unauthorized access, ensure the security of our systems, and comply with legal obligations.

Tracking

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. You can control cookies through your browser settings. Our use of cookies includes:

Essential Cookies

Required for the website to function properly. These include session cookies for form submissions and security features, as well as your cookie consent preference. These cannot be disabled.

Analytics (Cookie-Free)

Used by Plausible Analytics to help us understand how visitors interact with our website. Plausible is privacy-first, cookie-free, and does not collect personal data. No opt-out is necessary because no personal information is tracked. Because Plausible does not use cookies, this analytics category does not require consent.

Security Cookies

Used by Cloudflare to protect our website from malicious traffic, DDoS attacks, and other security threats. These are essential and cannot be disabled.

For more information about how Plausible handles data, please visit Plausible's privacy-focused approach. We do not sell your personal information to third parties.

Protection

Data Security Measures

SSL/TLS Encryption

All data transmitted between your browser and our website is encrypted using industry-standard TLS (Transport Layer Security) encryption.

Cloudflare WAF

Our website is protected by Cloudflare's Web Application Firewall, which blocks malicious traffic and helps prevent data breaches.

HIPAA-Compliant Forms

All patient forms on our website are processed through JotForm under a Business Associate Agreement (BAA), ensuring HIPAA-compliant data handling.

Regular Security Audits

We conduct regular security assessments and maintain current security protocols to protect against emerging threats.

While we implement appropriate security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information to the best of our ability.

HIPAA Compliance

Our dental practice is fully HIPAA compliant. Protected health information (PHI) collected through our practice — whether in person, by phone, or through our HIPAA-compliant online forms — is governed by our HIPAA Notice of Privacy Practices. This Privacy Policy covers only website and online data, which is separate from your dental health records.

California Residents

Your Rights Under CCPA/CPRA

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you additional rights regarding your personal information:

Right to Know

You have the right to know what personal information we collect, how we use it, and with whom we share it. This Privacy Policy serves as our disclosure of that information.

Right to Delete

You have the right to request that we delete any personal information we have collected from you, subject to certain exceptions (such as information needed to complete a transaction or comply with legal obligations).

Right to Opt Out of Sale

We do not sell your personal information. You have the right to opt out of the sale of your personal information. Since we do not sell personal information, no action is needed on your part.

Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights. You will receive the same quality of service regardless of whether you exercise your privacy rights.

Right to Limit Use of Sensitive Information

Under CPRA, you have the right to limit our use and disclosure of your sensitive personal information to what is necessary to perform the services we provide.

Right to Correct

Under CPRA, you have the right to request correction of inaccurate personal information we maintain about you.

To exercise your CCPA/CPRA rights: Submit a request by any of the following methods:

We will respond to your request within 45 days, as required by law. You may also designate an authorized agent to submit a request on your behalf.

Your Privacy Choices

Do Not Sell or Share My Personal Information: We do not sell or share for cross-context behavioral advertising any personal information we collect. No opt-out is needed because this activity does not occur.

Limit the Use of My Sensitive Personal Information: Under CPRA, you have the right to limit our use of your sensitive personal information to what is necessary to perform the services you request. We only use sensitive information (including health information) as necessary to provide dental services, process appointments, and comply with legal obligations such as HIPAA.

Global Privacy Control (GPC): We honor the Global Privacy Control signal. If your browser sends a GPC signal, we will treat it as a request to opt out of the sale or sharing of your personal information and limit the use of your sensitive personal information. Since we do not sell or share personal information for advertising, enabling GPC will not change your experience on our site, but we respect and process the signal regardless.

Do Not Track (DNT): Some browsers send a "Do Not Track" signal. There is currently no industry standard for how websites should respond to this signal. Because we use Plausible Analytics (which does not track individual users, does not use cookies, and collects no personally identifiable information) and do not engage in cross-site tracking, our practices are consistent with the intent of DNT signals regardless.

Notice at Collection

In accordance with the California Online Privacy Protection Act (CalOPPA) and the California Consumer Privacy Act (CCPA/CPRA), we provide this Notice at Collection to inform you about the personal information we collect when you visit our website or use our online services.

What We Collect

When you visit our website, we collect:

  • Information you provide: Name, email, phone number, appointment preferences, and health information when you fill out our contact forms, appointment requests, or HIPAA-compliant intake forms.
  • Information collected automatically: IP address, browser type, device type, pages visited, and referring URLs. We use Plausible Analytics for this purpose, which does not use cookies and collects only anonymous, aggregated data — no personally identifiable information.
  • Health information: Protected health information (PHI) submitted through our HIPAA-compliant forms is governed by our HIPAA Notice of Privacy Practices, not this Privacy Policy.

How We Use It

We use your information to:

  • Respond to your inquiries and schedule appointments
  • Provide dental care and related services
  • Improve our website and patient experience
  • Comply with legal obligations (HIPAA, CCPA, etc.)

Retention

We retain personal information only as long as necessary for the purposes described above, or as required by law (e.g., HIPAA requires dental records to be retained for a minimum of 7 years in California). Anonymous analytics data is retained for up to 13 months.

Your Rights

California residents have the right to: access, correct, delete, and limit the use of their personal information. See our full Privacy Policy for details.

Data Retention & Contact

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law (such as HIPAA record retention requirements for health information).

For questions about this Privacy Policy or our data practices, please contact:

Dr. Alan S. Lee, DDS
715 N Main St, Manteca, CA 95336
Phone: (209) 239-2990
Email: [email protected]

We may update this Privacy Policy from time to time. We will post any updates on this page with a revised effective date. We encourage you to review this page periodically for the latest information.

Related Policies

More Legal Information

Review our other legal and compliance documents for complete transparency.

HIPAA Notice Terms of Service