Effective Date: June 5, 2026
Last Updated: June 5, 2026
This Privacy Policy describes how Invadent LLC ("Invadent," "we," "our," or "us"), a Colorado limited liability company, collects, uses, shares, and protects information when you use the Invadent software platform, including the Invadent website at invadent.com, any related subdomains, mobile interfaces, and all associated services (collectively, the "Service").
By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.
This Privacy Policy is incorporated by reference into our Terms of Service. Capitalized terms not defined here have the meanings given in the Terms of Service.
This Privacy Policy applies to:
Invadent is intended for use only by individuals located in the United States who are at least eighteen (18) years of age. We do not knowingly collect information from children, and the Service is not directed to children. See Section 9.
We collect information in three main ways: information you provide directly, information we collect automatically, and information from third parties.
When you create an account and use the Service, you may provide:
Account Information: - Your name; - Email address; - Phone number (optional); - Password (stored in hashed form, never in plain text); - Your role at your Practice.
Practice Information: - Practice name; - Practice address; - Practice contact information; - Number of operatories; - Other practice-related details you provide.
Payment Information: - Billing address; - Payment card details (collected and processed by Stripe; we do not store full card numbers on our servers).
Inventory and Compliance Data ("Customer Data"): - Inventory items, descriptions, quantities, and reorder thresholds; - Lot numbers, expiration dates, and product identifiers; - Spore test records and uploaded spore test images; - Safety Data Sheets (SDS) and other compliance documents; - Waterline test records; - Invoice images you upload for AI-assisted processing; - Notes, tags, and other content you create within the Service.
Communications: - Emails you send to us; - Support requests; - Feedback and survey responses; - Other communications you choose to send.
When you use the Service, we may automatically collect certain technical and usage information:
Technical Information: - IP address; - Browser type and version; - Operating system; - Device information (e.g., desktop, tablet, mobile); - Referring URLs.
Usage Information: - Pages visited within the Service; - Features used; - Actions taken (e.g., scans performed, items added, reports generated); - Time and date of activity; - Session duration; - Error logs and performance data.
Cookies and Similar Technologies: We use cookies and similar technologies to operate the Service. See Section 6 for details.
We may receive information about you from third parties, including:
Invadent is not designed to collect Protected Health Information (PHI) as defined by HIPAA. We do not knowingly collect, and you may not upload, any of the following:
If you mistakenly upload information of this nature, please contact us immediately at hello@invadent.com so we can address the situation.
We use information for the following purposes:
We share information only as described below. We do not sell your personal information to third parties.
We share information with third-party service providers who help us operate the Service. These providers are contractually obligated to protect your information and use it only as necessary to provide their services. Our primary service providers include:
Amazon Web Services (AWS) — Hosting, data storage, and email delivery - AWS hosts our servers, stores your Customer Data, and delivers transactional emails on our behalf - AWS is bound by its own privacy and security commitments - For more information: https://aws.amazon.com/privacy/
Anthropic — AI features through the Claude API - When you use AI-powered features (such as invoice scanning or spore test image analysis), the relevant content is sent to Anthropic for processing - Anthropic does not train its models on data submitted through API requests - For more information: https://www.anthropic.com/legal/privacy
Stripe — Payment processing - Stripe collects and processes payment card information for subscription billing - Stripe is PCI-DSS compliant and uses industry-standard security - For more information: https://stripe.com/privacy
Calendly — Scheduling - If you book a meeting with us through Calendly, your scheduling information is processed by Calendly - For more information: https://calendly.com/privacy
We may disclose information when we believe in good faith that disclosure is necessary to:
If Invadent is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you (by email and/or by prominent notice on the Service) of any change in ownership or use of your information.
We may share information with your consent or at your direction, including when you choose to connect third-party services to your Invadent account.
We may share aggregated and de-identified data (data that cannot reasonably be used to identify you or your Practice) for any lawful purpose, including industry research, marketing, and product development.
We retain your Customer Data for as long as your account is active and as needed to provide the Service.
If your trial expires or your subscription is canceled, we retain your data on the following timeline:
Before deletion, we will send notification emails to the email address on file. You are responsible for exporting any data you wish to retain.
You may request deletion of your account and associated data at any time by contacting hello@invadent.com. We will process the request within a reasonable time, subject to:
We maintain encrypted backups of our systems for disaster recovery. Backups are retained on a rolling basis (typically 30 to 35 days) and are encrypted at rest. Deleted data may persist in backups for this period before being permanently removed through backup rotation.
We may retain records of communications between you and Invadent (emails, support tickets) for a reasonable period to maintain support history, even after your account is deleted.
The Service uses cookies and similar technologies for:
Essential Cookies: - Session management (keeping you logged in); - Security (protecting against cross-site request forgery); - Load balancing (routing requests across servers).
Functional Cookies: - Remembering your preferences and settings; - Maintaining navigation state.
Analytics Cookies (if and when implemented): - Understanding how users interact with the Service; - Identifying performance issues; - Improving features.
Most browsers allow you to control cookies through settings. You can:
Disabling essential cookies may prevent the Service from functioning properly.
Some browsers offer a "Do Not Track" signal. We currently do not respond to Do Not Track signals because there is no industry consensus on how to interpret them.
We take reasonable measures to protect your information, including:
Despite our efforts, no security system is impenetrable. We cannot guarantee the absolute security of your information. You are responsible for:
If we become aware of a security incident affecting your information, we will notify you without undue delay, consistent with applicable law.
You can access and update most of your account information through the Service's account settings. If you need help accessing or correcting information that is not editable, contact us at hello@invadent.com.
You can export your Customer Data at any time through the export features built into the Service. Exports include inventory records, compliance documents, and uploaded files in standard formats.
You can request deletion of your account by contacting hello@invadent.com. See Section 5.3 for details on what happens during deletion.
You can unsubscribe from marketing emails (such as newsletters or product announcements) by clicking the unsubscribe link in any marketing email or by emailing hello@invadent.com. You cannot opt out of essential Service-related communications (such as billing notices, security alerts, and operational notifications) while you maintain an account.
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including:
To exercise these rights, contact hello@invadent.com. We may verify your identity before responding to your request.
If you are a resident of a state with applicable comprehensive privacy laws (such as Colorado, Connecticut, Utah, Virginia, or others as enacted), you may have similar rights regarding access, correction, deletion, and opt-outs. To exercise these rights, contact us at hello@invadent.com.
The Service is not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will delete it promptly.
If you believe a child has provided us with personal information, please contact us at hello@invadent.com.
The Service is hosted in the United States and intended for users located in the United States. If you access the Service from outside the United States, your information will be transferred to, stored in, and processed in the United States, which may have data protection laws different from your jurisdiction.
By using the Service, you consent to this transfer and processing. Currently, we do not offer the Service to users in the European Union or other jurisdictions with comprehensive cross-border data transfer restrictions.
The Service may contain links to third-party websites, services, or applications that are not operated by Invadent. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you interact with.
We may update this Privacy Policy from time to time. When we make material changes, we will:
Material changes take effect thirty (30) days after notice is provided, unless a longer period is required by law. Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.
If you do not agree to a material change, your sole remedy is to cancel your subscription and stop using the Service before the change takes effect.
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Invadent LLC 332 S Orchard Springs Dr., Suite #110 Pueblo West, CO 81007 Email: hello@invadent.com
We will respond to legitimate requests within a reasonable time, typically within thirty (30) days.
By using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.