These terms govern the relationship between Polish and dental practices that use our social media management service. A Data Processing Agreement is included as Schedule 1 at the foot of this document.
By submitting the sign-up form or making a payment, you agree to these Terms of Service and the Data Processing Agreement in Schedule 1. If you are signing up on behalf of a dental practice, you confirm you have authority to bind that practice.
Polish provides done-for-you social media management for independent dental practices. This includes content creation, scheduling, review response drafting, monthly reporting, and related support as described in the chosen plan at the time of sign-up.
Plan inclusions are set out on the Polish website at the time of purchase. Polish reserves the right to update plan features with reasonable notice to active clients. Any reduction in core plan features will be communicated with at least 14 days' notice.
Clients are billed monthly in advance for the plan selected at sign-up. The applicable monthly fee becomes due when service begins and then recurs automatically each billing month unless cancelled.
Cancellation may be made via the Stripe billing portal or by emailing hello@getpolished.digital. Cancellation stops future billing at the end of the current billing month unless otherwise required by law.
Polish reserves the right to decline service or sign-up at its discretion where there is a legitimate business, compliance, or capacity reason.
Fees are billed monthly in advance. Payment is processed via Stripe. By providing payment details, you authorise Polish to charge the applicable monthly fee on a recurring basis.
All fees are in GBP and exclusive of VAT where applicable. Invoices are sent by email.
If a payment fails, Polish will notify you and attempt to retry. Access to the service may be suspended after a failed payment remains unresolved for 7 days. Suspension does not relieve the client of the obligation to pay outstanding fees.
There is no minimum contract term. Clients may cancel at any time through the Stripe billing portal made available in the client workspace, or by emailing hello@getpolished.digital.
Cancellation takes effect at the end of the current billing month. Content already created and scheduled for the remainder of that period will be delivered as normal. No partial refunds are given for unused days within a billing month, except where required by law.
On cancellation, Polish will cease scheduling and publishing. Any social media account permissions granted to Polish should be revoked by the client. Polish will delete or return client data in accordance with the Data Processing Agreement.
Polish may suspend access to the service, in whole or in part, if the client breaches these terms, fails to pay fees when due, provides materially inaccurate information, or if continued service delivery would expose Polish to legal or regulatory risk. Polish will give reasonable notice before suspension where practicable and will restore access promptly once the issue is resolved.
Polish will provide content for client review before publication, including via Planable or any replacement approval workflow used by Polish. Clients are responsible for reviewing all content prior to approval. By approving content, the client confirms it is accurate, appropriate for their practice, and compliant with all applicable regulations.
If a client delays approval beyond a reasonable period, Polish is not responsible for missed publishing dates, campaign delays, or reduced posting volume caused by that delay.
Polish produces content in line with General Dental Council (GDC) guidance on social media and advertising, and with the Advertising Standards Authority (ASA) CAP Code where applicable, including avoiding unverifiable claims, not using patient testimonials without proper consent, and not making misleading outcome statements.
However, the dental practice is the regulated entity. The client remains solely responsible for ensuring all published content meets its own regulatory obligations under the GDC, ASA, CQC, and any other applicable body. Polish's adherence to regulatory guidance is a commitment to process, not a guarantee of compliance. Client approval of content constitutes the client's sign-off that the content is suitable for publication under their accounts.
The client agrees to indemnify and hold Polish harmless from any claims, losses, fines, or costs arising from: (a) content that the client has approved for publication; (b) regulatory action taken against the client's practice in connection with approved content; (c) any patient data or other data shared with Polish in breach of the client's obligations; or (d) inaccurate, misleading, or unlawful information provided by the client.
Content created by Polish that has been paid for and approved by the client is owned by the client. Until payment is received in full, Polish retains all rights in unpaid content. Polish retains the right to reference the work in its own portfolio and marketing unless the client requests otherwise in writing.
Brand assets, logos, photography, and other materials provided by the client remain the client's property. The client warrants that it has the right to provide such materials and that their use by Polish will not infringe any third-party rights.
Where the service requires access to the client's social media accounts, the client grants Polish the minimum permissions necessary to perform the agreed work. The client retains ownership of all accounts. Access is revocable at any time by the client.
Both parties agree to keep confidential any non-public information received in connection with the service. This obligation survives termination of the agreement and continues for a period of two years after the end of the service.
Polish does not guarantee specific results including follower growth, patient enquiries, revenue, reach, or engagement. Social media performance depends on many factors outside Polish's control.
To the fullest extent permitted by law, Polish's total aggregate liability to a client in any 12-month period shall not exceed the fees paid by that client to Polish in the same period.
Polish is not liable for indirect or consequential losses, loss of profit, loss of revenue, loss of data, loss of goodwill, platform outages, algorithm changes, account suspensions by third-party platforms, or issues arising from inaccurate, incomplete, or unapproved information provided by the client.
Nothing in these terms limits liability for fraud, death, or personal injury caused by negligence, or any other liability that cannot be excluded or limited under English law.
Neither party shall be liable for any delay or failure to perform its obligations where such delay or failure results from circumstances beyond its reasonable control, including but not limited to acts of God, pandemic, government action, internet or platform outages, power failure, or industrial action. The affected party must notify the other promptly and take reasonable steps to mitigate the effect.
Service delivery may depend on third-party platforms (social networks, scheduling tools, approval tools, payment processors). Polish is not responsible for outages, changes in functionality, data loss caused by those platforms, or policy changes by those platforms.
Notices under these terms must be in writing and sent by email. Notices to Polish should be sent to hello@getpolished.digital. Notices to the client will be sent to the email address provided at sign-up. A notice is deemed received on the business day after sending.
The client may not assign or transfer its rights or obligations under these terms without Polish's prior written consent. Polish may assign these terms to a successor in connection with a merger, acquisition, or sale of all or substantially all of its assets, provided the assignee agrees to be bound by these terms.
If any provision of these terms is found to be invalid or unenforceable by a court of competent jurisdiction, that provision shall be severed and the remaining provisions shall continue in full force and effect.
No failure or delay by either party in exercising any right under these terms shall operate as a waiver of that right, nor shall any single or partial exercise preclude any further exercise of that right.
These terms, together with the Data Processing Agreement in Schedule 1 and any plan description accepted at sign-up, constitute the entire agreement between the parties and supersede all prior discussions, representations, and agreements relating to its subject matter.
These terms are governed by English law. Any disputes will be subject to the exclusive jurisdiction of the courts of England and Wales.
Polish may update these terms. Active clients will be given at least 14 days' notice of material changes by email. Continued use of the service after that notice period constitutes acceptance. If a client does not agree to a material change, the client may cancel the service before the change takes effect without penalty.
Questions about these terms: hello@getpolished.digital
This Data Processing Agreement ("DPA") forms part of the Terms of Service between Polish ("Processor") and the client ("Controller"). It sets out the obligations of both parties under UK GDPR Article 28.
Controller: the dental practice (the client), which determines the purposes and means of processing personal data.
Processor: Polish, which processes personal data on behalf of the Controller.
Personal data, processing, data subject: as defined in the UK GDPR.
Sub-processor: any third-party engaged by Polish to process personal data in connection with the service.
UK GDPR: the General Data Protection Regulation as it forms part of the law of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018, together with the Data Protection Act 2018.
| Item | Detail |
|---|---|
| Subject matter | Social media management services for the Controller's dental practice |
| Duration | For the term of the service agreement, plus any statutory retention periods |
| Nature of processing | Collection, storage, use, disclosure, and deletion of personal data as required to deliver the service |
| Purpose | To create, schedule, and publish social media content; manage review responses; and provide reporting on behalf of the Controller |
| Types of personal data | Names, contact details, social media account credentials, brand assets, and any other data provided by the Controller in connection with service delivery. The Controller must not share patient data with Polish. |
| Categories of data subjects | The Controller's staff and representatives |
Polish (as Processor) agrees to:
The Controller provides general authorisation for Polish to engage the following sub-processors:
| Sub-processor | Processing activity |
|---|---|
| Planable | Content planning, approval, collaboration, and scheduling |
| Stripe | Payment processing, subscriptions, invoices, and billing portal actions |
| Cloudflare | Website hosting, bot protection, session handling, and database infrastructure |
| Cloudinary | Client asset storage and media management |
| Resend | Transactional email notifications |
Polish will notify the Controller of any intended changes to sub-processors with at least 14 days' notice, giving the Controller the opportunity to object. If the Controller objects on reasonable data protection grounds and the parties cannot resolve the objection, the Controller may terminate the service without penalty.
Polish shall impose data protection obligations on each sub-processor by way of a contract that provides at least the same level of protection as this DPA.
Where sub-processors operate outside the UK, Polish will ensure that appropriate transfer safeguards are in place, such as the UK International Data Transfer Agreement (IDTA), Standard Contractual Clauses, or other lawful transfer mechanisms recognised under UK data protection law. Polish will inform the Controller on request of the specific safeguards relied upon for each sub-processor.
Polish implements appropriate technical and organisational measures to protect personal data against accidental loss, destruction, alteration, unauthorised disclosure, or access. These measures include restricted access controls, encrypted storage and transmission, and staff confidentiality obligations. Polish will review and update these measures periodically to maintain an appropriate level of security.
In the event of a personal data breach affecting data processed on behalf of the Controller, Polish will notify the Controller without undue delay and in any event within 72 hours of becoming aware of the breach. The notification will include, to the extent available: the nature of the breach, the categories and approximate number of data subjects and records affected, the likely consequences of the breach, and the measures taken or proposed to address the breach and mitigate its effects.
Polish will cooperate with the Controller and take reasonable steps to assist in the investigation, mitigation, and remediation of any such breach.
The Controller agrees to:
This DPA shall remain in effect for the duration of the service agreement. Upon termination, Polish will comply with its obligations under DPA 3 regarding deletion or return of personal data. The provisions of this DPA that by their nature should survive termination (including confidentiality, breach notification cooperation, and audit rights) shall continue to apply.
This DPA is governed by English law and forms an integral part of the Terms of Service.