You will be asked to provide personal information when joining the practice. The purpose of us processing this data is to provide optimum health care to you.
The categories of data we process are:
- personal data such as your name, date of birth, address, telephone number and email address
- special category data about your dental and general health for the purposes of the delivery of health care including: -clinical records made by dentist and other dental professionals involved with your care and treatment, -x-rays, clinical photographs, digital scans of your mouth and teeth and study models, -medical and dental histories, -treatment plan and consent, -notes of conversations with you about your care, -dates of your appointments, -details of any complaints you have made and how those complaints were dealt with, -correspondence with other professionals or institutions
- details of the fees we have charged, the amounts you have paid and some payment details
- special category data including health records and details of criminal record checks for managing employees and contracted team members
- personal data for the purposes of staff and self-employed team member management
Our data controller and person responsible for security of information we hold is John Swift. He ensures that the practice complies with data protection requirements to ensure that we collect, use, store and dispose your information responsibly.
People with access to your data at the practice include dentists, hygienists, laboratory technicians, other dental professionals involved with your care and treatment and the staff responsible for the management and administration of the practice.
We never pass your personal details to a third party unless we have a contract for them to process data on our behalf and will otherwise keep it confidential. If we intend to refer a patient to another practitioner or to secondary care such as a hospital we will gain your permission before the referral is made and the personal data is shared. We will check your preference for how we contact you about your dental care. Our usual methods are telephone, email or letter.
We share your personal data with:
- people working at the practice
- other dental professionals involved with your care and treatment
- dental laboratories in UK, EU or US
- dental schemes which you are a member
We store your data secured by encryption, password protection, antivirus, firewall, malware softwares, lockable filing system in:
- the practice digital and hard copy format
- other dental professionals involved with your care and treatment
- in the UK and EU laboratories whether in digital or hard copy format
- in the US laboratories in digital format when the data storage company is certified with the EU- US Privacy Shield
- online and external drives back ups
The retention period for special data in patient records is a minimum of 10 years and may be longer for complex records in order to meet our legal requirements. The retention period for staff records is 6 years. The retention periods for other personal data is 2 years after it was last processed. Details of other retention periods are available from the practice.
You have the following personal data rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure (clinical records must be retained for a certain time period)
- The right to restrict processing
- The right to data portability
- The right to object
Here are some examples of your rights:
- If you are a patient of the practice you have the right to withdraw consent for important notifications, newsletters, surveys or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or text. You have the right to obtain a free copy of your patient records. The practice has to supply records within one month of your request.
- If you are not a patient of the practice you have the right to withdraw consent for processing personal data, to have a free copy of it (the practice has to supply it within one month of your request), to correct errors in it or to ask us to delete it. You can also withdraw consent from communication methods such as telephone, email or text.
Comments, suggestions and complaints
Please contact John Swift. We take complaints very seriously.
Related practice procedures
You can also use these contact details to request copies of the following practice policies or procedures:
- Data Protection and Information Security Policy (M 233-DPT), Consent Policy (M 233-CNS)
- Privacy Impact Assessment (M 217S), Information Governance Procedures (M 217C)
Storage and security of your personal informationSecurity
We comply with the standard procedures and requirements as laid down by applicable law to ensure that your personal information is kept secure and we use the latest in Secure Server Technology (SSL – 128bit encryption) to ensure that all of your personal information is protected to the highest standards.
The transmission of information via the internet is not completely secure. Any emails we send or receive may not be protected in transit. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk.
Any passwords that you use must be kept securely. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Additionally, the information that we collect from you may be transferred to, and stored at, a destination outside the UK and the European Economic Area ("EEA"). It may also be processed by our third party suppliers outside of the UK and EEA.Google Analytics
This site uses Google Analytics to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. Google Analytics records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you. Google Analytics also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. Disabling cookies on your internet browser will stop Google Analytics from tracking any part of your visit to pages within this website.
Read Google's overview of privacy and safeguarding data
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. We may also use trusted third-party services that track this information on our behalf.
Most web browsers allow some control of most cookies through the browser settings. Every browser is different, look at your browser's Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some features may be disabled.
We keep our privacy notice under regular review. This privacy notice was last updated on 17th May 2018.