This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data, and keep it safe.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
We take your data very seriously and so will continue to review our activities in this area and update the policy as necessary. We’ll notify you of any significant changes, or you can visit this page to see our policy at any time.
- What does the law say?
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our organisation and which does not materially impact your rights, freedom or interests.
When do we collect your personal data?
- When you visit our website.
- When you contact us by any means with questions, information requests etc.
- When you complete a patient feedback survey on our website.
We will ensure that this information is processed in a lawful manner and is only used for relevant and necessary purposes.
What sort of personal data do we collect?
Data collected via our website is your IP address.
If we publish a photo of individuals on the website, it will be with their permission.
If you contact us via the email published on the website, we will collect your email address for the specific purpose of correspondence with us.
How and why do we use your personal data?
We only use your personal data for the purposes of interacting with you on our website and responding to correspondence/queries by email via the website.
Where we use personal data to manage your clinical care this is covered by our access to data statement published on our website.
We will ensure that your data is kept secure and take all appropriate steps to protect it.
We will put in a place a range of measures and data security protocols to ensure that your data is kept safe and secure, including keeping all data password protected.
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. We will tell you how long this is, when we initially collect your information.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis of patient surveys.
- Who do we share your personal data with?
We will not share your data with third parties unless it is important for your clinical care. This is covered in our access to health records.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- Hospitals, when you are receiving care under general anesthetic.
- What are your rights over your personal data?
An overview of your different rights
You have the right to request:
Access to the personal data we hold about you, free of charge in most cases.
The correction of your personal data when incorrect, out of date or incomplete.
You have the right to request a copy of any information about you CDS CIC holds at any time, and also to have that information corrected if it is inaccurate. To ask for your information, please contact:
Data Protection Officer
Community Dental Services CIC
Bedfordshire MK44 1LZ
Tel: 0333 207 5992
If we choose not to action your request we will explain to you the reasons for our refusal.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
- Contacting the Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113.
Or go online to www.ico.org.uk
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence. Details can be found in Section 16.