The practice aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the guidelines on the Information Commissioner’s Website as well as our professional guidelines and requirements
The Data Controller is Agnes Powell and in NHS Practices, the Data Protection Officer.
This privacy notice is available by email if you contact powelldental [email protected] or by calling 01522 520997.
You will be asked to provide personal information when joining the practice. The purpose of us processing this data is to provide optimum health care to you.
The categories of data we process are :
- Personal data for the purposes of staff and self employed team member management
- Personal data for the purposes of direct mail/ email/text marketing
- Special category data including health records for the purpose of the delivery of health care.
- Special category data including health records and details of criminal record checks for managing employees and contracted team members.
We never pass your personal details to a third party unless we have a contract with them to process data on our behalf and will otherwise keep it confidential. If we intend to refer a patient to another practitioner or to a secondary care such as a hospital we will gain the individuals permission before the referral is made and the personal data is shared.
- Personal data is stored in the EU whether in digital or hard copy format.
- Personal data is stored in the US in digital format when the data storage company is certified with the EU-US Privacy Shield.
- Personal data is obtained when a patient joins the practice, when a patient is referred to the practice and when a patient subscribes to an email list.
The lawful basis for processing special category data such as patients and employees health data is :
- Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State Law or a contract with a health professional.
The lawful basis of processing personal data such as name, address, email or phone number is:
- Consent of the data subject
- Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
The retention period for special data in patient records is a minimum of 10 years and may be longer for complex records in order to meet our legal requirements. The retention period for staff records is 6 years. The retention periods for other personal data is 2 years after it was last processed. Details of other retention periods are available in the Record Retention procedure M215 from the practice. You have the following personal data rights:
- The right to be informed
- The right of access
- The right of rectification
- The right to erasure (clinical records must be retained for a certain period of time)
- The right to restrict processing
- The right to data portability
- The right to object.
Further details of these rights can be seen in our Information Governance Procedures M217C or at the Information Commissioner’s website. Here are some practical examples of your rights:
- If you are a patient of the practice you have the right to withdraw consent for important notifications, newsletters, surveys, or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or texts. You have the right to obtain a free copy of you patient records within one month.
- If you are Not a patient of the practice you have the right to withdraw consent for processing personal data, to have a free copy of it within one month, to correct errors in it or to ask us to delete it. You can also withdraw consent from communication methods such as telephone, email or text.
We have carried out a Privacy Impact Assessment M217Q and you can request a copy from the details below.
The details of how we ensure security of personal data is in our Security Risk Assessment- M217M and Information Governance Procedures M217C.
Comments, Suggestions and Complaints
Please contact Agnes Powell or Julie Wroe. We take complaints very seriously.
If you are unhappy with our response or if you need any advice you should contact the ICO office. Their telephone number is 0303 123 1113, you can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who has misused personal data. You can also visit their website for information on how to make a date protection complaint.
Related practice procedures.
You can also use these contact details to request copies of the following practice policies or procedures:
- Data Protection and Information Security Policy M233-DPT
- Consent Policy M233-CNS
- Privacy Impact Assessment M217-S
- Information Governance Procedures M217-C
Privacy Notice for Children
The practice keeps records of your name, address, date of birth and details of any health problems as well as details of your dental treatment. We keep this information so that we can provide you with the best dental care.
Your personal information is kept very confidentially and securely.
We only use your personal information so we can give you the best dental care and for sending reminders to you.
We only pass your personal information to another dentist, doctor or hospital if you have a problem that needs their special skills and you need to go and see them. We will not give your information to anyone else unless the law allows us to.
If you leave the practice, we will stop using your information, but will keep it confidentially and securely until you are 25 years old, when we will review if and when we can delete it. You can always ask for a copy of the information we hold for you, we can transfer it to another dentist or doctor at your request and you can ask us to stop sending you letters if you stop being a patient at the practice.
When you reach 18 years of age the Privacy Notice about how we can process your personal information will change to the adult version. This can be found in our website.
If you would like a copy of the information we hold about you or if you have any other enquiries about it please contact the Practice Manager Julie Wroe
Tel 01522 520997
Cookies in use on this website
Cookies and how they benefit you
Our cookies help us:
- Make our website work as you’d expect
- Remember your settings during and between visits
- Improve the speed/security of the site
- Personalise our site to you to help you get what you need faster
- Continuously improve our website for you
- Collect any personally identifiable information (without your express permission)
- Collect any sensitive information (without your express permission)
- Pass data to advertising networks
- Pass personally identifiable data to third parties
You can learn more about all the cookies we use below
More about our cookies
Website cookies (necessary)
We use general purpose cookies to make our website work and help us tailor content to your needs. There is no way to prevent these cookies being set other than to not use our site.
w3tc_referrer – used to store a session ID needed to help our website’s performance. It expires at the end of your session.
PHPSESSID – used by our website to identify a specific user session. It expires at the end of your session.
cfduid – used to protect our website from security threats and to improve its performance. It is set by CloudFlare service.
cc_analytics – used to store information on consent to store Google Analytics cookies on your computer.
cc_necessary – used to store information on necessary cookies.
Visitor Statistics Cookies
Cookies starting with __utm – cookies used by Google Analytics. It helps us to understand how our website is being used. You will have an option to disable these first time you visit our website. If you change your mind at any time, you can modify your preference by clicking link at the bottom of this page.
Turning cookies off
You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies (Learn how here). Doing so however will likely limit the functionality of our’s and a large proportion of the world’s websites as cookies are a standard part of most modern websites
It may be that you concerns around cookies relate to so called “spyware”. Rather than switching off cookies in your browser you may find that anti-spyware software achieves the same objective by automatically deleting cookies considered to be invasive. Learn more about managing cookies with antispyware software.