Privacy & Cookies

Privacy Notice

The practice aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the guidelines on the Information Commissioner’s Website as well as our professional guidelines and requirements

The Data Controller is Julie Wroe (and for NHS Practices, the Data Protection Officer.)

This privacy notice is available by email if  you contact :[email protected]  or by calling 01522 520997.

You will be asked to provide personal information when joining the practice. The purpose of us processing this data is to provide optimum health care to you.

The categories of data we process are :

  • Personal data for the purposes of staff and self employed team member management
  • Personal data for the purposes of direct mail/ email/text marketing
  • Special category data including health records for the purpose of the delivery of health care.
  • Special category data including health records and details of criminal record checks for managing employees and contracted team members.

We never pass your personal details to a third party unless we have a contract with them to process data on our behalf and will otherwise keep it confidential. If we  intend to refer a patient to another practitioner or to a secondary care such as a hospital we will gain the individuals permission before the referral is made and the personal data is shared.

  • Personal data is stored in the EU whether in digital or hard copy format.
  • Personal data is stored in the US in digital format when the data storage company is certified with the EU-US Privacy Shield.
  • Personal data is obtained when a patient joins the practice, when a patient is referred to the practice and when a patient subscribes to an email list.

The lawful basis for processing special category data such as patients and employees health data is :

  • Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State Law or a contract with a health professional.
  • Other

The lawful basis of processing personal data such as name, address, email or phone number  is:

  • Consent of the data subject
  • Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
  • Other

The retention period for special data in patient records is a minimum of 10 years and may be longer for complex records in order to meet our legal requirements. The retention period for staff records is 6 years.  The retention periods for other personal data is 2 years after it was last processed. Details of other retention periods are available in the Record Retention procedure M215   from the practice. You have the following personal data rights:

  • The right to be informed
  • The right of access
  • The right of rectification
  • The right to erasure (clinical records must be retained for a certain period of time)
  • The right to restrict processing
  • The right to data portability
  • The right to object.

Further details of these rights can be seen in our Information Governance Procedures M217C or at the Information Commissioner’s website. Here are some practical examples of your rights:

  • If you are a patient of the practice you have the right to withdraw consent for important notifications, newsletters, surveys, or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or texts. You have the right to obtain a free copy of you patient records within one month.
  • If you are Not a patient of the practice you have the right to withdraw consent for processing personal data, to have a free copy of it within one month, to correct errors in it or to ask us to delete it. You can also withdraw consent from communication methods such as telephone, email or text.

We have carried out a Privacy Impact Assessment M217Q and you can request a copy from the details below.

The details of how we ensure security of personal data is in our Security Risk Assessment- M217M and Information Governance Procedures M217C.

Comments, Suggestions and Complaints


Please contact  the Practice Manager :  Julie Wroe.

We  take complaints very seriously.

If you are unhappy with our response or if you need any advice you should contact the ICO office. Their telephone number is 0303 123  1113, you can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who has misused personal data. You can also visit their website for information on how to make a date protection complaint.

Related practice procedures.

You can also use these contact details to request copies of the following practice policies or procedures:

  • Data Protection and Information Security Policy M233-DPT
  • Consent Policy M233-CNS
  • Privacy Impact Assessment M217-S
  • Information Governance Procedures M217-C

Privacy Notice for Children

The practice keeps records of your name, address, date of birth and details of any health problems as well as details of your dental treatment. We keep this information so that we can provide you with the best dental care.

Your personal information is kept very confidentially and securely.

We only use your personal information so we can give you the best dental care and for sending reminders to you.

We only pass your personal information to another dentist, doctor or hospital if you have a problem that needs their special skills and you need to go and see them. We will not give your information to anyone else unless the law allows us to.

If you leave the practice, we will stop using your information, but will keep it confidentially and securely until you are 25 years old, when we will review if and when we can delete it. You can always ask for a copy of the information we hold for you, we can transfer it to another dentist or doctor at your request and you can ask us to stop sending you letters if you stop being a patient at the practice.

When you reach 18 years of age the Privacy Notice about how we can process your personal information will change to the adult version. This can be found in our website.

If you would like a copy of the information we hold about you or if you have any other enquiries about it please contact the Practice Manager Julie Wroe

Tel 01522 520997

Cookies in use on this website

Cookies and how they benefit you

Our website uses cookies, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites

Our cookies help us:

  • Make our website work as you’d expect
  • Remember your settings during and between visits
  • Improve the speed/security of the site
  • Personalise our site to you to help you get what you need faster
  • Continuously improve our website for you

We do not use cookies to:

  • Collect any personally identifiable information (without your express permission)
  • Collect any sensitive information (without your express permission)
  • Pass data to advertising networks
  • Pass personally identifiable data to third parties

You can learn more about all the cookies we use below

Granting us permission to use cookies

If the settings on your software that you are using to view this website (your browser) are adjusted to accept cookies we take this, and your continued use of our website, to mean that you are fine with this. Should you wish to remove or not use cookies from our site you can learn how to do this below, however doing so will likely mean that our site will not work as you would expect.

More about our cookies

Website cookies (necessary)

We use general purpose cookies to make our website work and help us tailor content to your needs. There is no way to prevent these cookies being set other than to not use our site.

We use:

w3tc_referrer – used to store a session ID needed to help our website’s performance. It expires at the end of your session.
PHPSESSID – used by our website to identify a specific user session. It expires at the end of your session.
cfduid – used to protect our website from security threats and to improve its performance. It is set by CloudFlare service.
cc_analytics – used to store information on consent to store Google Analytics cookies on your computer.
cc_necessary – used to store information on necessary cookies.

Visitor Statistics Cookies

We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows which helps to identify when our site isn’t working as it should for particular technologies), how long they spend on the site, what page they look at etc. This helps us to continuously improve our website. These so called “analytics” programs also tell us how people reached this site (e.g. from a search engine) and whether they have been here before.

We use:

Cookies starting with __utm – cookies used by Google Analytics. It helps us to understand how our website is being used. You will have an option to disable these first time you visit our website. If you change your mind at any time, you can modify your preference by clicking link at the bottom of this page.

Turning cookies off

You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies (Learn how here). Doing so however will likely limit the functionality of our’s and a large proportion of the world’s websites as cookies are a standard part of most modern websites

It may be that you concerns around cookies relate to so called “spyware”. Rather than switching off cookies in your browser you may find that anti-spyware software achieves the same objective by automatically deleting cookies considered to be invasive. Learn more about managing cookies with antispyware software.