Surrey Quays Dental Practice, share your concern about the protection of your personal information and are committed fully to compliance with the requirements of the Data Protection Act 1998, GDPR regulations 2018 and safeguarding your privacy.
This document covers our policy regarding the privacy of information we collect about you, whether via our website, through our clinic or otherwise.
Please read it carefully to understand how your personal information will be treated.
What is covered in the policy:
· How Surrey Quays Dental Practice will use personal information we collect about you;
· Who Surrey Quays Dental Practice will disclose your information to
· How to keep your personal information up to date and accurate
· Changing Personal Information
· "Opting Out" of receiving promotional materials
· Our websites
· Links to third Party websites
· Your Rights
1. How Surrey Quays Dental Practice will use personal information we collect about you Personal information is information that identifies a living individual. Surrey Quays Dental Practice is committed to processing your personal information only in a fair and lawful manner.
Types of information we collect
· Last name
· Medical history
· Date of Birth
· Phone numbers
· Email Address
Company information identifies companies who may be a supplier of services, materials
or a stakeholder.
Surrey Quays Dental Practice uses your information to better understand your needs and provide you
with a better service. Specifically, we may use your personal information as
· To respond to your specific information request / enquiry when completing an online form.
· To customise various aspects of our websites to your preferences.
· To pre-complete online form’s on our website. For example, if you have provided an address when using one
service, the site computers may automatically fill in that information on another form for another service. This is simply a convenience - no information
· As may be necessary to support the operation of our website.
· To provide agreed services and for invoicing, record keeping, statistical analysis and internal reporting.
· To obtain your feedback and views on our services.
· To monitor and/or record telephone conversations to or from you in order to offer you additional security, resolve complaints, improve our service
standards and for staff training purposes.
· To provide you with advice, treatment and care to meet your needs and requirements.
· By mail, email, SMS and/or telephone (depending on your communication preferences) to inform you about practice news/ promotions and services. You can choose to opt out of receiving this information at any time by using tick boxes provided at registration.
· by mail – Surrey Quays Dental Practice 204 Lower Road SE8 5DJ
· by email – email@example.com
· by telephone – 020 7231 7912
· By filling in the enquiry form on our website
Pseudonymisation means transforming
personal data so that it cannot be attributed to an individual unless there is
· Pseudonymisation – the data can be tracked back to the original data subject
· Anonymisation – that data cannot be tracked back to the original data subject
Examples of pseudonymisation we use are:
· We never identify patients in research, patient feedback reports or other publically available information.
· When we store and transmit electronic data it is encrypted and the encryption key is kept separate from the data.
· Where we are supplying medical services, we may ask you to provide sensitive personal data relating to your physical condition. If so, we will ask
for your explicit consent to allow us to process this data and treat it in the strictest of confidence.
We will hold your personal information accordance with our Record Keeping Policy in order to provide the service.
When your records have reached their retention period expiry date they are securely destroyed using an authorised and registered data shredding company.
2. Who Surrey Quays Dental Practice will disclose your
As a general rule, we will not otherwise disclose any personal information to any third parties, except: to any Government Department, public body or other third party where we believe in good faith that the law requires this; in the interests of public mhealth and safety; or in order to protect the rights, property, or safety of Surrey Quays Dental Practice, its employees or other members of the public. In addition, we will provide personal data to third parties if authorised by you to do so.
We may also be required to disclose certain information about you when referring you on for specialist treatment, hospital or for advanced scanning. We will always discuss the reasons why you need to be referred and obtain your consent before proceeding. When transferring information we will always use encrypted emails.
We will implement and maintain appropriate technical and organisational measures to protect your personal data from unauthorised or unlawful processing and accidental loss, damage or destruction.
We do not transfer information to companies outside the EU unless you consent to do so. We will then take the necessary security steps to secure any transfer to protect Surrey Quays Dental Practice and your information.
3. How to keep your personal information up to date and accurate
3.1 Changing personal information
We recognise that some of the information that we collect from you will change from time to time. You can change information that you have previously provided to us at any time:
by mail – Surrey Quays Dental Practice 204 Lower Road SE8 5DJ
by email – firstname.lastname@example.org
by filling in the enquiry form on our website (available soon)
3.2 "Opting Out" of receiving promotional materials
Where you have sent us personal contact details, you may choose to "opt out" of receiving promotional materials from us at any time:
- by refusing consent at the time of data collection.
- by using tick boxes provided on our website (to be published soon) and communication consent forms available at the reception desk
- by clicking the unsubscribe button on any subsequent promotional email you receive from Surrey Quays Dental Practice.
- by filling in the enquiry form on our website (to be available soon)
- by mail – Surrey Quays Dental Practice 204 Lower Road SE8 5DJ
- by email - email@example.com
- by telephone – 020 7231 7912
Requests to change personal information and preferences will ordinarily be actioned within 10 business days of receipt by us.
4. Our Websitewww.surreyquaysdentalpratice.com
What are cookies?
Cookies are small computer files, typically containing letters and numbers that are created through web browsers. Cookies are used as a form of digital memory to remember bits of information about a user’s visits to and use of web pages. They are mostly intended to enhance the user’s web experience by recording preferences and settings and to customise content and advertising to users’ tastes.
Tracking information is information that is collected about every visitor to our website, and is automatically gathered using "cookies.". Cookies do not include personal information about you, but they are unique to each user so that the site computer can distinguish between users, and personalise your experience if you have provided information about yourself. Cookies used by us in connection with our website are encoded and contain a unique digital signature to prevent tampering. Cookies are only read by the website computer that placed them, and cannot execute any code or virus.
We use tracking information in aggregate form to build higher-quality, more useful services by performing statistical analyses of users' activities, and by measuring demographics and interest regarding specific areas of the Surrey Quays Dental Practice website.
Links to Third parties
Surrey Quays Dental Practice does not link to third party websites and will not share your information with any third party websites.
Analytics is the discovery, interpretation, and communication of meaningful patterns in data. Organizations apply analytics to business data to describe, predict, and improve business performance, for example: If you view a particular product, data is collected every time the product is viewed. This information will allow the organisation to see the popularity of the product tailoring products and services for its market.
The types of organisation that collect analytics are:
Google Ad Words
You can view their place of processing and private policy on their respective home pages.
We use reasonable security methods to protect the data that resides on our server. However, no security system is impenetrable.
We use Internet standard encryption technology ("SSL" or "Secure Socket Layer" technology) to encode personal data that you send to us through the
Enquiry form and other forms used through the Website. SSL works by using a private key to encrypt data that's transferred over the SSL connection. To
check that you are in a secure area of the Website before sending personal data to us, please look at the bottom right of your website browser and check that it displays an image of a closed padlock or an unbroken key.
However, please note that whilst we take appropriate technical and organisational measures to safeguard the personal data that you provide to us, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that we cannot guarantee the security of any personal data that you transfer over the Internet to us.
We report certain types of personal data breaches to the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach results in a high risk of adversely affecting individuals’ rights and freedoms we also inform those individuals without undue delay. We keep contemporaneous records of any personal data breaches, whether or not we need to notify.
Privacy impact assessment
To identify the most effective way to comply with their data protection obligations and meet individuals’ expectations of privacy
we review our Privacy Impact Assessment annually.
Information Governance Procedures includes the following information security procedures:
· Team members follow the “Staff Confidentiality agreement”, which clarifies their legal duty to maintain confidentiality, to protect personal information and provides guidance on how and when personal or special category data can be disclosed
· How to manage a data breach, including reporting
· A comprehensive set of procedures, risk assessments and activities to prevent the data we hold being accidentally or deliberately compromised and to respond to a breach in a timely manner
· The requirements and responsibilities if team members use personal equipment such as computer, laptop, tablet or mobile phone for practice business
5. Your rights
The UK Data Protection Act 1998 gives you the right to access the personal data that Surrey Quays Dental Practice holds and processes on you. You are entitled to stop the data processing if it causes unwarranted and substantial damage or distress and to request that inaccurate / incorrect information be rectified.
This privacy statement has been prepared to fulfil the obligations under Art.10 of the EC
Directive 95/46/EC and under the provisions of directive 2002/58/EC as revised by Directive 2009/136/EC on the
subject of Cookies.
For further information regarding these rights or to make a complaint please contact our Data Protection Officer at : firstname.lastname@example.org if after contacting Surrey Quays Dental Practice you are still unhappy you may also complain to the Information
Commissioner, all contact details are available on the Information Commissioner's Website: www.ico.org.uk.
If you have any questions or concerns about our use of personal information please contact: email@example.com
We reserve the right to modify this policy effective seven (7) days after the posting of the revised policy. Last update: 2nd May 2018