PrivacyNotice

Sutton Dental Care takes managing personal data very seriously and acts in accordance with the Data Protection Act 2018 as well as the General Data Protection Regulations.

This Privacy notice is available on the practice website https://suttondentalcare.co.uk.

A copy can be requested from our reception team in person, via the telephone on 0121 354 7570, via the contact us form on the website https://suttondentalcare.co.uk/contact-us, by emailing info@suttondentalcare.co.uk or by writing to Sutton Dental Care, 29 Coleshill Street, Sutton Coldfield, B72 1SD.

The Data Controller processes personal data for the purpose of:

• The provision of dental care to patients
• The provision of dental care to patients on referral from other healthcare providers
• The provision of managing patient referrals to and from other healthcare providers
• The management of patient appointments
• Communicating via newsletters to existing referring healthcare providers and existing patients of the practice
• Marketing

The data controller processes special category personal data for the purpose of:

• The provision of dental care to patients
• The provision of managing patient referrals to and from other healthcare providers

The lawful basis for the processing of personal information relating to the provision of dental care to patients and the provision of managing referrals to and from other healthcare providers is:

• Performance of contract
• Legal obligation

The lawful basis for the management of patient appointments and communicating via newsletters to existing referring healthcare providers and existing patients of the practice is:

• Legitimate interest

The lawful basis for marketing is:

• Consent

The lawful basis for the processing of special category data relating to provision of dental care to patients, provision of dental care to patients on referral from other healthcare providers, provision of managing patient referrals to and from other healthcare providers is:

• Performance of contract
• Legal obligations

With the conditions under Article 9(2) under GDPR of:

“processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3;”

and

“processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity”.

The practice holds personal data in the following categories:

• Patient clinical and health data and correspondence (including special category personal data)
• Details about referring dentists

In most instances, personal data and special category personal data is received directly from the data subject themselves (patients, practice personnel).

In some instances, personal data and special category personal data may be received from third parties (referring healthcare providers, Criminal Records Bureau, regulatory bodies etc.).

Data is stored on our internal server and is backed up via a cloud service which is based in the EU.

It may be necessary for third parties to access this data such as dental software providers, IT support companies, cloud back up providers, email providers, website developers and website hosts.

It may be necessary to share this information with organisations such as other healthcare providers when a referral is made or received, dental laboratories when dental prostheses are needed, indemnity providers if needed, regulatory bodies if needed, dental insurance providers, NHSBSA, appointment reminder texting companies etc.

Other than this data is kept confidential.

Special category patient personal data: minimum of 10 years after the last contact or until the patient reaches 25 years old (whichever is longer); and we may store it for longer if there is justification to do so.

Further details are available on the practice data retention policy.

Under the GDPR data subjects have:

• The right to be informed about the personal data we hold
• The right of access to the information we hold about them
• The right to rectification of the personal data we hold if incorrect
• The right to erasure of personal data we hold (this may not apply if there is an overriding obligation to retain data, for example clinical records)
• The right to restrict processing of personal data we hold
• The right to have the data we hold transferred to someone else at their request
• The right to object to processing the data we hold about them

For patients who have given their consent to us marketing to them, they have the right to withdraw that consent at any time. This can be done in person, via the telephone on 0121 354 7570, via the contact us form on the website https://suttondentalcare.co.uk/contact-us, by emailing info@suttondentalcare.co.uk or by writing to Sutton Dental Care, 29 Coleshill Street, Sutton Coldfield, B72 1SD.

Should you have a query or a complaint about the processing of your data by the practice, then please contact Kate Powell, who will endeavour to help. In her absence, please contact Danielle Adams.

Kate Powell can be contacted via telephoning the practice on 0121 354 7570, by emailing info@suttondentalcare.co.uk, or by writing to Kate Powell, Sutton Dental Care, 29 Coleshill Street, Sutton Coldfield, B72 1SD. You may also complain to our Data Protection Officer, Debby Aldridge, at the above address.

In the event that you have a complaint and are unhappy with our response, you can contact the Information Commissioner on 0303 123 1113 or by visiting their website https://ico.org.uk/concerns.

This privacy notice tells you what to expect when Sutton Dental Care collects personal information. It applies to information we collect about:

• visitors to our website
• people who use our services, e.g. who subscribe to our newsletter or other forms present on the site

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.