Internet Privacy and Cookies Policy

Herbrandston Dental Health Practice Ltd. Privacy Policy

This privacy policy sets out:

• what information Herbrandston Dental Health Practice Ltd (“Herbrandston Dental”) collects from you and why; • how Herbrandston Dental uses and protects any information that you give; and • how you can access and manage your information.

Herbrandston Dental is committed to ensuring that your privacy is protected.Should we ask you to provide certain information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement.

Herbrandston Dental may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 21st May 2018.

If you have any questions about this policy or more generally about our use of your personal information, you may contact us by emailing us at patients@healthysmile.org,uk, calling on of our practices on 01646 690580 or in person at your local branch.

This policy replaces all previous versions and is correct as of 21st May 2018. We Reserve the right to change the policy at any time.

What we collect

We may collect the following information:

• Name • Contact information including email address • Other relevant personal information (e.g. date of birth) • Electronic identifiers (e.g. IP addresses) • Demographic information such as postcode. • Other information relevant to customer offers and/or surveys • In the case of job applicants, CVs and references relevant to the role thatyou are applying for • For Patients, medical history, treatment records and other information relevantto treatment within the practice.

Ordinarily we will be the party collecting your information directly fromyou. However, there may be situations where this information is obtainedby us from third parties. Examples of this would include:

• from a third party data profiling company, where you have given your consent for that company to pass such information on to us • in the case of job applicants, from a third party recruitment agency

What we do with the information we gather

We require this information to understand your needs and provide you with a better service. In particular, we require it for the following reasons:

• Internal record keeping and account management purposes (e.g. verifying your identity and fulfilling orders/treatments). • Providing you with the product or service you have requested from us • Monitoring, recording and storing telephone or email communications for the purpose of internal training, audit and compliance checking, to improve the quality of our customer service and in order to meet any legal and regulatory requirements • Improving our products and services. • Contacting you by email, SMS, phone or mail for the purpose of accountadministration, appointment reminders and/or taking payments for such orders • customising our website according to your interests • Reviewing your job application for roles with us and potentially offering you employment as a result of that review • Contacting you on the grounds of us having a legitimate interest to do so, if you are a current customer, to periodically send promotional mails or contact you by telephone about new products, special offers or other information which we think you may find interesting using the contact details which you have provided

Where you give us your consent to do so, we may

• Periodically send promotional emails or SMS messages about new products,special offers or other information which we think you may find interesting using the contact details which you have provided • use your information to contact you for market research purposes

In order to utilise your personal information, as set out about, we may allow third parties to process your personal information on our behalf. This is likely to be the case where, for example we:

• contract with a third party booking system to provide our services to you • request a third party data profiling company to establish trends and otherbuying/profile information • Contract with third party clinicians in order to provide dental treatment

Where we share personal information for these purposes, we put in place controls to ensure that your personal information is only used for the purpose for which we’re sharing it. Where we want to allow third parties to process or control your personal information for reasons other than those set out above, we will inform you of this and, if necessary, seek your consent to share such information with them.

Where we have asked for your consent to use your personal information for a particular purpose, this consent may be withdrawn by you at any time. Similarly, where we are using your personal information to fulfil a legitimate interest of ours, you may have a right to object to your personal information being used for a particular purpose (e.g. for direct marketing). Please See the section entitled ‘Controlling your personal information’ below.

Account Security

If you contact us or we contact you, we may ask for certain information fromyou to confirm your identity, check our records and deal with your accountefficiently and correctly.

We aim to protect all of our customers from fraud. As part of this, we may use your personal information to verify your identity to help prevent or detect fraud. These checks may involve your information being disclosed to credit reference agencies, who may keep a record of that information. This is not a credit check and your credit rating will be unaffected.

Website Information

We use programs such as Google Analytics to help us find out:

• How many people visit our websites • Which pages and parts of pages are most popular • How long people spend in each area of the website • What information people are looking for

These insights help us understand what customers want from our website and,consequently, how we can improve the website in the future.

Google Analytics uses cookies to collect non-personally identifiable information like:

• Browser types • Operating systems • Third party sites that direct you to us • The time and date of a visit

What lawful basis we process yourinformation on

We may only process your personal information where we have a lawful basis for processing it. What this lawful basis is will depend on the type of personal information you provide, and where we want to process personal information for a specific purpose not identified in this Privacy Policy we will notify you of this at that time.

Our lawful bases for processing your personal information are as follows:

 **Processing** 

Internal record keeping Internal training/audit/compliance Improving products and services Account Administration Customising our website Reviewing job applications Direct marketing – current customers*, mail and telephone Direct marketing – current customers*, electronic marketing Direct marketing – non-current customers Market research

Direct Debit and Billing

  **Lawful Basis**

Contract Contract Legitimate Interests Contract Legitimate Interests Contract Legitimate Interests Consent Consent Consent Contract

In certain circumstances, we may be required to process your personal information in order to comply with a lawful obligation on us. This may be the case, for example, where a statutory or regulatory body requests such information in accordance with their legalpowers. We also have a legitimate interest and, on occasion, a legal obligation to disclose personal information to regulatory bodies in certain circumstances,including where we have information about potential criminal acts or security threats, and may disclose information to authorities on this basis.

*If you proactively contact us to enquire about becoming a customer of us, we will treat you as a current customer for the purpose of potentially directly marketing to you on the grounds set out above.

Security

The security of your information is very important to us. As part of our commitment to keeping your data safe, our technical experts maintain physical,electronic and managerial procedures to keep safe the information we collect online.

Only authorised employees and carefully checked agents, contractors and subcontractors, who provide a particular data processing service for us, are permitted access to your data. These people will only be allowed access to your data for the purposes identified within this Privacy Policy, processing it on our behalf or for IT security and maintenance.

Where a third party is processing your data on our behalf, we will take steps to ensure that such third party gives us commitments that it will process your data in line with EU law. If a third party processing your data on our behalf is located in a non-EU country that does not have data protection laws equivalent to those in the EU, we will always take appropriate additional steps to ensure that your personal information is kept safe and secure by those processing your data on our behalf. This will generally involve ensuring that such third party agrees to sign up to a formal legal agreement committing such party to comply with standards equivalent to those that would apply where that party to be located within the EU.

Sometimes, you might wish to disclose sensitive information to us. We will only use sensitive data for the specific reason you disclosed it to us and we will take extra care to keep it secure. From time to time, we will check with you that we may continue to use that sensitive data for the specified purpose. Medical Records held under this are subject to increased security and consent and are not disclosed to any other party baring your express consent, or through contractual obligations.

How long we hold your information for

The time period for which we keep information varies according to what we usethe information for. Unless there is a specific legal requirement for us tokeep information, we will keep your information for as long as it is relevantand useful for the purpose for which it was collected.

Where we are using your personal information to send you marketing information we will generally retain that information for marketing purposes for two years from the point of your last order as we understand that you even if you don't buy from us on every occasion, frequently we see repeat purchases from customers in this time period.

We will retain your medical informationfor eleven years in line with governing body and contract requirements. Inthe case of medical records being entered into a legal case this time periodincreases to 25 years.

In the case of unsuccessful job applicants, we will generally hold your CV and supporting documentation for period of twelve months from the date of application. If you wish for us to hold your CV for longer and be considered for future roles then please just let us know.

Where you have given consent to us holding data for a particular purpose, that consent may be withdrawn by you at any time. You may withdraw your consent by contacting us by any method that you wish to communicate with us,including e-mail or telephone. Our usual contact details are set out on the first page of this Privacy Policy.

You are entitled to request that we erase your personal information at anytime, for example where you cease to be an active customer of ours. Whilst we will generally seek to comply with your request, there will be circumstances where we are entitled to retain such personal information and medical records that are subject to alternative conditions and contractual obligations.

Controlling your personal information

You may choose to restrict or control the collection or use of your personal information in the following ways:

• whenever you are asked to fill in a form on the website or elsewhere, ensure that you do not tick any box requesting permission to use your personal information for specific purposes (e.g. marketing) or, in the case of ‘opt-out’ consents relating to electronic communications, ensure that you un-tick the relevant box • if you have previously agreed to us using your personal information for direct marketing or other specific purposes and wish to change your mind • if you believe that we are holding personal information which is incorrect,out of date or incomplete and wish for that to be corrected • if you wish for your personal information to be erased from our systems • if you wish for us to transfer your personal information to a third party(e.g. another service provider), we may provide you with your personal information which held by us for you to pass to that third party (or, in certain circumstances, we may be able to transfer that personal data to such third party directly if you wish for us to do so)

Where you are an active customer of ours, we may direct market to you by post or telephone on the basis that we consider we have a legitimate interest in marketing to you in this way and that it does not substantially impact on your privacy. You have a right to object to this at any time, and may request that we cease to contact you for direct marketing in this manner at any point. We will comply with any such request.

If you want to remove a consent, request that we cease contacting you for direct marketing purposes or request erasure or transfer of your personal information, you may contact us by emailing us at patients@healthysmile.org,uk, calling on of our practices on 01646 690580 or in person at your local branch.

We will not sell, distribute or lease your personal information to third parties for their control unless we have your permission, need to do so in order to fulfil a contractual obligation to you or are required by law to doso. Where we do seek your permission, we will name the relevant third party at the time we seek such permission from you and any such permission shall be limited to that third party. Please note that we may provide information for processing to certain third parties as outlined in the section entitled ‘What we do with the information we gather’.

If you believe that any information we are holding on you is incorrect, out of date or incomplete, please write, email or call us as soon as possible, using the details set out above. We will promptly correct any information found to be incorrect. To protect your privacy and security, we will take reasonable steps to verify your identity before granting access or making corrections.

Third Party Links and Cookies

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website (s). Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Cookies

How we use cookies

Cookies are alphanumeric identifiers which enable our systems to recognise yourbrowser in order that we can provide you with easy use of the various servicesavailable on the website.

Cookies allow web applications to respond to you as an individual. The webapplication can tailor its operations to your needs, likes and dislikes bygathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the website.

Page last updated: 11 Jul 2018  9:12PM