Skip to main content

Privacy Policy

Last Updated: 24 May 2024

Introduction

Millbank Dental Care is committed to protecting the privacy and security of your personal information. This privacy policy describes how we collect, use, and look after your personal data when you become a patient of our practice, visit our website, or communicate with us. It also explains your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Millbank Dental Care is a "data controller," which means we are responsible for deciding how we hold and use your personal information.

  • 1.
    Who We Are

    Our contact details are:

    • Practice Name: Millbank Dental Care
    • Address: 42 Ponsonby Place, Westminster, London. SW1P 4PR
    • Phone Number: 0207 828 7676
    • Email Address: This email address is being protected from spambots. You need JavaScript enabled to view it.

    If you have any questions about this privacy policy or how we handle your personal information, please contact our Practice Manager at the details above.

  • 2.
    The Information We Collect About You

    We collect and process personal and sensitive information in order to provide you with dental care. This includes:

    • Personal Data:

      • Your name, date of birth, address, email, and telephone numbers.
      • Details of your next of kin.
      • Financial information, such as credit/debit card details for payment processing.
    • Special Category (Sensitive) Data:

      • Your current and past medical and dental history.
      • Clinical records of your appointments, including notes, treatment plans, and appointment dates.
      • Results of examinations, X-rays, clinical photographs, and study models.
      • Information about any medication you are taking or prescribed.
      • Information about your lifestyle and social circumstances relevant to your dental health (e.g., smoking or alcohol consumption).
      • Information from other healthcare professionals involved in your care.
    • Website and Communication Data:

      • Information you provide when you fill in a contact form on our website or email us.
      • Technical data from our website, such as your IP address (this data is typically anonymised).
  • 3.
    How We Use Your Information (and our Legal Basis)

    We are required to have a lawful basis for processing your data. We use your information for the following purposes:

    Purpose of Processing Type of Data Used Lawful Basis for Processing
    To provide you with dental care and treatment. Personal and Special Category Data Processing is necessary for the purposes of preventative or occupational medicine, for medical diagnosis, and the provision of health or social care or treatment (UK GDPR Article 9(2)(h)).
    To manage your patient account, including booking appointments, sending reminders, and processing payments. Personal Data It is necessary for the performance of our contract with you. It is also in our legitimate interest to run our practice efficiently.
    To communicate with you about your care or to respond to your enquiries. Personal Data It is in our legitimate interest to provide excellent patient service.
    For marketing purposes, such as sending newsletters or information about new treatments (we will only do this with your explicit agreement). Personal Data (e.g., Name, Email) Your explicit Consent. You can withdraw your consent at any time.
    To comply with our legal and regulatory obligations, such as those set by the General Dental Council (GDC) and the Care Quality Commission (CQC). Personal and Special Category Data It is necessary for compliance with a legal obligation.
    To manage our business operations, including accounting, auditing, and dealing with complaints. Personal Data It is in our legitimate interest to manage our business effectively and defend our legal rights.
  • 4.
    Sharing Your Information

    We will only share your information where necessary and in a secure manner. We may share your data with:

    • Other Healthcare Providers: Such as your GP, other dentists, hospitals, or specialists to whom we refer you for further treatment.
    • Dental Laboratories: To create custom items for you like crowns, bridges, or dentures. We only provide the minimum information necessary for the task.
    • The NHS or Private Dental Plans: To process payments if you are an NHS patient or a member of a private scheme (e.g., Denplan, Bupa).
    • Regulatory Bodies: Such as the GDC, CQC, or the Information Commissioner's Office (ICO), as required by law.
    • Our Service Providers: Such as our IT support and dental software providers. We have contracts in place to ensure they protect your data.
    • Insurers and Legal Advisors: In the event of a complaint or legal claim.

    We will never sell your information to third parties.

  • 5.
    Data Security

    We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorised way. Access to your personal data is limited to staff members who have a business need to know, and they are subject to a duty of confidentiality. Our computer systems are secure, and records are managed in accordance with data protection laws.

  • 6.
    Data Retention

    We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

    By law, we are required to keep adult dental records for at least 11 years after the date of the last entry. For children and young people, records are kept until the patient is 25 years old, or for 11 years after the last entry, whichever is longer.

  • 7.
    Your Rights

    Under data protection law, you have several rights regarding your personal information:

    • The Right to be Informed: To know how we use your data (which is the purpose of this policy).
    • The Right of Access: To request a copy of the information we hold about you.
    • The Right to Rectification: To correct any inaccurate or incomplete data we hold about you.
    • The Right to Erasure (to be forgotten): To ask us to delete your data. Please note this is not an absolute right and may be overridden by our legal requirement to retain medical records.
    • The Right to Restrict Processing: To ask us to limit how we use your data.
    • The Right to Data Portability: To receive your data in a common, machine-readable format.
    • The Right to Object: To object to us processing your data (e.g., for marketing purposes).

    To exercise any of these rights, please contact our Practice Manager using the details in Section 1.

  • 8.
    Cookies

    Our website may use cookies to improve your user experience. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. You will be asked for your consent to use non-essential cookies when you first visit our website.

  • 9.
    How to Make a Complaint

    We aim to resolve any concerns you have directly. If you are unhappy with how we have handled your personal data, please contact our Practice Manager first so we can try to resolve the issue.

    If you remain unsatisfied, you have the right to complain to the Information Commissioner’s Office (ICO), the UK's supervisory authority for data protection issues.

  • 10.
    Changes to This Privacy Policy

    We may update this policy from time to time. The latest version will always be available at our practice and on our website. We encourage you to review it periodically.