How Bere Regis Dental practice processes the information we collect and hold on you
Personal data is obtained for two main sets of data subjects – our patients and our team.
Data is obtained from patients when you first register with us or change your details. The data is processed in order to provide the correct healthcare in order for us to carry out our CQC registered activities effectively – Treatment of Disease, Disorder or Injury, Surgical Procedures and Diagnostic and Screening Services.
We will also process your data in order to book appointments, remind you of upcoming appointments and to remind you that you are due appointments. We sometimes use the data to promote our services which may be of interest either to you or someone you know. This is only when there is a legitimate business purpose and, of course, you may opt out of this at any time from our marketing to you. With express and signed permission, we may use your clinical photos and details in our advertising and promotion – using photos, feedback, recommendations on our facebook page and on our website.
We process the data you give us on log in and password protected computers. This is backed up daily to a cloud based back up. We have data agreements for security in place with our provider.
We only collect and keep data which is relevant to our treatment of you and your oral health. Should you wish to leave our practice then we will archive your records but they will not be deleted. Legally we need to keep your records for as long as is necessary. Archiving means they are put out of reach and not accessible accidentally. Then, should you wish to return to us in the future, we can reactivate your records and have a history of you.
Should you wish to take your records to another provider, then we will arrange to copy them to a medium of your choice for your collection or send them recorded deliver to an address of your choosing. You can also access your records at any time by completing a ‘subject access request’ and we will respond within one month.
The right to erasure – otherwise known as the right to be forgotten, this means that you have the right to have any personal data that we no longer need to be deleted.
You also have the right to object to how we process the data we hold on you – this includes direct marketing. For legitimate business purposes we can inform you of things that we think may be of interest to you, we will never pass your details on to third parties, but you can tell us if you do not wish to be informed and withdraw from marketing.
The Data Controller for the practices is Dr Corina Mihailov and all of the team who process and deal with your information are bound by the laws of confidentiality under the Data Protection Act and we will observe this at all times.