The practice is committed to complying with the General Data Protection Regulation (GDPR), Data Protection Act, the CQC, GDC and other standards.
The practice only keeps relevant information about employees for the purposes of employment and health and safety, and about patients to provide them with safe and appropriate dental care as well informing them about its products and services.
The person responsible for Data Protection is Dr Pedro R Gutierres.
Our legal basis for processing data is:
Information we may collect from you:
If you visit our website or contact us by Text, Phone, Online chat systems, Email or any other method, you may provide us with information about yourself.
This information can include but is not limited to: name, date of birth, address, post code, telephone number, email, message, general medical practitioner, your health information, photos, and confirmation of method of contact.
During your dental appointment we may collect further information about your:
Often, we are processing your data based on a mixture of Legal Obligation, Completion of a Contract, Legitimate Interests & for the purpose of a contract.
If the data is in relation to a child below the age of 16 years, such processing shall be lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child.
You have the right to withdraw your Consent at any time as follows:
Marketing Emails: Utilising the unsubscribe button at the bottom of every marketing email.
Personal Details: By emailing email@example.com with your request to restrict processing of your personal data. We will then contact you to confirm once this has been processed.
Transmission and disclosure of Data:
To facilitate patients’ health care, the personal information may be disclosed to a dental laboratory, dentist, doctor, health care professional, hospital, HMRC, Court, police or private dental schemes of which the patient is a member. In all cases only relevant is shared.
We may disclose your data in order to make certain services available to you.
We may disclose your data to:
In very limited circumstances, such as for identification purposes, or when required by law or a court order, personal data may have to be disclosed to a third party not connected with your health care. In all other situations, disclosure that is not covered by this Code of Practice will only occur when we have your specific consent. Where possible you will be informed of these requests for disclosure.
All confidential information is sent via secure methods. Electronic communications and stored data are encrypted.
All computerised clinical records are backed up and encrypted copies are kept on-site.
Staff criminal record check information is kept securely in a lockable, non-portable storage cabinet with access strictly controlled and limited to persons who need to have access to this information in the course of their duties.
Unfortunately, the transmission of data via the Internet cannot be classed as completely secure.
We will strive to protect your personal data, but we cannot guarantee the security of the data once it has been transmitted via the internet, Instagram or Facebook or other online community portals, any transmission is at your own risk.
In the event that any entity of MAIDA SMILES CLINIC, or substantially all of its assets, are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganisation, consolidation or liquidation, Personal Information may be one of the transferred assets.
Website content and usage
Maida Smiles Clinic follows a standard procedure of using log files. These files log visitors when they visit websites.
All hosting companies do this and a part of hosting services’ analytics. The information collected by log files includes Internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks.
These are not linked to any information that is personally identifiable.
The purpose of the information is for analysing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Our cookies do not store personal information (such as your name or address).
Cookies simply allow our website to retrieve information in order to improve your experience of our website.
Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.
Here is a list of cookies may be sent to your device when browsing our site.
Geo Targeting cookies are used to display appropriate contact information based on the visitor’s location.
These are Google Analytics cookies. We use these cookies to see how many visitors use our website and which pages they view. We use this information to make our website easy to use.
Like any other website, Maida Smiles Clinic uses ‘cookies’, small text files that are placed on your machine to help the site provide a better user experience.
In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics.
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser.
We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
Third party cookies
Very occasionally we embed content from other sites such as YouTube and these sites may set their own cookies.
How to manage cookies
If you would like to restrict, block or delete cookies from our or any other website, you can use your browser to do so.
Each browser is different so check the ‘Help’ menu of your particular browser to learn how to change your cookie preferences.
Further information about cookies
If you wish to learn more about cookies in general and how to manage them, visit www.allaboutcookies.org.
Children’s Information on our webpage
Another part of our priority is adding protection for children while using the Internet.
We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Maida Smiles Clinic does not knowingly collect any Personal Identifiable Information from children under the age of 13.
If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Consent for website usage
Personal data shall be processed in accordance with the rights of data subjects under this Act:
Subject Access Requests
Patients and team members can have access to view the original of their records free of charge. Copies of patient or team member records are provided following a written request to the Practice Manager using the ICO Subject access request template.
Radiograph copies are charged at the current cost of taking x-rays at the practice. The requested copies will be provided within 30 days on receipt of payment.
An employee or a patient may challenge information held on record and, following investigation, should the information be inaccurate the practice will correct the records and inform person of the change in writing.
When the request for information is about the personal data of a child, the practice will consider if the child is mature enough to understand their rights.
If they do, then the practice will consider responding directly to the child rather than the parent. If it is decided that the child is not mature enough to understand their rights, and there is some doubt about parental responsibility, proof of identity and evidence of parental responsibility will be requested.
The practice will update its privacy notice to ensure its gives information in a language that can be understood by a child on any processing of children’s personal data.
When the practice receives a third-party request for information on someone else’s behalf (e.g. from a solicitor) evidence of their permission will be requested, this could be a written authority to make a request or a power of attorney.
When the practice receives a third-party request for information for a patient who lacks the mental capacity to manage their affairs the practice will ask to see evidence of a Lasting Power of Attorney or the evidence of appointment by:
This policy should be read in conjunction with the Confidentiality Policy, and the Information Governance Policy.
All of the data you provide in the application process will only be utilised for the purpose of progressing your application with us. The information you provide will be held securely by us whether the data is electronic or in a physical format.
We will use the contact details provided to contact you to discuss/progress your application.
If your application is unsuccessful and there is no requirement to keep your data, we will dispose accordingly.
We will always hold your information securely. To prevent unlawful disclosure or access to your information, we have implemented strong physical and electronic security safeguards.
We also follow stringent procedures to ensure we work with all personal data in accordance with the GDPR.
MAIDA SMILES CLINIC has appropriate procedures to ensure personal data breaches are detected, investigated and reported effectively, including procedures to assess and then report any breaches to the ICO where the individual is likely to suffer some form of damage, e.g. through identity theft or confidentiality breach.
The practice will report serious data breaches to the ICO within 72 hours of becoming aware of the essential facts. The practice will keep a log of all data breaches and record the basic facts, effects of the breach and remedial action taken.
How long do we keep your data
We will retain your dental records and orthodontic study models while you are a practice patient and after you cease to be a patient, for at least eleven years, or for children until age 25, whichever is the longer.
We keep video and audio footage records for 21 days before it is erased by the system.
Changes to our privacy notice
We withhold the right to change/updated our Privacy Notice as required in the future. Any changes will be posted on this page.
If you have any questions or queries on how we use your personal data that are not answered here, or if you wish to exercise your rights, please contact us by any of the following methods:
If you do not wish personal data that we hold about you to be disclosed or used in the way that is described in this Code of Practice, please discuss the matter with your dentist or write to us.
You have the right to object; however, this may affect our ability to provide you with dental care. You have a right to withdraw your consent at any time, however this will not be retrospective.
If at anytime you are unhappy with our use of your information, you can contact us on the methods above in the contact section.
You are also entitled to lodge a formal complaint with the UK Information Commissioner’s Office using any of the below contact methods:
Telephone: 0303 123 11113
Information Commissioner’s Office
Links to other websites
Our website may contain links to other websites.
Please note that we have no control of websites outside of the www.maidasmiles.co.uk domain.
If you provide information to a website to which we link, we are not responsible for your data protection and privacy.
Always be wary when submitting data via interactive website templates. Study the website data protection policy and the status of the website itself – is it padlocked or using https:// or green bar transfer protocols?).
This Privacy Notice does not provide exhaustive detail of all aspects of us, collection and use of personal information. However, we are happy to provide any additional information or explanation needed when requested.
We make every effort to ensure that we the information provided on Our website is accurate and current.
However, it cannot guarantee this, and cannot accept responsibility for any errors, omissions, misstatements or mistakes on the website.
Anyone becoming aware of such matters is requested to notify us in writing or by e-mail at firstname.lastname@example.org
This site is protected by reCAPTCHA and the Google
Terms of Service apply.
If you have any questions or need any
further information please let us know.