In this privacy notice, ‘we’, ‘us’ and ‘our’ mean Portman. Portman have a range of trading companies based in the United Kingdom.
Our principal address is The Port, Rosehill, New Barn Lane, Cheltenham, GL52 3LZ , our contact details can be located here.
Our Data Protection Officer can be contacted by e-mail at [email protected].
Scope of privacy notice
This privacy notice applies to anyone who interacts with us about our products and services in any way (for example, by e-mail, through our website, by phone).
What information do we collect?
We may collect the following kinds of information about you:
How we obtain information
You may give us information about you through the following:
Information we receive from third parties - This includes information you provide when you visit our websites, for the purpose of booking an appointment with a dentist at Portman dental clinics, participate in discussion boards or other social media functions on our site and when you report a problem with our site.
We use data processors who are third parties who provide elements of services for us. We have Data Processor Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct.
The personal data that we hold about you will be stored in the UK and the European Economic Area (EEA). In limited circumstances may also be transferred to or stored at a destination outside the UK or EEA.
If we transfer your data to third party service providers based outside the EEA, we ensure a similar degree of protection is provided to the transfer by ensuring at least one of the following safeguards is implemented:
• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Where we use certain service providers, we may use specific contracts (known as Standard Contractual Clauses) approved by the European Commission which give personal data the same protection it has in Europe, as well as any additional security measures as required.
We will make sure we meet any future requirements the UK or the EU provide following the UK’s exit of the EU, including (but not limited to) the legal safeguards discussed above.
Our website, like many others, uses third party cookies, helping us improve the performance of our website and digital marketing, to provide you with a better user experience.
These cookies monitor activity throughout our website using third-party providers. We track which sources are effective at helping visitors find our website and make calls to us, navigation journeys throughout, and pages visited. We may use IP addresses, geo-location data and caller telephone numbers.
What are ‘cookies’?
‘Cookies’ are small text files that are stored by the website browser (for example, Internet Explorer or Safari) on your computer or mobile device. They are widely used in order to make websites work, or work in a better, more efficient way. They can do this because websites use them to recognise you and remember important information that will make your use of a website more convenient.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser.
How we use your information – the purpose
We may use this information to:
We have CCTV at some of our practices for the purposes of security and patient and staff safety.
Our website, events, promotions, social media, content, blogs and materials we provide are intended for use by individuals 13 years or older, and we do not knowingly collect personal information relating to anyone under the age of 13 years.
However, we may in some cases collect limited personal information related to children if they are connected to someone is under 13 years, for example a child of a responsible adult who is sharing information. If we become aware that we have collected personal information from a child under the relevant age without parental consent, we take steps to delete that information.
We love social media and chatting with you there, whether it be on Facebook, Instagram or Twitter or through the live chat feature on our website.
Don’t forget, however, that everybody can see everything you do there (our sites are public) so if you want us to keep your information private, please don’t put anything on these sites which you or your loved ones would like to keep private, whether now or in the future.
We will always try to respond to you using another medium such as e-mail or phone, where appropriate.
If you use certain social media features from within our website or connect with us on our social media pages, the privacy policies of those companies will apply. Please read them carefully before you share your information with us and others as these companies may have different standards of protection of information than we do.
Sharing your information
Your information is normally used only by those working at the practice but there may be instances where we need to share it – for example, with:
We also share your information with third parties in order to deliver the following services to you:
We will only disclose your information on a need-to-know basis and will limit any information that we share to the minimum necessary. We also have third party agreements in place to protect your information.
In certain circumstances or if required by law, we may need to disclose your information to a third party not connected with your health care, including HMRC or other law enforcement or government agencies.
How we will keep your information safe
We employ administrative, electronic and physical security measures to ensure that the information that we collect about you is protected from access by unauthorised persons and protected against unlawful processing, accidental loss, destruction and damage.
In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality to us.
How long will we keep your information?
We keep your dental records for 10 years after the date of your last visit.
There are a number of other documents that we may collect that have a variety of retention dates, for example the NHS PR form – used to declare payment exemptions – which needs to be kept for 2 years.
We will only keep information, such as records through chat functions, for as long as necessary to fulfil the purposes we collected it.
We have a retention schedule listing all documents and the timeframes for disposal. Retention periods may be changed from time to time based on business or legal and regulatory requirements.
You have a right to access the information that we hold about you and to receive a copy. You can make a request by contacting your practice or by e-mailing [email protected].
You have a right to correct any information that you believe is inaccurate or incomplete. Please contact your practice to request a change in information.
You have a right to request that we delete your personal information, although you should be aware that, for legal reasons, we may be unable to erase certain information (for example, information about your dental treatment). Please contact your practice to make this request.
You have the right to request us to restrict the processing of your personal information for example, sending you reminders for appointments or information about our service. Please contact your practice to make this request.
You have a right to data portability, this could include supplying your information to another dentist. Please contact your practice to make this request.
Your Data Matters: How can you learn more about protecting your information?
If you want detailed information on your rights, protecting your information, and what the Information Commissioner’s Office (ICO) does and how it can help you protect your information, please visit https://ico.org.uk/yourdatamatters. The ICO is the UK’s independent body which upholds information rights.
If you have any concerns about how we use your information and you do not feel able to discuss it with your dentist or anyone at the practice, you can contact our Data Protection Officer via email at [email protected]