At Iconic Smiles, safeguarding your personal information is central to our commitment to excellence. We comply with the Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and the guidance provided by the Information Commissioner’s Office (ICO), alongside our professional obligations.
Data Controller:
Iconic Smiles
Information Governance Lead: Dr Rishin Patel
This Privacy Notice is accessible on our website at www.iconicsmiles.co.uk/privacynotice, at our reception, or upon request via email or phone at 01707 264 144.
Why We Collect Your Personal Information
We collect and process personal data to deliver outstanding dental care and ensure seamless service delivery. Specifically, your data enables us to:
Manage your dental health, including treatment plans, reminders, and follow-ups.
Fulfil legal and contractual obligations.
Communicate practice updates, appointment details, and new services (with your consent).
Maintain accurate clinical and financial records.
Categories of Personal Data We Process
We process:
Personal Data:
Name, address, date of birth, gender, contact details, emergency contact information, financial data, and IP addresses (to optimise your website experience).
Special Category Data:
Medical and dental records, NHS numbers, data related to the Equality Act 2010, and criminal record checks (for staff and contractors).
Minimising and Protecting Your Data
We ensure that only the essential data required for providing care and managing services is collected. Your data is stored securely and remains confidential. Where data sharing is necessary—such as with healthcare providers or the NHS—this is conducted with your consent unless mandated by law.
Data Storage and Retention
Storage: Your data is stored securely within the UK or EU in digital or physical formats. Where data is stored outside these regions, robust safeguards are applied to ensure compliance with data protection laws.
Retention Periods:
Patient Records: Retained for a minimum of 11 years or longer for complex cases.
Other Personal Data: Retained for two years after the last processing activity.
Lawful Bases for Processing
We process your data under the following legal bases:
Legitimate Interests of the practice.
Contractual Obligations related to your care.
Legal Obligations requiring data processing.
Consent for certain activities, such as marketing communications.
For special category data, we process based on:
Healthcare provision purposes.
Compliance with the Equality Act 2010.
Your Rights
Under data protection laws, you have the right to:
Access your data (free of charge within one month).
Rectify inaccurate or incomplete information.
Request data deletion (where retention is not legally required).
Restrict or object to data processing in certain circumstances.
Request data portability for transfer to another provider.
Withdraw consent for non-essential communications or marketing.
For more information, see our Information Governance Procedures or visit the ICO website at www.ico.org.uk.
How to Contact Us
For concerns, queries, or complaints regarding your data, please contact:
Information Governance Lead: Dr Rishin Patel
Address: Iconic Smiles, 12 Hilltop Way, Hatfield, AL10 8FH
Email: hilltop@iconicsmiles.co.uk
Phone: 01707 264 144
Alternatively, you may contact the ICO at 0303 123 1113 or visit www.ico.org.uk.
National Data Opt-Out Policy
Iconic Smiles adheres to the national data opt-out policy. Your data is used solely for your care and treatment unless a lawful basis exists for other uses, such as research or planning. To learn more, visit www.nhs.uk/your-nhs-data-matters.
Processing Staff and Candidate Information
We also process staff and job applicant data to meet employment, contractual, and legal requirements. This includes:
Contact and financial details (e.g., payroll and pensions).
Health and training records.
Criminal record checks (if required for the role).
Thank you for trusting Iconic Smiles with your personal information. Your privacy and security remain our priority.