the family and specialist practice since 2003 . . .
Dentata Charta Dental Centre
Patient Privacy Notice (UK GDPR)
At Dentata Charta Dental Centre, we are committed to protecting your privacy and handling your personal data with care and transparency. This Patient Privacy Notice explains how we collect, use, store, and protect your personal information when providing dental care and related services.
This notice is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Who We Are
Practice Name: Dentata Charta Dental Centre
Address: 48 Bury Road, Newmarket, Suffolk, CB8 7B
Data Controller: Johan Viljoen
Data Protection Officer (DPO): Lavinia Swann-Auger
Contact Details:
Email: info@dentatacharta.co.uk
Telephone: 01638 662295
What Information We Collect and Why
We only collect personal data that is necessary to provide safe, effective dental care and to meet our legal and regulatory obligations.
1. Contact and Identification Details
What we collect:
Name, date of birth, NHS number (where applicable), address, telephone number, and email address.
Why we collect it:
To manage appointments, communicate with you, maintain accurate patient records, and provide ongoing dental care.
2. Dental and Medical Records (Special Category Data)
What we collect:
Clinical notes, medical history, dental history, X-rays, photographs, scans, treatment plans, correspondence, and consent records.
Why we collect it:
To assess your oral health, provide appropriate treatment, comply with professional standards, and ensure continuity of care.
3. Financial Information
What we collect:
Records of fees charged, payments received, and payment method information.
Why we collect it:
To manage billing, comply with contractual and legal obligations, and meet NHS and accounting requirements where applicable.
How We Use and Share Your Information
We may share your information only where necessary and appropriate, including with:
The NHS and relevant NHS payment authorities
Dental plan providers and insurers (e.g. Simplyhealth, Practice Plan, Lloyd & Whyte)
Other healthcare professionals (such as your GP or specialists) were required for your care
Regulatory or government bodies where required by law
We may also use anonymised data for audits, service improvement, and regulatory compliance.
Lawful Basis for Processing (UK GDPR)
We process your personal data under the following lawful bases:
Article 6(1)(b) – Processing necessary for the performance of a contract (providing dental care)
Article 6(1)(c) – Processing required to comply with legal obligations (including NHS and regulatory requirements)
Article 9(2)(h) – Processing necessary for the provision of healthcare and treatment
Article 6(1)(a) and Article 9(2)(a) – Explicit consent, where required (for example, contact via digital channels or marketing communications)
Where processing is based on consent, you may withdraw that consent at any time.
Marketing and Communications
We will only reach out to you about services, promotions, or practice updates where you have given explicit consent.
I just wanted to let you know that your decision regarding marketing communications does not affect your access to dental care.
You can withdraw marketing consent at any time by using the unsubscribe option provided.
Keeping Your Information Secure
We take appropriate technical and organisational measures to protect your personal data, including:
Secure electronic dental record systems with audit trails
Restricted access to authorised staff only
Staff training in data protection and confidentiality
Secure backups and data storage procedures
How Long Do We Keep Your Information
We retain patient records in line with NHS, GDC, and professional guidance:
Dental records are retained for 10 years after your last visit, or
Until your 25th birthday, if this is longer
You may request deletion of non-essential data, such as marketing contact preferences.
So that you know, clinical records cannot be deleted where retention is required by law or professional regulation.
Your Rights
Under UK GDPR, you have the right to:
Access your personal data and request a copy
Request correction of inaccurate or incomplete data
Request erasure of data (where legally permissible)
Restrict or object to certain types of processing
Withdraw consent where processing is based on consent
To exercise these rights, please get in touch with our Data Protection Officer at info@dentatacharta.co.uk
Concerns and Complaints
If you have concerns about how your personal data is handled, please raise them with us in the first instance.
You also have the right to complain to the Information Commissioner’s Office (ICO):
Telephone: 0303 123 1113
Website: https://www.ico.org.uk
Dentata Charta Dental Centre
Patient Privacy Notice (UK GDPR)
At Dentata Charta Dental Centre, we are committed to protecting your privacy and handling your personal data with care and transparency. This Patient Privacy Notice explains how we collect, use, store, and protect your personal information when providing dental care and related services.
This notice is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Who We Are
Practice Name:
Dentata Charta Dental Centre
Address:
48 Bury Road, Newmarket, Suffolk, CB8 7B
Data Controller: Johan Viljoen
Data Protection Officer (DPO): Lavinia Swann-Auger
Contact Details:
Email: info@dentatacharta.co.uk
Telephone: 01638 662295
What Information We Collect and Why
We only collect personal data that is necessary to provide safe, effective dental care and to meet our legal and regulatory obligations.
1. Contact and Identification Details
What we collect:
Name, date of birth, NHS number (where applicable), address, telephone number, and email address.
Why we collect it:
To manage appointments, communicate with you, maintain accurate patient records, and provide ongoing dental care.
2. Dental and Medical Records (Special Category Data)
What we collect:
Clinical notes, medical history, dental history, X-rays, photographs, scans, treatment plans, correspondence, and consent records.
Why we collect it:
To assess your oral health, provide appropriate treatment, comply with professional standards, and ensure continuity of care.
3. Financial Information
What we collect:
Records of fees charged, payments received, and payment method information.
Why we collect it:
To manage billing, comply with contractual and legal obligations, and meet NHS and accounting requirements where applicable.
How We Use and Share Your Information
We may share your information only where necessary and appropriate, including with:
The NHS and relevant NHS payment authorities
Dental plan providers and insurers (e.g. Simplyhealth, Practice Plan, Lloyd & Whyte)
Other healthcare professionals (such as your GP or specialists) were required for your care
Regulatory or government bodies where required by law
We may also use anonymised data for audits, service improvement, and regulatory compliance.
Lawful Basis for Processing (UK GDPR)
We process your personal data under the following lawful bases:
Article 6(1)(b) – Processing necessary for the performance of a contract (providing dental care)
Article 6(1)(c) – Processing required to comply with legal obligations (including NHS and regulatory requirements)
Article 9(2)(h) – Processing necessary for the provision of healthcare and treatment
Article 6(1)(a) and Article 9(2)(a) – Explicit consent, where required (for example, contact via digital channels or marketing communications)
Where processing is based on consent, you may withdraw that consent at any time.
Marketing and Communications
We will only reach out to you about services, promotions, or practice updates where you have given explicit consent.
I just wanted to let you know that your decision regarding marketing communications does not affect your access to dental care.
You can withdraw marketing consent at any time by using the unsubscribe option provided.
Keeping Your Information Secure
We take appropriate technical and organisational measures to protect your personal data, including:
Secure electronic dental record systems with audit trails
Restricted access to authorised staff only
Staff training in data protection and confidentiality
Secure backups and data storage procedures
How Long Do We Keep Your Information
We retain patient records in line with NHS, GDC, and professional guidance:
Dental records are retained for 10 years after your last visit, or
Until your 25th birthday, if this is longer
You may request deletion of non-essential data, such as marketing contact preferences.
So that you know, clinical records cannot be deleted where retention is required by law or professional regulation.
Your Rights
Under UK GDPR, you have the right to:
Access your personal data and request a copy
Request correction of inaccurate or incomplete data
Request erasure of data (where legally permissible)
Restrict or object to certain types of processing
Withdraw consent where processing is based on consent
To exercise these rights, please get in touch with our Data Protection Officer at info@dentatacharta.co.uk
Concerns and Complaints
If you have concerns about how your personal data is handled, please raise them with us in the first instance.
You also have the right to complain to the Information Commissioner’s Office (ICO):
Telephone: 0303 123 1113
Website: https://www.ico.org.uk