1. Data Protection
As data controller we take all necessary steps to comply with the GDPR & Data Protection Act 2018 and its relevant subordinate legislation when handling any personal information.
When you supply any personal information to us we will meet our legal obligations to you in the way that we deal with that information.
In accordance with the Data Protection Act 1998 we are required to collect the information fairly and to let you know how we will use it (see paragraph 2 below) and whether we will pass the information on to anyone else (see paragraph 3 below)
We will comply with the Principles set out in the Data Protection Act 1998 and we will ensure all personal information supplied to us is held securely.
We will ensure that any information will be held only as long as is necessary to ensure our services run smoothly.
We use up to date industry procedures to keep personal data as safe and secure as possible against loss, unauthorised disclosure or access (see paragraph 5 below).
2. What personal information do we collect and why do we collect it?
We may collect any or all of the following three types of information:
(a) traffic or clickstream data,
(b) cookies, or
(c) contact information and other personally identifying information.
Only the information in (c) is Personal Data which falls within the provisions of the Data Protection Act 1998. Our collection and use of each type of data is described below, as well as the ways (if any) in which the data may be shared with third parties.
(a) Traffic or Clickstream Data
Data about traffic and usage is not personally identifiable and is not combined with other information the Practice holds to provide personally identifiable information.
Like many sites we collect information about online behaviour using cookies. These cookies contain identification information that enables us to see how users are interacting with the site and how frequently they are returning. The cookies do not contain any personally identifiable information and are not combined with other information the Practice holds to provide personally identifiable information. You may set your browser software to reject cookies but you may not be able to use all the features of the site.
(c) Contact Information or Personally Identifying Information
We can obtain access to your Personal Data (such as name, e-mail address and other contact information) when you become an advertiser/merchant with us, make comments, submit a problem, or request information from us and provide your name or return contact information.
3. To whom will we supply your personal data?
Data about traffic and usage of the site together with information collected about online behaviour using cookies may be shared with third parties but only in aggregated anonymous form.
We do not disclose personally identifying information except in very specific instances.
We do not sell, trade, provide or rent your information to other parties unless we have first obtained your consent. If you do give us permission we will only share information with organisations we have carefully selected and believe to be reputable. (see paragraph 3.2).
Where an individual provides personal information (such as name, e-mail address and other contact information) to us via the website for whatever purpose (e.g. registration, survey, feedback etc.) your personal information will only be used for the purpose of communicating with you in relation to the matter raised or for any other purpose for which you have given your consent.
Specific personal information may be released where we are required to do so e.g. court order or for any of the Practice’s statutory purposes.
3.1 Will you use my personal information for direct marketing? Can I prevent this?
Personal data obtained from optional surveys or contests may be used by us for the purpose of making users aware of services or promotions which the Practice thinks you may be interested in. Such information may also be disclosed to carefully selected third parties for direct marketing but we will only do so if we have obtained your consent to this use at the point of collection of your personal data.
3.2 Is my personal information sent abroad?
Countries in the European Economic Area are required to have a similar standard of protection of personal data. This is not always the case outside that area. Personal information obtained by us may be processed on behalf of Katoomba Dental Practice by data processors outside the European Economic Area. In addition, where disclosures are made to third parties those third parties may be located or process the personal information outside the European Economic Area. Before doing so, we would take all reasonable steps to ensure that there is adequate protection.
4. Links to other websites
We take great care to ensure the security of this website and your personal information. We have put in place appropriate technical and organisational measures to ensure the safety and security of the information we collect on line. Any third party processing such information on the Practice’s behalf is contractually obliged to put in place similar measures. However, you should consider any communication that you transmit to us (such as data, questions, answers, comments or suggestions) as non-confidential. The Practice will not be liable if information that belongs to you is intercepted and used by an unintended recipient.