Sale Dental GDPR Policy 2018

What data do we collect?

  • Personal data
  • Names
  • Addresses
  • Contact mobile numbers/ Landline numbers
  • Email addresses

Where do we store the data?

  • Email lists
  • Exact (SOE)dental software.
  • Emails, if clients have provided their details this way.

How do we protect and document the data we have?

  • Passwords to email accounts
  • Confidentiality policy
  • Passwords to Exact software only authorised personnel access.

How long do we plan to keep the data for?

  • Clinical notes are kept for 10 years.

Do we have a function/ reason for every piece of data we collect?

  • Customer service reasons
  • Contact details to inform clients of any changes to appointments
  • To provide reminders for appointments
  • Quarterly newsletter.
  • Promotion emails

What is the process if someone asks to be removed from our records?

  • The client record is made inactive, no further reminder calls or emails are sent out.
  • Every client is asked if they would like to opt into receiving emails etc, if they agree or decline the outcome is saved into the patient records on Exact under permissions.

Once you have answered all these questions you can add each set of data to this table to formally store:

Data Audit Form

Type of Data 
Description of data 
Employee responsible 
Date of consent to hold data 
Where the data is stored 
Source of the data 
Purpose of the data 
How the data is protected in its storage 
Usage restrictions 
Usage rights 
Usage frequency 
Retention period 
Comments