1. What is the purpose of this document?
For simplicity throughout this notice, ‘we’ and ‘us; refers to Dental Iceberg.
This notice does not form part of any contract to provide services. We may update this notice at any time.
Dental Iceberg is a “data controller”.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
Dental Iceberg’s websites contain hyperlinks to websites owned and operated by third parties and these websites will have their own privacy notices we encourage users to review them. We do not accept any responsibility or liability for the practices of such third party websites and users should read carefully their privacy statements.
2. What sort of personal data do we collect?
Your name, e-mail address, phone number, billing address, your GDC number, name of your company/organisation, course purchases and receipts, dietary requirements for events and your marketing preferences.
Details of your interactions with us through website, email, in person or via post.
We collect notes from our conversations with you, details of any complaints or comments you make, details of purchases you made, items viewed or added to your basket, wish list choices, voucher redemptions, web pages you visit and how and when you contact us
Copies of documents you provide to assist us in providing advice services to you, specific to your situation, such as a contract
Details of your visits to our websites and the details of the site you came from to ours
Personal details which help us to recommend items of interest
Your comments and product reviews
Your image may be recorded on CCTV when you visit our office or the chosen venue
To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the assets you clicked on, and any search terms you entered.
Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
We may record telephone conversations to offer you additional security, resolve complaints, for regulatory compliance and to improve our service standards. Conversations may also be monitored for staff training purposes. You will be alerted to this when you call.
Personal information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her personal data;
- receive on his/her behalf any data protection notices
3. How do we collect your personal data?
We collect personal information about you directly from you as a result of booking one of our courses or events, through subscribing to our newsletters, or we will collect additional personal information in the course of marketing activities carried out by us. We may also collect information directly from third parties.
- When you buy membership, products or book events on the phone, at an event or online
- When you create an account with us to use specific sections of the websites
- When you engage with us on social media
- When you contact us by any means with queries, complaints etc.
- When you ask one of our staff to email you information about a product or service
- When you enter prize draws or competitions
- When you choose to complete any surveys we send you. Much of our research work requires anonymous participation but some pieces of work request that you identify yourself if you wish
- When you comment on or review our products and services
- Any individual may access personal data related to them, including opinions. So, if your comment or review includes information about a staff member who provided that service, it may be passed on to them
- When you fill in any forms such as to book an event, apply for membership or complete a Contact us form
- When our suppliers and partners share information with us about the product you have purchased
- When you use our offices or chosen venues which usually have CCTV systems operated for the security of both customers and staff. These systems may record your image during your visit
4. How we will use information about you
We want to give you the best possible customer experience. One way we intend to achieve that is to get the richest, fullest picture we can of who you are by combining the data we have about you.
We then use this insight to offer you promotions, products and services that are most likely to be relevant to you or interest you.
If you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’re paying for.
We will only use your personal information when the law allows us to. Generally, we use the information collected in connection with providing our services to you. Most commonly, we will use your personal information in the following circumstances.
- To process bookings at one of our courses or events. If we don’t collect your personal data during checkout, we won’t be able to process your order and comply with our legal obligations.
- To contact you for marketing purposes only if you have consented to our contacting you for this purpose.
- To respond to your queries or complaints. Handling the information you sent enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
- To protect our customers, premises, assets and staff from crime, we may operate CCTV systems in our offices and chosen venues which record images for security. We do this on the basis of our legitimate business interests. Where you attend an event at a chosen venue such as a hotel or conference centre, they will have their own Privacy Notices which we cannot influence.
- To process payments and to prevent fraudulent transactions. We do this on the basis of our legitimate business interests. This also helps to protect our customers from fraud. If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts. We aim is to protect the individuals we interact with from criminal activities. With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email, web, text, telephone and through our contact centres about relevant products and services including tailored special offers, discounts, promotions, events, competitions and so on.
- Where we need to comply with a legal obligation.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We may also use your personal information in the following situations, which are likely to be rare:
- Where we need to protect your interests (or someone else’s interests).
- Where it is needed in the public interest or for official purposes
5. If you fail to provide personal information
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you, or we may be prevented from complying with our legal obligations (such as health and safety).
6. Data sharing
We may have to share your data with third parties, including third-party service providers. If we do, you can expect a similar degree of protection in respect of your personal information.
We require third parties to respect the security of your data and to treat it in accordance with the law.
The data that we collect from you (or any third party for whom you are acting) will not be transferred to, or stored at, a destination outside the European Economic Area (“EEA”).
Why might you share my personal information with third parties?
We will share your personal information with third parties where required by law, where it is necessary to deliver a service to you or where we have another legitimate interest in doing so.
Which third-party service providers process my personal information?
- Direct marketing companies who help us manage our electronic communications with you
- Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites.
- Data insight companies to ensure your details are up to date and accurate.
How secure is my information with third-party service providers and other entities in our group?
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Sharing your data with third parties for their own purposes:
We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal information with a regulator or to otherwise comply with the law.
What about cookies?
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. We may also use trusted third-party services that track this information on our behalf.
Most web browsers allow some control of most cookies through the browser settings. Every browser is different, look at your browser’s Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some features may be disabled.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
7. Data security
We have put in place measures to protect the security of your information. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information by other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long will you use my information for?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
For example, with the CPD you earn with us, we’ll keep the personal data you give us for ten years so we can comply with our legal and contractual obligations.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
8. Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
To ask for your information, please contact us via email at email@example.com
- Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
- Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels.
- Confirming your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice, or indeed to draw on your benefits of membership to ensure that we are talking to who we should be talking to. If you have authorised a third party such as your practice manager to submit a request on your behalf, we will ask them to prove they have your permission to act.
If you want to review, verify, correct or request erasure of your personal information, please contact us in writing on firstname.lastname@example.org
We may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
How can you stop the use of your personal data for direct marketing?
There are several ways you can stop direct marketing communications from us:
- Click the ‘unsubscribe’ link in any email communication that we send you.
- If you have an account, log in and change your preferences
- Write us an email to email@example.com
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
If you have any questions about this privacy notice or how we handle your personal information, please contact the Data Protection Officer in writing at firstname.lastname@example.org. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), by calling 0303 123 1113 or or go online to www.ico.org.uk/concerns.
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.