1. Introduction

Welcome to the privacy policy of Dentelli. We are dedicated to maintaining the privacy and security of your personal data. This policy outlines how we collect, use, and protect your information when you visit our website, engage with our services, or interact with us in any way.

2. Data Controller

Dentelli is the data controller for your personal data. Our contact details are:

Address: Ulica Josipa Jovica 93, 3 razina, Split, Split-Dalmatia 21000, HR

Email: info@dentelli.hr

3. Information We Collect

We may collect and process the following categories of personal data:

Identification Data: Name, date of birth, gender.

Contact Information: Address, email address, phone number.

Health Data: Medical history, dental records, treatment history, allergies, and any other health-related information pertinent to your dental care.

Financial Data: Payment information, billing address, insurance details.

Communication Data: Correspondence through email, phone, or our website’s contact form.

Technical Data: IP address, browser type, time zone setting, and operating system.

4. Purpose of Data Processing

We collect and process your personal data for the following purposes:

Provision of Dental Care: To deliver, manage, and monitor dental treatment and care.

Appointment Management: To schedule and confirm appointments.

Billing and Payments: To process payments and issue invoices.

Communication: To send reminders about appointments, follow-ups, and important health information.

Legal Compliance: To comply with health regulations, insurance requirements, and other legal obligations.

Marketing (with consent): To send newsletters, updates, and promotional materials related to our services (you can opt-out at any time).

 

5. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

Consent: When you provide explicit consent for us to process your data (e.g., for marketing purposes).

Contractual Necessity: To fulfill our obligations under a contract (e.g., providing dental services).

Legal Obligation: To comply with legal and regulatory requirements (e.g., record-keeping for health regulations).

Legitimate Interests: For purposes that are in our legitimate interests and do not override your rights (e.g., improving our services).

6. Data Retention Period

We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Specifically:

Health records will be retained for a minimum of 10 years or as required by law.

Other personal data will be retained for as long as you are a patient and for 2 years after your last visit.

7. Data Security

We take the security of your personal data seriously. We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or destruction. These measures include:

Encryption of sensitive data.

Secure servers and data storage solutions.

Regular security assessments and updates.

Access controls to limit data access to authorized personnel only.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access: You can request access to your personal data and information about how we process it.

Right to Rectification: You have the right to request correction of inaccurate or incomplete data.

Right to Erasure: You can request the deletion of your personal data under certain circumstances.

Right to Restrict Processing: You can request the restriction of processing of your personal data.

Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

Right to Object: You can object to the processing of your personal data based on legitimate interests or for direct marketing purposes.

To exercise any of these rights, please contact us using the contact details provided above.

 

9. Third-Party Sharing

We do not sell or rent your personal data to third parties. We may share your personal data with:

Healthcare Providers: Other health professionals or specialists involved in your treatment.

Payment Processors: Third-party services used to handle payments and billing.

Regulatory Authorities: Government or regulatory bodies as required by law (e.g., for health audits).

Service Providers: Companies that assist us in delivering our services (e.g., IT support).

We ensure that any third parties we share data with comply with GDPR and maintain the confidentiality and security of your data.

 

10. International Transfers of Data

If we transfer your personal data outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place, such as standard contractual clauses or other legal mechanisms, to protect your data in accordance with GDPR requirements.

 

11. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on our website and updating the effective date. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

 

12. Contact Us

If you have any questions, concerns, or complaints regarding this privacy policy or our data processing practices, please contact us at:

 

Email: info@dentelli.hr

Effective Date: October 2024