DenGro Platform Privacy Policy

This policy sets out the personal data collected and used via our platform to help dental practices catch, nurture and convert more leads to dental treatment.

WHO WE ARE

  • We are DenGro Limited. We provide a platform for dental practices to attract and convert new patients.
  • Our registered office is: 1 Widcombe Parade, Bath, BA2 4JT, United Kingdom. We are registered as a data controller with the Information Commissioner’s Office and our registration number is ZA304057.
  • We (DenGro) primarily act as a data processor on behalf of our customers (dental practices) in providing our services.
  • You (the Dental Practice) are the Data Controller. You own, store and are responsible for data about your patients, and those who may be interested in treatment (your leads).

WHAT PERSONAL DATA WE COLLECT

  • Name
  • Email address
  • Phone number
  • Address
  • Usage data
  • Unique device identifiers (Google Advertiser ID or IDFA, for example)
  • Details of patient enquiries
  • Marketing preferences
  • User login details
  • To set up new users
  • To provide support to users
  • To deactivate users
  • To store lead and patient data on behalf of dental practices for their defined purposes
  • To analyse user preferences
  • Advertising and customer retargeting

We also use information about how users interact with DenGro to analyse and improve the platform. We act as a controller for this purpose. This information will be used at an aggregated level wherever possible.

HOW WE USE YOUR PERSONAL DATA

WHO WE SHARE YOUR PERSONAL DATA WITH

The DenGro platform integrates with several third-party providers to help us provide our service, as set out below:

Third party

Purpose

Privacy information

Amazon Web Services (AWS)

Hosting services

https://aws.amazon.com/compliance/data-privacy-faq/

Drip

To send automated and transactional emails

https://www.drip.com/privacy

Facebook API

App integration with account lead ad forms

https://www.facebook.com/about/privacy

Facebook Pixel

Connects data from the Facebook advertising network with actions performed on DenGro. The Facebook pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Audience Network

https://www.facebook.com/about/privacy

Google Ads Remarketing

Remarketing and behavioural targeting service provided by Google LLC that connects the activity of DenGro with the Google Ads advertising network and the DoubleClick Cookie.

https://policies.google.com/privacy

Google API

Maps and geocoding

https://policies.google.com/privacy

Google Analytics

User tracking and analytics

https://policies.google.com/privacy

Google Tag Manager

Tag and script management in a centralised manner. This results in the Users' Data flowing through these services, potentially resulting in the retention of this Data.

https://policies.google.com/privacy

Hotjar

Heat mapping services are used to display the areas of a page where Users most frequently move the mouse or click. This shows where the points of interest are. These services make it possible to monitor and analyse web traffic and keep track of User behaviour.

https://www.hotjar.com/privacy/

Hubspot

Customer relationship management

https://legal.hubspot.com/product-privacy-policy

Intercom

Support and lead communications

https://www.intercom.com/legal/privacy

Linode

Hosting services

https://www.linode.com/legal-privacy/

Mailgun

Email address management and message sending service

https://www.mailgun.com/privacy-policy/

Rollbar

Application logging and telemetry

https://rollbar.com

MessageBird

Transactional SMS messaging

https://www.messagebird.com/en/legal/privacy

Pusher

Push notifications (app)

https://pusher.com/legal/privacy-policy

Access to third party accounts

DenGro can also be configured to allow the platform to access data from an account on a third-party service (such as Facebook) and perform actions with it. These services are not activated automatically and require explicit authorisation by the user.

We may also be required to comply with a request or legal order to disclose personal data to a third party, for example in relation to a police investigation or insurance claim.

LAWFUL BASIS

Under data protection law, we have to identify relevant lawful bases for our use of your personal data. We primarily rely on:

  • Legitimate interests – to provide and administer the DenGro platform to users and customers.
  • Legal obligation – in meeting our legal obligations under financial, health and safety and employment laws (among others).

Dental practices (as “controllers”) define their lawful bases for processing personal data relating to their leads and clients.

HOW LONG DO WE KEEP YOUR PERSONAL DATA

DenGro users

  • We hold personal data of DenGro users for as long as they are active users.
  • We will delete account data and subscriber data 12 months after an Account was last active (i.e. where an Account has no active Subscription).

INTERNATIONAL TRANSFERS

DenGro Ltd is based in the UK and therefore subject to the UK GDPR and related UK data protection legislation. Our main IT infrastructure (Amazon Web Services) is hosted in Ireland but some of the third parties DenGro integrates with store data outside the UK and the European Economic Area (EEA).

Where this is the case, we have arrangements in place to ensure that personal data is afforded the same level of protection as within the UK or EEA, as required by UK GDPR Articles 45-49.

YOUR RIGHTS

Under data protection legislation, you have rights in relation to your personal data, as below:

  • The right of access (obtaining a copy of your data)
  • The right to rectification (correcting your data)
  • The right to erasure (deleting your data)
  • The right to restrict processing (to stop use of your data for a time limited period)
  • The right to data portability (to move your data to another organisation)
  • The right to object (to object to our use of your data)
  • Rights in relation to automated decision making and profiling (to know if and how we use any technology to make decisions about you)

There are some limited exemptions to these rights, so they may not apply in every scenario. For further information on these rights, please see the Information Commissioner’s Office (ICO) website.

If you wish to make a request in relation to any of these rights, please contact us as: data-protection@dengro.com . Where we act as a processor on behalf of our customers, we will pass any requests to the customer to respond to (as a controller).

INFORMATION SECURITY

We have information security measures in place to reduce the risk of unauthorised access to, misuse or loss of personal data. These include:

  • Appropriate access controls and user authentication
  • Incident and breach processes
  • Appropriate internal IT and network security
  • Business continuity processes
  • Contracts with our suppliers covering data protection and information security

QUERIES OR COMPLAINTS

In the first instance, we would hope to resolve any queries or concerns you have in an informal way, if you contact us at: data-protection@dengro.com

If you are not satisfied with our response, you also have a right to complain to the Information Commissioner’s Office (ICO) as the regulator of data protection. For further information, please see: https://ico.org.uk/make-a-complaint/


Start converting more leads into patients today

Catch, nurture and convert leads to treatment the easy way.

Lead nurture and conversion advice by email?