Privacy Policy

WHO WE ARE

• We are DenGro Limited. We provide a platform for dental practices to attract and convert new patients.
• Our registered office is: 1 Widcombe Parade, Bath, BA2 4JT, United Kingdom. We are registered as a data controller with the Information Commissioner’s Office and our registration number is ZA304057.

• We (DenGro) primarily act as a data processor on behalf of our customers (dental practices) in providing our services.
• You (the Dental Practice) are the Data Controller. You own, store and are responsible for data about your patients, and those who may be interested in treatment (your leads).

WHAT PERSONAL DATA WE COLLECT

• Name
• Email address
• Phone number
• Address
• Usage data
• Unique device identifiers (Google Advertiser ID or IDFA, for example)
• Details of patient enquiries
• Marketing preferences
• User login details
• To set up new users
• To provide support to users
• To deactivate users
• To store lead and patient data on behalf of dental practices for their defined purposes
• To analyse user preferences
• Advertising and customer retargeting

We also use information about how users interact with DenGro to analyse and improve the platform. We act as a controller for this purpose. This information will be used at an aggregated level wherever possible.

HOW WE USE YOUR PERSONAL DATA

WHO WE SHARE YOUR PERSONAL DATA WITH

The DenGro platform integrates with several third-party providers to help us provide our service, as set out below:

Access to third party accounts

DenGro can also be configured to allow the platform to access data from an account on a third-party service (such as Facebook) and perform actions with it. These services are not activated automatically and require explicit authorisation by the user.

We may also be required to comply with a request or legal order to disclose personal data to a third party, for example in relation to a police investigation or insurance claim.

LAWFUL BASIS

Under data protection law, we have to identify relevant lawful bases for our use of your personal data. We primarily rely on:

• Legitimate interests – to provide and administer the DenGro platform to users and customers.
• Legal obligation – in meeting our legal obligations under financial, health and safety and employment laws (among others).

Dental practices (as “controllers”) define their lawful bases for processing personal data relating to their leads and clients.

HOW LONG DO WE KEEP YOUR PERSONAL DATA

DenGro users

• We hold personal data of DenGro users for as long as they are active users.
• We will delete account data and subscriber data 12 months after an Account was last active (i.e. where an Account has no active Subscription).

INTERNATIONAL TRANSFERS

DenGro Ltd is based in the UK and therefore subject to the UK GDPR and related UK data protection legislation. Our main IT infrastructure (Amazon Web Services) is hosted in Ireland but some of the third parties DenGro integrates with store data outside the UK and the European Economic Area (EEA).

Where this is the case, we have arrangements in place to ensure that personal data is afforded the same level of protection as within the UK or EEA, as required by UK GDPR Articles 45-49.

YOUR RIGHTS

Under data protection legislation, you have rights in relation to your personal data, as below:

• The right of access (obtaining a copy of your data)
• The right to rectification (correcting your data)
• The right to erasure (deleting your data)
• The right to restrict processing (to stop use of your data for a time limited period)
• The right to data portability (to move your data to another organisation)
• The right to object (to object to our use of your data)
• Rights in relation to automated decision making and profiling (to know if and how we use any technology to make decisions about you)

There are some limited exemptions to these rights, so they may not apply in every scenario. For further information on these rights, please see the Information Commissioner’s Office (ICO) website.

If you wish to make a request in relation to any of these rights, please contact us as: data-protection@dengro.com . Where we act as a processor on behalf of our customers, we will pass any requests to the customer to respond to (as a controller).

INFORMATION SECURITY

We have information security measures in place to reduce the risk of unauthorised access to, misuse or loss of personal data. These include:

• Appropriate access controls and user authentication
• Incident and breach processes
• Appropriate internal IT and network security
• Business continuity processes
• Contracts with our suppliers covering data protection and information security

QUERIES OR COMPLAINTS

In the first instance, we would hope to resolve any queries or concerns you have in an informal way, if you contact us at: data-protection@dengro.com

If you are not satisfied with our response, you also have a right to complain to the Information Commissioner’s Office (ICO) as the regulator of data protection. For further information, please see: https://ico.org.uk/make-a-complaint/