Privacy Policy

Introduction

Monread Dental is committed to protecting the privacy and personal data of our patients in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988 and 2018. This policy outlines our approach to data protection and the measures we take to ensure the confidentiality and security of personal data collected and processed by our practice.

 

Data Controller

The data controller for the personal data processed in our dental practice is:

Monread Dental

Monread Retail Park,

Naas, Co. Kildare,

Ireland

Contact details: [045-898546, monreaddental@gmail.com]

 

​Collection and Use of Personal Data

We collect and process personal data of our patients for the following purposes:

• Providing dental treatment and care

• Managing patient appointments and records

• Billing and payment processing

• Communicating with patients about their treatment and related matters

• Ensuring the health and safety of our patients and staff

• Complying with legal and regulatory obligation

 

Types of Personal Data Collected

We may collect and process the following categories of personal data:

• Contact information (name, address, phone number, email address)

• Medical history and dental records

• Treatment plans and clinical notes

• Financial and billing information

• Insurance details (if applicable)

• Consent forms and other relevant documents

 

Lawful Basis for Processing

We will process personal data on the following lawful bases:

• The necessity of processing for the performance of a contract (providing dental treatment and care)

• Compliance with a legal obligation (maintaining proper records, billing, and reporting)

• Consent obtained from the data subject (where required)

• Legitimate interests pursued by the data controller or a third party (e.g., appointment reminders, marketing communications)

 

Data Retention

We will retain personal data for as long as necessary to fulfil the purposes outlined in this policy, as required by law, and as deemed necessary to defend against potential legal claims.

 

Data Security

We implement appropriate technical and organsational measures to ensure the security of personal data against unauthorized access, loss, alteration, or disclosure. These measures include:

• Secure storage and access controls for physical records

• Encryption and access controls for electronic records

• Regular backups and disaster recovery procedures

• Training our staff on data protection and security best practices

 

Data Subject Rights

Under GDPR, data subjects have certain rights regarding their personal data. These include:

• The right to access personal data held by our dental practice

• The right to rectify inaccurate or incomplete personal data

• The right to erasure of personal data under certain circumstances

• The right to restrict processing of personal data

• The right to data portability

• The right to object to processing, including direct marketing

• The right to withdraw consent (if processing is based on consent)

• The right to lodge a complaint with the Data Protection Commissioner

Requests to exercise these rights should be submitted in writing to the data controller at the address provided in Section 2.

 

Data Sharing and Third Parties

We may share personal data with third parties in the following circumstances:

• Referring to specialists or other healthcare providers (with patient consent)

• Processing insurance claims (with patient consent)

• Compliance with legal and regulatory obligations

• IT and software providers who assist in managing and securing our data systems

 

International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), we will ensure appropriate safeguards are in place to protect the data, such as using standard contractual clauses or relying on adequacy decisions by the European Commission.