Data Protection Policy – Alexandra Dental Practice Ltd.
Alexandra Dental Practice Ltd. (“The Clinic”) needs to collect and use personal data (information) about its staff, students, patients and other individuals who come into contact with the Clinic. The purposes of processing data include the organisation and administration of courses, examinations, research activities, the recruitment and payment of staff, compliance with statutory obligations, etc. Data Protection law safeguards the privacy rights of individuals in relation to the processing of their personal data. The Data Protection Act 1988 and the Data Protection (Amendment) Act 2003 confer rights on individuals as well as responsibilities on those persons processing personal data. Personal data, both automated and manual, are data relating to a living individual who is or can be identified, either from the data or from the data in conjunction with other information.
Purpose of this policy
This policy is a statement of the Clinic’s commitment to protect the rights and privacy of individuals in accordance with the Data Protection Act 1988 and the Data Protection (Amendment) Act 2003.
Data Protection Principles
The Clinic undertakes to perform its responsibilities under the legislation in accordance with the eight stated Data Protection principles outlined in the Acts as follows:
- Obtain and process information fairly
The Clinic obtains and processes personal data fairly and in accordance with its statutory and other legal obligations.
- Keep it only for one or more specified, explicit and lawful purposes
The Clinic keeps personal data for purposes that are specific, lawful and clearly stated. Personal data will only be processed in a manner compatible with these purposes.
- Use and disclosure only in ways compatible with these purposes
The Clinic only uses and discloses personal data in circumstances that are necessary for the purposes of for which it collects and keeps the data.
- Keep it safe and secure
The Clinic takes appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of data and against accidental loss or destruction.
- Keep it accurate, complete and up-to-date
The Clinic operates procedures that ensure high levels of data accuracy, completeness and consistency.
- Ensure it is adequate, relevant and not excessive
Personal data held by the Clinic are adequate, relevant and not excessive in data retention terms.
- Retain for no longer than is necessary
The Clinic has a policy on retention periods for personal data.
- Give a copy of his/ her personal data to that individual, on request
The Clinic has procedures in place to ensure that data subjects can exercise their rights under the Data Protection legislation.
The Clinic has overall responsibility for ensuring compliance with Data Protection legislation when it is the Data Controller of personal data. All staff and students of The Clinic who separately collect and/or control the content and use of personal data are individually responsible for compliance with this policy and the relevant regulatory requirements. The Clinic Manager is the Data Protection Officer, and provides support, assistance, advice, and training to all departments and offices to ensure that they are in a position to comply with the legislation.
Procedures and Guidelines
The Clinic is firmly committed to ensuring personal privacy and compliance with the Data Protection legislation, including the provision of best practice guidelines and procedures in relation to all aspects of Data Protection.
This Policy will be reviewed regularly in light of any legislative or other relevant developments.
Collection and use of personal information
Personal information: information that is associated with your name or personal identity. This Website does not collect any personal data about you on this Website, apart from information which you volunteer (for example, by emailing us, or registering with us). Any information which you provide in this way is not made available to any third parties, and is used by this site only in line with the purpose for which you provided it.
Collection and use of non-personal information
Non-personal information: data collected for statistical purposes which is not associated with a specific identity. This site collects and analyses technical information in order to evaluate our Website. The type of technical information we log is confined to the following:
- The IP address*1 of the visitor’s Web server
- The top-level domain-name used (for example .ie, .com, .org, .net)
- The pages visited on the this site Website, i.e. URL’s*2 visited
- The previous Website address from which the visitor reached us, including any search terms used
- Clickstream data which shows the traffic of visitors around this Website (for example, pages accessed)
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
Cookies set by visiting this website
*1 An IP address is an identifier for a computer or device on a Transmission Control Protocol/Internet Protocol (TCP/IP) network, such as the World Wide Web. Networks use the TCP/IP protocol to route information based on the IP address of the destination. In other words, an IP address is a number that is automatically assigned to your computer whenever you are surfing the Web, allowing Web servers to locate and identify your computer. Computers require IP addresses in order for users to communicate on the Internet, browse and shop.
*2 A URL (Uniform Resource Locator) is the global address of documents and other resources on the World Wide Web.