Safesmiles

Privacy and Cookie policy

  1. What is Safe Brace?

1.1     Safe Brace is an initiative run jointly by the British Orthodontic Society and Oral Health Foundation as follows –

1.1.1            The British Orthodontic Society and the Oral Health Foundation are two charities who are committed to patient care in the field of orthodontics. The marketplace is currently flooded with options for orthodontic treatment to include the new phenomenon of DIY Orthodontics.

1.1.2            The purpose of the Safe Brace campaign is to provide independent information and education to the general public / prospective orthodontic patients about the options for orthodontic treatment so that they can make informed choices.  The campaign is run through our Safe Brace website which has patient safety at its helm.

1.1.3            Any references in this policy to our “services” or “business” refers to the non-profit making campaign that we are running to help to inform and educate the public to learn more about their options for orthodontic treatment

 

          Introduction to our Privacy Policy

1.2     The Oral Health Foundation and the British Orthodontic Society are committed to safeguarding the privacy of Safe Brace visitors and service users. We take your privacy seriously. Please read this policy carefully as it contains important information on who we are as well as how and why we share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event that you have a complaint.  We collect, use and are responsible for certain personal information about you. When we do so, we are subject to the General Data Protection Regulation which applies across the European Union (including the United Kingdom) and we are responsible as “controller” of that personal information for the purpose of those laws.

1.3     This policy applies where we are acting as a data controller with respect to the personal data of Safe Brace visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.

1.4     We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website and services, we will ask you to consent to our use of cookies when you first visit our website.

1.5     Our website incorporates privacy controls which affect how we will process your personal data. By using the privacy controls, you can specify whether you would like to receive direct marketing communications and limit the publication of your information.

1.6     In this policy, "we", "us" and "our" refer to the Oral Health Foundation and the British Orthodontic Society. For more information about us, see Section 11.

 

 

 

2        Key Terms

It would be helpful to start by explaining some of the key terms that we use in this policy:

 

We us or our

This refers to the British Orthodontic Society and the Oral Health Foundation

Our data protection officers

The data protection officer for the British Orthodontic Society is [Ann Wright [email protected] ]

The data protection officer for the Oral Health Foundation is [Kerry Geldart – [email protected]]

Personal Information

Any information relating to an identified individual

ICO

The Information Commissioner’s Office (ICO) is the independent regulatory office in charge of upholding information rights in the interest of the public to include under the Data Protection Act

 

 

  1. How we use your personal data

3.1   In this section we have set out:

(a)      what information we collect about you and the general categories of personal data that we may process;

(b)      in the case of personal data that we did not obtain directly from you, the source and specific categories of that data;

(c)      the purposes for which we may process personal data; and

(d)      the legal bases of the processing.

 

3.2     What information do we collect about you?

  • We collect information about you when you fill in an online form to:

 

  • Register for a website account or update your account details
  • Sign up for email updates
  • Contact us
  • Place orders for free or paid products or services
  • Apply for membership
  • Complete surveys or provide feedback.

This information may include:

  • Your name, role and organisation
  • Your contact details including email address
  • Demographic information such as postcode and interests.

We collect material that you proactively post or contribute to our sites and any correspondence you have with us.

When you contact us by email, letter or on the phone, we may also record this information on our customer relationship management system to help us process your request efficiently.

3.3     We may process data about your use of our website and services ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services OR.

3.4     We may process your ("account data"). This account data may include your name and email address. The source of the account data is you. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is consent and our legitimate interests, namely the proper administration of our website and business

3.5     We may process your information included in your personal profile on our website ("profile data"). The profile data may include your name, address, telephone number, email address, profile pictures, gender, date of birth, relationship status, interests and hobbies and employment details. The profile data may be processed for the purposes of enabling and monitoring your use of our website and services. The legal basis for this processing is consent and our legitimate interests, namely the proper administration of our website and business.

3.6     We may process information contained in any enquiry you submit to us regarding goods and/or services ("enquiry data"). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent.

3.7     We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters ("notification data"). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent.

3.8     We may process information contained in or relating to any communication that you send to us ("correspondence data"). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.

3.9     We may process information relating orthodontic or dental treatment that you have received or your patient experience (“treatment data”) We would never identify the personal details of a patient without specific consent but we may process medical data, specifically regarding dentistry and orthodontic treatment that our service users have experienced This data may include dental or orthodontic treatment, the type of treatment, the price of the treatment, source of treatment and the patient outcome or experience. The source of this data are likely to arise from surveys and questionnaires.  This data may be processed for use in editorial, for our own statistics, to and across our website.  The legal basis for this processing is our legitimate interests, namely to better understand the nation’s relationship with orthodontics, braces and cosmetic treatment and to ensure that patients are making informed decisions about their treatment and that high standards of patient safety are being maintained

3.10    We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

3.11    We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.

3.12    In addition to the specific purposes for which we may process your personal data set out in this section , we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

3.13    Please do not supply any other person's personal data to us, unless we prompt you to do so.

 

  1. Providing your personal data to others

4.1     We may disclose your personal data between ourselves, the British Orthodontic Society and Oral Health Foundation insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.

4.2     We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

4.3     In addition to the specific disclosures of personal data set out in this section, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

4.4     Your data may also be available to our website provider to enable us and them to deliver their service to us, carry out analysis and research on demographics, interests and behaviour of our users and supporters to help us gain a better understanding of them to enable us to improve our services. This may include connecting data we receive from you on the website to data available from other sources. Your personally identifiable data will only be used where it is necessary for the analysis required, and where your interests for privacy are not deemed to outweigh their legitimate interests in developing new services for us. In the case of this activity the following will apply:

  • Your data will be made available to our website provider 
  • The data that may be available to them include any of the data we collect as described in this policy.
  • Our website provider will not transfer your data to any other third party or transfer your data outside of the EEA.
  • They will store your data for a maximum of 7 years.
  • This processing does not affect your rights as detailed in this privacy policy.

 

  1. International transfers of your personal data and use of Mailchimp

5.1     We do use the services of Mailchimp and Mailchimp’s privacy policy can be found at https://mailchimp.com/legal/privacy/. You acknowledge and consent to us lawfully transferring data to Mailchimp and to enable such data to be lawfully collected, processed, and shared by Mailchimp for the purposes of providing the services or as otherwise directed by you.          

5.2     On rare occasions, it may be necessary for us to share your personal information outside the European Economic Area (EEA) e.g for example where we may be liaising with international bodies to improve services for patients. Non-EEA countries do not have the same data protection laws as the United Kingdom and EEA. We will however, ensure that the transfer complies with data protection law and all personal information will be secure. Our standard practice is to use standard data protection contract clauses that have been approved by the European Commission. If you require further information please contact our Data Protection Officer (see How to Contact Us) below

5.3     You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

  1. Retaining and deleting personal data

6.1     This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

6.2     Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

6.3     We will keep your personal data for only as long as necessary:

(a)      to respond to any questions, complaints or claims made by you or on your behalf

(b)      to show that we treated you fairly

(c)      to keep records as required by law

6.4     We will not retain your personal information for longer than necessary for the purposes set out in this policy. When it is no longer necessary to retain your personal information, we will delete or anonymise it.

  1. Issue Date and Changes to this Privacy Policy

7.1     This privacy policy was issued on 23 January 2020 and last updated on 23 January 2020

7.2     We may change this privacy policy from time to time and when we do we will inform you via our website or any contact email we have for you .

 

7.3     You should check this page occasionally to ensure you are happy with any changes to this policy

  1. Your rights

8.1     You have the following rights which you can exercise free of charge:

 

Access

The right to be proved with a copy of your personal information (the right of access) For further information please see the ICO’s website on - https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access/

Rectification

The right to require us to correct any mistakes in your personal information. For further information please see the ICO’s website -  https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-rectification/

To be forgotten

The right to require us to delete your personal information in certain situations. For further information please see the ICO’s website - https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/

Restriction of processing

The right to require us to restrict processing of your personal information – in certain circumstances e.g. if you contest the accuracy of the data. For further information, please see the ICO website on - https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-restrict-processing/

Data portability

The right to receive the personal information you provided to us in a structured, commonly used and machine-readable format and/or transmit that data to a third party – in certain situations. For further information please see - https://ico.org.uk/your-data-matters/your-right-to-data-portability/

To object

The right to object:

-      at any time to your personal information being processed for direct marketing (including profiling)

 

-      in certain other situations to our continued processing of your personal information e.g. processing carried out for the purpose of our legitimate interests

 

For further details, please see the ICO’s website on https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-object/

Not to be subjected to automated individual processing

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. For further details, please see the ICO’s website on https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-law-enforcement-processing/individual-rights/right-not-to-be-subject-to-automated-decision-making/

 

8.2     If you would like to exercise any of those rights please:

(i)       email, telephone or write to us see below – “How to Contact Us” and

(ii)      provide us with enough information to enable us to identify you e.g. full name and address

(iii)     provide proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill) and

(iv)     let us know which right set out above that you wish to exercise.

 

9          Cookies

9.1     A cookie is a small text file which is placed onto your device (eg computer, smartphone or other electronic device) when you use our website. We use cookies on our website. These help us recognise you and your device and store some information about your preferences or past actions. For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of your internet service provider. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.

9.2     For further information on cookies generally, including how to control and manage them, visit the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org.

9.3     We will ask for your permission (Consent) to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested.

9.4     You can withdraw any consent to the use of cookies or manage any other cookie preferences by clicking on the pop up icon at the bottom of any page on our site.

9.5     We use cookies for the following purposes:

(a)      Authentication - we use cookies to identify you when you visit our website and as you navigate our website. Cookies used for this purpose are: “SESS<32 long hash>” “__ut” “__utma” “__utmz” “_ga &_gid”;

(b)      Status - we use cookies to help us to determine if you are logged into our website. Cookies used for this purpose are: “SESS<32 long hash>” “MemberLoggedIn”;

(c)      Personalisation - we use cookies to store information about your preferences and to personalise the website for you. Cookies used for this purpose are: “PHPSESSID” “mt_device” “cc_cookie_accept” “cr_cookie_banner” “MemberLoggedIn” “DisplayName”

(d)      Security - we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally. Cookies used for this purpose are: SESS<32 long hash>

(f)     Analysis - we use cookies to help us to analyse the use and performance of our website and services Cookies used for this purpose are: “__ut” “__utma” “__utmz” “_ga &_gid”; and

(g)      Cookie consent - we use cookies to store your preferences in relation to the use of cookies more generally. Cookies used for this purpose are: “cc_cookie_accept” “cr_cookie_banner”.

 

9.6.    Our service providers use cookies and those cookies may be stored on your computer when you visit our website.

9.7     We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google's privacy policy is available at: https://policies.google.com/privacy._ga, _gid, _gat, __utma, __utmt, __utmb, __utmc, __utmz and __utmv.

9.8     Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

(a)   https://support.google.com/chrome/answer/95647 (Chrome);

(b)   https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);

(c)      https://www.opera.com/help/tutorials/security/cookies/ (Opera);

(d)   https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);

(e)   https://support.apple.com/kb/PH21411 (Safari); and

(f)      https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

9.9     Throughout our website we may link to other websites owned and operated by certain trusted third parties to provide information to our user (e.g. make additional information and services available to you). These other third party websites may also use cookies or similar technologies in accordance with their own separate policies. For privacy information relating to these other third party websites, please consult their policies as appropriate

9.10    If you do not want to accept any cookies, you may be able to change your browser settings so that cookies (including those which are essential to the services requested) are not accepted. If you do this, please be aware that you may lose some of the functionality of our website.

9.11    For further information about cookies and how to disable them please go to the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org

 

 

10        How to complain

10.1    We hope that our Data Protection Officer can resolve any query or concern you may have about our use of your information.

10.2    The General Data Protection Regulation also gives you the right to lodge a complaint to a supervisory authority in particular in the European Union (European Economic Area) where you normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/make-a-complaint/ or the telephone number is 0303 123 1113

 

11     How to Contact Us

11.1    Please contact us and our data protection officer by post, email or telephone if you have any questions about this privacy policy or the information, we hold about you

 

Our contact details are shown below:

 

Our Contact Details

 

 

British Orthodontic Society (Registered Charity Number: 1073464)

The Oral Health Foundation Registered Charity Number: 263198)

12 Bridewell Place,

London

EC4V 6AP

 

 

 

 

 

 

Telephone:

Oral Health Foundation,

Smile House,

2 East Union Street,

Rugby. Warwickshire. CV22 6AJ

Warwickshire

CV22 6AJ

+44(0) 207 353 8680

+44(0) 1788 546 365

 

 

Email

 

Email: [email protected]

[email protected]