The Privacy Policy was last updated on April 1, 2020.
City Dentals Privacy Policy
We care about your personal privacy and want to inform you about how we collect and use your personal data in accordance with the Patient Data Act, the Dental Care Act, and the General Data Protection Regulation (“GDPR”). Below, you will also find information about your rights under applicable data protection legislation.
Patient
Medical Records
As healthcare providers We are required to keep patient records. The purpose of keeping patient records is primarily to contribute to good and safe care for you as a customer/patient. The patient record contains information about your identity, as well as information related to your care such as treatments undertaken or planned, etc. Our processing of your personal data in connection with record-keeping is necessary to fulfill legal obligations imposed on us as healthcare providers under the Patient Data Act, as well as to perform a task of public interest (providing healthcare).
Appointment Booking and Administration
As a patient with us, you have the opportunity to book/cancel appointments digitally or by phone. When you contact us as a customer/patient, we process your personal data for the purpose of administering and confirming your booking/cancellation, sending out appointment reminders, and managing your payment. The processing of personal data is necessary to fulfill the agreement(s) we have with you, to fulfill legal obligations imposed on us as healthcare providers under the Dental Care Act, and to perform a task of public interest (providing healthcare). Please note that it is necessary for you to provide your personal data for us to administer the customer relationship.
Quality Assurance and Operational Monitoring
In dental care, the quality of operations should be systematically and continuously developed and ensured. Your personal data related to your care and administration may therefore be processed for this purpose. The processing of personal data is necessary to fulfill legal obligations imposed on us as healthcare providers under the Dental Care Act, and to perform a task of public interest (providing healthcare).
Marketing
As a patient with us, you have the opportunity to communicate via email, phone, and SMS for informational purposes. Our legal basis for this processing is legitimate interest. Vår rättsliga grund för denna behandling är intresseavvägning.
Inquiry via Email and Web Forms
We process your personal data when you contact us via email and/or web forms to handle your inquiry, based on legitimate interest. We believe we have a legitimate interest in processing your personal data to handle your inquiry. The personal data processed varies depending on the nature of the inquiry but typically includes contact information and personal identification number (when justified).
Supplier
Managing Supplier Relationships
When you contact us as a supplier/representative of a supplier, we process your contact information to administer our supplier relationship. The processing is based on legitimate interest.
Visitors to our website
Use of Our Website and Contact Forms
We process your personal data when you use our website to provide the website securely and improve our digital services. The processing is based on legitimate interest and, where applicable, on your consent. The following data will be processed:
- Information about the use of our website – such as visit statistics regarding response times for pages, download errors, how you accessed and exited the service, as well as delivery notifications when we contact you.
- Device information – e.g., IP address, language settings, browser settings, time zone, operating system, platform, and screen resolution.
- Geographical information – your geographical location.
For more information about cookies, please see our Cookie Policy.
Recipients and categories of recipients
In dental care, strict confidentiality applies to information about patients’ health status and other sensitive information. Only authorized personnel may access confidential information, which means that only personnel involved in patient care and treatment, or for other reasons need the information to perform their work in dental care, may access the information.
However, we may share your personal data with our suppliers of, for example, journal systems, IT, and dental materials in order to conduct and develop our business and thereby provide quality and safe care. To the extent permitted or required by applicable law, we may share your personal data with authorities, courts, and other similar third parties.
Your personal data will always be processed within the EU/EEA, unless otherwise expressly stated.
Storage period
We do not retain personal data longer than necessary or required by law. Personal data in our patient record system is stored in accordance with the provisions of the Patient Data Act, with a record retained for at least ten years after the last entry was made. In cases where your personal data is part of our accounting information, it is stored according to the Accounting Act for at least seven years.
Your rights
You have the right to access how we process your personal data and to request information about the processing of personal data. You have the right to have incorrect personal data corrected, to have any unnecessary processing of personal data restricted, unjustified processing of personal data deleted, and also, in some cases, to have personal data transferred to another controller. If you wish to file a complaint regarding our processing of personal data, please contact the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten) at [email protected].
If we process personal data about you based on your consent, we want to inform you that you always have the right to withdraw your consent.
Contact us
City Dental 556680-5478 is the data controller for the processing of your personal data as described above and is responsible for ensuring that our processing is carried out in accordance with the Patient Data Act, the Dental Care Act, the GDPR, and other applicable data protection legislation.
We are part of the Dentalum Group, which has a designated Data Protection Officer. If you have any questions about how we process your personal data or want to exercise your rights, please contact us at [email protected].