Version: September 2018
IndepenDent Care Plans is dedicated to safeguarding and preserving your privacy. This privacy notice will inform you how we look after your personal data, and tell you about your privacy rights and how the law protects your personal data.
Detailed in this privacy notice is how IndepenDent Care Plans collects and processes your personal data through use of our website and other means, including post, telephone, and email.
1. Who we are
In this privacy notice IndepenDent Care Plans means IndepenDent Care Plans UK Limited (a company incorporated under the Companies Act, registered number SC156942), having its registered office at River House, Young Street, Inverness, IV3 5BL.
Within the context of this notice “we”, “our” & “us” refers to IndepenDent Care Plans UK Limited (the Data Controller). This means that we are responsible for, and control the processing of, the personal information you provide to us in accordance with this privacy notice.
By using our website (http://www.ident.co.uk/) you are accepting and consenting to the practices described in this notice.
2. How we get your personal information
a) Most of the personal information we process is provided to us directly by you for one of the following reasons:
a) You have a general enquiry and complete our ‘contact form’.
b) You register for membership with IndepenDent Care Plans.
c) Subscribe to our blog and mailing list.
d) When you enquire using our website about our dental care plans.
e) Completing ongoing claim forms.
f) You have applied for a job with us, i.e. providing a CV or other information about yourself for specific purposes
If you contact us, we may keep a record of that correspondence. If you send us personal information which identifies you via email, we may keep your email and email address, and we will only use these details for the purposes in which it was given, or consented to.
b) We may also receive personal information indirectly, in the following scenarios:
a) We receive personal data about you from various third parties and public sources, such as our business delivery partners, and suppliers.
b) As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
c) Technical Data such as IP address, browser type and version, etc from a) analytics providers, b) advertising networks, c) search information providers.
d) Your identity and contact details from publicly available sources such as social media sites.
e) An employee of ours gives your contact details as an emergency contact or a referee.
3. What we do with your personal information
This section of the privacy notice provides clarity on what we do with your personal information. For this purpose, we have grouped your personal data into the following categories:
Category: When you send us a general enquiry
1. Purpose: To provide you with the information for your enquiry, and be able to respond to you accordingly.
2. Legal basis for processing your data: Contractual fulfilment
3. What data do we need / and what is collected?: We need enough information from you to answer your enquiry, such as, name, telephone number, email address, registered dentist or patient name.
4. What we do with it: We will keep a record of your details, and will then pass these details to the correct area of the business to be dealt with. We will also keep a record of our response.
5. How long we keep it: From 12-months following the last action. Unless correspondence relates to a further contractual agreement, then it is kept for 7 years following termination of the contract.
6. Do we use any data processors?: Blue Horizons (marketing)
Category: When you register for membership with IndepenDent Care Plans (Dentists only)
1. Purpose: So that we can ensure we have the necessary contact details required to provide you with and administer an acceptable tailored Care Plan. We may also for time to time send you information that we think may be of interest to you.
2. Legal basis for processing your data: Contractual performance, and Legitimate Interest
3. What data do we need / and what is collected?: For the purposes of our membership, we require certain information from you, such as, name, address, contact telephone numbers, email address, desired banding levels, bank account details, practice details, professional qualifications, GDC certificate, professional indemnity insurer.
4. What we do with it:We will keep a record of your details, in paper form and an electronic copy. All payment details are kept secure in accordance with PCI Compliance. We will contact you to inform you of products and services that we think may be of interest to you.
5. How long we keep it: For 7 years following termination of your membership contract.
6. Do we use any data processors?: Group purchasing partners
Category: When you subscribe to our blog or mailing list
1. Purpose: So that we can add your personal details to our mailing list for you to receive news, offers and important updates.
2. Legal basis for processing your data: Consent
3. What data do we need / and what is collected?: We need enough information from you so we can add your details to our mailing list and you can receive the requested information, such as, name, telephone number, email address.
4. What we do with it: We add your contact details to our mailing list database, which we then use as a tool for sending out the consented information.
Were you have consented, we process your personal data for marketing purposes, such as, but not limited to, news, offers, important updates, and member benefits.
5. How long we keep it: Personal Data is kept until consent is withdrawn, or the legitimate purpose for processing the data is no longer valid.
6. Do we use any data processors?: Blue Horizons (marketing)
Category: When you enquire about one of our dental care plans – Full Care; Maintenance; Children’s Maintenance (Patients)
1. Purpose: To provide you with the information about our dental care plans and be able to respond to you accordingly.
2. Legal basis for processing your data: Contractual purposes.
3. What data do we need / and what is collected?: For the purposes of our membership, we require certain information from you, such as, name, address, contact telephone numbers, email address, desired banding rates, bank account details, dentist name.
4. What we do with it: We will keep a record of your details, in paper form and an electronic copy. All payment details are kept secure in accordance with PCI Compliance.
5. How long we keep it: All paper copies are shredded after scanning electronically. Records are kept for 7 years from the termination of the contract.
6. Do we use any data processors?: Royal & Sun Alliance.
Category: When you complete ongoing claim forms (Patients).
1. Purpose: To ensure we have the necessary personal information required to support your claim.
2. Legal basis for processing your data: Contractual fulfilment
3. What data do we need / and what is collected?: We require certain information about you and your claim, such as, date of injury, name, address, plan number, date of birth, dentist details, total treatment cost, patient contribution, emergency treatment details, any hospitalisation, dentist declaration, x-rays, photographs, treatment plans.
4. What we do with it: Paper copies are retained and stored securely.
5. How long we keep it: Details are kept for 5-years, however complex cases are kept for 7-years.
6. Do we use any data processors?
Category: When you apply for a job with us, i.e. providing a CV or other information about yourself for specific purposes.
1. Purpose: To assess suitability for the role/position applied for. Plus, confirmation of identity, and where applicable, validation of qualifications.
2. Legal basis for processing your data: For the performance of a contract, or prior to entering into a contract. To comply with legal or regulatory requirements.
3. What data do we need / and what is collected?: We’ll use the contact details you give us to contact you to progress your application. We’ll use the other information you provide to assess your suitability for the role, such as, contact details, CV information, referees.
We’ll use all the information you provide during the recruitment process to progress your application with a view to offering you an employment contract with us, or to fulfil legal or regulatory requirements if necessary, such as, confirmation of identity, right to work in the UK, bank details, emergency contact information, health questionnaire.
We will not share any of the information you provide with any third parties for marketing purposes.
4. What we do with it: We will keep a record of your details, in paper form and an electronic copy, which we share with those involved in the recruitment process and decision making.
5. How long we keep it: Successful recruitment candidate information – all paperwork will be attached with employee records and retained for 7 years following the end of employment.
- Unsuccessful recruitment candidate information – all paperwork will be securely destroyed after 6-months following the last action. Unless consent is given to store the CV, and this will then be stored for a further 6-months and then destroyed.
6. Do we use any data processors?: No
4. Your Data Protection Rights
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information. If we are processing your information for criminal law enforcement purposes, your rights are slightly different.
a) Your right of access - you have the right to ask us for copies of your personal information, and find out how we are using or storing your personal data. This right always applies. However, there are some exemptions, which means you may not always receive all the information we process.
You exercise this right by asking for a copy of the data, which is commonly known as making a ‘subject access request’. We will respond to your request within one month, however in certain circumstances we may need extra time to consider your request which may take up to an extra two months. If we are going to do so, we will let you know within one month that we need more time and why.
A copy of your personal data will be provided free of charge, unless we consider your request ‘manifestly unfounded or excessive’, then we will ask for a reasonable fee to cover administrative costs associated with the request.
b) Your right to rectification - you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
c) Your right to erasure - you have the right to ask us to erase your personal information in certain circumstances.
d) Your right to restriction of processing – you have the right to object to the processing of your personal data in some circumstances. If we agree to your objection, we will stop using your data for that purpose unless we can give strong and legitimate reasons to continue using your data despite your objections. You have an absolute right to object to us using your data for direct marketing.
e) Your right to data portability - This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent, or in talks about entering into a contract and the processing is automated.
5. Sharing your personal information
We will never share your personal data with a third party for marketing purposes without your prior consent to do so. You have the right to ask us not to process your personal data for marketing purposes, therefore if you wish to change your mailing preferences or opt-out of specific marketing communications, you may follow the instructions on the relevant forms, or notify us on the contact details provided in this privacy notice.
We use data processors, who are third parties, to provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will hold it securely and retain it for the period we instruct.
In some circumstances we are legally obliged to share information. We’ll satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.
Current data protection law, imposes restrictions on the transfer of personal data outside the European Union, to third countries or international organisations. These restrictions are in place to ensure that the level of protection of individuals afforded by the current regulations is not undermined. Personal data may only be transferred outside of the EU in compliance with the conditions for transfer. Companies may transfer personal data where the organisation receiving the personal data has provided adequate safeguards. Individuals’ rights must be enforceable and effective legal remedies for individuals must be available following the transfer. We do not share your personal data outside of the EEA.
6. Links to other websites
Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.
7. Website browsing
When you visit www.ident.co.uk, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Cookies allow web applications to respond to you as an individual. The web application can then tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
8. Changes to our privacy notice
Any changes we make to our privacy notice in the future will be posted on this page. By continuing to use our website you will be deemed to have accepted such changes.
9. How to contact us
Questions, comments and requests regarding this privacy notice are welcomed and should be addresses to:
- Email: firstname.lastname@example.org
- Patient Helpline: (00) 1463 222999
- Dentist Helpline: (00) 1463 223399