Privacy Policy

1. Introduction

NI Dental Finder ("we", "us", "our") is committed to protecting your privacy and ensuring you have a positive experience on our website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

2. What Data We Collect

Dental Practice Data

• Source: Business Services Organisation (BSO) — publicly available NHS dental practice register
• Data collected: Practice name, address, postcode, phone number, acceptance status, opening hours, and geographic location
• Purpose: To display directory information and enable practice search functionality
• Lawful basis: Legitimate interest — making NHS dental practice information more accessible to patients

Practice-Submitted Information

• Source: Voluntary submissions from dental practices
• Data collected: Updated contact details, acceptance status, special information (e.g. closed dates, changes to services)
• Purpose: To keep directory information current and accurate
• Lawful basis: Consent (practice consent to submit and display information)

Website Analytics

• Tool: Google Analytics 4
• Data collected: Pages visited, time on site, search queries (anonymised), device type, browser type, IP address (anonymised)
• Purpose: To understand how the website is used and improve user experience
• Lawful basis: Consent — analytics cookies are only set after you accept via the cookie consent banner. You can decline, and the site will function fully without analytics tracking.
• Retention: 26 months

Form Submissions

• Data collected: Name, email address, message content (only if you submit a contact form)
• Purpose: To respond to your enquiry or report
• Lawful basis: Consent (you voluntarily submit the form)
• Retention: Until your enquiry is resolved, then 6 months for record-keeping

What We Do NOT Collect

• Patient medical records or health information
• Payment information or financial data
• Personal identification numbers (passport, NI number, etc.)
• Biometric data or facial recognition data
• Any data marked as "special category" under GDPR (race, ethnicity, religion, sexual orientation, etc.)

3. How We Use Your Data

We use the data we collect to:

• Display accurate, current information about NHS dental practices
• Enable search and filtering functionality
• Respond to your enquiries and support requests
• Understand how our website is used and improve the user experience
• Maintain security and prevent fraud or abuse
• Comply with legal obligations

4. Who We Share Your Data With

We do not sell, rent, or trade your data with third parties. We only share data in these limited circumstances:

• Google Analytics: Anonymised website usage data (analytics only, no personal data)
• Legal requirement: If required by law (court order, regulatory request, etc.)
• Service providers: Third-party services we use to operate the website (e.g. hosting, email), under strict data protection agreements

5. Data Retention

• Dental practice data: Kept indefinitely until the practice requests deletion or data is no longer accurate
• Analytics data: Google Analytics retains data for 26 months
• Form submissions: Retained for 6 months after enquiry resolution
• Email communications: Retained for 1 year unless you request deletion

6. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of access: You can request a copy of all personal data we hold about you
• Right to rectification: You can ask us to correct inaccurate or incomplete data
• Right to erasure: You can request deletion of your data (subject to certain exceptions)
• Right to restrict processing: You can ask us to limit how we use your data
• Right to data portability: You can request your data in a portable format (e.g. CSV)
• Right to object: You can object to certain types of processing
• Right to withdraw consent: If processing is based on consent, you can withdraw it at any time

To exercise any of these rights, contact us at find@nidentalfinder.co.uk. We will respond within 30 days.

7. Cookies & Tracking

Essential Cookies

We use only essential cookies necessary for the website to function:

• Session cookies (to maintain your session)
• Preference cookies (to remember your settings)

Analytics Cookies

We use Google Analytics 4 to understand website usage. Analytics cookies are only set if you accept via the cookie consent banner shown on your first visit. If you decline, no analytics cookies are stored and the site functions normally. Your IP address is anonymised by Google Analytics. You can change your preference at any time by clearing your browser's local storage for this site.

Third-Party Services

We do not use advertising, marketing, or social media tracking cookies. No third-party trackers.

8. Data Security

We take data security seriously. We implement technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction:

• HTTPS encryption for all data in transit
• Secure server infrastructure (Cloudflare)
• Regular security audits and vulnerability assessments
• Limited access to personal data (staff only access what they need)

While we strive to protect your data, no system is 100% secure. If you believe your data has been compromised, please contact us immediately.

9. Data Transfers

Our website is hosted on Cloudflare (based in the US). Data may be transferred to and processed in the US and other countries. By using our website, you consent to such transfer. We ensure transfers comply with GDPR via Standard Contractual Clauses.

10. Children's Privacy

NI Dental Finder is not intended for children under 13. We do not knowingly collect personal data from children. If we become aware that a child has provided personal data, we will delete it immediately. If you believe we have inadvertently collected a child's data, contact us immediately.

11. Data Breach Notification

In the event of a data breach that poses a risk to your privacy, we will notify you and the Information Commissioner's Office (ICO) within 72 hours, as required by GDPR.

12. Privacy Assessments

We have completed a Legitimate Interest Assessment (LIA) for processing dental practice data from BSO. This assessment concluded that our processing serves a legitimate interest (making dental practice information more accessible to patients) and does not override individuals' rights and freedoms.

13. Contact & Complaints

Contact Us

If you have any questions about this Privacy Policy or how we handle your data, contact us at:

• Email: find@nidentalfinder.co.uk

Complaints

If you believe we have violated your privacy rights, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

• Web: ico.org.uk
• Phone: 0303 123 1113
• Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. We will notify you of significant changes by posting the updated policy on our website and updating the "Last updated" date at the top. Your continued use of the website constitutes acceptance of the updated policy.

15. International Privacy Standards

We comply with:

• UK GDPR (General Data Protection Regulation)
• UK Data Protection Act 2018
• Privacy and Electronic Communications Regulations 2003