Privacy Notice

Who are we?

We are Dublin Dental University Hospital at Lincoln Place Dublin D02 F859.

We provide dental care to patients and dental education.

Dublin Dental University Hospital was established under S.I.129 of 1963 under the Health (Corporate Bodies) Act 1961. It is governed by a board appointed by the Minister for Health.

This notice sets out the basis on which any personal data we collect from you, or from others, will be processed by us.  Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Acts 1988 to 2018 and the General Data Protection Regulation (GDPR) (together the Acts):

  • The data controller is Dublin Dental University Hospital, as an employer and as a provider of health (dental) services.
  • The data processor is Dublin Dental University Hospital in relation to employee pension data.

Our data protection contact and interim Data Protection Officer (“DPO”) may be contacted at dataprotection@dental.tcd.ie

What personal information do we collect from you?

You may give us personal data by:

  • Corresponding with us by phone, e-mail or otherwise.  We ask you to disclose only as much information as is necessary to provide you with our services or to submit a question/suggestion/comment in relation to our website.
  • Engaging the Dublin Dental University Hospital’s services and attending the hospital as a patient. Patients supply us with information which may include their contact details; next of kin or relatives contact information; email; address; telephone number and billing payment details and health related data. In some circumstances, patients may disclose health data relating to their relatives.
  • Filling in forms on our website such as the Contact Us form.
  • Applying to work with us. The type of information you may provide in your CV, a cover letter, your name, address, e-mail and phone number. CVs should include information relevant to your employment history and education (degrees obtained, places worked, positions held, relevant awards, and so forth). We ask that you do not disclose sensitive personal information (e.g. gender, height, weight, medical information, religion, philosophical or political beliefs, and financial data) in your application.
  • When you pay for our services, e.g. in person, over the phone or online.
What information about you do we obtain from others?

When you use our services, we may obtain personal data from others, for example:

  • Your General Dental Practitioner (GDP), other medical professionals including the HSE, other hospitals and health professionals where you transfer or are referred to our service.
Why do we collect this information?

We collect the information in order to provide you with our services.

We will use this information:

Patients:

  • To set you up as a patient on our systems.
  • To provide you with dental services.
  • To carry out internal clinical audits.
  • To ensure payment of our invoices.

Prospective Employees:

  • To create a candidate profile for you if you are a prospective employee.
  • To process employment applications, including by assessing qualifications, verifying information, conducting reference or other employment-related checks, and notifying you of future opportunities that might be of interest to you.

Website users:

  • To administer and improve the content on our website and for internal operations;
  • As part of our efforts to keep our website safe and secure;
  • To make suggestions and recommendations to you and other users of our website about services that may interest you or them;

The legal bases for the processing of your data are:

  • Processing necessary for the performance of a contract which you have entered into with us or to take steps at your request prior to entering into a contract, e.g. a contract of employment; or a contract to provide dental services.
  • Processing necessary for compliance with a legal obligation to which we are subject.
  • In the exercise of official authority vested in us by virtue of our statutory functions as set out in S.I.129 of 1963 under the Health (Corporate Bodies) Act 1961.

The legal bases for processing your sensitive personal data (medical/ dental data) are:

  • Processing necessary to provide you with dental/health services.
  • Processing necessary for the establishment, exercise or defence of legal claims.
  • Processing necessary for reasons of public interest in the area of public health.
Who do we share this information with?

We may share your personal data with other healthcare professionals, e.g. GDPs or other hospitals.

Disclosure of your information

We may also share your information with selected third parties including:

Suppliers and sub-contractors for the performance of any contract we enter into with them or you.

We attach at Schedule 1 a list of all entities with whom your personal data may be shared.

Schedule 1

How long do we keep hold of your information?

The time periods for which we retain your information depends on the type of information and the purposes for which we use it. We will keep your information for no longer than is required or permitted.

Do we transfer your information outside the European Union or European Economic Area

No.

What are your rights with respect to your personal data?

You have the following rights:

  • The right to access the personal data we hold about you.
  • The right to require us to rectify any inaccurate personal data about you without undue delay.
  • The right to have us erase any personal data we hold about you in circumstances such as where it is no longer necessary for us to hold the personal data or, in some circumstances, if you have withdrawn your consent to the processing.
  • The right to object to processing personal data for profiling or direct marketing. The DDUH does not engage in profiling or direct marketing.
  • The right to ask us to provide your personal data to you in a portable format or, where technically feasible, for us to port that personal data to another provider provided it does not result in a disclosure of personal data relating to other people.
  • The right to request a restriction of the processing of your personal data.

Where our processing of your personal data is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.

You may exercise any of the above rights by contacting the interim DPO at dataprotection@dental.tcd.ie

You may lodge a complaint with your local supervisory authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Data Protection Commission. The website is www.dataprotection.ie

What will happen if we change our privacy notice?

This notice may change from time to time, and any changes will be posted on our website and will be effective when posted. Please review this notice each time you use our website or our services. This notice was last updated in September 2018.

How can you contact us?

Queries can be sent to the interim DPO at dataprotection@dental.tcd.ie

Postal Address: Dublin Dental University Hospital, Lincoln Place, Dublin 2, D02 F859