Privacy policy

Perfect Smile Privacy & Data Protection Statement

—-

SECTION 1 – Introduction

In this Privacy Policy, ‘we’, ‘us’, and ‘our’ refer to Perfect Smile Dental Practice.
Perfect Smile Dental Practice is a Data Controller under the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR). This Privacy Statement explains what personal data we hold about you, why we collect and process it, who we may share it with, and your rights and freedoms under applicable law.
We are committed to protecting your privacy and handling your personal data in an open and transparent manner. If you have any questions about this statement or how we handle your data, please contact us using the details provided at the end of this document.
All Perfect Smile Dental Practices are registered with the Information Commissioner’s Office (ICO) as required under the Data Protection Act 2018.

Data Controller: Perfect Smile Dental Practice
Address: 25–27 Kew Road, Richmond, Surrey, TW9 2NQ
Email: psconsultation@old.perfectsmile-dental.com

SECTION 2 – What Personal Data We Collect

We collect and process personal data in the following categories:

Patient Clinical and Health Data
When you attend our practice for treatment, we collect personal information including your name, address, email address, contact telephone number and clinical health records. This data is held to provide you with appropriate, high-quality, safe and effective dental care and treatment.

Website and Online Data
When you browse our website, we automatically receive your computer’s internet protocol (IP) address. This helps us understand your browser and operating system, and improve our website’s performance.

Staff Employment Data
We hold employment data for all staff members in accordance with Employment, Taxation and Pension law.

Contractors’ Data
We hold data on contractors for the purpose of managing their contractual relationship with us.

Marketing Preferences
From 25 May 2018, all Medical History Forms include an opt-in section for Perfect Smile communications. With your express consent, we may send you emails and/or texts about our services, new products, special offers and other updates. Patients registered before this date have had the opportunity to update their preferences.
You can change your mind at any time by contacting your local Perfect Smile practice, emailing psconsultation@old.perfectsmile-dental.com, or writing to us at the address below.

SECTION 3 – How and Why We Process Your Personal Data

We process personal data only where there is a lawful basis for doing so:

• Patient data is processed on the basis of legitimate interests — it is essential for us to hold this data to provide dental care effectively. NHS care data is also held as a Public Task required by law.
• Staff employment data is held to fulfil our legal obligations under employment, tax and pension legislation.
• Contractors’ data is held in order to fulfil the contract we hold with them.
• Marketing communications are only sent with your express consent, which you may withdraw at any time.

SECTION 4 – Who We Share Your Data With

We will only share your data where it is necessary and where it is done securely. We may share your data in the following circumstances:

• With other healthcare professionals involved in your dental care — for example, if we refer you to a specialist or request laboratory work on your behalf.
• With our approved third-party systems providers such as patient management software, secure cloud backup providers, and NHS digital service platforms
• With government agencies such as HMRC, in respect of employment data.
• With third-party service providers (including payment processors) who require information only to the extent necessary to perform their services. We recommend reviewing their own privacy policies.
• If required to do so by law, or if you violate our Terms of Service.

If our practice is acquired by or merged with another company, your information may be transferred to the new owners so that we may continue to provide services to you.

SECTION 5 – Third-Party Services and External Links

Certain third-party providers, such as payment gateways, have their own privacy policies governing the information we are required to share with them for transaction purposes. Some providers may be located in — or have facilities in — a different jurisdiction than you or us, meaning your data may be subject to the laws of that jurisdiction.
Once you leave our website or are redirected to a third-party website or application, this Privacy Policy no longer applies. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements before proceeding.

SECTION 6 – How Long We Keep Your Data

We retain personal data only for as long as is necessary:

• Patient data is kept for as long as we are actively providing dental care or recalling you for treatment. Thereafter, it is archived for as long as required by law, as recommended by the NHS or other trusted professional bodies.
• Employment data is retained for six years after an employee leaves.
• Contractors’ data is retained for seven years after the contract ends.

SECTION 7 – Consent

When you provide us with personal information to complete a transaction, book an appointment or purchase a service, we collect and use that data only for the specific purpose stated at the time.

• We collect only the information we need to provide safe dental care.
• We never sell your data.
• You control your marketing preferences.
• You can access, correct, or delete your data at any time.
• Your data is protected using strong security measures.

Where we need your data for a secondary purpose, such as marketing, we will seek your express consent or give you a clear opportunity to decline. You may withdraw your consent at any time by:

• Contacting your local Perfect Smile practice directly;
• Emailing us at psconsultation@old.perfectsmile-dental.com; or
• Writing to us at: Perfect Smile Surgery, 25–27 Kew Road, Richmond, Surrey, TW9 2NQ, United Kingdom.

SECTION 8 – NHS Data Opt-Out Policy

Perfect Smile works as part of the wider health and care system. Whenever you use a health or care service, important information about you is recorded in your patient record to help ensure you receive the best possible care.
In some circumstances, anonymised or confidential patient information may be used beyond your individual care to support:

• Improving the quality and standards of care provided;
• Research into the development of new treatments;
• Preventing illness and disease;
• Monitoring safety; and
• Planning health services.

This only takes place where there is a clear legal basis to do so. Most of the time, anonymised data is used so that individual patients cannot be identified.
You have a choice about whether your confidential patient information is used in this way. If you are happy with this, you do not need to do anything. If you choose to opt out, your data will still be used to support your individual care. To find out more or to register your choice, please visit:
https://www.nhs.uk/your-nhs-data-matters

Further information is also available at:
Health and care research (HRA): https://www.hra.nhs.uk/information-about-patients/
Understanding patient data: https://understandingpatientdata.org.uk/what-you-need-know

Data used beyond your individual care will never be shared with insurance companies or used for marketing without your specific agreement. Our practice uses your personal health data solely to provide care to you individually. The national data opt-out does not apply to our use of your data, and we are fully compliant with this policy.

SECTION 9 – Security

We take the security of your personal information seriously and follow industry best practices to ensure your data is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Where you provide payment card information, this is encrypted using Secure Socket Layer (SSL) technology and stored with AES-256 encryption. We comply with all PCI-DSS requirements and implement additional industry-standard security measures. While no method of transmission over the internet is entirely secure, we continually review and improve our security practices through role-based access controls, regular staff training on data protection as well as efforts to apply two-factor authentications on software used internally.

SECTION 10 – Cookies

Our website uses essential cookies required for core functionality, and optional analytics cookies (e.g. Google Analytics, Facebook Pixel, Chat widgets and online booking systems) to improve user experience. You can manage cookies through our cookie banner or your browser settings. These cookies are stored on your device for up to 38 months. By continuing to use our website, you consent to our use of cookies in accordance with this policy. You can adjust your browser settings at any time to refuse cookies, though this may affect your experience of our website.

SECTION 11 – Your Rights

Under data protection law, you have the following rights:

• Right to be informed: to know what personal data we hold about you and why we hold it.
• Right of access: to request a copy of the data we hold about you. We will acknowledge your request and respond within 30 days.
• Right to rectification: to ask us to correct any inaccurate data we hold about you.
• Right to erasure: to request that we delete your data in certain circumstances.
• Right to data portability: to ask us to transfer your data to another party where it is safe and lawful to do so.
• Right to restrict processing: to ask us not to actively process or update your data in certain circumstances.

To exercise any of these rights, please contact us using the details in Section 13 below.

SECTION 12 – Minors
By using our website, you confirm that you have the authority to provide consent on behalf of any minor dependents for whom you are responsible. We do not knowingly collect personal data from children without appropriate parental or guardian consent.

SECTION 13 – Complaints and Contact Information

Raising a Concern
If you are not satisfied with how we handle your personal data, please contact your Practice Manager in the first instance. They will do their best to resolve the matter promptly.

Information Commissioner’s Office (ICO)
If your concern is not resolved to your satisfaction, you have the right to complain to the ICO:
Website: https://www.ico.org.uk/concerns
Telephone: 0303 123 1113
All Perfect Smile practices have their own individual ICO numbers and are available on request.

Contact Us:
For any queries about your personal data — including requests to access, correct, amend or delete your information — please contact us:

Email: psconsultation@old.perfectsmile-dental.com
Post: Perfect Smile Surgery, 25–27 Kew Road, Richmond, Surrey, TW9 2NQ, United Kingdom

SECTION 14 – Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. Changes will take effect immediately upon publication on our website. We will notify you of any material changes by posting a prominent notice on our website. We encourage you to review this policy regularly to stay informed about how we protect your data.

Last updated: March 5th 2026.