Article 1. General

The dental practice ensures that with (special) Personal data patients are treated with care. We comply with applicable laws and regulations, including the General Data Protection Regulation. With this Privacy Policy, we wish to inform you further about our policy.

Article 2. Definitions

For the sake of clarity, we briefly indicate what we mean by certain terms:

  1. Personal data: all data by means of which the patient can be identified.
  2. Responsible: the controller, as referred to in Article 4, paragraph 7 of the Regulation. For the purposes of these privacy regulations, the dental practice.
  3. Processing/Process: an adaptation of personal data, whether or not carried out via automated processes, such as the collection, recording, organization, storage, updating, modification, retrieval, consultation, use, provision by means of transmission, dissemination or any other form of making available, combining, linking, as well as the shielding, erasure or destruction of Personal Data.
  4. Processor: the person who, on behalf of the dental practice, for the Processing by Personal data takes care of, without being subject to his direct authority, such as auxiliary persons who by the Responsible has been hired.
  5. The person concerned: the person on whom the Personal data relate, in general, to the patient.
  6. Implementing Act: the Implementing Act General Data Protection Regulation.
  7. Regulation: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in connection with processing by personal data and on the free movement of such data and repealing Directive 95/46/EC (OJ EU 2016, L 119).
  8. Privacy Policy: this document.
  9. Pseudonymized data: Personal data who no longer adhere to a specific person concerned can be linked without the use of additional data. This additional data is stored in such a way that it cannot be linked to an identifiable person.

Article 3. How do we obtain the data?

Personal data originate from or are derived from data provided orally and in writing by the The person concerned or their legal representative. Personal data may additionally be provided by the health insurer, the general practitioner, other practitioners, specialists, care providers, or persons or entities other than those mentioned above.

Article 4. How and why do we process data?

  1. Processing happens in a manner that with regard to the The person concerned is lawful, proper, and transparent. In addition, the collection of Personal data for specific, expressly defined and justified purposes. The Processing it is not done in a manner incompatible with those purposes.
  2. The Processing for the purposes of archiving in the public interest, scientific or historical research, or statistical purposes is not considered incompatible with the original purposes.
  3. The Processing is only lawful if and to the extent that at least one of the following conditions is met:
    1. Consent of the The person concerned;
    2. Entering into and performing a treatment (agreement);
    3. Safeguarding a vital interest of the The person concerned, such as emergencies;
    4. Protecting a legitimate interest of the Responsible or from a third party (for example, business continuity);
    5. Necessity to comply with a legal obligation or an agreement with the The person concerned to comply with.
    6. Personal data are processed only to the extent that, having regard to the purposes for which they are processed, they are adequate, relevant and limited to what is necessary.
    7. The dental practice processes Personal data for the following purposes:
      1. Treatment of the The person concerned;
      2. Informing and contacting The person concerned(n);
      3. Financial administration;
      4. Proper functioning of the website.

Article 5. Conditions for consent

  • The Responsible can demonstrate that the The person concerned permission has given for the Processing.
  • The The person concerned can a given permission always withdraw.

Article 6. Other information

Anonymized data does not fall under the scope of this Privacy Regulation.

Article 7. What data is involved?

Processing can view the following data categories:

  1. Name, first names, initials, title, gender, date of birth, address, postal code, city, telephone number and similar data required for communication, as well as payment details of The person concerned;
  2. An administration number that contains no information other than under a;
  3. Information as referred to under a, of the parents, guardians or caregivers of the minor Those involved;
  4. Data as referred to under a of the family members of the The person concerned as well as others who concern the well-being and health of the The person concerned be informed;
  5. Information about the health condition of the The person concerned and in the event of hereditary disorders, his or her family members;
  6. Other special Personal data with a view to the proper treatment or care of the The person concerned;
  7. Information regarding the treatment followed and to be followed of the The person concerned as well as the provided medicines or supplies;
  8. Information regarding the calculation, recording, and collection of the fee;
  9. Information about the insurance of the The person concerned;
  10. Other information necessary for the treatment.

Article 8. Duty to provide information

Before the Responsible Personal data Processed, he shares the The person concerned and/or his legal representative along:

  1. Who is responsible for the processing with contact details;
  2. Why certain, concrete Personal data Will be processed;
  3. If applicable, the contact details of the Data protection officer;
  4. In what way the Personal data be Processed;
  5. The period during which the Personal data will be stored, or, if that is not possible, the criteria for determining that period;
  6. All other information that must be provided in the interest of due care. This also means: The more sensitive the Personal data who the Responsible The more thoroughly one wants to process, the more thoroughly one must be informed.
  7. If Personal data are requested via a third party, or delivered to a third party, the obligation to provide information is fulfilled in the same manner, before the Personal data be obtained or supplied, unless this can only be done with disproportionate effort.

Article 9. Right of inspection

The The person concerned has the right to his Personal data to view and can retrieve the following data:

  1. A description of the purpose or purposes of the Processing by Personal data;
  2. All available data regarding the origin of the Personal data;
  3. The categories of data on which the Processing relates to;
  4. An overview of recipients or categories of recipients who the Personal data have received;
  5. If possible, the period during which the Personal data are expected to be stored, or if that is not possible, the criteria for determining that period;
  6. That the The person concerned It right to rectification, the right to erasure of data and the right to restriction of processing has.
  7. A request for access may be rejected on the following grounds:
    1. The applicant is not The person concerned or his/her request does not relate to data that relate solely to the requester;
    2. The applicant has not yet reached the age of 16 and/or has been placed under guardianship. In that case, only the legal representative may submit the request;
    3. Responsible has already recently complied with a similar request from the same applicant;
    4. Protection of the The person concerned or of the rights and freedoms of others;
    5. For the sake of state security, and/or the prevention, detection and prosecution of criminal offences.

Article 10. Other rights

  1. The The person concerned has the right to object at any time to the Processing by Personal data that concern him. The Processing is discontinued upon objection by the Responsible.
  2. The The person concerned has the right to from the Responsible immediate rectification of incorrect statements concerning him Personal data available.
  3. The The person concerned has the right of the Responsible without unreasonable delay erasure of him Personal data available.

In addition, the Responsible obliged to delete data without undue delay when the The person concerned are permission has withdrawn or the Responsible the Personal data no longer needs for the purposes for which they were collected.

  1. The The person concerned has if the accuracy of the Personal data the right of the is disputed by him Responsible for limitation of the Processing available.
  2. The The person concerned has the right to the personal data concerning him, which he to the Responsible has provided, to be available in a structured, common and machine-readable format.

Article 11. Exercise of rights by the Data Subject

The Responsible takes appropriate measures so that the The person concerned receives communication or information regarding the rights as described in this Privacy Policy in a concise, transparent, and accessible manner and in clear terms.

Article 12. Access to and recipients of Personal Data

  1. Access to Personal data in principle, only those directly involved in the execution of the treatment of the The person concerned, insofar as such access is necessary for their activities.
  2. When a Processing on behalf of the Responsible is performed, does the Responsible exclusively rely on Processors who provide adequate guarantees that the Personal data are processed in accordance with the Regulation, the Implementing Act or regulations based thereon.
  3. Otherwise, access may be granted to the following persons and entities / Personal data are provided:
    1. Researchers as referred to in Article 7:458 of the Civil Code;
    2. Health insurers to the extent necessary with a view to the obligations arising from the insurance agreement;
    3. Third parties charged with collecting claims insofar as access/provision is necessary and does not concern medical data;
    4. Others, when the basis of the Processed data is:
      1. Consent of the The person concerned;
      2. A necessity to comply with a legal obligation;
      3. Safeguarding a vital interest of the The person concerned.
  4. Others, when the further Processing occurs for historical, statistical or scientific purposes, if the Responsible has taken the necessary measures to ensure that further Processing occurs exclusively for these purposes.

Article 13. Register

The Responsible maintains a register of processing activities that take place under its responsibility. This register contains the following data:

  1. The name and contact details of the Responsible and, if applicable, of the Data protection officer;
  2. The processing purposes;
  3. The categories of data on which the Processing relates to;
  4. The categories of recipients to whom Personal Data are provided;
  5. If possible, the intended period within which the Personal data must be deleted;
  6. If possible, a description of the technical and organizational measures taken.

Article 14. Notification of infringement

  1. If a infringement in connection with Personal data has taken place shares the Responsible this — if and to the extent legally required — as soon as possible after she becomes aware of this to the The person concerned and the Authority Personal data.
  2. The notification referred to in the first paragraph shall contain at least:
    1. The nature of the infringement;
    2. The probable consequences of the infringement;
    3. The measures that the Responsible as a result of the infringement has struck;
    4. A contact point for more information.

Article 15. Retention periods

  1. Medical data obtained for the purpose of entering into or fulfilling a treatment agreement are retained for 15 years. The Responsible is not obliged to retain periods longer than those required by law, in particular Article 7:454 paragraph 3 of the Civil Code.
  2. Other Personal data are not retained for longer than is necessary for the purposes for which they were processed. If those Personal data If they are no longer needed, they are removed.

Article 16. Confidentiality

  1. The Responsible, the Processor and everyone under the authority of the Responsible has access to Personal data, are obliged to confidentiality of the Personal data.
  2. Data relating to the health of The person concerned(n) are considered 'special Personal data’marked. For the processing of special Personal data It applies that everyone who Processes them has a duty of confidentiality. This arises from the office, profession, or employment contract of that person.

Article 17. Security

  1. The Responsible must ensure appropriate technical and organizational measures to Personal data to secure.
  2. ‘'Appropriate' means that the security measures taken are commensurate with the risk that the Personal data are processed (further) carelessly or unlawfully and the damage that would result therefrom. The measures taken must ensure that:
    1. Only authorized persons have access to Personal data to have;
    2. The Personal data be correct and not be lost;
    3. The Personal data be available without hindrance to lawful Processing according to the agreements within the organization.
    4. In all cases, the Responsible Take care of the information security policy and promote this policy within the dental practice.

Article 18. Purposes of data processing

The personal data We use the data collected by us for, among other things, making appointments, informing and contacting you, performing treatments, maintaining your medical record, financial administration, the proper functioning of our website, improving our online reputation, and improving the quality of our services.

Article 19. Final provisions

  1. The Responsible accepts no more obligations than those to which he is bound by law, unless otherwise agreed in writing with the The person concerned.
  2. The The person concerned has the right to lodge a complaint with the supervisory authority.
  3. Changes to this Privacy Policy are made by the Responsible. The changes to the Privacy Regulations are effective with respect to The person concerned(n) after The person concerned(n) have been informed of the change.
  4. This Privacy Policy came into effect on 01-05-2018 and can be viewed at the dental practice.

For questions or to exercise the rights of The person concerned You can contact Mark Vlaanderen via 085 – 066 76 22.

Promotion: free toothbrush with registration

No waiting lists, new patients are welcome!

Registering as a new patient at TCN is easy – simply choose your location and log in.
Register as a patient Make an appointment