Privacy Policy
Last updated: 19/09/2025
At Boyne Dental & Implant Clinic (“Boyne Dental”, “we”, “our”), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your information in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the Data Protection Acts 1988-2018 (Ireland), and the Dental Council’s Code of Practice.
Data Controller & Contact Details
The data controller is:
Boyne Dental & Implant Clinic
4 Ludlow Street, Navan, Co. Meath
Tel: 046 9028683
Email: marketing@boynedental.ie
Our Data Protection & Compliance Officer is:
Carol Murnaghan
Tel: 046 9028683
Email: marketing@boynedental.ie
What information we collect
To provide you with safe, effective dental treatment, we need to collect and process certain personal data, including:
- Personal details (name, date of birth, address, telephone number, email).
- Contact details of your doctor or relevant consultants.
- Medical and dental history.
- Clinical information: X-rays, photographs, study models, treatment plans, consent records, treatment notes, and invoices.
- Records of communications or incidents relevant to your care.
- Correspondence with other healthcare professionals involved in your treatment.
Lawful bases for processing
We process your personal data only where permitted under GDPR. Our main lawful bases are:
- Provision of healthcare: Processing necessary for medical diagnosis and the provision of healthcare (Art. 9(2)(h) GDPR).
- Legal obligations: Compliance with legal and regulatory requirements (e.g., Dental Council obligations, insurance, medico-legal reporting).
- Legitimate interests: Reminders for check-ups or hygiene visits to support continuity of care.
- Consent: For optional communications such as promotional messages about services not directly related to your treatment. You may withdraw consent at any time.
How we use your information
Your personal data is used for purposes such as:
- Preparing and delivering your dental care.
- Prescriptions, certificates, and referral letters.
- Communicating with other healthcare professionals at your request or where necessary for your care.
- Insurance and medico-legal reporting (with your consent).
- Internal audit, quality assurance, staff training, and continuing professional development (in anonymised form where possible).
- Appointment reminders and essential service notifications.
- Marketing or promotional updates (only with your explicit consent).
Disclosures of your information
We will only share your data where necessary and lawful, such as:
- With other healthcare providers involved in your care (with your consent, unless an overriding legal obligation applies).
- With insurers, state schemes (e.g., PRSI, Medical Card), or medico-legal professionals (with consent).
- With IT providers and secure storage partners under strict data processing agreements.
- Where legally required (e.g., by the Dental Council, Revenue Commissioners, or courts).
We will never share your personal data with third parties for unrelated commercial purposes.
How we keep your data secure
- Access is strictly limited to staff on a need-to-know basis.
- Patient records are stored electronically in EXact by Software of Excellence, which is password protected, encrypted, regularly updated, and supported by Network IT, Navan.
- Premises are secured by locks, alarms, and monitoring systems.
- Data is backed up securely off-site daily.
- Staff are trained in data protection, confidentiality, and secure communications.
Retention of records
In line with the Dental Council’s Code of Practice, we retain patient records for a minimum of 8 years after your last treatment. In the case of children, records are kept until the patient is at least 25 years of age.
Records may be “inactivated” upon request, meaning you will no longer receive communications, but the records are retained for the required legal period. Once the retention period expires, records are securely destroyed beyond recovery.
Your rights
Under GDPR, you have the following rights in relation to your personal data:
- Right of access: to obtain a copy of your records.
- Right to rectification: to correct inaccurate or incomplete information.
- Right to erasure: to request deletion of data where legally permissible.
- Right to restrict processing: to limit how we use your data.
- Right to object: to certain uses, including direct marketing.
- Right to data portability: to receive your data in a machine-readable format for transfer to another provider.
- Right to withdraw consent: where processing is based on consent.
Requests should be made in writing to:
Carol Murnaghan
Data Protection & Compliance Officer
Boyne Dental & Implant Clinic
4 Ludlow Street, Navan, Co. Meath
We will respond within one month, in line with GDPR requirements. No fee applies unless requests are manifestly unfounded or excessive.
Marketing communications
You may receive appointment reminders as part of our legitimate interest in supporting your ongoing oral health.
Promotional or service-related updates (e.g., new treatments, extended hours) will only be sent where you have explicitly opted in. You can withdraw consent at any time by emailing marketing@boynedental.ie.
Data breaches
In the unlikely event of a personal data breach, we will follow the DPC’s Personal Data Breach Code of Practice. Where required, affected patients and the Data Protection Commission will be notified promptly.
Complaints
If you have concerns about how we handle your personal data, please contact us directly. You also have the right to lodge a complaint with the Data Protection Commission (DPC):
Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28
Tel: +353 57 868 4800
Website: www.dataprotection.ie
Changes to this policy
We may update this Privacy Policy from time to time to reflect legal or operational changes. The latest version will always be available on our website and at our reception desk.