Privacy Policy

We are a Data Controller under the terms of the Data Protection Act 2018 and the requirements of the EU General Data Protection Regulation.

This Privacy Policy explains what personal data the practice holds, why we hold and process it, whom we might share it with, and your rights and freedoms under the law.

Types of personal data

The practice holds personal data in the following categories:

  1. Patient clinical and health data and correspondence.
  2. Staff employment data.
  3. Contractors’ data.

Why we process personal data

“Process” means we obtain, store, update and archive data.

  1. Patient data is held for the purpose of providing patients with appropriate, high quality, safe and effective dental care and treatment.
  2. Staff employment data is held in accordance with Employment, Taxation and Pensions law.
  3. Contractors’ data is held for the purpose of managing their contracts.

What is the lawful basis for processing personal data?

The law says we must tell you this:

  1. We hold patients’ data because it is in our legitimate interest to do so. Without holding the data, we cannot work effectively.
  2. We hold staff employment data because it is a legal obligation for us to do so.
  3. We hold contractors’ data because it is necessary when they fulfil a contract with us.

Who might we share your data with?

We can only share data if it is done securely and it is necessary to do so.

  1. Patient data may be shared with other healthcare professionals who need to be involved in your care (for example, if we refer you to a specialist or need laboratory work undertaken).
  2. Employment data will be shared with government agencies such as HMRC.

Your rights

You have the right to:

  1. be informed about the personal data we hold and why we hold it.
  2. access a copy of the data which we hold about you by contacting us directly. We will acknowledge your request and supply a response within one month or sooner.
  3. check that the information we hold about you is correct, and to make corrections if not.
  4. have your data erased in certain circumstances.
  5. ask us to transfer your data to someone else, if it is safe and legal to do so.
  6. tell us not to actively process or update your data in certain circumstances.

How long is the personal data stored for?

  1. We will store patient data for as long as we are providing care, treatment or recalling patients for further care. We will archive (that is, store it without further action) for as long as is required for legal purposes as recommended by trusted experts.
  2. We must store employment data for six years after an employee has left.
  3. We must store contractors’ data for seven years after the contract is ended.

What if you’re not happy with our data processing, or wish to raise a concern about it?

In the first instance, you may complain to our Data Protection Officer, Dr James Brown, who will do his best to resolve the matter. He may be contacted at 18 Manor Place Dental Practice, telephone no. 0131 225 2238. Should this fail, you may complain to the Information Commissioner at or by calling 0303 123 1113.


Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

We use a third-party service, Google Analytics, in order to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. Google Analytics cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come from and the pages they visited.

Click here to opt in to Google Analytics on this website.

Click here to opt out of Google Analytics on this website.

Most web browsers allow some control of most cookies through the browser settings. You can find more information about cookies at and