DentQ International Ltd. And its subsidiaries (“DentQ”) understands how important the privacy of personal information is to our users. We understand that your privacy matters and we respect your privacy choices. This Privacy Statement is intended to answer questions about our privacy practices, whether you are using our Website or our services. The following is intended to help you understand:
- Who are we
- Why are we processing your information
- What information we collect about you
- How we use your information
- Until when will we keep your information
- How and with whom we may share your information
- How we protect your information
- How can you ask to correct or delete your information
- How to access your information
- Installation of cookies files
- How to contact us with questions or concerns
- How can you protect your privacy right
- Future changes to the Statement
Our site may contain links to third party websites that are not owned or controlled by DentQ. This Privacy Statement only applies to information collected by us, and does not apply to any information collected by any third party. Accordingly, we recommend that you read the applicable third party privacy policies and terms for more information.
DentQ International Ltd is a company incorporated in Israel (registered number 516287588) whose registered office is at 26th Harokmim St., Holon 5885849, Israel.
DentQ International Ltd provides, through its subsidiaries in various countries, dental imaging services for healthcare professionals, whom by law must be registered in their country with the regulatory body for their profession.
DentQ International Ltd processes personal data as defined in the General Data Protection Regulation (Regulation (EU) 2016/679) and our subsidiaries are registered under the Data Protection Act.
What is our legal basis for processing your information?
We are required to process personal information of data subjects to conduct our service of dental and maxillofacial dental radiology.
We will only collect personal data about you where we have your consent to do so.
For healthcare professionals we collect your data when you register your details in order to use our services and to keep you informed of our news, events and educational opportunities in relation to dental and maxillofacial radiology.
For patients we collect your data when your healthcare professional refers you to us for X-ray imaging. We also collect and process your X-ray data.
What Personal Data Do We Collect?
For a healthcare professional to refer their patients to us they must register their details with us. We ask for your title, your full name as it appears on the regulatory body register, your regulatory body registration number, correspondence address, contact telephone number, email address, details of where to send invoices and preferred imaging output format and delivery method. We can also store payment details for automatic transactional payment of invoices using the tokenization framework.
We also ask that you choose a password, which along with your email address allows you access to your account, enables you to confirm electronic bookings and to open X-ray data. You are responsible for keeping this password confidential. We ask for you not to share this password and to only use your own account when referring patients to us.
You can edit any of these details by logging into our web hosted management portal.
For patients referred to us for X-ray imaging both personal and sensitive data is needed in order that the duty holders of the Ionising Radiation (Medical Exposure) Regulations (IR(ME)R) 2017 comply with the legislation.
For each patient we require the following personal data:
• First name and family name
• Date of birth
• Home address
• Telephone number / mobile number
• Email address
For each patient we require the following sensitive personal data:
• Type of X-ray examination
• Region of interest for X-ray examination
• Clinical indications and any other relevant medical/dental history and images
All of this data for patients must be supplied to us as either an electronic or written referral form. It is the responsibility of the healthcare professional to notify the patient that they will be sharing their personal and sensitive personal data with us.
For each patient we collect and store the following sensitive personal data:
• X-ray images
• X-ray doses
Once the patients scan pathway is complete and if we have been provided with the patients email address they will receive from us an email asking for their feedback.
What Do We Use Your Data For?
For healthcare professionals we use your data to:
a) identify you if you need to contact us if you have a query or need help or technical support
b) enable you to use the full range of features in the web hosted management portal
c) confirm your details against the regulatory body register
d) fulfil the Service Level Agreement
e) comply with the Ionizing Radiations Regulations
f) send you and maintain records of financial transactions
g) keep you updated about our services and educational
h) send you feedback emails and education opportunities
i) notify you of any data breaches
For patients we use your data to:
a) identify you when we contact you or you contact us
b) contact you to arrange, remind you of and notify you of any changes to your appointment
c) justify and take the X-ray examination on behalf of your healthcare professional
d) reformat your X-ray data into the chosen format for your healthcare professional
e) enable you to send us your feedback following your X-ray examination
f) send you an invoice confirming payment for your X-ray examination (if applicable)
g) notify you of any data breaches
How Long Will We Keep Your Data?
We will only keep your data for as long as is necessary for the purpose it was collected.
For healthcare professionals we will keep your personal data for as long as you are entered into a data processing agreement with us. For educational events we will normally retain your personal data for 6 years from the course attendance or purchase.
For X-ray records for patients referred to us we follow regulation requirements un various countries. For example, in the UK we follow The College of Radiologists position statement on the Records Management Code of 4 Practice for Health and Social Care 2016: application of the Code to radiology records retention protocol. The code requires:
1. For adults, imaging data should be retained for eight years since the patient was last seen in the organization that stores the data and is responsible for retention of it.
2. For children, imaging data should be retained until the child’s 26th birthday or eight years since the child was last seen – whichever is later – in the organization that stores the data and is responsible for retention of it.
3. When data held in accordance with this policy is erased or destroyed, it must be done so securely in accordance with best practice at the time.
Who Do We Share Your Data With?
We will not sell or share your personal data with third parties unless there is a legal obligation for us to do so, in line with our regulatory requirements.
We are not always able to format the X-ray data into the chosen format and so sometimes will need to share your personal data with trusted third parties for processing. The processor may only use your data for the exact purposes with which it has been shared with them for.
Third party management is in place to ensure that suppliers are best able to meet their obligations with respect to data privacy and establishing transparent arrangements through data sharing and data processing agreements.
We currently share data with the following processors:
• Diagnocat Inc. for Dental Imaging AI reports
• IDT Scans for Simplant reformatting and radiology reporting of CBCT scans
• 3D Diagnostix* for Simplant reformatting of CBCT scans
• CephX* for cephalometric X-ray analyses
* These companies maintain an EU-U.S. Privacy Shield registration which is recognized by the Information Commissioner’s Office.
How Do We Protect Your Personal Data?
We take information governance seriously. We map our data and identify what we have, what we are doing with it, where it is, where if goes and who has access to it.
Personal data is stored electronically with encryption on our web hosted management portal. We have a dedicated internet provider address and we have a secure socket layer (SSL) certificate for all our web domains (DentQ.com, DentQ.it. etc). This means all incoming and stored data on the portal is retained securely on a dedicated server. We also have the Backup Hosting Service which ensures continuous protection of all data on the server.
X-ray data is stored locally on the hard drive of each X-ray acquisition workstation in each of our imaging centers. This is stored in binary DICOM format and identifiable by the date and time of the scan. This data can be retrieved into the viewing software on the acquisition workstation. The X-ray data is processed into the output requested by the healthcare professional and returned by CD or a secure link from our server.
We employ access control so your data is only able to be accessed by those with a relevant job role. All employees must also adhere to the Data Protection and Information Sharing and Storage Policies.
When your personal data is shared with third parties this is done where possible through a Secure File Transfer Protocol (SFTP).
Information correction and deletion
If you believe that the data we have about you is incorrect, you can contact us so we can update it and keep it accurate.
If at any point you wish for us to delete information about you, you can simply contact us and as long as we are able to do this in line with applicable legislation and data retention recommendations we will.
Access to your data
You have the right to request access to the data we have about you by making a Subject Access Request (SAR). We will comply with any request within one month of the request.
A copy of the information will be provided free of charge. However, a reasonable fee based on the administrative cost of providing the information will be charged when a request is manifestly unfounded or excessive, particularly if it is repetitive. A reasonable fee may also be applied to comply with requests for further copies of the same information.
Patients can contact us by telephone, email or in writing to request a copy of their X-ray data which can be sent electronically or on CD in various formats. Instructions for how to open the scan will also be sent.
Installation of cookies files
When you visit our website, a cookie file may be installed in your device through which you have access to the website, and an identification number is issued for this device in our systems. Our firm or third parties may use the cookies files in order to monitor your patterns of activities in the website, to improve and to intensify the experience of your visit to the website, to conform and to offer you services and products which might interest you (pursuant to the information collected by these files) and to provide support services to you to the extent that you may need them. The cookies files may be deactivated. For example, most of the Internet browsers allow users to expunge cookies files from the device of the user, to block their acceptance or to receive warnings prior to their storage. Nevertheless, one should be aware that if the user will expunge or will not permit storage of cookies files and/or will change the characteristics of the Flash, the online experience of the user will be limited.
How to Contact us?
Protecting your rights
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your data, you have the right to lodge a complaint with the Information Commissioner’s Office in your country.
Changes to this statement