- Who are we?
-
We are Dublin Dental University Hospital at Lincoln Place Dublin D02 F859.
We provide dental care to patients and dental education to students
Dublin Dental University Hospital was established under S.I.129 of 1963 under the Health (Corporate Bodies) Act 1961. It is governed by a board appointed by the Minister for Health.
This notice sets out the basis on which any personal data we collect from you, or from others, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Acts 1988 to 2018 and the General Data Protection Regulation (GDPR) (together the Acts):
- The data controller is Dublin Dental University Hospital, as an employer and as a provider of health (dental) services.
- The data processor is Dublin Dental University Hospital in relation to employee pension data.
Our data protection contact and Data Protection Officer (“DPO”) may be contacted at dpo@dental.tcd.ie
- What personal information do we collect from you?
-
You may give us personal data by:
- Corresponding with us by phone, e-mail or otherwise. We ask you to disclose only as much information as is necessary to provide you with our services or to submit a question/suggestion/comment in relation to our website.
- Engaging the Dublin Dental University Hospital’s services and attending the hospital as a patient. Patients supply us with information which may include their contact details; next of kin or relatives contact information; email; address; telephone number and billing payment details and health related data. In some circumstances, patients may disclose health data relating to their relatives.
- Filling in forms on our website such as the Contact Us form.
- Applying to work with us. The type of information you may provide in your CV, a cover letter, your name, address, e-mail and phone number. CVs should include information relevant to your employment history and education (degrees obtained, places worked, positions held, relevant awards, and so forth). We ask that you do not disclose sensitive personal information (e.g. gender, height, weight, medical information, religion, philosophical or political beliefs, and financial data) in your application.
- Applying for a course with us. The type of information you will be asked to submit will include your name, address, date of birth, email, phone number, educational details and relevent employment history. As above, we ask that you do not disclose sensitive personal information (e.g. gender, height, weight, medical information, religion, philosophical or political beliefs, and financial data) in your application.
- When you pay for our services, e.g. in person, over the phone or online.
- Is my personal information used in research? The Dublin Dental University Hospital carries out research from time to time. Your personal information will never be used for research purposes without your explicit consent.
- We may capture images of staff, students or visitors on CCTV from time to time. This is for security reasons. As a public service agency we rely on article 6(1) (e)GDPR “necessary to carry out a task in the public interest, or in the exercise of official authority “ as the lawful basis for processing this information. Any images captured are retained for a maximum of 30 days as per DDUH policy.
- What information about you do we obtain from others?
-
When you use our services, we may obtain personal data from others, for example:
- Your General Dental Practitioner (GDP), other medical professionals including the HSE, other hospitals and health professionals where you transfer or are referred to our service.
- Why do we collect this information?
-
We collect the information in order to provide you with our services.
We will use this information as follow:
Patients:
- To set you up as a patient on our systems.
- To provide you with dental services.
- To carry out internal clinical audits.
- To ensure payment of our invoices.
Prospective Employees:
- To create a candidate profile for you if you are a prospective employee.
- To process employment applications, including by assessing qualifications, verifying information, conducting reference or other employment-related checks, and notifying you of future opportunities that might be of interest to you.
Prospective Students:
- To create a candidate profile for you if you are a prospective student.
- To process student applications, including by assessing qualifications, verifying information, and conducting reference and other related checks.
Website users:
- To administer and improve the content on our website and for internal operations.
- As part of our efforts to keep our website safe and secure.
- To make suggestions and recommendations to you and other users of our website about services that may interest you or them.
The legal bases for the processing of your data are:
- Processing necessary for the performance of a contract which you have entered into with us or to take steps at your request prior to entering into a contract, e.g. a contract of employment; or a contract to provide dental services.
- Processing necessary for compliance with a legal obligation to which we are subject.
- In the exercise of official authority vested in us by virtue of our statutory functions as set out in S.I.129 of 1963 under the Health (Corporate Bodies) Act 1961.
The legal bases for processing your sensitive personal data (medical/ dental data) are:
- Processing necessary to provide you with dental/health services.
- Processing necessary for the establishment, exercise or defence of legal claims.
- Processing necessary for reasons of public interest in the area of public health.
- Who do we share this information with?
-
We may share your personal data with other healthcare professionals, e.g. GDPs or other hospitals and further to our reporting obligations to organisations like the Health Products Regulatory Authority (HPRA) or the State Claims Agency. If you apply for an educational course with us we may share your personal information with Trinity College.
- Disclosure of your information
-
We may ask certain entities to process your information on our behalf including:
Suppliers and sub-contractors for the performance of any contract we enter into with them or you.
We attach at Schedule 1 a list of all entities that may process your personal data on our behalf.
- How long do we keep hold of your information?
-
The time periods for which we retain your information depends on the type of information and the purposes for which we use it. We will keep your information for no longer than is required or permitted.
For further information on the periods for which your personal data is kept, please see our data retention schedule which can be accessed here [Link is being updated].
- Do we transfer your information outside the European Union or European Economic Area
-
No.
- What are your rights with respect to your personal data?
-
You have the following rights:
- The right to access the personal data we hold about you.
- The right to require us to rectify any inaccurate personal data about you without undue delay.
- The right to have us erase any personal data we hold about you in circumstances such as where it is no longer necessary for us to hold the personal data or, in some circumstances, if you have withdrawn your consent to the processing.
- The right to object to processing personal data for profiling or direct marketing. The DDUH does not engage in profiling or direct marketing.
- The right to ask us to provide your personal data to you in a portable format or, where technically feasible, for us to port that personal data to another provider provided it does not result in a disclosure of personal data relating to other people.
- The right to request a restriction of the processing of your personal data.
Where our processing of your personal data is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.
You may exercise any of the above rights by contacting dataprotection@dental.tcd.ie
You may lodge a complaint with your local supervisory authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Data Protection Commission. The website is www.dataprotection.ie
- What will happen if we change our Privacy Notice?
-
This notice may change from time to time, and any changes will be posted on our website and will be effective when posted. Please review this notice each time you use our website or our services.
- When was our Privacy Notice last updated?
-
This notice was last updated in November 2024.
- How can you contact us?
-
All queries in relation to requesting your data (records held on file) should be sent to dataprotection@dental.tcd.ie
Postal Address: Dublin Dental University Hospital, Lincoln Place, Dublin 2, D02 F859.
The DPO can be contacted at dpo@dental.tcd.ie
- Your records and Retrospective Chart Reviews
-
NOTICE TO PATIENTS
RESEARCH AND RETROSPECTIVE CHART REVIEWS
The Dublin Dental University Hospital would like to notify patients that from time to time the personal and health information that we collect from patients may be used by the hospital for the purpose of a Retrospective Chart Review study.
This is a low risk research study carried out by authorized staff and students in the hospital on personal information only that has already been obtained during the provision of dental care.
The following safeguards apply:
- Personal information accessed for this research may not be disclosed to another person unless that information is fully anonymized;
- Any findings from the study that are published may not identify an individual whose personal information was used in the study and;
- The study will be reviewed and approved by a research ethics committee prior to commencement of the study.
This notice is displayed in accordance with and pursuant to:
- Links, downloads & helpful resources
-
Link to the text of General Data Protection Regulation (in English)
Link to the Data Protection Act 2018 on Irish Statute Book website
Link to Data Protection Commissioner website