Privacy Notice – Denstudio

This Privacy Notice explains how we collect and use your personal data through the use of our website www.denstudio.co.uk and when you engage with our services at Denstudio.

Dr Jana Denzel Nandakumar is the data controller. Throughout this notice, references to "we", "us", or "our" mean Denstudio.

You can contact our Data Protection Officer (DPO) with any concerns or questions about how we handle your personal information:

Dr Jana Denzel Nandakumar
Email: hello@denstudio.co.uk
Phone: 02038830588

What We Collect & Why

Contact Details – Collected when you contact us, book an appointment, or enquire via our website. Stored in our practice management system and CRM. Legal basis: Legitimate interest.

Health Data – Required to provide safe, effective dental treatment. Shared only with trusted labs or auditors when needed. Held for 11 years (or longer where necessary). Legal basis: Contract and Legal obligation.

Technical Data – Includes IP address, browser type, and website errors. Used to monitor site performance and security. Deleted every 6 months. Legal basis: Legitimate interest.

Financial Data – Includes payment records and transaction data. Retained for at least 6 years in accordance with HMRC requirements. Legal basis: Legal obligation.

Usage & Marketing Data – Collected via Google Analytics, Meta, and ad platforms. Used for business insights and relevant marketing. Retained for up to 38 months. Legal basis: Legitimate interest.

We never sell or share your personal data for third-party marketing purposes.

Marketing Preferences

We may contact you with relevant updates or offers based on your treatment interest. You can opt out at any time by clicking unsubscribe in our emails or contacting us directly. Legal basis: Legitimate interest (for warm leads); Consent(for general marketing).

Third-Party Data Processors

We may share data with:

· Dental labs

· Practice management & CRM providers

· Regulators (CQC, GDC, HMRC)

· Marketing providers (e.g., Google, META, Mailchimp)

All third parties are contractually obligated to comply with UK GDPR and only process your data as instructed.

Data Security & Retention

We implement privacy-by-design in all systems. Data is retained only as long as necessary. Breaches, if they occur, are reported to the ICO within 72 hours and to you if your data is affected.

Your Rights

You have the right to:

· Access, correct or erase your data

· Restrict or object to processing

· Request portability

· Withdraw consent

To exercise your rights, please email: hello@denstudio.co.uk You can also lodge a complaint with the ICO: www.ico.org.uk

External Links

Our website may link to third-party sites. This privacy notice does not apply to those. Always read the privacy policy of any site you visit.