One Of The UK's Full Mouth Dental Implant Providers
💷 Finance available from £250 per month
🔬 FREE Clinical Assessments
One Of The UK's Full Mouth Dental Implant Providers
💷 Finance available from £250 per month
🔬 FREE Clinical Assessments

Privacy Policy for Patients

Privacy Policy for Patients – 21D Clinical Limited

Introduction
21DClinical Limited (“we”, “us”, “our”) is committed toprotecting your privacy and the security of your personal information. ThisPrivacy Policy explains how we collect, use, store and share your data when youvisit our website (www.21d.co.uk) orreceive treatment from us. We comply with:
- UK General Data Protection Regulation (UK GDPR)
- Data Protection Act 2018
- Privacy and Electronic Communications Regulations (PECR)
- General Dental Council (GDC) standards
- Care Quality Commission (CQC) requirements
By using our website or becoming a patient of 21D, you agree to this Privacy Policy. 

Who We Are(Data Controller)
21DClinical Limited
St Andrew’s House
Kelvin Close
Birchwood
Warrington
WA3 7PB

General email: info@21d.co.uk
Data protection contact: Michelle Garbutt - CASE@21d.co.uk
We are the data controller, meaning we determine how and why your personal information is used. 

TheInformation We Collect
We collect and process the following types of personal data:
A.Identification & Contact Information
- Full name
- Address
- Telephone numbers
- Email address
- Date of birth

B. Health& Clinical Information (Special Category Data)
Requiredfor providing safe dental treatment:
- Medical history
- Dental records
- Clinical notes
- CBCT scans, X-rays, photographs
- Implant plans & prosthetic designs
- Prescriptions and operative notes

C.Administrative & Financial Information
- Appointment history
- Signed consent forms
- Payment details (not stored if processed by third-party finance providers)
- Finance application information
- Communication records

D. Website& Technical Data
Collected when you use our website:
- IP address
- Device and browser type
- Cookies and tracking identifiers
- Website usage statistics

See our CookiePolicy for more detail. 

How We Collect Your Information
We collect information:
- When you complete forms on our website
- When you contact us via phone, email or social platforms
- During your Full Clinical
- Assessment and treatment
- From referring clinicians (with your consent)
- From finance providers (if applicable)
- From cookies and online analytics
- When you provide reviews or feedback voluntarily 

Why We Use Your Information & Legal Bases
The UKGDPR requires us to explain the legal basis for each purpose.
A. To provide dental treatment and care
Diagnosis,treatment planning, surgery and aftercare - Legal basis: Performance of a contract / Article 9(2)(h) healthcare provision
B. To manage appointments, communication and clinical administration
Legalbasis: Legitimate interests / performance of a contract
C. To comply with legal and regulatory obligations
(e.g.,GDC, CQC, HMRC requirements) - Legal basis: Legal obligation
D. To improve our services (audit, training, quality monitoring)
Legalbasis: Legitimate interests / Article 9(2)(h)
E.Marketing communications (optional)
Legalbasis: Consent. You can withdraw consent at any time.
F. Website analytics & cookie technology
Legalbasis:
- Consent for non-essential cookies
- Legitimate interests for essential cookies 

Special Category Data (Health Information)
Because we provide healthcare services, we process special category data under:
Article 9(2)(h) - healthcare provision
Article 9(2)(f) - legal claims (if needed)

Safeguards include:
- Encrypted data storage
- Access controls for clinical staff
- Confidentiality agreements
- Secure clinical software systems
- Regular audits and monitoring 

Sharing Your Information
We only share your data when necessary for your treatment, practice administration, legal compliance or at your request.
We may share your information with:
- Dental laboratories
- Imaging and diagnostic providers
- Clinicians involved in your treatment
- Finance providers (if you apply for finance)
- Payment processors
- Insurance providers (if applicable)
- IT service providers
- Regulatory bodies (CQC, GDC, HMRC)
We never sell your data. 

Sharing Within the 21D Group
We may share your personal data with other companies within the 21D Group where this is necessary to deliver your treatment or support clinical and administrative functions. This includes, for example, 21D Bioengineering, our in-house dental laboratory responsible for designing and manufacturing your prosthetic restorations.

Any 21D Group company that processes your data is bound by strict confidentiality, security measures and data processing agreements.

This internal sharing allows us to provide an efficient, integrated service while maintaining high clinical standards. 

International Transfers
If any third-party service provider stores or processes data outside the UK, we ensure appropriate safeguards are in place, such as:
- UK-approved Standard Contractual Clauses (SCCs)
- UK–US Data Privacy Framework
- Additional contractual and technical measures
You may request further details of these safeguards. 

How Long We Keep Your Information
We retain your information only as long as needed:
- Clinical records - minimum 11 years after your last visit (or until age 25 if under     18)
- Financial records - 6 years
- Marketing preferences - until you withdraw consent
- Website analytics - as set out in the Cookie Policy
- General enquiries - deleted when no longer needed
When retention periods end, data is securely deleted or anonymised. 

YourRights
You have the right to:
- Access your personal information
- Correct inaccurate information
- Request deletion (where applicable)
- Restrict processing
- Object to processing
- Withdraw consent
- Data portability
- Complain to the Information Commissioner’s Office (ICO)
To exercise your rights, contact:
CASE@21d.co.uk
To complain to the ICO:
www.ico.org.uk 

Automated Decision-Making
We do not carry out any automated decision-making or profiling that produces legal or significant effects. 

How We Protect Your Data
We use a range of technical and organisational measures, including:
- Encryption and secure servers
- Access controls
- Staff confidentiality training
- Firewalls and malware protection
- Regular system audits
- Data minimisation practices 

Cookies &Tracking Technologies
For detailed information about cookies that we use and how to control them, please see our Cookie Policy. 

Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:
21DClinical Limited
Email: info@21d.co.uk
Data Protection contact: Michelle Garbutt - CASE@21d.co.uk