European Union's General Data Protection Regulation
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals who are citizens of member states of the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. Since GDPR is considered the most advanced regulation which aims to protect the data of natural persons, we adhere to its policies regardless of where our users are based or which countries they are citizens of.
Although Dental Tourist works with dental clinics, we do not ask for nor do we collect any health related data from any natural persons. The only information we require from customers, when making an appointment, is their name and email address. We do not, at any point, ask for other PII, sensitive or health related data. A potential customer can, when making an appointment, inadvertently submit some health information by writing it in the Message field of the contact form on this website. Please note that on that form we warn customers not to disclose any private, health related information to Dental Tourist through the platform or in any ensuing electronic correspondence. Nevertheless, if customers do submit sensitive data to us, we use a secure connection (HTTPS) to transmit this data, as well as make sure that all our software is updated regularly, and we have state of the art firewalls in place. In terms of data access and confidentiality, only our CEO and the Officer assigned to us by the company in charge of our data policies and information management, Data Privacy Agency, have access to this sensitive information.