What is GDPR?
The General Data Protection Act (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the 1995 Data Protection Directive. The GDPR enhances EU individual’s privacy rights and places significantly enhanced obligations on organizations handling data. At DeCare Dental, we are committed to making GDPR a success. The GDPR regulates the processing of personal data about individuals in the European Union including its collection, storage, transfer or use. The concept of “personal data” is broadly defined and covers any information relating to an identified or identifiable individual, defined by GDPR as a “data subject”. For most companies, this includes employees and customers. GDPR identifies two entities that may possess personal data. A data controller exercises control over the processing of personal data and decides which data to collect. A data processor acts at the direction of a data controller to collect, store, retrieve and/or delete personal data.
DeCare's Data Processing Agreement (DPA)
Business customers may need to sign a Data Processing Agreement (DPA) with DeCare Dental to assist in their GDPR compliance. Please request the DPA agreement from your DeCare Dental representative or email us at firstname.lastname@example.org.
We hold and use personal data and sensitive personal data such as medical information for the purposes of providing and administering dental insurance products. We are registered as a data controller with the Office of the Data Protection Commissioner. In order to administer the dental insurance products which we provide, it is necessary for us to send your data outside of the EU to our parent company based in the USA but such data will continue to be safe guarded in accordance with the standards and principles set out in the EU General Data Protection Regulation (GDPR). We may share your personal data and sensitive personal data with your dentist insofar as it is relevant to the processing of your claim. We may also share your personal data with our bank for the purpose of processing the payment of your claim. We may also share your data with other insurers to verify your cover. We may share your data with trusted third parties for the purpose of distributing policy documentation and other communications, such as letters, direct mail, emails etc. We may share your information with our parent company and other group companies for the purpose of processing the payment of your claim and efficient administration such as audit, systems development etc. We may share your personal data and sensitive personal data with our legal advisers and the appropriate authorities where necessary e.g. the Dental Council, An Garda Síochána and in relation to personal data with the Revenue Commissioners. We may share your personal information and anonymised information for the purposes of health services research for projects approved by the Data Protection Commissioner. If you have a query in relation to the data held about you or you wish to request a copy of the data held by DeCare about you, please write to the Data Protection officer, DeCare Dental Insurance Ireland DAC, IDA Business Park, Claremorris, Co. Mayo.