Privacy Policy

We collect information about you in a variety of ways depending on how you interact with us and our websites, including:

• Directly from you when you provide it to us, such as when you fill out a form on our website, sign up for an account, or contact us by phone, email, or otherwise.
• Automatically through the use of cookies, server logs, and other similar technologies when you interact with our websites [and emails].
• From other sources, including, for example, our affiliates, business partners, service providers, and other third parties, or from publicly available sources. For example, if you submit a job application, or become an employee, we may conduct a background check.

The following provides examples of the type of information that we collect in a variety of contexts and how we use that information.

Account Registration: When you create an account, we collect your name, contact information, username and password. We also collect information relating to the actions that you perform while logged into your account. The primary purpose of collecting this information is to administer your account and communicate with you about your account.

Contractors, Consultants, Vendors and Business Partners: We collect, among other things, the name and contact information of our contractors, consultants, vendors, business partners and their respective employees or subcontractors with whom we interact. The primary purpose of collecting this information is to manage our business relationships and conduct normal business administration.

Cookies and Similar Tracking Technologies: When you visit our website, we collect certain information about your browser and the device. Examples of such information include your device type, browser type, internet protocol (IP) address, unique device identifiers, general location of your device, operating system, internet service provider, and other technical information about your device (collectively, “Device Information”).We also collect information about your interactions with our website. Examples of such information include pages visited, links clicked, access date and times, referring website, geolocation, information that you type into our online forms, and identifiers associated with browser cookies, web beacons, and similar technologies we deploy on our website (collectively, “Usage Data”).For details about the types of tracking technologies we use, please see the Cookies and Similar Tracking Technologies section of this Privacy Policy.We use cookies and similar tracking technologies for a number of reasons, such as:

• to serve you with relevant advertising
• to learn more about the way you interact with our content
• help us improve your experience when visiting our websites
• to remember your preferences, such as a language or a region, so there is no need for you to customize the website on each visit
• to identify errors and resolve them
• to analyze how well our websites are performing

Job Applicants: If you apply for a job posting, we collect information necessary to process your application or to retain you as an employee. This may include, among other things, your name, email address, phone number, Resume/CV, and certain voluntary information such as gender, race/ethnicity, veteran status, and disability status, but only if you choose to provide such information. If you become an employee, we may also collect your Social Security Number. Providing this information is required for employment. We collect this information to process your application and communicate with you about your application.

Inquiries, Comments, and Feedback: If you contact us, such as by filling out a form on our website, we collect your name, e-mail address, phone number, and relevant information about your practice, as well as any other content that you send to us. If you connect with us on social media, we collect any content that you choose to provide. We use this information to respond to or follow-up on your comments, reviews, inquiries and other requests.

When you visit our websites, we and our third-party service providers use cookies and other similar technologies, to collect Device Information and Usage Data. The types of technologies we may use include the following:

Cookies: Cookies are small files that a website sends to your computer’s hard drive through your web browser that enables the website to recognize your browser and capture and remember certain information. Most web browsers allow you to reject or delete cookies through their settings preferences. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our website.

The following describes the types of cookies we use and why:

Necessary/Essential: These cookies are essential to provide you with services available through the website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.

Functional: These cookies allow us to remember choices you make when you use the website, such as remembering your login details or language preference. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the website.

Analytics: Among other things, these cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. We may also use third party session replay software, which allows us to see how visitors move around the website. Analytics cookies may be set by us or a third party. For example, we use Google Analytics to help us analyze your use of the website. To learn more about how Google collects and processes data, please visit https://policies.google.com/technologies/partner-sites. For more information about how to opt out of having your information used by Google Analytics, visit https://tools.google.com/dlpage/gaoptout/.

Targeting/Advertising: These cookies may be set through our website by us or our advertising partners. They may be used to collect information over time and across different websites in order to build a profile of your interests and/or show you relevant advertisements on our website or other websites.

Web Beacons: A “web beacon” (also called a “pixel tag” or a “clear gif”) is a small graphic image placed on website pages or in electronic communication that can be used for such things as counting the users who have visited those pages, clinked on links, opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Web Logs: When you visit and interact with our site, we record certain information, including your browser type, operating system, internet protocol (IP) address (a number that is automatically assigned to a computer when the internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors. This information helps us monitor our networks and usage of our website.

In addition to the purposes and uses described above, we use information in the following ways: 

To administer, maintain, evaluate, and improve our website and website offerings.

To manage your account.

• To contact you: To contact you by email, telephone calls, text (SMS) messages, or other equivalent forms of electronic communication, to provide information that you requested from Dandy, information related to any orders you may have placed, updates and information regarding our products, services, or other offerings, or for any other reason related to Dandy’s business.
• To provide you with news, special offers and general information about other Dandy products, services or offerings that you may be interested in, unless you have opted not to receive such information.
• To manage your requests: To attend to, manage, and respond to your requests.

To conduct analytics.

• To detect and protect against malicious, deceptive, fraudulent, or illegal activity, including violation of our policies and terms and conditions, security incidents, and harm to the rights, property, or safety of our company and our users, employees, or others.
• To debug, identify and repair errors that impair existing intended functionality of our website and services.

To comply with our legal or regulatory obligations, to establish or exercise our rights, and to defend against a legal claim.

For internal administrative purposes, as well as to manage our relationships.

For business transfers: We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our Site’s Users is among the assets transferred.

For other purposes: We may use your information for such other purposes as you may consent (from time to time).

In addition to the specific situations discussed elsewhere in this Privacy Policy, we may disclose personal information in the following situations:

• Business Transfers. We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  Affiliates. We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control).
• Service Providers. We may share your information with service providers. Among other things service providers may help us to administer our website, provide technical support, conduct research and analytics, and perform other services related to the operation of our business.
• Business Partners. We may share your information with our business partners to offer you certain products, services or promotions. However, your phone number will not be shared or sold to business partners or affiliates for their direct marketing and promotional purposes.
• Legal Process/Compliance with Law. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies.
• With Your Consent. We may disclose your information to other third parties when we have your consent or direction to do so.
• SMS/Text Messaging Data. Mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Depending on your state of residence, you can make the following choices regarding your personal information:

Access To Your Personal Information. You may request access to your personal information and details regarding our collection, use, and disclosure of your personal information. In certain limited circumstances, you may also request to receive access to your personal information in a readily usable format.

Changes To Your Personal Information. You may ask us to correct information that is inaccurate or incomplete. Note that we may keep historical information in our backup files as permitted by law.

Deletion Of Your Personal Information. You may request that we delete your personal information. If required by law, we will grant a request to delete information, but you should note that in many situations we must keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for another business purposes.

Opt-out of Sharing for Targeted Advertising. You may opt-out of online tracking based targeted advertising (e.g., cookies) by clicking the “Do Not Share My Personal Information” link here. Please note that if you change browsers or computers, or if you clear your browser’s cache, you may need to click the link again to apply your preference. You may also opt-out of other forms of targeted advertising by submitting a request as described below.

Promotional Emails. We may use your information to send you newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send. If you decide not to receive promotional emails, we may still send you service-related communications.

Please note, not all of the rights described above are absolute, and they do not apply in all circumstances. In some cases, we may limit or deny your request because the law permits or requires us to do so, or if we are unable to adequately verify your identity. We will not discriminate against individuals who exercise their privacy rights under applicable law.

Submitting Requests

You may exercise the rights described above by contacting us as indicated in the Contact Information section below. If you are a California resident, you may also submit a request through this form. 

Note that, as required by law, we will require you to prove your identity before we can process your request. We may verify your identity by phone call or email. Depending on the type of request, we will ask for information such as your email address, and phone number. We may also ask you to provide a signed declaration confirming your identity.

Authorized Agents

If you are a California resident, you may designate an authorized agent to submit requests to exercise certain privacy rights on your behalf.

If you have been designated as an authorized agent to submit a request on behalf of another person, you must attach a copy of the signed written permission from the individual indicating you are authorized to act on his or her behalf when you submit a request either by emailing us at [email protected] or submitting this form.

Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized to submit such request.

No method of transmission over the internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information.

In the event that we are required by law to inform you of a breach to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.

We retain your personal information for only as long as necessary to fulfill the purposes outlined in this Privacy Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements, unless a longer retention period is required or permitted by law.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we obtained the information and whether we can achieve those purposes through other means, as well as applicable legal requirements.

For your convenience, we may provide links to websites and other third-party content or services that we do not own or operate. The websites and third-party content to which we link may have separate privacy notices or policies.

Please note, we have no control over the privacy practices websites, or services that we do not own. We encourage you to review the privacy policies of any third-party website or application for details about such third party’s privacy practices.

We may update our Privacy Policy from time to time to reflect changes to our practices, technology, legal requirements and other factors.

When changes are made to this Privacy Policy, they will become immediately effective when published. You can check the “Last Updated” legend at the top of this page to see when this Privacy Policy was last revised.

If you have any questions, comments, or complaints concerning our privacy practices, or if you need to access this Privacy Policy in an alternative format due to having a disability, please contact us by sending us an email at [email protected].

California law requires us to disclose the following additional information related to our privacy practices. If you are a California resident, the following privacy disclosures apply to you in addition to the rest of the Privacy Policy.

Categories of Information We Collect, Use, and Disclose. The table below describes the categories of personal information we collect, disclose for a business purpose and “share” for purposes of cross-context behavioral advertising (as those terms are defined by California law). Please note, in addition to the recipients identified below, we may disclose any of the categories of personal information we collect with government entities, as may be needed to comply with law or prevent illegal activity. We do not “sell” your personal information for money. As discussed elsewhere in the Privacy Policy, we use cookies and similar tracking technologies for purposes of targeted advertising. For more information, please see the Cookies and Similar Tracking Technologies section of this Privacy Policy.

Category of Personal Information and Recipients:

Identifiers – this may include name, signature, address, telephone number, bank account number, credit card number, or other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates
  • Our business partners
• Sharing for Cross-Context Behavioral Advertising
  • Advertising networks

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates
  • Our business partners

Protected classification characteristics under California or federal law – this may include race or ethnicity, gender, physical or mental disability, and veteran or military status. (Applicable to potential employees and employees)

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates
  • Our business partners

Commercial information – this may include information about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates
  • Our business partners

• Sharing for Cross-Context Behavioral Advertising
  • Advertising networks

Internet or other electronic network activity information – this may include browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement.

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates
  • Our business partners

• Sharing for Cross-Context Behavioral Advertising
  • Advertising networks

Geolocation data

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates

Professional or employment-related information – this may include current or past job history. (Applicable to potential employees and employees)

• Disclosures for a Business Purpose
  • Service Providers
  • Our affiliates

Inferences drawn from any of the information listed above – to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

• Disclosures for a business purpose:
  • Service Providers
  • Our affiliates
  • Our business partners

• Sharing for Cross-Context Behavioral Advertising
  • Advertising networks

For more information about the personal information we collect, including the sources from which we obtain personal information, please see the Information We Collect section above.

We collect, use and disclose personal information for the business or commercial purposes described in the How We Use Information and How We Share Information sections above.

California Sensitive Information Disclosure. We collect the following categories of sensitive personal information (as defined under California law): Account log-in and password. We use this information to administer to your account and to provide you with services. If you apply for a job, you may choose to provide information about your race or ethnicity. This information is collected in order to process your application, evaluate you in the recruitment and hiring process, including to assess your eligibility for available positions; and to comply with legal obligations (e.g., health and safety, anti-discrimination laws). Note that we do not use sensitive personal information for any purposes that are not identified within the California Privacy Rights Act Section 1798.121. We do not “sell” or “share” sensitive personal information for purposes of cross-context behavioral advertising.

California Shine the Light. Under California law, California residents with an established business relationship with us can request information once a year about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you’d like to request more information under the California Shine the Light law, you can contact us using the contact information provided in the Contact Information section above.

“Do Not Track” Disclosure. Our websites do not respond to “Do Not Track” signals.

We collect information about you in a variety of ways depending on how you interact with us and our websites, including:
Directly from you when you provide it to us, such as when you fill out a form on our website, sign up for an account, or contact us by phone, email, or otherwise.
Directly from your dental practice, which acts as a Health Information Custodian under PHIPA. This information, which may include Personal Health Information (PHI), is provided to us solely for the purpose of fulfilling requests for dental lab products and services.
Automatically through the use of cookies, server logs, and other similar technologies when you interact with our websites and emails.
From other sources, including, for example, our affiliates, business partners, service providers, and other third parties, or from publicly available sources. For example, if you submit a job application, or become an employee, we may conduct a background check.
The following provides examples of the type of information that we collect in a variety of contexts and how we use that information.

Account Registration: When you create an account, we collect your name, contact information, username and password. We also collect information relating to the actions that you perform while logged into your account. The primary purpose of collecting this information is to administer your account and communicate with you about your account.

Contractors, Consultants, Vendors and Business Partners: We collect, among other things, the name and contact information of our contractors, consultants, vendors, business partners and their respective employees or subcontractors with whom we interact. The primary purpose of collecting this information is to manage our business relationships and conduct normal business administration.

Cookies and Similar Tracking Technologies: When you visit our website, we collect certain information about your browser and the device. Examples of such information include your device type, browser type, internet protocol (IP) address, unique device identifiers, general location of your device, operating system, internet service provider, and other technical information about your device (collectively, “Device Information”). We also collect information about your interactions with our website. Examples of such information include pages visited, links clicked, access date and times, referring website, geolocation, information that you type into our online forms, and identifiers associated with browser cookies, web beacons, and similar technologies we deploy on our website (collectively, “Usage Data”). For details about the types of tracking technologies we use, please see the Cookies and Similar Tracking Technologies section of this Privacy Policy. We use cookies and similar tracking technologies for a number of reasons, such as:

• to serve you with relevant advertising
• to learn more about the way you interact with our content
• help us improve your experience when visiting our websites
• to remember your preferences, such as a language or a region, so there is no need for you to customize the website on each visit
• to identify errors and resolve them
• to analyze how well our websites are performing.

Job Applicants: If you apply for a job posting, we collect information necessary to process your application or to retain you as an employee. This may include, among other things, your name, email address, phone number, resume/CV, and certain voluntary information such as gender, race/ethnicity, veteran status, and disability status, but only if you choose to provide such information. If you become an employee, we may also collect your Social Security Number/Social Insurance Number. Providing this information is required for employment. We collect this information to process your application and communicate with you about your application.

Inquiries, Comments, and Feedback: If you contact us, such as by filling out a form on our website, we collect your name, e-mail address, phone number, and relevant information about your practice, as well as any other content that you send to us. If you connect with us on social media, we collect any content that you choose to provide. We use this information to respond to or follow-up on your comments, reviews, inquiries and other requests.

When you visit our websites, we and our third-party service providers use cookies and other similar technologies, to collect Device Information and Usage Data. The types of technologies we may use include the following:

Cookies: Cookies are small files that a website sends to your computer’s hard drive through your web browser, enabling the website to recognize your browser and capture and remember certain information. Most web browsers allow you to reject or delete cookies through their settings preferences. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our website.
The following describes the types of cookies we use and why:

Necessary/Essential: These cookies are essential to provide you with services available through the website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.

Functional: These cookies allow us to remember choices you make when you use the website, such as remembering your login details or language preference. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the website.

Analytics: Among other things, these cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. We may also use third party session replay software, which allows us to see how visitors move around the website. Analytics cookies may be set by us or a third party. For example, we use Google Analytics to help us analyze your use of the website. To learn more about how Google collects and processes data, please visit https://policies.google.com/technologies/partner-sites. For more information about how to opt out of having your information used by Google Analytics, visit https://tools.google.com/dlpage/gaoptout/.

Targeting/Advertising: These cookies may be set through our website by us or our advertising partners. They may be used to collect information over time and across different websites in order to build a profile of your interests and/or show you relevant advertisements on our website or other websites.

Web Beacons: A “web beacon” (also called a “pixel tag” or a “clear gif”) is a small graphic image placed on website pages or in electronic communication that can be used for such things as counting the users who have visited those pages, clinked on links, opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Web Logs: When you visit and interact with our site, we record certain information, including your browser type, operating system, internet protocol (IP) address (a number that is automatically assigned to a computer when the internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors. This information helps us monitor our networks and usage of our website.

In addition to the purposes and uses described above, we use Personal Information and as an Information Manager, Personal Health information in the following ways: 

• To administer, maintain, evaluate, and improve our website and website offerings.

• To manage your account.

• • To contact you: To contact you by email, telephone calls, text (SMS) messages, or other equivalent forms of electronic communication, to provide information that you requested from Dandy, information related to any orders you may have placed, updates and information regarding our products, services, or other offerings, or for any other reason related to Dandy’s business.
  • To provide you with news, special offers and general information about other Dandy products, services or offerings that you may be interested in, unless you have opted not to receive such information. We do not use or disclose any Personal Health Information for these purposes without separate, specific and express consent.
  • To manage your requests: To attend to, manage, and respond to your requests.

• To conduct analytics.

• To detect and protect against malicious, deceptive, fraudulent, or illegal activity, including violation of our policies and terms and conditions, security incidents, and harm to the rights, property, or safety of our company and our users, employees, or others.
• To debug, identify and repair errors that impair existing intended functionality of our website and services.
• To comply with our legal or regulatory obligations, to establish or exercise our rights, and to defend against a legal claim.
• For internal administrative purposes, as well as to manage our relationships.
• For business transfers: We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our Site’s Users is among the assets transferred.

For other purposes: We may use your information for such other purposes as you may consent (from time to time).

In addition to the specific situations discussed elsewhere in this Privacy Policy, we may disclose personal information in the following situations:

• Business Transfers. We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  Affiliates. We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control).
• Service Providers. We may share your information with service providers, including subcontractors. Among other things, these service providers may help us to administer our website, provide technical support, conduct research and analytics, and perform other services related to the operation of our business. We require all such service providers and subcontractors to adhere to security and privacy standards that are comparable to our own and to comply with Applicable Laws, including PHIPA, in the processing of Personal Health Information
• Business Partners. We do not share Personal Health Information with business partners or affiliates for marketing or promotional purposes. We may share Personal Information (excluding PHI) with these parties as outlined in the policy. 
• Legal Process/Compliance with Law. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies.
• With Your Consent. We may disclose your information to other third parties when we have your consent or direction to do so. 
• SMS/Text Messaging Data. Mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Depending on your state or province of residence, you can make the following choices regarding your personal information:

• Access To Your Personal Information. You may request access to your personal information and details regarding our collection, use, and disclosure of your personal information. In certain limited circumstances, you may also request to receive access to your personal information in a readily usable format.
• Changes To Your Personal Information. You may ask us to correct information that is inaccurate or incomplete. Note that we may keep historical information in our backup files as permitted by law.
• Deletion Of Your Personal Information. You may request that we delete your personal information. If required by law, we will grant a request to delete information, but you should note that in many situations we must keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for other business purposes.
• Opt-out of Sharing for Targeted Advertising. You may opt-out of online tracking based targeted advertising (e.g., cookies) by clicking the “Do Not Share My Personal Information” link here. Please note that if you change browsers or computers, or if you clear your browser’s cache, you may need to click the link again to apply your preference. You may also opt-out of other forms of targeted advertising by submitting a request as described below.
• Promotional Emails. We may use your information to send you newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send. If you decide not to receive promotional emails, we may still send you service-related communications.

For Ontario Residents. Your Rights Concerning Personal Health Information (PHI). Under PHIPA, you have the right to access, correct, or request the deletion of your Personal Health Information. However, as an Information Manager, Dandy processes this information on behalf of your dental practice. Therefore, all requests regarding your PHI must be made directly to your dental practice, which is your Health Information Custodian. Dandy will not respond to or act on any request from an individual regarding their PHI without explicit instruction from the Health Information Custodian. We will, however, provide reasonable assistance to the Health Information Custodian to fulfill such requests as required by law.

As required or permitted by law, you may be entitled to additional rights, including: (i) the right to withdraw consent to processing where consent is the basis of processing; (ii) the right to object to unlawful data processing, under certain conditions; (iii) the right to erasure of personal information about you, under certain conditions; (iv) the right to demand that we restrict processing of your personal information, under certain conditions, if you believe that we have exceeded the legitimate basis for processing, that processing is no longer necessary, or that your personal information is inaccurate; (v) the right to receive computerized personal information collected from you in a structured, commonly used and technological format and to have this information transferred directly to another organization; (vi) the right to be informed of and submit observations regarding automated decision-making; and (vii) the right to request information about data processing. You may also, where applicable, have the right not to receive discriminatory treatment for the exercise of your privacy rights.

Finally, you also have a right to lodge a complaint with a competent data protection authority, in particular in the country/territory where you normally reside, where we are based or where an alleged infringement of data protection law has taken place.

Please note, not all of the rights described above are absolute, and they do not apply in all circumstances. In some cases, we may limit or deny your request because the law permits or requires us to do so, or if we are unable to adequately verify your identity. We will not discriminate against individuals who exercise their privacy rights under applicable law.

Submitting Requests

You may exercise the rights described above by contacting us as indicated in the Contact Information section below. If you are a California resident, you may also submit a request through this form. 

Note that, as required by law, we will require you to prove your identity before we can process your request. We may verify your identity by phone call or email. Depending on the type of request, we will ask for information such as your email address, and phone number. We may also ask you to provide a signed declaration confirming your identity.

Authorized Agents

If you have been designated as an authorized agent to submit a request on behalf of another person, you must attach a copy of the signed written permission from the individual indicating you are authorized to act on his or her behalf when you submit a request either by emailing us at [email protected] or submitting this form.

Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized to submit such request.

No method of transmission over the internet, or method of electronic storage, is fully secure. While we use reasonable efforts such as physical, administrative and technical safeguards to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information.

Reporting of Privacy Breaches. In the event of any unauthorized access, use, or disclosure of Personal Information, we will investigate and, where required by Applicable Law, report the incident to the appropriate authorities.

In the event of a Privacy Breach involving Personal Health Information (PHI), Dandy will notify the affected Health Information Custodian without unreasonable delay. We will provide all relevant information about the breach to assist the Health Information Custodian in fulfilling its legal obligations, including reporting to the Information and Privacy Commissioner of Ontario and notifying the affected individuals, where required by PHIPA.

We retain your personal information for only as long as necessary to fulfill the purposes outlined in this Privacy Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements, unless a longer retention period is required or permitted by law.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we obtained the information and whether we can achieve those purposes through other means, as well as applicable legal requirements.

For Personal Health Information, we adhere to the retention schedules and guidelines set out by the Royal College of Dental Surgeons of Ontario and other relevant regulatory bodies.

Your personal information may be stored and processed in Canada and the United States. We may transfer information that we collect about you, including information, to affiliates, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world that have different privacy laws that may or may not be as comprehensive as the country you reside in. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your personal information through the laws of the foreign country. 

The U.S. government, courts, law enforcement, or regulatory agencies may be able to obtain access to your information through lawful orders in the U.S. By submitting your information to us, you consent to this transfer, storage, and processing. Your dental practice, as your Health Information Custodian, is aware of and has agreed to this practice.

You may ask for further information on the safeguards that we have put in place to safeguard the transfer of your information by contacting us at using the information provided in the “Contact Information” section of this Privacy Policy.

By submitting your personal information to us, you consent to this transfer, storage, or processing.

Withdrawing your consent

Where you have provided your consent to the collection, use, and disclosure of your personal information, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact us at  [email protected]. Please note that if you withdraw your consent we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you with your decision.

For your convenience, we may provide links to websites and other third-party content or services that we do not own or operate. The websites and third-party content to which we link may have separate privacy notices or policies.

Please note, we have no control over the privacy practices of websites, or services that we do not own. We encourage you to review the privacy policies of any third-party website or application for details about such third party’s privacy practices.

We do not knowingly collect personal information from children under the age of 14 on our Site. If you are the parent or legal guardian of a child under 14 who has provided us with personal information, please contact us as set forth in the section below “Contact Information” to ask us to stop using or to delete that information.

We may update our Privacy Policy from time to time to reflect changes to our practices, technology, legal requirements and other factors.

When changes are made to this Privacy Policy, they will become immediately effective when published. You can check the “Last Updated” legend at the top of this page to see when this Privacy Policy was last revised.

If you have any questions or concerns about this Privacy Policy or our privacy practices, or if you wish to exercise your rights, please contact our Privacy Officer at [email protected]

Complaints: If you believe that we have violated your privacy rights, you may contact our Privacy Officer. We will investigate your complaint and take appropriate action.

• For PIPEDA-related complaints: You may also file a complaint with the Office of the Privacy Commissioner of Canada (OPC).

By engaging with our services, you acknowledge that you have read and understood this Privacy Policy.

We collect information about you in a variety of ways, depending on how you interact with us and our Website, including:

• Directly from you when you provide it to us, such as when you fill out a form on our Website, sign up for an account, or contact us by phone, email, or otherwise.
• Automatically through the use of cookies, server logs, and other similar technologies when you interact with our Website and emails.
• From other sources, including, for example, our affiliates, business partners, service providers, and other third parties, or from publicly available sources. For example, if you submit a job application, or become an employee, we may conduct a background check.

The following provides examples of the type of information that we collect in a variety of contexts.

When you contact us or sign up as a customer

Identity/Contact Data: Name, job title, email, phone number, practice details, and postal address.

Account Data: Login details, account preferences, account activity.

Financial Data (where you are self-employed): Bank account details, payment card details, transaction history, and billing information

Transaction Data: Details of products/services purchased or subscribed to, subscription type and status, order history, payment amounts and dates, invoice details

Communications Data: Records of correspondence (emails, contact form submissions, chat logs), newsletter subscription preferences, marketing preferences, consents, and customer service interaction records.

When you browse our Website

Technical Data: IP address, device type, browser type, and geolocation.

Usage Data: Information about how you use the Website and account portal, pages visited, features accessed, time spent, product/service usage metrics.

When you browse our Website

Technical Data: IP address, device type, browser type, and geolocation.

Usage Data: Information about how you use the Website and account portal, pages visited, features accessed, time spent, product/service usage metrics.

When you apply for a job with us

Contact Data: Name, email address, telephone number, postal address, LinkedIn profile, or other professional social media links.

Professional Data: CV/resume, cover letter, employment history, educational qualifications, professional qualifications and memberships, references and referee contact details, portfolio or work samples if applicable, and right to work documentation – if collected at application stage rather than post-offer.

Assessment Data: Interview notes and scores, assessment or test results, skills assessments or technical tests, psychometric or aptitude test results, references received, background check results (if conducted pre-employment).

Communications Data: Records of correspondence (emails, messages, interview scheduling), application form responses, and notes from telephone screenings or interviews.

Diversity and Equal Opportunities Data: Age or date of birth, gender, ethnicity, disability status, sexual orientation, and religion or belief, if collected in conjunction with a reasonable accommodation request.

Sensitive Personal Data: Health information (e.g., reasonable accommodations requested for interview), criminal convictions data (if relevant to the role and conducted DBS/background checks), immigration status/right to work information (if this contains nationality or visa data).

When you contact us or sign up as a customer

Account administration, communication, and business management: Contact Data, Account Data, Transaction Data, Communications Data

Processing and fulfilling orders and subscriptions: Contact Data, Account Data, Transaction Data, Financial Data (where you are self-employed), Communications Data

Processing payments and managing billing: Financial Data (where you are self-employed), Transaction Data, Contact Data

Sending service-related communications (e.g. account updates, subscription renewals, invoices, changes to terms): Contact Data, Account Data, Transaction Data, Communications Data

Responding to enquiries and providing customer support: Contact Data, Communications Data

Sending marketing communications and newsletters (where you have consented or not opted out): Contact Data, Communications Data

Improving our Website, products, and services: Transaction Data, Communications Data, Account Data

Fraud prevention and security: Contact Data, Account Data, Financial Data (where you are self-employed), Transaction Data, Technical Data (if we monitor for suspicious login activity.

Compliance with legal and regulatory obligations (e.g. tax, accounting, anti-money laundering): Contact Data, Transaction Data, Financial Data (where you are self-employed)

Establishing, exercising, or defending legal claims: Any category of data, as relevant to the claim

Evaluating or conducting a merger, divestiture, restructuring, reorganisation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding: Any category of data held about you

When you browse our Website

Enabling core Website functionality and delivering the Website to you: Technical Data

Analysing Website usage and performance to improve our Website and user experience: Technical Data, Usage Data

Monitoring Website security and preventing fraud or misuse: Technical Data, Usage Data

Remembering your preferences and settings (e.g. cookie banner choices, language preferences): Technical Data

Personalising Website content based on your browsing behaviour: Technical Data, Usage Data

Delivering relevant advertising and measuring advertising effectiveness: Technical Data, Usage Data

Evaluating or conducting a merger, divestiture, restructuring, reorganisation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding: Any category of data held about you

When you apply for a job with us

Processing and evaluating your application: Contact Data, Professional Data, Assessment Data, Communications Data

Communicating with you about your application and the recruitment process: Contact Data, Communications Data: Contact Data, Communications Data

Conducting interviews and assessments:Contact Data, Professional Data, Assessment Data, Communications Data

Obtaining and reviewing references: Professional Data (references and referee contact details, references received), Contact Data

Maintaining records of the recruitment process and decisions made: Contact Data, Professional Data, Assessment Data, Communications Data

Conducting background checks: Professional Data (references and referee contact details, references received), Contact Data

Verifying right to work in the UK: Professional Data (right to work documentation), Sensitive Personal Data (where documentation contains nationality, immigration status, or visa information)

Equal opportunities monitoring and compliance with equality legislation: Diversity and Equal Opportunities Data

Making reasonable adjustments during the recruitment process: Sensitive Personal Data (health information regarding adjustments requested), Contact Data, Communications Data

Compliance with legal and regulatory obligations: Any category of data, as relevant to the obligation

Establishing, exercising, or defending legal claims: Any category of data, as relevant to the claim

Evaluating or conducting a merger, divestiture, restructuring, reorganisation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding: Any category of data held about you

Under data protection law, we must have a lawful basis for processing your personal data. We rely on the following lawful bases:

Performance of a contract
We process your personal data where it is necessary to perform a contract we have with you, or to take steps at your request before entering into a contract.

Legal obligation
We process your personal data where we need to comply with a legal or regulatory obligation to which we are subject.
Where the lawful basis is the ‘performance of a contract with you’ or a ‘legal obligation’, if you do not provide the data then we may not be able to provide our services to you or consider you for the role to which you have applied.
Consent
In some cases, we process your personal data based on your consent. Where we rely on consent, you have the right to withdraw it at any time by contacting us using the details at the top of this Privacy Policy.

Legitimate interests
We process your personal data where it is necessary for our legitimate interests (or those of a third party), provided your interests and fundamental rights do not override those interests. See below for details of the specific legitimate interests we rely on. Where we rely on legitimate interests as our lawful basis for processing, we do so for the following purposes:

• Administering business relationships with corporate customers and business contacts
• Fulfilling orders and managing subscriptions for corporate customers
• Processing payments and managing billing for corporate customers
• Keeping business contacts informed about the services their organisation uses
• Responding to business enquiries and providing support to corporate customers and potential customers
• Developing and improving our business, products, services, and Website
• Understanding how visitors use our Website to improve user experience
• Providing a better user experience by remembering your choices and preferences
• Assessing candidates for employment and managing the recruitment process
• Verifying candidate suitability and employment history (including obtaining references)
• Maintaining proper recruitment records and defending against potential claims of discrimination or unfair treatment
• Maintaining proper business records for tax, accounting, and regulatory purposes
• Protecting our business and customers from fraud, security threats, and malicious activity
• Protecting our Website and IT systems from security threats and unauthorised access
• Pursuing corporate transactions such as mergers, acquisitions, or business transfers, and ensuring business continuity
• Establishing, exercising, or defending legal claims and protecting our legal rights
• Sending marketing communications to existing business contacts in relation to similar products or services (in accordance with PECR, where you have not opted out)

Special Category Data and Criminal Convictions Data

In limited circumstances, we may process special category data (such as health information, diversity and equal opportunities data). Where we process special category data, we rely on the following additional conditions under the UK GDPR:

• Explicit consent (for voluntary equal opportunities monitoring)
• Employment, social security, and social protection law (where processing is necessary for employment purposes and authorised by law)
• Substantial public interest – equality of opportunity and treatment (for diversity monitoring and ensuring equal opportunities)

When you visit our Website, we and our third-party service providers use cookies and other similar technologies to collect Device Information and Usage Data.

Type of cookie: Necessary/Essential

Purpose: Essential for website functionality and security (e.g., authentication).

Lawful Basis: Legitimate Interests (ensuring the site works securely).

Type of cookie: Functional

Purpose: Remembers choices (e.g., login details, language) for a more personal experience.

Lawful Basis: Consent ( as per Privacy Enhancing Regulations & Compliance – PECR requirements for non-essential cookies).

Type of cookie: Analytics

Purpose: Measures website performance, traffic, and identifies errors (e.g., Google Analytics).

Lawful Basis: Consent (as per PECR requirements for non-essential cookies).

Type of cookie: Targeting/Advertising

Purpose: Builds a profile of your interests to show relevant advertisements.

Lawful Basis: Consent (as per PECR requirements for non-essential cookies).

Your Cookie Choices: Most web browsers allow you to reject or delete cookies. If you choose to remove or reject cookies, this could affect the availability and functionality of our Website. For details on how Google collects and processes data, visit https://policies.google.com/technologies/partner-sites.

We may share your personal data with the following categories of recipients:

• IT and cloud service providers who provide hosting, data storage, backup, and IT infrastructure services
• Customer relationship management (CRM) and email service providers who help us manage customer communications and relationships
• Payment processors and financial services providers who process payments and transactions on our behalf (where you are self-employed)
• Analytics and search engine providers that assist us in the improvement and optimisation of our Website
• Marketing and communications platforms that help us deliver newsletters and marketing communications (where you have consented or not opted out)
• Fraud prevention and security services
• Professional advisers including lawyers, accountants, auditors, insurers, and other professional consultants
• Recruitment platforms and applicant tracking systems (for job applicants)
• Reference checking services and background check providers (for job applicants, where applicable)
• Advertising networks and social media platforms
• Customer support and helpdesk software providers
• Survey and feedback tools
• Video conferencing and communication platforms (relevant for remote interviews with job applicants)

All third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies and applicable data protection law. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

In addition, we may disclose personal data in the following situations:

• Business Transfers: We may share or transfer your personal data in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
• Affiliates: We may share information with our corporate affiliates (e.g., parent company, subsidiaries).
• Legal Process/Compliance with Law: We may disclose information in response to subpoenas, warrants, court orders, or in connection with any legal process, or to comply with relevant UK laws. This includes disclosure to The Information Commissioner’s Office (ICO), HMRC, and other relevant UK regulatory bodies.

Your personal data may be stored and processed outside of the UK and the European Economic Area (EEA), including but not limited to the United States and Canada.

When transferring data outside the UK, we ensure that an appropriate safeguard is in place, as required by Chapter V of the UK GDPR. This typically involves:

• Transferring the data to a country deemed adequate by the UK government.
• Implementing binding safeguards such as the International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs).

As a Data Subject in the UK, you have the following rights regarding your Personal Data:

1. Right to be informed. You have the right to be provided with clear, transparent, and easily understandable information about how we use your personal data and your rights. This is what we aim to provide in this Privacy Policy.
2. Right of access (Subject Access Request – SAR). You have the right to obtain confirmation that we are processing your personal data, and to request a copy of the personal data we hold about you, together with certain information about how and why we process it.
3. Right to rectification (to correct inaccurate data). You have the right to require us to correct any inaccurate or incomplete personal data we hold about you. If you believe any information we hold is incorrect, please let us know and we will correct it.
4. Right to erasure (the ‘right to be forgotten’). In certain circumstances, you have the right to request that we delete or remove your personal data, for example where there is no good reason for us to continue processing it, or where you have withdrawn your consent (if we were relying on consent as our lawful basis).
5. Right to restrict processing. In certain circumstances, you have the right to ask us to suspend or restrict the processing of your personal data, for example where you contest the accuracy of the data or object to our processing, whilst we verify your concerns.
6. Right to data portability. Where we process your personal data by automated means based on your consent or for the performance of a contract with you, you have the right to receive that data in a structured, commonly used, and machine-readable format, and to request that we transfer it to another organisation.
7. Right to object to processing (e.g., objecting to marketing). You have the right to object to our processing of your personal data where we are relying on legitimate interests (or those of a third party) as our lawful basis, and there is something about your particular situation which makes you want to object. You also have an absolute right to object at any time to processing of your personal data for direct marketing purposes (including profiling for marketing purposes).
8. Rights in relation to automated decision-making and profiling. You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you, unless such processing is necessary for entering into or performing a contract with you, authorised by law, or based on your explicit consent.

As a Processor, Dandy handles patient data on behalf of your dental practice (the Controller). Therefore, all requests regarding your patient data must be made directly to your dental practice. Dandy will assist the practice in fulfilling its legal obligations under the UK GDPR but will not act on individual requests without instruction from the Controller.

Submitting Requests: You may exercise your rights by contacting our Data Protection Contact at [email protected]. Note that we will require you to prove your identity before we can process your request.

We will respond to your request within one month of receipt of your request, unless the request is particularly complex or you have made multiple requests, in which case we may extend this period by a further two months. We will let you know if we need to take longer and explain why.

You will not usually have to pay a fee to exercise your rights. However, we may charge a reasonable fee or refuse to comply with your request if it is clearly unfounded, repetitive, or excessive.

Promotional Emails: You may opt-out of receiving any, or all, promotional communications from us by following the unsubscribe link provided in any email.

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorised way. These measures include secure servers, encryption, access controls, and regular security assessments.

We also limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

No method of transmission over the internet or electronic storage is fully secure. While we use reasonable efforts to protect your personal data, we cannot guarantee its absolute security.

We retain your personal data for only as long as necessary to fulfil the purposes outlined in this Privacy Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Customer data: We retain your personal data for the duration of our business relationship and for 7 years afterwards to comply with legal and regulatory obligations (such as tax and accounting requirements) and to establish, exercise, or defend legal claims.

Job applicant data: If your application is unsuccessful, we will retain your personal data for 6 to 12 months after the recruitment process has concluded, to allow us to respond to any queries or defend against potential claims of discrimination or unfair treatment. If you are offered and accept a position with us, your data will be transferred to our employee records and retained in accordance with our staff privacy notice.

We do not knowingly collect personal data from children under the age of 14 on our Website. If you are the parent or legal guardian of a child under 14 who has provided us with personal data, please contact us to ask us to stop using or to delete that information.

We may update our Privacy Policy from time to time to reflect changes to our practices, technology, legal requirements and other factors.

When changes are made to this Privacy Policy, they will become immediately effective when published. You can check the “Last Updated” legend at the top of this page to see when this Privacy Policy was last revised.

If you have any questions or concerns about this Privacy Policy or our privacy practices, or if you wish to exercise your rights, please contact our designated representative:

Data Protection Officer (DPO): Tony Riesen

Contact Email: [email protected]

Controller Address: 5 New Street Square, London, United Kingdom, EC4A 3TW

Complaints: You have the right to lodge a complaint with a competent data protection authority. In the UK, this is the Information Commissioner’s Office (ICO).

• ICO Contact Details: https://www.ico.org.uk

We collect information about you in a variety of ways, depending on how you interact with us and our Website, including:

• Directly from you when you provide it to us, such as when you fill out a form on our Website, order products, submit a warranty claim, respond to a survey, sign up for an account, or contact us by phone, email, or otherwise.
• Automatically through the use of cookies, server logs, and other similar technologies when you interact with our Website and emails.
• From other sources, including, for example, our affiliates, business partners, service providers, and other third parties, or from publicly available sources. For example, if you submit a job application, or become an employee, we may conduct a background check.

The following provides examples of the type of information that we collect in a variety of contexts.

When you contact us or sign up as a customer

Identity/Contact Data: Name, job title, email, phone number, practice details, and postal address.

Account Data: Login details, account preferences, account activity.

Financial Data (where you are self-employed): Bank account details, payment card details, transaction history, and billing information

Transaction Data: Details of products/services purchased or subscribed to, subscription type and status, order history, payment amounts and dates, invoice details

Communications Data: Records of correspondence (emails, contact form submissions, chat logs), newsletter subscription preferences, marketing preferences, consents, and customer service interaction records.

When you browse our Website

Technical Data: IP address, device type, browser type, and geolocation.

Usage Data: Information about how you use the Website and account portal, pages visited, features accessed, time spent, product/service usage metrics.

When you apply for a job with us

Contact Data: Name, email address, telephone number, postal address, LinkedIn profile, or other professional social media links.

Professional Data: CV/resume, cover letter, employment history, educational qualifications, professional qualifications and memberships, references and referee contact details, portfolio or work samples if applicable, and right to work documentation – if collected at application stage rather than post-offer.

Assessment Data: Interview notes and scores, assessment or test results, skills assessments or technical tests, psychometric or aptitude test results, references received, background check results (if conducted pre-employment).

Communications Data: Records of correspondence (emails, messages, interview scheduling), application form responses, and notes from telephone screenings or interviews.

Diversity and Equal Opportunities Data: Age or date of birth, gender, ethnicity, disability status, sexual orientation, and religion or belief, if collected in conjunction with a reasonable accommodation request.

Sensitive Personal Data: Health information (e.g., reasonable accommodations requested for interview), criminal convictions data (if relevant to the role and conducted DBS/background checks), immigration status/right to work information (if this contains nationality or visa data).

If you do not provide us with the information we request, we may not be able to fulfil the relevant purpose of the collection, such as to supply products or services to you or to assess your application for employment.

Where practical we will collect personal information directly from you. If we receive information about you from someone else, we will take reasonable steps to ensure you are aware that we have collected personal information about you and the circumstances of the collection.

We typically explain at the time we collect personal information how we will use or disclose that information. In general terms, we collect, hold, use and disclose personal information for the following purposes:

When you contact us or sign up as a customer

Account administration, communication, and business management: Contact Data, Account Data, Transaction Data, Communications Data

Processing and fulfilling orders and subscriptions: Contact Data, Account Data, Transaction Data, Financial Data (where you are self-employed), Communications Data

Processing payments and managing billing: Financial Data (where you are self-employed), Transaction Data, Contact Data

Sending service-related communications (e.g. account updates, subscription renewals, invoices, changes to terms): Contact Data, Account Data, Transaction Data, Communications Data

Responding to enquiries and providing customer support: Contact Data, Communications Data

Sending marketing communications and newsletters (only where you have consented to receive such communications): Contact Data, Communications Data

Improving our Website, products, and services: Transaction Data, Communications Data, Account Data

Fraud prevention and security: Contact Data, Account Data, Financial Data (where you are self-employed), Transaction Data, Technical Data (if we monitor for suspicious login activity.

Compliance with legal and regulatory obligations (e.g. tax, accounting, anti-money laundering): Contact Data, Transaction Data, Financial Data (where you are self-employed)

Establishing, exercising, or defending legal claims: Any category of data, as relevant to the claim

Evaluating or conducting a merger, divestiture, restructuring, reorganisation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding: Any category of data held about you

When you browse our Website

Enabling core Website functionality and delivering the Website to you: Technical Data

Analysing Website usage and performance to improve our Website and user experience: Technical Data, Usage Data

Monitoring Website security and preventing fraud or misuse: Technical Data, Usage Data

Remembering your preferences and settings (e.g. cookie banner choices, language preferences): Technical Data

Personalising Website content based on your browsing behaviour: Technical Data, Usage Data

Delivering relevant advertising and measuring advertising effectiveness: Technical Data, Usage Data

Evaluating or conducting a merger, divestiture, restructuring, reorganisation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding: Any category of data held about you

When you apply for a job with us

Processing and evaluating your application: Contact Data, Professional Data, Assessment Data, Communications Data

Communicating with you about your application and the recruitment process: Contact Data, Communications Data

Conducting interviews and assessments: Contact Data, Professional Data, Assessment Data, Communications Data

Obtaining and reviewing references: Professional Data (references and referee contact details, references received), Contact Data

Maintaining records of the recruitment process and decisions made: Contact Data, Professional Data, Assessment Data, Communications Data

Conducting background checks: Professional Data (references and referee contact details, references received), Contact Data

Verifying right to work in Australia: Professional Data (right to work documentation), Sensitive Personal Data (where documentation contains nationality, immigration status, or visa information)

Equal opportunities monitoring and compliance with equality legislation: Diversity and Equal Opportunities Data

Making reasonable adjustments during the recruitment process: Sensitive Personal Data (health information regarding adjustments requested), Contact Data, Communications Data

Compliance with legal and regulatory obligations: Any category of data, as relevant to the obligation

Establishing, exercising, or defending legal claims: Any category of data, as relevant to the claim

Evaluating or conducting a merger, divestiture, restructuring, reorganisation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding: Any category of data held about you.

When you visit our Website, we and our third-party service providers use cookies and other similar technologies to collect Device Information and Usage Data.

Type of Cookie: Purpose

• Necessary/Essential: Essential for website functionality and security (e.g., authentication).
• Functional: Remembers choices (e.g., login details, language) for a more personal experience.
• Analytics: Measures website performance, traffic, and identifies errors (e.g., Google Analytics).
• Targeting/Advertising: Builds a profile of your interests to show relevant advertisements.

Your Cookie Choices

Most web browsers allow you to reject or delete cookies. If you choose to remove or reject cookies, this could affect the availability and functionality of our Website. For details on how Google collects and processes data, visit https://policies.google.com/technologies/partner-sites.

We may share your personal information with the following categories of recipients:

• IT and cloud service providers who provide hosting, data storage, backup, and IT infrastructure services
• Customer relationship management (CRM) and email service providers who help us manage customer communications and relationships
• Payment processors and financial services providers who process payments and transactions on our behalf (where you are self-employed)
• Analytics and search engine providers that assist us in the improvement and optimisation of our Website
• Marketing and communications platforms that help us deliver newsletters and marketing communications (only where you have consented to receive marketing materials)
• Fraud prevention and security services
• Professional advisers including lawyers, accountants, auditors, insurers, and other professional consultants
• Recruitment platforms and applicant tracking systems (for job applicants)
• Reference checking services and background check providers (for job applicants, where applicable)
• Advertising networks and social media platforms
• Customer support and helpdesk software providers
• Survey and feedback tools
• Video conferencing and communication platforms (relevant for remote interviews with job applicants)

All third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies and applicable data protection law. We only permit them to process your personal information for specified purposes and in accordance with our instructions.

In addition, we may disclose personal information in the following situations:

• Business Transfers: We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
• Affiliates or Related Bodies Corporate: We may share information with our corporate affiliates or related bodies corporate (e.g., parent company, subsidiaries).
• Legal Process/Compliance with Law: We may disclose information in response to subpoenas, warrants, court orders, or in connection with any legal process, or to comply with relevant Australian laws. This includes disclosure to The Office of the Australian Information Commissioner (OAIC), AHPRA, and other relevant Australian regulatory bodies.
• Protection: We may share your personal information where we believe it is necessary to protect the rights, property or personal safety of any of our customers, members of the public, or our interests.

Advisors: We may share your personal information with professional advisors to the extent reasonable for the conduct of our business.

Your personal information may be disclosed outside of the jurisdiction from which it was collected. In the conduct of our business, we transfer to, hold or access personal information from various countries including the UK, and the European Economic Area (EEA), including but not limited to the United States and Canada.The privacy laws of those countries may not provide the same level of protection as the privacy laws of the country from which the personal information was collected.  However, this does not change our commitments to safeguard your privacy and we will comply with all applicable laws relating to the cross-border data disclosure.

Your rights under applicable privacy law are as follows:

• Access: If at any time you want to know exactly what personal information we hold about you, you are welcome to request access to your record. 
• Correction: If at any time you wish to change personal information that we hold about you because it is inaccurate or out of date, you are welcome to request a correction.  If you wish to have your personal information deleted, please let us know and we will take all reasonable steps to delete it unless we need to keep it for legal reasons. 

Submitting Requests: You may exercise your rights or submit any complaints you may have regarding the handling of your personal information by contacting our Data Protection Contact at [email protected]. Note that we will require you to prove your identity before we can process your request.

We will respond to your request within one month of receipt of your request, unless the request is particularly complex or you have made multiple requests, in which case we may extend this period by a further reasonable period. We will let you know if we need to take longer and explain why.

You will not usually have to pay a fee to exercise your rights. However, we may charge a reasonable fee or refuse to comply with your request if it is clearly unfounded, repetitive, or excessive.

If we fail to respond to your request or complaint within a reasonable time of receiving it in writing, or if you are dissatisfied with the response that you receive from us, you may have the right to make a complaint to the applicable regulator (for example, the OAIC).

We have put in place appropriate technical and organisational security measures to prevent your personal information from being accidentally lost, used, accessed, altered, or disclosed in an unauthorised way. These measures include secure servers, encryption, access controls, and regular security assessments.

We also limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They will only use and disclose your personal information on our instructions and are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

No method of transmission over the internet or electronic storage is fully secure. While we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security.

We retain your personal information for only as long as necessary to fulfil the purposes of collection outlined in this Privacy Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Customer data: We retain your personal information for the duration of our business relationship and for 7 years afterwards to comply with legal and regulatory obligations (such as tax and accounting requirements) and to establish, exercise, or defend legal claims.

Job applicant data: If your application is unsuccessful, we will retain your personal information for 6 to 12 months after the recruitment process has concluded, to allow us to respond to any queries or defend against potential claims of discrimination or unfair treatment. If you are offered and accept a position with us, your personal information will be transferred to our employee records and retained in accordance with our staff privacy notice.

We do not knowingly collect personal information from children under the age of 15 on our Website. If you are the parent or legal guardian of a child under 15 who has provided us with personal information, please contact us to ask us to stop using or to delete that information.

We may update our Privacy Policy from time to time to reflect changes to our practices, technology, legal requirements and other factors.

When changes are made to this Privacy Policy, they will become immediately effective when published. You can check the “Last Updated” section to see when this Privacy Policy was last revised.

If at any point we decide to use or disclose personal information for a purpose that is materially different from the purpose for which it was collected, we will reasonably attempt to notify individuals to whom that information relates by email or via a notice on our website, and where necessary we will seek the prior consent of those individuals.

Nosotros recogemos información sobre usted de diversas formas, en función de cómo interactúe con nosotros y con nuestro sitio web, entre ellas: 

Directamente de usted, cuando nos la facilita, por ejemplo, al rellenar un formulario en nuestro sitio web, darse de alta en una cuenta o contactarnos por teléfono, correo electrónico u otro medio. 

De forma automática mediante el uso de cookies, registros de servidor y otras tecnologías similares cuando interactúa con nuestro sitio web y correos electrónicos.

De otras fuentes, incluyendo, por ejemplo, nuestras filiales, socios comerciales, proveedores de servicios y otros terceros, o de fuentes de acceso público. Por ejemplo, si presenta una solicitud de empleo o se convierte en empleado, podremos realizar una verificación de antecedentes.

A continuación, se ofrecen ejemplos del tipo de información que recogemos en diferentes contextos. 

Cuando se pone en contacto con nosotros o se registra como cliente

Categoría de datos: Tipo de datos

Datos de identidad/contacto: Nombre, cargo, correo electrónico, número de teléfono, datos de la clínica dental y dirección postal.

Datos de cuenta: Credenciales de acceso, preferencias de cuenta, actividad de la cuenta.

Datos financieros (si es trabajador autónomo): Datos bancarios, datos de tarjeta de pago, historial de transacciones e información de facturación.

Datos de transacciones: Detalles de productos/servicios adquiridos o suscritos, tipo y estado de suscripción, historial de pedidos, importes y fechas de pago, detalles de facturación.

Datos de comunicaciones: Registros de correspondencia (correos electrónicos, formularios de contacto, registros de chat), preferencias de suscripción a boletines informativos, preferencias de marketing, consentimientos y registros de interacción con el servicio de atención al cliente.

Cuando navega por nuestro sitio web

Categoría de datos: Tipo de datos

Datos técnicos: Dirección IP, tipo de dispositivo, tipo de navegador y geolocalización.

Datos de uso: Información sobre cómo utiliza el sitio web y el portal de cuenta, páginas visitadas, funcionalidades consultadas, tiempo de permanencia, métricas de uso de productos/servicios.

Cuando presenta su candidatura a un puesto de trabajo con nosotros

Categoría de datos: Tipo de datos

Datos de contacto: Nombre, dirección de correo electrónico, número de teléfono, dirección postal, perfil de LinkedIn u otros enlaces de redes sociales profesionales.

Datos profesionales: CV, carta de presentación, historial laboral, titulaciones académicas, cualificaciones y colegiaciones profesionales, referencias y datos de contacto de personas de referencia, muestras de trabajo si procede, y documentación de permiso de trabajo – si se recoge en la fase de solicitud en lugar de después de la oferta.

Datos de evaluación: Notas y puntuaciones de entrevistas, resultados de evaluaciones o pruebas, pruebas de competencias o técnicas, resultados de pruebas psicométricas o de aptitud, referencias recibidas, resultados de verificación de antecedentes (si se realiza antes de la contratación).

Datos de comunicaciones: Registros de correspondencia (correos electrónicos, mensajes, programación de entrevistas), respuestas a formularios de solicitud y notas de conversaciones telefónicas o entrevistas.

Datos de diversidad e igualdad de oportunidades: Edad o fecha de nacimiento, sexo, origen étnico, discapacidad, orientación sexual y religión o creencias, siempre que se recopilen en relación con una solicitud de adaptación razonable y en la medida en que lo permitan las normativas locales.

Datos personales sensibles: Información de salud (por ejemplo, ajustes razonables solicitados para la entrevista), datos de antecedentes penales (si son relevantes para el puesto y se realizan verificaciones de antecedentes, y solo en la medida en que lo permita la normativa local), información sobre situación migratoria/permiso de trabajo (si contiene datos de nacionalidad o visado).

Cuando se pone en contacto con nosotros o se registra como cliente

Finalidad: Tipos de datos Base jurídica

Administración de cuentas, comunicación y gestión empresarial: Datos de contacto, datos de cuenta, datos de transacciones, datos de comunicaciones Ejecución de un contrato

Tramitación y cumplimiento de pedidos y suscripciones: Datos de contacto, datos de cuenta, datos de transacciones, datos financieros (si es trabajador autónomo), datos de comunicaciones Ejecución de un contrato

Procesamiento de pagos y gestión de facturación: Datos financieros (si es trabajador autónomo), datos de transacciones, datos de contacto Ejecución de un contrato

Envío de comunicaciones relativas al servicio (por ejemplo., actualizaciones de cuenta, renovaciones de suscripciones, facturas, cambios en las condiciones): Datos de contacto, datos de cuenta, datos de transacciones, datos de comunicaciones Interés legítimo

Respuesta a consultas y prestación de soporte al cliente: Datos de contacto, datos de comunicaciones Ejecución de un contrato

Envío de comunicaciones comerciales y boletines informativos por correo electrónico (cuando usted haya prestado su consentimiento o no haya optado por su exclusión): Datos de contacto, datos de comunicaciones Consentimiento (si B2C); o interés legítimo (si B2B o si B2C pero siempre que las comunicaciones se dirijan a clientes actuales de Dandy, se refieran a productos o servicios propios de Dandy y estén relacionados y sean similares a aquellos productos o servicios previamente contratados)

Mejora de nuestro sitio web, productos y servicios: Datos de transacciones, datos de comunicaciones, datos de cuenta Interés legítimo

Prevención de fraude y seguridad: Datos de contacto, datos de cuenta, datos financieros (si es autónomo), datos de transacciones, datos técnicos (si supervisamos actividad de inicio de sesión sospechosa) Interés legítimo

Cumplimiento de obligaciones legales y regulatorias (por ejemplo, fiscales, contables, prevención del blanqueo de capitales): Datos de contacto, datos de transacciones, datos financieros (si es autónomo) Obligación legal 

Constitución, ejercicio o defensa de reclamaciones legales: Cualquier categoría de datos relevante para la reclamación Interés legítimo

Evaluación o ejecución de una fusión, desinversión, reestructuración, reorganización u otra venta o transmisión de la totalidad o parte de nuestros activos, ya sea como empresa en funcionamiento o como parte de un concurso de acreedores, liquidación o procedimiento similar: Cualquier categoría de datos que conservemos sobre usted Interés legítimo

Cuando navega por nuestro sitio web

Finalidad: Tipos de datos Base jurídica

Habilitación de la funcionalidad básica del sitio web y entrega del sitio web: Datos técnicos Interés legítimo

Análisis del uso y rendimiento del sitio web para mejorar nuestro sitio web y la experiencia del usuario: Datos técnicos, datos de uso Consentimiento

Supervisión de la seguridad del sitio web y prevención de fraude o uso indebido: Datos técnicos, datos de uso Interés legítimo

Recordar sus preferencias y configuración (por ejemplo, opciones del banner de cookies, preferencias de idioma): Datos técnicos Interés legítimo

Personalización del contenido del sitio web en función de su comportamiento de navegación: Datos técnicos, datos de uso Consentimiento

Entrega de publicidad relevante y medición de la eficacia publicitaria: Datos técnicos, datos de uso Consentimiento

Evaluación o ejecución de una fusión, desinversión, reestructuración, reorganización u otra venta o transmisión de la totalidad o parte de nuestros activos, ya sea como empresa en funcionamiento o como parte de un concurso de acreedores, liquidación o procedimiento similar: Cualquier categoría de datos que conservemos sobre usted Interés legítimo

Cuando presenta su candidatura a un puesto de trabajo con nosotros

Finalidad: Tipos de datos Base jurídica

Tramitación y evaluación de su candidatura: Datos de contacto, datos profesionales, datos de evaluación, datos de comunicaciones Ejecución de un contrato

Comunicación con usted sobre su candidatura y el proceso de selección: Datos de contacto, datos de comunicaciones Ejecución de un contrato

Realización de entrevistas y evaluaciones: Datos de contacto, datos profesionales, datos de evaluación, datos de comunicaciones Ejecución de un contrato

Obtención y revisión de referencias: Datos profesionales (referencias y datos de contacto de personas de referencia, referencias recibidas), datos de contacto Consentimiento

Mantenimiento de registros del proceso de selección y de las decisiones adoptadas: Datos de contacto, datos profesionales, datos de evaluación, datos de comunicaciones Interés legítimo

Realización de verificaciones de antecedentes: Datos profesionales (referencias y datos de contacto de personas de referencia, referencias recibidas), datos de contacto Consentimiento

Comprobación del derecho a trabajar en la jurisdicción del puesto de trabajo que solicitas: Datos profesionales (documentación de permiso de trabajo) Obligación legal

Seguimiento de igualdad de oportunidades y cumplimiento de la legislación en materia de igualdad: Datos de diversidad e igualdad de oportunidades Ejecución de un contrato para edad, fecha de nacimiento y/o sexo; Obligación legal o Consentimiento para datos personales sensibles (y solo cuando lo permita la normativa local)

Realización de ajustes razonables durante el proceso de selección: Datos personales sensibles (información de salud relativa a ajustes solicitados), datos de contacto, datos de comunicaciones Ejecución de un contrato para datos de contacto y comunicaciones; Obligación legal o Consentimiento para datos personales sensibles (y solo cuando lo permita la normativa local)

Cumplimiento de obligaciones legales y regulatorias: Cualquier categoría de datos relevante para la obligación Obligación legal

Constitución, ejercicio o defensa de reclamaciones legales: Cualquier categoría de datos relevante para la reclamación Interés legítimo

Evaluación o ejecución de una fusión, desinversión, reestructuración, reorganización u otra venta o transmisión de la totalidad o parte de nuestros activos, ya sea como empresa en funcionamiento o como parte de un concurso de acreedores, liquidación o procedimiento similar: Cualquier categoría de datos que conservemos sobre usted Interés legítimo

Datos Personales Sensibles 

En determinadas circunstancias, podemos tratar Datos Personales Sensibles. Cuando dichos Datos Personales Sensibles se ajusten a la definición de categorías especiales de datos personales prevista en el artículo 9 del RGPD, nos basamos en las siguientes condiciones alternativas para su tratamiento:

Consentimiento explícito (por ejemplo, datos sobre diversidad e igualdad de oportunidades)

Legislación en materia de empleo, seguridad social y protección social (por ejemplo, datos sobre la salud)

Cuando visita nuestro sitio web, nosotros y terceros utilizamos cookies y otras tecnologías similares para recoger información del dispositivo y datos de uso.

Consulte nuestra Política de Cookies para obtener más información sobre dichas operaciones de tratamiento.

Podemos compartir sus datos personales con las siguientes categorías de destinatarios: 

• • Proveedores de servicios informáticos y en la nube que prestan servicios de alojamiento, almacenamiento de datos, copia de seguridad e infraestructura informática.
  • Proveedores de gestión de relaciones con clientes (CRM) y servicios de correo electrónico que nos ayudan a gestionar las comunicaciones y relaciones con los clientes.
  • Procesadores de pagos y proveedores de servicios financieros que procesan pagos y transacciones en nuestro nombre (si usted es trabajador autónomo).
  • Proveedores de análisis y motores de búsqueda que nos asisten en la mejora y optimización de nuestro sitio web.
  • Plataformas de marketing y comunicaciones que nos ayudan a enviar boletines informativos y comunicaciones comerciales (cuando usted haya prestado su consentimiento o no haya optado por su exclusión).
  • Servicios de prevención de fraude y seguridad.
  • Asesores profesionales, incluyendo abogados, contables, auditores, aseguradoras y otros consultores profesionales.
  • Plataformas de selección de personal y sistemas de seguimiento de candidaturas (para candidatos a puestos de trabajo).
  • Servicios de comprobación de referencias y proveedores de verificación de antecedentes (para candidatos a puestos de trabajo, cuando proceda).
  • Redes publicitarias y plataformas de redes sociales.
  • Proveedores de software de atención al cliente y servicio de asistencia técnica. 

• Herramientas de encuestas y comentarios.

• Plataformas de videoconferencia y comunicación (relevantes para entrevistas a distancia con candidatos a puestos de trabajo).

Todos los proveedores de servicios terceros están obligados a adoptar las medidas de seguridad adecuadas para proteger sus datos personales de conformidad con nuestras políticas y la Ley Aplicable en materia de Protección de Datos. Solo les permitimos tratar sus datos personales para fines específicos y de acuerdo con nuestras instrucciones.

Asimismo, podemos comunicar datos personales en las siguientes situaciones: 

• Transmisiones empresariales: Nosotros podemos compartir o transmitir sus datos personales en relación con, o durante las negociaciones de, cualquier fusión, venta de activos de la empresa, financiación o adquisición de la totalidad o una parte de nuestro negocio. 
• Filiales: Nosotros podemos compartir información con nuestras filiales corporativas (por ejemplo, sociedad matriz, filiales). 

Procedimientos legales/Cumplimiento de la ley: Podemos comunicar información en respuesta a requerimientos, órdenes judiciales o en relación con cualquier procedimiento judicial, o para cumplir con las leyes nacionales pertinentes. Esto incluye la comunicación a organismos reguladores como la Agencia Española de Protección de Datos (AEPD) o la Autoridad Francesa de Protección de Datos (Commission Nationale de l’Informatique et des Libertés).

Sus datos personales pueden ser almacenados y tratados fuera del Espacio Económico Europeo (EEE), incluyendo, entre otros, Estados Unidos de América y Canadá. 

Cuando se transfieran datos fuera del EEE, nos aseguramos de que exista una garantía adecuada, conforme a lo exigido por el Capítulo V del RGPD. Esto normalmente implica: 

• La transferencia de los datos a un país considerado adecuado mediante una decisión de la Comisión Europea. 
• La aplicación de garantías vinculantes, como las cláusulas tipo de protección de datos adoptadas por la Comisión de conformidad con el procedimiento de examen contemplado en el artículo 93, apartado 2, del RGPD.

Si desea obtener más información, así como una copia de las medidas de seguridad aplicadas, puede solicitarla a través de los contactos de protección de datos que figuran al principio de esta política.

Como Interesado en la UE, usted tiene los siguientes derechos en relación con sus Datos Personales:

1. Derecho a ser informado. Usted tiene derecho a recibir información clara, transparente y fácilmente comprensible sobre cómo utilizamos sus datos personales y sobre sus derechos. Esto es lo que pretendemos proporcionarle en esta Política de Privacidad.
2. Derecho de acceso (Solicitud de Acceso del Interesado). Usted tiene derecho a obtener confirmación de que estamos tratando sus datos personales, y a solicitar una copia de los datos personales que conservamos sobre usted, junto con determinada información sobre cómo y por qué los tratamos. 
3. Derecho de rectificación (para corregir datos inexactos). Usted tiene derecho a exigirnos que corrijamos cualquier dato personal inexacto o incompleto que conservemos sobre usted. Si considera que alguna información que conservamos es incorrecta, le rogamos que nos lo comunique y la corregiremos.
4. Derecho de supresión (el “derecho al olvido”). En determinadas circunstancias, usted tiene derecho a solicitar que suprimamos o eliminemos sus datos personales, por ejemplo cuando no exista una razón legítima para que continuemos tratándolos, o cuando haya retirado su consentimiento (si nos basábamos en el consentimiento como base jurídica). 
5. Derecho a la limitación del tratamiento. En determinadas circunstancias, usted tiene derecho a solicitarnos que suspendamos o limitemos el tratamiento de sus datos personales, por ejemplo cuando impugne la exactitud de los datos o se oponga a nuestro tratamiento, mientras verificamos sus objeciones. 
6. Derecho a la portabilidad de los datos. Cuando tratemos sus datos personales por medios automatizados basándonos en su consentimiento o para la ejecución de un contrato con usted, tiene derecho a recibir dichos datos en un formato estructurado, de uso común y lectura mecánica, y a solicitar que los transfiramos a otra organización. 
7. Derecho de oposición al tratamiento (por ejemplo, oposición al marketing). Usted tiene derecho a oponerse al tratamiento de sus datos personales cuando nos basemos en intereses legítimos (propios o de un tercero) como base jurídica, y exista algo en su situación particular que le lleve a oponerse. También tiene un derecho absoluto a oponerse en cualquier momento al tratamiento de sus datos personales con fines de marketing directo (incluida la elaboración de perfiles con fines de marketing).
8. Derechos en relación con las decisiones automatizadas y la elaboración de perfiles. Usted tiene derecho a no ser objeto de una decisión basada únicamente en el tratamiento automatizado (incluida la elaboración de perfiles) que produzca efectos jurídicos sobre usted o le afecte significativamente de modo similar, salvo que dicho tratamiento sea necesario para la celebración o ejecución de un contrato con usted, esté autorizado por ley o se base en su consentimiento explícito. 
9. Derecho a dar instrucciones generales o específicas sobre el tratamiento de sus datos personales tras su fallecimiento (solo si reside en Francia).

Cuando actúa como encargado del tratamiento (lo cual, para evitar cualquier duda, no es la situación que se contempla generalmente en la presente Política de Privacidad), Dandy gestiona los datos de los pacientes en nombre de su clínica dental (que actúa como responsable del tratamiento). Por lo tanto, todas las solicitudes relativas a los datos de sus pacientes deben dirigirse directamente a su clínica dental. Dandy prestará asistencia a la clínica en el cumplimiento de sus obligaciones legales en virtud de la legislación aplicable en materia de protección de datos, pero no atenderá solicitudes individuales sin instrucciones específicas del responsable del tratamiento.

Presentación de solicitudes: Puede ejercer sus derechos contactando con nuestro contacto de protección de datos en [email protected] 

Responderemos a su solicitud en el plazo de un mes desde su recepción, salvo que la solicitud sea especialmente compleja o haya formulado varias solicitudes, en cuyo caso podremos ampliar este plazo dos meses más. Le informaremos si necesitamos más tiempo y le explicaremos el motivo. 

Normalmente no tendrá que abonar una tasa para ejercer sus derechos. No obstante, podremos cobrar una tasa razonable o negarnos a atender su solicitud si esta es manifiestamente infundada, repetitiva o excesiva.

Correos electrónicos promocionales: Puede darse de baja de la recepción de comunicaciones promocionales siguiendo el enlace de cancelación de suscripción incluido en cualquier correo electrónico.

Hemos implantado medidas de seguridad técnicas y organizativas adecuadas para evitar que sus datos personales se pierdan accidentalmente, se utilicen, se acceda a ellos, se alteren o se comuniquen de forma no autorizada.  Estas medidas incluyen servidores seguros, cifrado, controles de acceso y evaluaciones de seguridad periódicas.

También limitamos el acceso a sus datos personales a aquellos empleados, agentes, contratistas y otros terceros que tengan necesidad de conocerlos por razones empresariales.  Solo tratarán sus datos personales conforme a nuestras instrucciones y están sujetos al deber de confidencialidad.

Hemos establecido procedimientos para hacer frente a cualquier sospecha de violación de datos personales y le notificaremos a usted y a cualquier autoridad de control competente cuando estemos legalmente obligados a hacerlo. 

Ningún método de transmisión por internet o almacenamiento electrónico es completamente seguro. Aunque empleamos esfuerzos razonables para proteger sus datos personales, no podemos garantizar su seguridad absoluta.

Nosotros conservamos sus datos personales únicamente durante el tiempo necesario para cumplir con los fines descritos en la presente Política de Privacidad, lo que incluye el cumplimiento de cualquier requisito legal, contable o de presentación de informes, o de conformidad con las excepciones, derogaciones o requisitos legales.

Datos de clientes: Nosotros conservamos sus datos personales durante la vigencia de nuestra relación comercial y durante los años siguientes para cumplir con obligaciones legales y regulatorias (como requisitos fiscales y contables) y para constituir, ejercer o defender reclamaciones legales.

Datos de candidatos a un puesto de trabajo: Si su candidatura no prospera, conservaremos sus datos personales durante un máximo de 12 meses tras la conclusión del proceso de selección, para poder responder a cualquier consulta o defendernos frente a posibles reclamaciones de discriminación o trato injusto. Si se le ofrece un puesto y lo acepta, sus datos serán trasladados a nuestros registros de empleados y se conservarán de conformidad con nuestra política de privacidad del personal.

Además, se aplica lo siguiente solo si usted se encuentra en España: En España, una vez que los datos ya no sean necesarios para la finalidad para la que fueron recogidos, y siempre que existan obligaciones legales o contractuales que exijan su conservación, los datos se mantendrán en estado de bloqueo. Esto implica la adopción de medidas técnicas y organizativas para impedir su tratamiento, incluida su visualización, salvo para ponerlos a disposición de jueces y tribunales, el Ministerio Fiscal u otras autoridades públicas competentes. Los datos permanecerán en este estado hasta que se proceda a su supresión definitiva.

Nosotros no recogemos conscientemente datos personales de menores de 14 años en nuestro sitio web. Si usted es padre, madre o tutor legal de un menor de 14 años que nos haya proporcionado datos personales, póngase en contacto con nosotros para solicitarnos que dejemos de utilizar o suprimamos dicha información.

Podemos actualizar nuestra Política de Privacidad periódicamente para reflejar cambios en nuestras prácticas, tecnología, requisitos legales y otros factores. 

Cuando se realicen cambios en esta Política de Privacidad, entrarán en vigor inmediatamente tras su publicación.  Puede consultar la leyenda “Última actualización” en la parte superior de esta página para comprobar cuándo se revisó por última vez esta Política de Privacidad.

Si tiene alguna pregunta o duda sobre esta Política de Privacidad o nuestras prácticas de privacidad, o si desea ejercer sus derechos, póngase en contacto con nuestro representante designado: 

Delegado de Protección de Datos (DPD): Tony Riesen

Correo electrónico de contacto: [email protected] 

Dirección del responsable del tratamiento: 5, boulevard de Sébastapol, 75001 París

Reclamaciones: Usted tiene derecho a presentar una reclamación ante una autoridad de control competente en materia de protección de datos:

• En Francia, ante la CNIL: Commission nationale de l’informatique et des libertés, 3, Place de Fontenoy, 75007 PARÍS, FRANCIA. Teléfono: +33 (0)1 53 73 22 22.

En España, ante la AEPD: Calle Jorge Juan 6, 28001 Madrid. Teléfono: +34 900 293 183.

Nous collectons des données vous concernant de différentes manières, en fonction de la façon dont vous interagissez avec Nous et avec notre Site Web, notamment :

• Directement auprès de vous lorsque vous Nous les fournissez, par exemple lorsque vous remplissez un formulaire sur notre Site Web, créez un compte, ou Nous contactez par téléphone, e-mail ou d’une autre manière.
• Automatiquement via l’utilisation de cookies, de fichiers de journalisation de nos serveurs et d’autres technologies similaires, lorsque vous interagissez avec notre Site Web et nos e-mails.
• Auprès d’autres sources, y compris, par exemple, auprès de nos sociétés affiliées, partenaires commerciaux, prestataires de services et autres tiers, ou auprès de sources accessibles au public (dans la mesure permise par la réglementation locale). Par exemple, si vous Nous soumettez une candidature ou devenez salarié(e), Nous pouvons effectuer une vérification de vos antécédents.

Ce qui suit fournit des exemples des catégories de données que Nous collectons dans différents contextes.

Lorsque vous Nous contactez ou vous inscrivez en tant que client

Données d’Identité/de Contact : Nom, poste/fonction, e-mail, numéro de téléphone, informations relatives au cabinet, et adresse postale.

Données de Compte : Identifiants de connexion, préférences de compte, activité du compte.

Données Financières (si vous exercez en tant qu’indépendant) : Coordonnées bancaires, informations de carte de paiement, historique des transactions et informations de facturation.

Données de Transaction : Détails des produits/services achetés ou souscrits, type et statut de l’abonnement, historique des commandes, montants et dates de paiement, informations de facture.

Données de Communication : Traces des échanges (e-mails, envois via formulaire de contact, journaux de chat), préférences d’abonnement à la newsletter, préférences marketing, consentements, et enregistrements des interactions avec le service client.

Lorsque vous naviguez sur notre Site Web

Données Techniques : Adresse IP, type d’appareil, type de navigateur et géolocalisation.

Données d’Utilisation : Informations sur la manière dont vous utilisez le Site Web et le portail de compte, pages consultées, fonctionnalités utilisées, temps passé, indicateurs d’utilisation des produits/services.

Lorsque vous postulez à un emploi au sein de notre entreprise

Données de Contact : Nom, adresse e-mail, numéro de téléphone, adresse postale, profil LinkedIn, ou autres liens vers des réseaux sociaux professionnels.

Données Professionnelles : CV, lettre de motivation, historique d’emploi, diplômes et qualifications scolaires, qualifications professionnelles et adhésions, références et coordonnées des personnes de référence, le cas échéant portfolio ou échantillons de travaux/réalisations, et justificatifs relatifs au permis de travail – si collectés au stade de la candidature plutôt qu’après une offre.

Données d’Evaluation : Notes et scores d’entretien, résultats d’évaluations ou de tests, évaluations de compétences ou tests techniques, résultats de tests psychométriques ou d’aptitude, références reçues, résultats de vérifications d’antécédents (si réalisés avant l’embauche).

Données de Communication : Données de correspondance (e-mails, messages, planification des entretiens), réponses au formulaire de candidature, et notes issues de présélections téléphoniques ou d’entretiens.

Données de Diversité et d’Égalité des Chances : Âge ou date de naissance, genre, origine ethnique, statut de handicap, orientation sexuelle, données relative à la religion ou aux convictions — si collectés en lien avec une demande d’aménagement raisonnable et dans la mesure permise par la réglementation locale.

Données Sensibles : Informations de santé (par exemple, aménagements raisonnables demandés pour l’entretien), données relatives aux condamnations pénales (si pertinentes pour le poste et si des vérifications d’antécédents sont effectuées, et uniquement dans la mesure permise par la réglementation locale), informations relatives au statut d’immigration / permis de travail (si elles contiennent des informations de nationalité ou de visa).

Lorsque vous Nous contactez ou vous inscrivez en tant que client

Finalité | Catégories de données | Base légale

Administration du compte, communication et gestion de l’activité

Catégories de données : Données de Contact, Données de Compte, Données de Transaction, Données de Communication

Base légale : Exécution d’un contrat

Traitement et exécution des commandes et des abonnements

Catégories de données : Données de Contact, Données de Compte, Données de Transaction, Données Financières (si vous exercez en tant qu’indépendant), Données de Communication

Base légale : Exécution d’un contrat

Traitement des paiements et gestion de la facturation

Catégories de données : Données Financières (si vous exercez en tant qu’indépendant), Données de Transaction, Données de Contact

Base légale : Exécution d’un contrat

Envoi de communications liées au service (p. ex., mises à jour du compte, renouvellements d’abonnement, factures, modifications des conditions)

Catégories de données : Données de Contact, Données de Compte, Données de Transaction, Données de Communication

Base légale : Intérêt légitime

Répondre aux demandes et fournir l’assistance client

Catégories de données : Données de Contact, Données de Communication

Base légale : Exécution d’un contrat

Envoi de communications marketing et de newsletters par e-mail (lorsque vous avez consenti ou ne vous êtes pas opposé)

Catégories de données : Données de Contact, Données de Communication

Base légale : Consentement (si B2C) ; ou intérêt légitime (si B2B, ou si B2C à condition que les communications soient adressées aux clients actuels de Dandy, concernent les propres produits ou services de Dandy, et soient liées et similaires aux produits ou services précédemment contractés)

Amélioration de notre Site Web, de nos produits et de nos services

Catégories de données : Données de Transaction, Données de Communication, Données de Compte

Base légale : Intérêt légitime

Prévention de la fraude et sécurité

Catégories de données : Données de Contact, Données de Compte, Données Financières (si vous exercez en tant qu’indépendant), Données de Transaction, Données Techniques (si Nous surveillons une activité de connexion suspecte).

Base légale : Intérêt légitime

Respect des obligations légales et réglementaires (p. ex., fiscalité, comptabilité, lutte contre le blanchiment d’argent)

Catégories de données : Données de Contact, Données de Transaction, Données Financières (si vous exercez en tant qu’indépendant)

Base légale : Obligation légale

Établissement, exercice ou défense de droits en justice

Catégories de données : Toute catégorie de données, selon ce qui est pertinent pour la réclamation

Base légale : Intérêt légitime

Évaluation ou réalisation d’une opération de fusion, cession, restructuration, réorganisation, ou toute autre vente ou transfert de tout ou partie de nos actifs, que ce soit en tant qu’entreprise en activité ou dans le cadre d’une procédure de faillite, liquidation, ou procédure similaire

Catégories de données : Toute catégorie de données détenue à votre sujet

Base légale : Intérêt légitime

Lorsque vous naviguez sur notre Site Web

Permettre les fonctionnalités essentielles du Site Web et vous fournir le Site Web

Catégories de données : Données Techniques

Base légale : Intérêt légitime

Analyser l’utilisation et les performances du Site Web afin d’améliorer notre Site Web et l’expérience utilisateur

Catégories de données : Données Techniques, Données d’Utilisation

Base légale : Consentement

Surveiller la sécurité du Site Web et prévenir la fraude ou toute utilisation abusive

Catégories de données : Données Techniques, Données d’Utilisation

Base légale : Intérêt légitime

Mémoriser vos préférences et paramètres (p. ex., choix de la bannière cookies, préférences de langue)

Catégories de données : Données Techniques

Base légale : Intérêt légitime

Personnaliser le contenu du Site Web en fonction de votre comportement de navigation

Catégories de données : Données Techniques, Données d’Utilisation

Base légale : Consentement

Diffuser des publicités pertinentes et mesurer l’efficacité publicitaire

Catégories de données : Données Techniques, Données d’Utilisation

Base légale : Consentement

Évaluer ou réaliser une opération de fusion, cession, restructuration, réorganisation, ou toute autre vente ou transfert de tout ou partie de nos actifs, que ce soit en tant qu’entreprise en activité ou dans le cadre d’une procédure de faillite, liquidation, ou procédure similaire

Catégories de données : Toute catégorie de données détenue à votre sujet

Base légale : Intérêt légitime

Lorsque vous postulez à un emploi chez Nous

Traiter et évaluer votre candidature

Catégories de données : Données de Contact, Données Professionnelles, Données d’Evaluation, Données de Communication

Base légale : Exécution d’un contrat

Communiquer avec vous au sujet de votre candidature et du processus de recrutement

Catégories de données : Données de Contact, Données de Communication

Base légale : Exécution d’un contrat

Mener des entretiens et des évaluations

Catégories de données : Données de Contact, Données Professionnelles, Données d’Evaluation, Données de Communication

Base légale : Exécution d’un contrat

Obtenir et examiner des références

Catégories de données : Données Professionnelles (références et coordonnées des personnes de référence, références reçues), Données de Contact

Base légale : Consentement

Conserver des fichiers relatifs au processus de recrutement et aux décisions prises

Catégories de données : Données de Contact, Données Professionnelles, Données d’Evaluation, Données de Communication

Base légale : Intérêt légitime

Effectuer des vérifications d’antécédents

Catégories de données : Données Professionnelles (références et coordonnées des personnes de référence, références reçues), Données de Contact

Base légale : Consentement

Vérifier votre droit à occuper un poste dans la juridiction du poste pour lequel vous postulez

Catégories de données : Données Professionnelles (justificatifs du droit au travail)

Base légale : Obligation légale

Suivi de l’égalité des chances et conformité à la législation en matière d’égalité des chances

Catégories de données : Données de Diversité et d’Égalité des chances

Base légale : Exécution d’un contrat pour l’âge, la date de naissance et/ou le genre ; Obligation légale ou Consentement pour les Données Sensibles (et uniquement lorsque cela est permis par la réglementation locale)

Mettre en place des aménagements raisonnables pendant le processus de recrutement

Catégories de données : Données Sensibles (informations de santé relatives aux aménagements demandés), Données de Contact, Données de Communication

Base légale : Exécution d’un contrat pour les Données de Contact et les Données de Communication ; Obligation légale ou Consentement pour les Données Sensibles (et uniquement lorsque cela est permis par la réglementation locale)

Respect des obligations légales et réglementaires

Catégories de données : Toute catégorie de données, selon ce qui est pertinent au regard de l’obligation

Base légale : Obligation légale

Établissement, exercice ou défense de droits en justice

Catégories de données : Toute catégorie de données, selon ce qui est pertinent pour la réclamation

Base légale : Intérêt légitime

Évaluer ou réaliser une opération de fusion, cession, restructuration, réorganisation, ou toute autre vente ou transfert de tout ou partie de nos actifs, que ce soit en tant qu’entreprise en activité ou dans le cadre d’une procédure de faillite, liquidation, ou procédure similaire

Catégories de données : Toute catégorie de données détenue à votre sujet

Base légale : Intérêt légitime

Données à Caractère Personnel sensibles

Dans des circonstances limitées, Nous pouvons être amenés à traiter des Données à Caractère Personnel sensibles. Lorsque de telles Données à Caractère Personnel sensibles relèvent de la définition des catégories particulières de Données à Caractère Personnel au sens de l’article 9 du RGPD, Nous nous reposons sur l’une des conditions suivantes pour effectuer ce traitement :

• Consentement explicite (ex., Données de Diversité et d’Égalité des Chances)

Droit du travail, de la sécurité sociale et de la protection sociale (ex., données de santé)

Lorsque vous visitez notre Site Web, Nous et des tiers utilisons des cookies et d’autres technologies similaires afin de collecter des Données sur l’Appareil et des Données d’Utilisation.

Veuillez consulter notre Politique relative aux cookies afin d’obtenir davantage d’informations sur ces traitements.

Nous pouvons partager vos Données à Caractère Personnel avec les catégories de destinataires suivantes :

• Prestataires de services informatiques et de cloud fournissant des services d’hébergement, de stockage de données, de sauvegarde et d’infrastructure informatique ;

• Prestataires de gestion de la relation client (« CRM ») et de services d’e-mail Nous aidant à gérer les communications et la relation avec les clients ;
• Prestataires de services de paiement et de services financiers traitant des paiements et des transactions pour notre compte (si vous exercez en tant qu’indépendant) ;
• Prestataires de services d’analyses et de moteurs de recherche Nous aidant à améliorer et à optimiser notre Site Web ;
• Plateformes marketing et de communication Nous aidant à diffuser des newsletters et des communications marketing (lorsque vous avez consenti ou ne vous êtes pas opposé) ;
• Services de prévention de la fraude et de sécurité ;
• Professionnels nous fournissant des conseils, notamment des avocats, comptables, commissaires aux comptes, assureurs et autres consultants professionnels ;
• Plateformes de recrutement et systèmes de suivi des candidatures (pour les candidats à l’emploi) ;
• Services de vérification des références et prestataires de vérification des antécédents (pour les candidats à l’emploi, le cas échéant) ;
• Réseaux publicitaires et plateformes de réseaux sociaux ;
• Prestataires de logiciels d’assistance client et de helpdesk ;
• Outils d’enquêtes et de retours d’expérience ; et
• Plateformes de visioconférence et de communication (pertinent pour les entretiens à distance avec les candidats à l’emploi).

Tous les prestataires de services tiers sont tenus de mettre en place des mesures de sécurité appropriées afin de protéger vos Données à Caractère Personnel, conformément à nos politiques et aux Lois Applicables en matière de Protection des Données. Nous ne les autorisons à traiter vos Données à Caractère Personnel que pour des finalités déterminées et conformément à nos instructions.

En outre, Nous pouvons divulguer des Données à Caractère Personnel dans les situations suivantes :

• Transferts d’entreprise : Nous pouvons partager ou transférer vos Données à Caractère Personnel dans le cadre de, ou pendant les négociations relatives à, toute opération de fusion, vente d’actifs de l’entreprise, financement, ou acquisition de tout ou partie de notre activité.
• Sociétés affiliées : Nous pouvons partager des informations avec nos sociétés affiliées au sein du groupe (ex., société mère, filiales).

Procédure judiciaire/conformité à la loi : Nous pouvons divulguer des informations en réponse à des réquisitions judiciaires, sommations, ordonnances judiciaires, ou dans le cadre de toute procédure judiciaire, ou afin de Nous conformer aux lois nationales applicables. Cela inclut la divulgation à des autorités réglementaires telles que l’Agence espagnole de protection des données (Agencia Española de Protección de Datos – « AEPD ») ou l’autorité française de protection des données (Commission Nationale de l’Informatique et des Libertés – « CNIL »).

Vos Données à Caractère Personnel peuvent être stockées et traitées en dehors de l’Espace Economique Européen (« EEE »), y compris, notamment, aux États-Unis et au Canada.

Dans le cadre de transferts de données en dehors de l’EEE, Nous veillons à ce que des garanties appropriées soient mises en place, conformément au Chapitre V du RGPD. Cela implique généralement :

• De transférer les données vers un pays reconnu comme adéquat par une décision de la Commission Européenne ; ou
• De mettre en place des garanties contraignantes telles que des clauses contractuelles types de protection des données adoptées par la Commission Européenne conformément à la procédure d’examen visée à l’article 93(2) du RGPD.

Des informations complémentaires sur les garanties mises en place, ainsi qu’une copie de ces garanties, peuvent être demandées via l’adresse de contact pour la protection des données indiquée au début de la présente politique.

En tant que Personne Concernée dans un État Membre de l’UE, vous disposez des droits suivants concernant vos Données à Caractère Personnel :

1. Droit à l’information. Vous avez le droit de recevoir des informations claires, transparentes et facilement compréhensibles sur la manière dont Nous utilisons vos Données à Caractère Personnel et sur vos droits. C’est là l’objetif de la présente Politique de Confidentialité.
2. Droit d’accès. Vous avez le droit d’obtenir la confirmation que Nous traitons vos Données à Caractère Personnel et de demander une copie des Données à Caractère Personnel que Nous détenons à votre sujet, ainsi que certaines informations sur la manière dont Nous les traitons et les raisons pour lesquelles Nous les traitons.
3. Droit de rectification (droit de correction des données inexactes). Vous avez le droit d’exiger que Nous corrigions toute Donnée à Caractère Personnel inexacte ou incomplète vous concernant en notre possession. Si vous pensez qu’une information que Nous détenons est incorrecte, veuillez-Nous en informer et Nous la corrigerons.
4. Droit à l’effacement (droit à l’oubli). Dans certaines circonstances, vous avez le droit de demander que Nous supprimions ou effacions vos Données à Caractère Personnel, par exemple lorsqu’il n’existe pas de raison valable pour que Nous continuions à les traiter, ou lorsque vous avez retiré votre consentement (et que Nous nous fondions sur votre consentement comme base légale).
5. Droit à la limitation du traitement. Dans certaines circonstances, vous avez le droit de Nous demander de suspendre ou de limiter le traitement de vos Données à Caractère Personnel, par exemple lorsque vous contestez l’exactitude des données ou vous opposez à ce que Nous les traitions, et ce pendant la durée de nos vérifications suite à votre demande en ce sens.
6. Droit à la portabilité des données. Lorsque Nous traitons vos Données à Caractère Personnel par des moyens automatisés sur la base de votre consentement ou dans le cadre de l’exécution d’un contrat avec vous, vous avez le droit de recevoir ces données dans un format structuré, couramment utilisé et lisible par machine, et de demander à ce que Nous les transmettions à une autre organisation.
7. Droit d’opposition au traitement (par exemple, opposition au marketing). Vous avez le droit de vous opposer à ce que Nous traitions vos Données à Caractère Personnel lorsque Nous nous fondons sur l’existence d’un intérêt légitime (le nôtre ou celui d’un tiers) comme base légale et qu’un élément lié à votre situation particulière vous conduit à vous y opposer. Vous avez également un droit absolu de vous opposer à tout moment au traitement de vos Données à Caractère Personnel à des fins de prospection commerciale directe (y compris le profilage à des fins de marketing).
8. Droits relatifs à la prise de décision automatisée et au profilage. Vous avez le droit de ne pas faire l’objet d’une décision fondée exclusivement sur un traitement automatisé (y compris le profilage) produisant des effets juridiques vous concernant ou vous affectant de manière significative de façon similaire, sauf si un tel traitement est nécessaire à la conclusion ou à l’exécution d’un contrat avec vous, autorisé par la loi, ou fondé sur votre consentement explicite.
9. Droit de dicter des directives générales ou particulières relatives au traitement de vos Données à Caractère Personnel après votre décès (uniquement si vous êtes situé(e) en France).

Lorsque Nous agissons en tant que sous-traitant (ce qui, pour éviter toute ambiguïté, n’est pas la situation généralement envisagée dans la présente Politique de Confidentialité), Nous traitons des données relatives aux patients des cabinets dentaires pour le compte de ces derniers (agissant en tant que responsables du traitement). Par conséquent, toute demande relative à vos données en tant que patient doit être adressée directement à votre cabinet dentaire. Dandy assistera le cabinet pour lui permettre de satisfaire à ses obligations légales au titre des Lois Applicables en matière de Protection des Données, mais ne donnera pas suite aux demandes individuelles reçues sans instruction spécifique du responsable du traitement.

Soumettre une demande : Vous pouvez exercer vos droits en contactant notre adresse de contact pour la protection des données : [email protected].

Nous répondrons à votre demande dans un délai d’un mois à compter de sa réception, sauf si la demande est particulièrement complexe ou si vous avez présenté plusieurs demandes, auquel cas Nous pouvons prolonger ce délai de deux mois supplémentaires. Nous vous informerons si Nous avons besoin de plus de temps et vous en expliquerons les raisons.

En règle générale, vous n’aurez pas à payer de frais pour exercer vos droits. Toutefois, Nous pouvons facturer des frais raisonnables ou refuser de donner suite à votre demande si celle-ci est manifestement infondée, répétitive ou excessive.

E-mails promotionnels : Vous pouvez vous désinscrire de tout ou partie des communications promotionnelles que Nous vous adressons en suivant le lien de désinscription figurant dans chaque e-mail.

Nous avons mis en place des mesures de sécurité techniques et organisationnelles appropriées afin d’empêcher que vos Données à Caractère Personnel soient accidentellement perdues, utilisées, consultées, modifiées ou divulguées de manière non autorisée. Ces mesures incluent notamment le recours à des serveurs sécurisés, le chiffrement, des contrôles d’accès et des évaluations de sécurité régulières.

Par ailleurs, Nous limitons l’accès à vos Données à Caractère Personnel aux salariés, agents, sous-traitants et autres tiers ayant besoin d’en connaître dans le cadre de leurs activités. Ils ne traiteront vos Données à Caractère Personnel que conformément à nos instructions et sont soumis à une obligation de confidentialité.

Nous avons mis en place des procédures pour gérer toute suspicion de violation de Données à Caractère Personnel et Nous vous notifierons, ainsi que toute autorité de contrôle compétente, d’une violation lorsque la loi le requiert.

Aucune méthode de transmission sur internet ni de stockage électronique n’est totalement sécurisée. Bien que Nous mettions en œuvre des efforts raisonnables pour protéger vos Données à Caractère Personnel, Nous ne pouvons en garantir la sécurité absolue.

Nous ne conservons vos Données à Caractère Personnel que pendant la durée nécessaire à la réalisation des finalités décrites dans la présente Politique de Confidentialité, y compris afin de satisfaire à toute obligation légale, comptable ou déclarative, ou conformément aux exceptions, dérogations ou exigences prévues par la loi.

Données Client : Nous conservons vos Données à Caractère Personnel pendant la durée de notre relation commerciale et pendant 5 ans après sa fin afin de respecter nos obligations légales et réglementaires (telles que les obligations fiscales et comptables) et pour faire valoir, exercer ou défendre des droits en justice.

Données des Candidats : Si votre candidature n’aboutit pas, Nous conserverons vos Données à Caractère Personnel pendant une durée pouvant aller jusqu’à 12 mois après la fin du processus de recrutement, afin de Nous permettre de répondre à toute question ou de Nous défendre contre d’éventuelles allégations de discrimination ou de traitement injuste. Si un poste vous est proposé et que vous l’acceptez, vos données seront transférées vers nos dossiers du personnel et conservées conformément à la politique de confidentialité applicable aux membres de notre personnel.

En outre, ce qui suit s’applique uniquement si vous êtes situé(e) en Espagne. En Espagne, une fois que les données ne sont plus nécessaires à la finalité pour laquelle elles ont été collectées et, sous réserve de l’existence d’obligations légales ou contractuelles imposant leur conservation, les données seront conservées à l’état « bloqué ». Cela implique la mise en œuvre de mesures techniques et organisationnelles visant à empêcher leur traitement, y compris leur consultation, sauf lorsqu’il s’agit de mettre les données à la disposition des juges et tribunaux, du ministère public, ou d’autres autorités publiques compétentes. Les données resteront dans cet état jusqu’à leur effacement définitif.

Nous ne collectons pas sciemment de Données à Caractère Personnel concernant des mineurs de moins de 14 ans sur notre Site Web. Si vous êtes le parent ou le tuteur légal d’un mineur de moins de 14 ans qui Nous a fourni des Données à Caractère Personnel, veuillez Nous contacter afin de Nous demander de cesser d’utiliser ces informations ou de les supprimer.

Nous pouvons mettre à jour notre Politique de Confidentialité périodiquement afin de refléter les changements apportés à nos pratiques, à la technologie, aux exigences légales et à d’autres facteurs.

Lorsque des modifications sont apportées à la présente Politique de Confidentialité, elles entrent en vigueur dès leur publication. Vous pouvez consulter la mention « Dernière mise à jour » en haut de cette page pour savoir à quelle date la présente Politique de Confidentialité a été révisée pour la dernière fois.

Si vous avez des questions ou des préoccupations concernant la présente Politique de Confidentialité ou nos pratiques en matière de protection des données, ou si vous souhaitez exercer vos droits, veuillez contacter notre adresse de contact pour la protection des données:

Délégué à la Protection des Données (« DPO ») : Tony Riesen

Adresse email de contact : [email protected]

Adresse du responsable du traitement : 5, boulevard de Sébastopol, 75001 Paris

Réclamations : Vous avez le droit d’introduire une réclamation auprès d’une autorité de protection des données compétente :

• En France, il s’agit de la CNIL : Commission nationale de l’informatique et des libertés, 3, Place de Fontenoy, 75007 PARIS, FRANCE. Téléphone : +33 (0)1 53 73 22 22.

En Espagne, il s’agit de l’AEPD : Calle Jorge Juan 6, 28001 Madrid. Téléphone : +34 900 293 183.