MyLab is committed to protecting your personal information and respecting your privacy. We aim to meet the requirements of the Data Protection (Jersey) Law 2018, the UK General Data Protection Regulation (UK GDPR), guidance issued by the Jersey Office of the Information Commissioner (JOIC), together with our professional obligations under the General Dental Council (GDC) where applicable.
The Data Controller is MyLab.
The Data Protection Officer is Dr Ivo Raitchev.
MyLab
Ground Floor
29 Broad Street
St. Helier
Jersey JE2 3RR
Telephone: 01534 866900
Email: hello**@mylab.je**
Depending on your relationship with MyLab, we may collect and process the following personal information.
- Name
- Practice name
- Practice address
- Telephone numbers
- Email addresses
- Billing information
- Payment details
- Account history
- Correspondence relating to laboratory work
Where laboratory work is prescribed by your dentist, we may receive limited personal information necessary to manufacture your appliance or restoration, including:
- Patient initials or identification number (where possible)
- Patient name (where required)
- Date of birth (where clinically necessary)
- Gender
- Shade information
- Clinical photographs
- Digital intraoral scans
- Facial photographs
- CBCT scans, radiographs and other imaging
- Impressions or digital models
- Clinical prescriptions
- Details necessary for the design and manufacture of dental appliances or restorations
Where possible, we encourage referring clinicians to minimise patient-identifiable information supplied to the laboratory.
We may also process special category personal data where this is clinically necessary, including medical information relevant to the safe manufacture of dental appliances or restorations.
Most personal information is supplied to us by:
- Referring dentists
- Dental practices
- Specialist clinicians
- Patients contacting us directly
- Website enquiry forms
- Email correspondence
- Digital case submission portals
We process personal information to:
- Manufacture dental appliances, restorations and prostheses.
- Design crowns, bridges, veneers, dentures, orthodontic appliances, implant restorations and other custom-made dental devices.
- Produce digital treatment plans and CAD/CAM designs.
- Communicate with referring dentists regarding prescriptions.
- Arrange collection and delivery of laboratory work.
- Process invoices and payments.
- Maintain quality assurance records.
- Meet our regulatory obligations.
- Improve our laboratory services.
- Respond to enquiries.
- Maintain accurate laboratory records.
- Provide technical support relating to laboratory work.
- Meet legal and contractual obligations.
Under the Data Protection (Jersey) Law 2018, our lawful bases include:
- Consent (where applicable)
- Performance of a contract
- Compliance with legal obligations
- Protection of vital interests
- Legitimate interests in operating a professional dental laboratory
- For special category data, processing is necessary for:
- The provision and management of health care services.
- Manufacturing custom-made medical devices prescribed by registered dental professionals.
- Compliance with healthcare and regulatory obligations.
We treat all personal information as confidential.
We may share information only where necessary with:
- Referring dental practices
- Dentists and specialists involved in your care
- Couriers transporting laboratory work
- Secure cloud software providers
- IT support providers working under confidentiality agreements
- Regulatory authorities where legally required
- Law enforcement agencies where required by law
We never sell personal information.
All third-party providers processing information on our behalf are contractually required to maintain appropriate confidentiality and data security.
Your information is stored securely using appropriate technical and organisational safeguards.
This may include:
- Secure laboratory management software
- Encrypted cloud services
- Secure servers
- Password-protected systems
- Access controls
- Regular security updates
- Secure backup systems
Only authorised personnel have access to personal information required for their role.
We retain laboratory records in accordance with legal, regulatory and professional requirements.
Typically, records relating to laboratory prescriptions are retained for 11 years from the completion of the case unless legislation requires a longer retention period.
Once no longer required, records are securely destroyed or permanently deleted.
Under data protection legislation, you have the right to:
- Request access to your personal information.
- Request correction of inaccurate information.
- Request completion of incomplete information.
- Request deletion of your personal information where applicable.
- Request restriction of processing.
- Object to processing in certain circumstances.
- Request transfer of your information to another organisation where appropriate.
There is normally no charge for exercising these rights.
We aim to respond to requests within four weeks.
Please contact us using the details above if you wish to exercise any of your rights.
Our website may use cookies and similar technologies to improve user experience and monitor website performance.
Where non-essential cookies are used, your consent will be requested before they are placed on your device.
You may control cookies through your browser settings.
We may update this Privacy Policy from time to time to reflect changes in legislation, technology or our services.
The latest version will always be available on our website.
If you have concerns about how we have handled your personal information, please contact us first so that we can try to resolve the matter.
You also have the right to complain to the Jersey Office of the Information Commissioner (JOIC).
Jersey Office of the Information Commissioner
2nd Floor
5 Castle Street
St. Helier
Jersey
JE2 3BT
Email: enquiries@jerseyoic.org
Telephone: +44 (0)1534 716530
Website: https://jerseyoic.org
