Privacy Policy

1. Introduction

Welcome to Dental Fear Central. We are committed to protecting the privacy and security of our visitors and community members. This Privacy Policy explains who we are, what personal data we collect, why we collect it, how we use and protect it, and how you can exercise your privacy rights.

Your privacy and anonymity are core principles of our community. We encourage you to read this policy in full to ensure you are informed.

This policy should be read together with our Cookie Policy and our Terms of Use.

2. Who We Are (Data Controller)

The data controller for Dental Fear Central, responsible for your personal data, is:

Name: Dental Fear Central
Location: Oxford, UK 
Contact Email: [email protected]

The UK General Data Protection Regulation (UK GDPR) requires us to have a valid legal basis for every piece of personal data we process. Here is a breakdown of the data we collect and the corresponding legal basis.

a) When You Browse Our Website (Technical & Usage Data)

  • Data Collected: Your IP address, browser type and version, device type, operating system, and general usage data (e.g., pages viewed, time spent on site). This data is largely anonymized.
  • Purpose: To operate, secure, and improve our website, and to understand how our visitors use it.
  • Legal Basis:
    • For essential technical data required for security and to serve the website: Legitimate Interest (Art. 6(1)(f) GDPR).
    • For non-essential analytics and tracking data (e.g., Google Analytics): Your Explicit Consent (Art. 6(1)(a) GDPR), which you provide via our cookie banner.

b) When You Register for Our Forum (Account Data)

  • Data Collected: A username, your email address, and a hashed (scrambled) password.
  • Purpose: To create and manage your user account, allow you to log in, and enable you to participate in the forum.
  • Legal Basis: Performance of a Contract (Art. 6(1)(b) GDPR). We need this information to provide the forum service to you as agreed in our Terms of Use.

c) When You Post on Our Forum (User-Generated Content)

  • Data Collected: The content of your posts, your username, and the IP address associated with the post.
  • A Note on Health Information: We understand that forum posts may contain sensitive information related to health (e.g., dental fears). This is considered “special category data” under GDPR.
  • Purpose: To display your contributions to the community and operate the forum. IP addresses are collected for security and moderation purposes to prevent abuse.
  • Legal Basis: The legal basis for processing this data which you manifestly make public by posting is Performance of a Contract and our Legitimate Interest in running a community forum.

d) When You Watch Embedded Videos (Third-Party Data)

  • Data Collected: Our site embeds videos from YouTube and Vimeo. Before you consent, we use privacy-enhanced modes. If you consent and play a video, these services may collect data about you, use cookies, and monitor your interaction as if you had visited their site directly.
  • Purpose: To provide rich video content.
  • Legal Basis: Your Explicit Consent (Art. 6(1)(a) GDPR), managed via our cookie banner.

4. Data Sharing and Third Parties

We do not sell your personal information. We only share it with third-party service providers who help us operate our website. These include:

  • Hosting Provider: To host our website files and data.
  • Analytics Provider: Google Analytics, to understand website traffic (only with your consent).
  • Security Provider: Cloudflare, to protect our site from malicious attacks.
  • Embedded Content Providers: YouTube and Vimeo (only with your consent).

5. International Data Transfers

Some of our third-party providers (like Google and Cloudflare) are based outside the United Kingdom (UK). When your data is transferred internationally, we rely on legal mechanisms to ensure your data is protected to the same standard as it is within the UK. This includes:

  • Transfers to countries, like those in the European Economic Area (EEA), that the UK government has deemed to provide an adequate level of data protection.
  • Transfers to other countries, such as the United States, based on legal safeguards like Standard Contractual Clauses (SCCs) approved for use by the UK.

6. Data Retention

We keep your personal data only for as long as necessary for the purposes it was collected for.

  • Server Logs: Typically retained for a short period (e.g., 14-30 days) for security analysis.
  • User Accounts: Retained until you choose to delete your account.
  • Forum Posts: Are generally retained indefinitely to maintain the integrity of community discussions. However, you have the right to request the anonymization or deletion of your posts (see Section 8).

7. Your Data Protection Rights under UK GDPR

As a user, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): You can request that we delete your personal data under certain conditions.
  • Right to Restrict Processing: You can request that we limit the way we use your data.
  • Right to Data Portability: You can request a copy of your data in a machine-readable format.
  • Right to Object: You can object to our processing of your data where we are relying on Legitimate Interest.
  • Right to Withdraw Consent: At any time, you can withdraw your consent for activities like cookies by using our “Cookie Settings” link in the footer.

To exercise any of these rights, please contact us at [Your Privacy Contact Email Address].

8. Your Anonymity and User-Generated Content

  • Anonymity is Key: We strongly encourage you to use a username that is not your real name and an avatar that is not a real photo of you. Your email address is never visible to the public.
  • Deleting Posts: When you post messages, we generally do not delete them upon request if others have replied, as this would render subsequent conversations nonsensical. However, we are fully committed to protecting your identity. We are very happy to anonymize your posts by removing any potentially identifying information upon request.
  • Quoting Content: We may quote materials from the forum on the main website to illustrate common experiences. We always ensure no identifying details are included and will try to get your permission beforehand. You can withdraw this permission at any time.

9. Children’s Privacy

Our website is not intended for or targeted at children under the age of 16. We do not knowingly collect personal data from anyone under 16.

10. Right to Lodge a Complaint

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the UK’s data protection regulator.

The Information Commissioner’s Office (ICO) Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk

11. Changes to This Privacy Policy

We may update this policy from time to time. The effective date at the top of this page will always indicate the latest revision. We encourage you to review it periodically.