• Monday–Friday: 9am–6pm
Book Appointment
Book Appointment

Privacy Policy

Last Updated: December 9, 2025

We respect your privacy and we are committed to protecting your personal data.

This Privacy Policy (“Policy”) explains how we collect, use, and disclose personal data of individuals (“you or “your”) who use our website (including https://attelia.uk), and other online products or services (collectively, the “Services”).

We encourage you to read this Policy carefully to understand our practices regarding your personal data and how we handle it. This Policy is provided in a layered format, so you can click through to the specific areas set out below.

1. Who We Are

Attelia London (“Attelia London”, “we”, “us” or “our”). is a CQC-registered dental practice providing private dental services in the United Kingdom. Attelia London acts as the Data Controller for all data collected through this website and our communication channels.

We process personal data in accordance with applicable laws including the UK General Data Protection Regulation, the Data Protection Act 2018, and where relevant, the EU General Data Protection Regulation.

Our full details are as follows:

  • Company name: DPC-UK LTD
  • Email address: info@attelia.uk
  • Postal address: 775 Fulham Rd Fulham, SW6 5HA

If you have any questions about this Policy, including any requests to exercise your legal rights, please contact us using the details provided above.

2. Purpose of This Policy

This Policy aims to give you information on how Attelia London collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter or request information on our services.

It is important that you read this Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements the other notices and is not intended to override them.

3. What Personal Information We Collect

“Personal data” or “personal information” means any information about an individual that can be used to identify that person. It does not include data where the identity has been removed (anonymous data).

Depending on how you interact with us, we may collect different types of personal information. The sources from which we collect your personal information generally fall into three categories set out below.

3.1.  Information you provide

When you interact with us through our website, you may choose to share certain personal information so that we can provide our dental services and respond to your requests. This may happen, for example, when you fill out the contact form to ask a question or request information, when you book an appointment or request a free consultation, or when you communicate with us by phone, email, or social media. You may also provide details when you subscribe to receive updates or marketing information from us, or when you indicate your preferences and consent to being contacted about specific treatments or offers.

The types of personal data we may collect directly from you include:

  • Identity information. first name, last name, date of birth, gender.
  • Contact data. email address, telephone number, postal address.
  • Appointment and service data. treatment preferences, selected service type (e.g. check-up, hygiene, emergency, Invisalign), date and time of appointment, and any relevant notes or comments you choose to share.
  • Communications. information included in your enquiries, feedback, or support requests submitted via our website, email, live chat, or social media channels.
  • Marketing and communications. includes your preferences in receiving marketing from us and our third parties and your communication preferences.

3.2.  Personal information collected automatically

When you visit our website, we may automatically collect certain information to help us understand how you use our services, maintain security, and improve the performance of our site.

  • Technical Data. details about your device and browser, such as device type and model, operating system, browser type and version, screen resolution, language and display settings, time zone, and internet service provider.
  • Usage Data. information about your interactions with our website, including the pages you visit, links you click, date and time of your visits, time spent on pages, navigation paths, and referring websites.
  • Preference and Interaction Data. records of your actions on the website, such as clicking on “Book Appointment” or “Request Free Consultation” buttons, completing forms, or agreeing to receive marketing updates.

This information is collected through cookies, analytics tools, and similar technologies. For further information, please see “Cookies and Similar Technologies” below.

3.3. Personal information collected from other sources

We may receive certain personal information about you from third parties or publicly available sources. The types of data we may obtain from other sources include:

  • Technical Data. from analytics providers, advertising networks, and event partners.
  • Identity and Contact Data. from data aggregators or event organisers (such as marketing providers), and from publicly available sources such as Companies House, the Electoral Register, and other professional or business directories.

4. How We Use Your Personal Data and Our Legal Basis

We will only use your personal data when the law allows us to. This means we process your information only when we have a valid legal basis to do so. Most commonly, we rely on one or more of the following legal bases:

  • When it is necessary to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email, text message or postage. You have the right to withdraw consent to marketing at any time by contacting us at info@attelia.uk.

5. Purpose For Which We Will Use Your Personal Data

Purpose of Processing

Types of Data

Legal Basis for processing

To provide you with our services – including responding to your enquiries, booking and managing appointments, providing consultations and treatment planning services, and sending appointment confirmations or reminders.

·     Identity

·     Contact

Processing is necessary for performance of a contract with you.

To communicate with you, including responding to your queries, comments or requests for further information about our Services.

·     Identity

·     Contact

·     Communication

Processing is necessary to take steps at your request prior to entering into a contract.

Alternativaly, for our legitimate interests, namely communicating with prospective customers.

To manage our relationship with you which will include:

·     Notifying you about changes to our terms and privacy policy

·     Asking you to leave a review or take a survey

·     Identity

·     Contact

·     Profile

·     Marketing and Communications

The processing is necessary for the performance of a contract with you or for our legitimate interests, namely administering agreements with you and improving our Services.

To deliver relevant website content and advertisements to you and measure the effectiveness of our website and advertising activities.

·     Identity

·     Contact

·     Profile

·     Usage

·     Marketing and Communications

·     Technical

The processing is necessary for our legitimate interests, namely for product development and internal analytics purposes.

Alternatively, we will use your personal data in this way to the extent you have given us your consent to do so.

To send you promotional emails about our treatments and offers in accordance with your preferences

·     Identity

·     Contact

·     Technical

·     Usage

·     Profile

The processing is necessary for our legitimate interests, namely to promote our services.

Alternatively, we will use your personal data in this way to the extent you give us your consent to do so.

To use analytics to understand how visitors use our website and to improve functionality and user experience.

·     Technical

·     Usage

Processing is necessary for our legitimate interests, namely improving and maintaining our services and product development.

To ensure safety, prevent fraud, and maintain the security of our systems and website.

·     Identity

·     Usage

·     Technical

The processing is necessary for our legitimate interests, namely monitoring fraud, or to comply with a legal obligation in the UK

To comply with legal or regulatory requirements, including record-keeping, tax, professional and data protection obligations.

Any relevant personal data

The processing is necessary to comply with a legal or for our legitimate interest, namely managing operations efficiently and responsibly.

To manage business operations, for example in the event of a merger, restructuring, or business transfer, ensuring continuity of services.

·     Identity

·     Contact

·     Profile

·     Technical

The processing is necessary for our legitimate interest, namely corporate and business continuity.

6. Disclosure of Personal Information

We only share your personal data with third parties when it is necessary for the purposes described in this Policy. Whenever we share your data, we ensure that appropriate contractual, organisational, and technical safeguards are in place to protect it, in line with our legal obligations and company standards of confidentiality, security, and data protection.

We may disclose your personal information in the following circumstances:

  • Service providers. We may share your personal data with third-party service providers that help us operate and deliver our services. These include website hosting providers; IT support and security providers; cloud storage providers, technical support or delivery, secure email services and analytics, booking software providers, marketing and communication partners.
  • Professional Advisers. We may disclose information to external professional advisers such as lawyers, auditors, or accountants where required for business operations, obtaining legal or financial advice, risk management, or in connection with establishing, exercising, or defending legal claims.
  • Law enforcement and regulatory authorities. We may disclose your personal data to law enforcement agencies, courts, regulators (including General Dental Council, Care Quality Commission, NHS bodies), government authorities, or financial institutions when we are legally required to do so or when such disclosure is necessary to: (i) comply with a legal or regulatory obligation, (ii) protect our rights, safety, or property (or those of others), or (iii) establish, exercise, or defend legal claims.
  • Business transfers and transactions. In the event of a reorganisation, merger, acquisition, sale, or other corporate transaction involving our business or assets, we may share or transfer your personal data to the relevant third party involved. Any such recipient will be required to process your personal data in a manner consistent with this Privacy Policy, unless and until you are notified otherwise.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

7. International Data Transfers

We may transfer your personal data to countries outside the United Kingdom (UK). Some of these countries may not provide the same level of data protection as is available under UK law.

Whenever we make such transfers, we take appropriate steps to ensure that your information remains protected to a standard that is essentially equivalent to that required under UK data protection laws. In particular:

  • We only transfer personal data to countries that the UK Government has recognised as providing an adequate level of protection for personal data. For further details, please see UK adequacy list); or
  • Where no adequacy regulation applies, we put in place appropriate contractual safeguards, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the European Commission’s Standard Contractual Clauses, supported by additional technical and organisational measures where necessary.

8. Aggregate and De-Identified Information

We also collect, use and share aggregated data such as statistical or demographic data for any lawful purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly identify you. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.

9. Marketing Preferences

We may use your identity, contact, technical, usage and profile data to form a view on what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

You may receive marketing communications from us if you have requested information from us or if you provided us with your details when you subscribe for news and updates, in each case, you have not opted out of receiving that marketing. You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at info@attelia.uk.

Please note that opting out of marketing communications will not affect our ability to send you essential non-marketing messages, such as service updates, appointment confirmations, or changes to our terms or privacy policy.

10. Cookies and Similar Tracking Technologies

We use cookies and similar tracking technologies to automatically collect information about your browsing behaviour, device type, and interaction with our site. These technologies help us to remember your preferences and settings to provide a more personalised experience, analyse usage patterns to improve functionality, performance, and content, support authentication processes and enhance security. Please see our Cookie Policy for more information about these practices and any choices you may have regarding cookies.

11. Data Security

We have implemented appropriate technical and organisational security measures to protect your personal information from accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures include, but are not limited to, access controls, encryption, secure storage, and regular system monitoring.

Access to your personal data is limited to employees, contractors, and other third parties who have a legitimate business need to access it. They will only process your data on our instructions and are bound by confidentiality obligations.

We also have procedures in place to deal with any suspected personal data breach. Where legally required, we will notify you and the appropriate regulatory authority of any breach that affects your personal information.

12. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Once we no longer require your personal information, we will securely delete or anonymise it (so that it can no longer be associated with you) in accordance with our internal retention policies and applicable laws.

13. Third Party Links

Attelia London website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

14. Children’s Privacy

This website is not intended for individuals under the age of 16. No one under age of 16 is authorised to provide any personal information through the Services. We do not knowingly collect personal information from anyone in this age group.

15. Your Legal Rights

In accordance with the UK GDPR, you have the following rights in respect of your personal data that we hold:

  • Right of access. You have the right to obtain:

(i) confirmation of whether, and where, we are processing your personal data;

(ii) information about the categories of personal data we are processing, the purposes for which we process your personal data and information as to how we determine applicable retention periods;

(iii) information about the categories of recipients with whom we may share your personal data; and

(iv) a copy of the personal data we hold about you.

  • Right to obtain rectification of any inaccurate or incomplete personal data we hold about you without undue delay.
  • Right to erasure. You have the right, in some circumstances, to require us to erase your personal data without undue delay if the continued processing of that personal data is not justified.
  • Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal data if the continued processing of the personal data in this way is not justified, such as where the accuracy of the personal data is contested by you.
  • Right to object. You also have the right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your personal data, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.
  • Right to withdraw consent. If you have provided consent for the processing of your personal data, you have the right to withdraw your consent at any time free of charge. If you withdraw your consent, this will not affect the lawfulness of our use of your personal data before your withdrawal.
  • Right of portability. You have the right, in certain circumstances, to receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.

You also have the right to lodge a complaint to a supervisory authority, including in your country of residence, place of work, or where an incident took place.

If you wish to exercise any of the rights set out above, you can also submit your request via our online Data Subject Request Form.

Due to the confidential nature of data processing, we may ask you to confirm your identity when exercising the above rights. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain personal information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

16. Complaints

We are committed to protecting your personal data and aim to resolve any concerns you may have about how we handle your information. If you have concerns about how we handle your personal data, please contact us so we can address them promptly.

You also have the right to lodge a complaint with a data protection authority. If you are located in the United Kingdom, you may contact the Information Commissioner’s Office (ICO): www.ico.org.uk

17. Changes to This Policy And Your Duty To Inform Us Of Change

This version was last updated on December 9, 2025.

We keep this Privacy Policy under regular review and may update it from time to time to reflect changes in our practices, legal obligations, or the nature of the services we provide. When we make material changes, we will notify you where appropriate, such as by updating the date at the top of this Policy or by contacting you directly.

It is important that the personal information we hold about you is accurate and up to date. Please notify us of any changes to your personal details (such as your email address or contact information) during your relationship with us.

18. Contact us

If you have any questions, comments or requests regarding this Privacy Policy or how we handle your personal information, please contact us at info@attelia.uk.