Privacy Policy

This Privacy Policy explains how RivaDent Dental Clinic ("RivaDent", "we", "our") collects, uses, and protects personal data in accordance with the Law on Personal Data Protection of the Republic of North Macedonia and the GDPR (EU 2016/679).

1) Data Controller

RivaDent Dental Clinic (Republic of North Macedonia) is the Data Controller. Official contact details are published on our website contact page.

2) What data we process

2.1 Identification & contact data

  • Name and surname
  • Date of birth (where relevant)
  • Phone number, email address
  • Appointment and communication details

2.2 Health data (special category)

Dental records may include medical history, clinical notes, diagnostics (e.g., x-rays), treatment plans, and related documentation. Health data is processed with strict confidentiality and access controls.

2.3 Technical/website data

When you use our website, we may process technical data such as IP address, device/browser details, and basic usage analytics (where enabled).

3) Purposes and legal basis

We process personal data for:

  • Providing dental healthcare services and maintaining medical records
  • Appointment scheduling and patient communication
  • Billing, accounting, and legal compliance
  • Improving service quality and operational security

Legal bases may include:

  • GDPR Art. 6(1)(b) - contract / provision of services
  • GDPR Art. 6(1)(c) - legal obligations
  • GDPR Art. 6(1)(f) - legitimate interests (security, quality, fraud prevention)
  • GDPR Art. 9(2)(h) - healthcare provision and management

4) Dentare.io as our patient data platform

RivaDent uses Dentare.io to store and manage patient records securely. Dentare.io acts as a Data Processor, processing data on our documented instructions and under a data processing agreement.

Dentare.io legal pages:

5) Sharing of data

We do not sell personal data. We may share data only when necessary with:

  • Authorized clinic staff involved in your care
  • Dental laboratories/partners for prosthetics (only what is necessary)
  • Regulatory bodies or authorities when required by law
  • Dentare.io (as contracted processor)

6) Data retention

Medical records are retained as required by Macedonian healthcare rules and professional standards. After retention periods, records are securely deleted or anonymized, unless longer storage is required by law.

7) Your rights

Depending on the legal context, you may have the right to access, rectification, restriction, objection, data portability, and deletion (where legally permitted). You can also lodge a complaint with the competent data protection authority in North Macedonia.

8) Security

We apply technical and organizational safeguards such as access controls, secure authentication, and encrypted connections. Access to health data is limited to authorized personnel.

9) Cookies

Our website may use cookies for essential functions and (where enabled) analytics. You can manage cookies through your browser settings.

10) Updates

We may update this Privacy Policy from time to time. The latest version will always be published on our website.

Book Appointment Call us now