Privacy policy

SIA "Dentamix" ( hereinafter – the Dental Clinic ) values the privacy of its patients. We have developed this Client Personal Data Privacy Policy (hereinafter – the Privacy Policy) to provide transparent information regarding rights and obligations related to the processing of personal data at the Dental Clinic.

This Privacy Policy applies to the following data subjects (hereinafter – You):

Patients of the Dental Clinic (including potential, former, and existing patients);

Visitors of the Dental Clinic, regardless of the reason for their visit.

The purpose of this Privacy Policy is to provide information about the purposes, legal basis, scope, and duration of personal data processing carried out by the Dental Clinic as the Data Controller.

This Privacy Policy has been developed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter – the GDPR), the Personal Data Processing Law, the Law on Patient Rights, and other applicable regulatory acts. As the Dental Clinic continuously improves its processes, we may update or amend this Privacy Policy from time to time.

1. Information about the Data Controller

The Data Controller for the personal data processing described in this Privacy Policy is SIA "Dentamix" (hereinafter – the Dental Clinic or "we"), registration number: 40103225875, legal address: Brīvības iela 97-5, Riga, LV-1001.

2. Contact information for data processing inquiries

You may contact us by phone at +371 29419999 or by email at info@dentamix.lv.

3. How you are informed about data processing

To promote transparent data processing, the Dental Clinic explains in this Privacy Policy which personal data is necessary for receiving services and how it will be used. Information may also be provided by our staff verbally or through documentation that you may be asked to review and sign to confirm your acknowledgment.

4. Types of personal data processed by the Dental Clinic

4.1. Information necessary for patient identification, service provision, and communication:

Name and surname;

Personal code (or other equivalent identification number);

Residential address;

Phone number and/or email address.

Upon request by staff, you must present a personal identification document (passport or ID card) to verify your identity, as required by Section 15(4) of the Law on Patient Rights. For children under 14, legal guardians must present proof of representation (e.g., birth certificate). Other relatives require a notarized power of attorney.

4.2. Additional information for quality and safety: In the course of providing services, we may obtain:

Information from referrals (e.g., health status, diagnosis);

Information essential for treatment (e.g., disability status, medical history, injuries, allergies, medication);

Information obtained during specific procedures;

In specific cases, facial and jaw photographs (shared with dental laboratories); you will always be informed in advance when this occurs.

4.3. Billing and administration: Information related to payments (e.g., insurance details) and quality control or handling of objections.

4.4. Communication history: Records of written correspondence (questions, feedback, complaints, suggestions) and our responses to you.

5. Purposes and legal basis for processing

5.1. Provision of dental services: Including appointment scheduling, identification, consultations, procedures, and medical documentation.

Legal Basis: GDPR Article 6(1)(c) (legal obligation) and Article 9(2)(h) (healthcare purposes). Legitimate interests (e.g., appointment reminders) are based on Article 6(1)(f).

Storage period: For the duration of service provision; for up to 10 years to prove compliance; or as required by law (e.g., medical records stored for 10 years after the last entry).

5.2. Payment administration:

Legal Basis: Legitimate interests (GDPR 6(1)(f)) or contract performance (GDPR 6(1)(b)).

Storage period: Until payment obligations are fulfilled or for 5 years as required by the Accounting Law.

5.3. Quality control and handling of objections:

Legal Basis: Legitimate interests (GDPR 6(1)(f)) or legal obligation (GDPR 6(1)(c)).

Storage period: Until the issue is resolved or up to 10 years for legal compliance.

5.4. Communication and records management:

Legal Basis: GDPR 6(1)(c) and (f) (legal obligation or legitimate interest).

Storage period: Until the issue is resolved or as required by law.

5.5. Promotion of Dental Clinic brand: Representing professional activities on our website, social media, or clinic premises.

Legal Basis: Legitimate interests (GDPR 6(1)(f)) or your explicit consent (GDPR 6(1)(a)).

Storage period: Indefinitely. Please note that public materials published for promotional purposes are accessible to third parties.

6. Recipients of personal data

We implement strict internal control procedures to prevent unauthorized access. Personal data is not transferred outside the EU/EEA. Data is processed by authorized staff and processors (e.g., accounting firms). Information may be shared with other medical institutions, state agencies (e.g., Health Inspectorate, National Health Service), or insurance companies as required by law.

7. Your rights

Access: You may request access to your personal data and information regarding its processing.

Correction: You may request that inaccurate or outdated data be corrected.

Erasure ("Right to be forgotten"): You may request data deletion unless storage is legally required or necessary to defend legal claims.

Restriction: You may request a restriction on processing under certain circumstances.

Withdrawal of consent: You may withdraw consent at any time for processing based on consent.

8. Procedure for exercising rights

Requests must be submitted in writing in person (with ID), via email (with a secure electronic signature), or by postal mail. We will verify your identity before responding. If you believe your data has been processed unlawfully, you have the right to file a complaint with the Data State Inspectorate.

Approved by:

SIA "Dentamix" Board Member

Ineta Majore

January 9, 2026.