Privacy PolicyLast updated: May 14, 2026This Privacy Policy explains how Inflow Dental collects, uses, and protects personal data when visitors use the website, submit a contact form, communicate by email, or interact with website analytics and cookie-based technologies. A GDPR-compliant privacy notice should clearly explain what data is collected, why it is processed, the legal basis, retention periods, third-party sharing, and the rights of individuals under applicable law.

ControllerThe controller of personal data for this website is Inflow Dental. Under GDPR-oriented privacy notice guidance, the policy should identify the controller and provide contact details for privacy-related requests.

‍Contact email: office@inflow.dentalIf there are any questions about this Privacy Policy or about the processing of personal data, requests may be sent to the contact email above.

What data may be collectedDepending on how the website is used, the following categories of data may be collected:Contact details submitted through forms or email, such as name, email address, phone number, clinic name, and message content.Technical and usage data, such as IP address, browser type, device information, referral source, pages visited, and interaction data collected through analytics tools.Cookie and consent-related data, including whether analytics or other non-essential cookies were accepted or rejected.The exact data collected depends on the tools active on the website at a given time.

‍How personal data is collectedPersonal data may be collected when:A visitor submits a contact form.A visitor sends an email directly to office@inflow.dental.A visitor browses the website and analytics or cookies are enabled.A visitor interacts with scheduling, booking, embedded forms, or other third-party services, if such tools are used on the website.

‍Purposes of processingPersonal data may be processed for the following purposes:To respond to enquiries and provide information about services.To communicate about potential projects, proposals, audits, or service requests.To operate, maintain, secure, and improve the website and its performance.To understand website traffic and on-site behaviour through analytics, where applicable.To comply with legal obligations and to establish, exercise, or defend legal claims where necessary.

‍Legal bases for processingWhere GDPR applies, personal data is processed on one or more of the following legal bases:

‍Pre-contractual steps or contract performance when a visitor requests information, a proposal, an audit, or service-related communication.
‍Legitimate interests in operating, securing, improving, and measuring the effectiveness of the website, provided such interests are not overridden by the rights of the individual.
‍Consent where required, especially for non-essential cookies, analytics, or marketing-related technologies.
‍Legal obligation where processing is necessary to comply with applicable law.
‍Cookies and analyticsThe website may use cookies or similar technologies to ensure core functionality and to understand how the website is used. GDPR-focused guidance notes that non-essential cookies, including analytics cookies in many implementations, generally require consent before they are placed on a user’s device.If analytics tools such as Google Analytics, Matomo, or similar services are used, those tools may collect information such as IP address, device details, pages visited, time on page, and interactions with forms or calls to action.Visitors can manage cookie choices through the website’s cookie banner or browser settings, where available.

‍Sharing with third partiesPersonal data may be shared only where necessary with service providers that help operate the website or deliver services, such as:Website hosting or infrastructure providers.Analytics providers.Form, email, CRM, scheduling, or automation tools.Professional advisers where necessary for legal or compliance purposes.Where third-party providers process personal data on behalf of the controller, they are expected to process it only for the relevant service purpose and under appropriate contractual or legal safeguards.

‍International data transfersSome service providers may process personal data outside the European Economic Area. When this happens, appropriate safeguards should be used where required, such as adequacy decisions, standard contractual clauses, or equivalent lawful transfer mechanisms under applicable data protection law.

‍Data retentionPersonal data is retained only for as long as necessary for the purpose for which it was collected, including responding to enquiries, keeping project communications, maintaining business records, or meeting legal obligations. GDPR privacy policy guidance commonly expects organisations to disclose retention logic or retention periods where possible.As a general approach:Enquiry data may be retained for as long as necessary to respond and follow up on a request.Project-related communications may be retained for longer where needed for contractual, accounting, legal, or service-history purposes.Analytics and cookie data may be retained according to the settings of the relevant platform or consent tool.

‍Data subject rightsWhere GDPR applies, individuals may have the right to:Request access to personal data.Request correction of inaccurate or incomplete data.Request deletion of personal data in certain circumstances.Request restriction of processing in certain circumstances.Object to processing based on legitimate interests.Request data portability where applicable.Withdraw consent at any time where processing is based on consent.Lodge a complaint with a competent supervisory authority.Requests can be sent to office@inflow.dental.

‍Data securityReasonable technical and organisational measures are used to help protect personal data against unauthorised access, loss, misuse, disclosure, alteration, or destruction. Public-facing privacy notices commonly state that personal data is handled with due care and in line with applicable security and confidentiality standards.No transmission or storage system can be guaranteed to be 100% secure, but reasonable efforts are made to protect the information processed through the website.

‍Third-party links and embedded toolsThe website may contain links to third-party websites or use embedded tools, booking tools, or external platforms. Those third parties may apply their own privacy policies and data practices, and visitors should review their policies separately where relevant.

‍Children’s privacyThe website and services are intended for business and professional use and are not directed to children. Personal data from children is not knowingly collected through the website.

‍Changes to this policyThis Privacy Policy may be updated from time to time to reflect legal, technical, or business changes. The updated version will be posted on this page with a revised “Last updated” date.

‍ContactFor privacy-related questions or requests, contact:Inflow Dental
Email: office@inflow.dental