top of page

Privacy Policy

A. Purpose of this Privacy Policy  

DARC BV is a dental clinic based in Antwerp, focused on advanced diagnostics,  interdisciplinary dental care, and long-term oral health solutions. Protecting personal  and medical data is a fundamental part of our professional and ethical responsibility.  

This Privacy Policy explains how DARC BV collects, processes, stores, and protects  personal data in accordance with:  

  • Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)  

  • The Belgian Law of 30 July 2018 on the protection of natural persons with  regard to the processing of personal data  

This policy applies to:  

  • patients of DARC BV;  

  • individuals requesting information or services;  

  • visitors to the website www.darc.be.  

This Privacy Policy explains:  

  • who we are;  

  • which data we process and for what purpose;  

  • on which legal bases data is processed;  

  • how long data is retained;  

  • with whom data may be shared;  

  • your rights as a data subject;  

  • how to contact us regarding privacy matters.  

 

B. Identity of the Data Controller 

DARC BV 

Dental Aesthetic & Rehabilitation Clinic  

Ellermanstraat 61  

2060 Antwerp – Belgium  

Company number (KBO / VAT): [to be inserted] 

Email: contact@darc.be 

Website: www.darc.be 

​

DARC BV acts as data controller for all personal and medical data processed within  the scope of its professional activities.  

​

C. Personal Data We Process and Why  

1. Categories of personal data  

Depending on your interaction with DARC BV, we may process the following  categories of data:  

Identification and contact data 

  • name, address, date of birth  

  • telephone number, email address  

Medical and health-related data 

  • medical and dental history (anamnesis)  

  • clinical notes, diagnoses, treatment plans  

  • radiographs, clinical photographs, intra-oral scans, CBCT data, digital models  Administrative and financial data 

  • appointment history  

  • invoices, payments, insurance-related information  

Digital and technical data 

  • website usage data  

  • cookies and technical identifiers  

Medical data is collected through mandatory clinical documentation and is processed  exclusively for legitimate healthcare purposes. 

​

2. Purposes of processing  

Personal and medical data is processed strictly for one or more of the following  purposes:  

  • providing safe, appropriate, and continuous dental care;  

  • medical diagnosis, treatment planning, and follow-up;  

  • appointment management and patient communication;  

  • compliance with legal, medical, and accounting obligations;  

  • clinical documentation, internal quality control, and professional training;  • anonymised education, scientific, or professional communication;  

  • operation and improvement of digital systems (website, booking platforms,  patient records).  

DARC BV does not process personal data for purposes incompatible with healthcare  delivery.  

 

D. Legal Basis for Processing  

Personal data is processed on one or more of the following legal bases:  

  • Article 6(1)(b) GDPR and Article 9(2)(h) GDPR – processing necessary for the  provision of healthcare, medical diagnosis, treatment, and follow-up;  

  • Article 6(1)(c) GDPR – processing necessary to comply with legal, regulatory,  and accounting obligations;  

  • Article 6(1)(f) GDPR – processing necessary for legitimate interests related to  clinic operation, security, and quality control, without overriding the rights and  freedoms of the data subject;  

  • Article 6(1)(a) GDPR and Article 9(2)(a) GDPR – where explicit consent is  required, in particular for marketing, communication, or publication purposes.  

Health-related data is processed exclusively within the framework permitted by GDPR  and Belgian healthcare legislation.  

 

E. Your Rights as a Data Subject  

You have the right to: 

  • access your personal data;  

  • request correction of inaccurate or incomplete data;  

  • request restriction of certain processing activities;  

  • request erasure of data where legally permitted;  

  • object to specific processing activities;  

  • receive a copy of your data in a structured, commonly used format (data  portability);  

  • withdraw consent at any time where processing is based on consent.  

 

Requests can be made by contacting contact@darc.be.  

 

For security and confidentiality reasons, identity verification may be required.  

If you believe your rights are not respected, you may lodge a complaint with the  Belgian Data Protection Authority:  

Autorité de protection des données / Gegevensbeschermingsautoriteit Drukpersstraat 35  

1000 Brussels – Belgium  

+32 (0)2 274 48 00  

contact@apd-gba.be 

You also retain the right to bring a claim before the competent civil courts.  

 

F. Data Retention  

Personal and medical data is retained only for as long as necessary for:  • medical follow-up and continuity of care;  

  • compliance with legal and professional obligations;  

  • potential dispute resolution.  

 

Medical and dental records are retained in accordance with Belgian healthcare  legislation and professional obligations, with a minimum retention period of 30  years. Accounting and billing data are retained for a minimum of 7 years, in accordance with  applicable law. 

​

Marketing or communication data is retained until consent is withdrawn. 

When retention is no longer legally or professionally justified, data is securely deleted  or anonymised.  

​

G. Data Security and Data Sharing  

DARC BV implements appropriate technical and organisational measures to protect  personal data, including:  

  • restricted access to medical records;  

  • secured servers and encrypted systems;  

  • access limited to authorised healthcare professionals and staff.  Personal and medical data is never sold or rented.  

​​

Data may be shared only to the extent strictly necessary for the delivery of care or  compliance with legal obligations, with:  

  • dental laboratories;  

  • imaging and CBCT centres;  

  • referring healthcare professionals;  

  • IT and software providers (practice management systems, cloud storage);  • insurers or public authorities where legally required.  

 

All third parties are bound by confidentiality obligations and GDPR-compliant data  processing agreements.  

While absolute security cannot be guaranteed, DARC BV continuously evaluates and  improves its safeguards.  

​

H. Updates to this Privacy Policy  

This Privacy Policy may be updated to reflect legal, technical, or organisational  changes.  

The most recent version is always available on www.darc.be.  

Material changes will be communicated through appropriate channels.  For privacy-related questions, you may contact: contact@darc.be

bottom of page