You are viewing: ETERNAL Dental
Switch to Hair Clinic
Legal

Privacy Policy

We are committed to protecting your personal data and your right to privacy. This policy explains exactly what we collect, why, and how we protect it.

Last updated: June 13, 2026 Reading time: ~8 minutes GDPR compliant
Your Privacy Matters

ETERNAL Dental International ("ETERNAL Dental") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect information about you when you visit our website, book a consultation, or receive dental treatment. We comply with the GDPR, Indonesian Personal Data Protection Law (UU PDP), and equivalent healthcare privacy laws.

Who We Are (Data Controller)

ETERNAL Dental International is the data controller responsible for your personal data. We operate dental clinics delivering cosmetic, restorative, and implant dentistry across multiple international locations. Our contact details:

  • Head office: Jl. Dewi Sri No.88E, Legian, Kecamatan Kuta Selatan, Kabupaten Badung, Bali 80361
  • Email: dental@cliniceternal.com
  • Phone/WhatsApp: +62 877 77276824

If you have any questions about how we handle your data, please contact us at dental@cliniceternal.com.

Data We Collect

We collect different categories of personal data depending on how you interact with us:

👤 Identity Data
Full name, date of birth, gender, passport or ID number (for medical-tourism procedures).
📧 Contact Data
Email, phone number, WhatsApp number, country of residence, mailing address.
🦷 Dental & Medical Data
Dental history, medications, allergies, X-rays, 3D scans, intraoral photographs, consultation notes.
💳 Financial Data
Payment transaction records, invoice data. We do not store full card numbers — payments are handled by PCI-DSS compliant providers.
🌐 Technical Data
IP address, browser, device, pages visited, referral source, cookies.
💬 Communication Data
Messages via contact forms, WhatsApp, email, or our consultation widget — content and timestamps.

Data is collected directly from you when you submit a form, book a consultation, undergo a procedure, or contact us. Technical data is collected automatically when you browse our website.

How We Use Your Data

Your personal data is used only for the purposes for which it was collected:

  • To provide dental consultation, treatment planning, procedures, and aftercare.
  • To schedule, confirm, and remind you of appointments.
  • To communicate treatment plans, estimates, and post-procedure instructions.
  • To process payments securely and issue invoices.
  • To maintain accurate medical records as required by healthcare law.
  • To send service updates, newsletters, and aftercare tips — only where you have consented.
  • To improve our website, services, and patient experience through anonymised analytics.
  • To prevent fraud, ensure system security, and enforce our Terms of Service.

Legal Basis for Processing

Under GDPR and applicable data protection law, we process your personal data under the following legal bases:

Contractual Necessity

To deliver the dental services you have requested — consultations, procedures, payments, and aftercare.

Legitimate Interests

To improve our services, prevent fraud, and maintain system security. These interests are always balanced against your rights.

Legal Obligation

Medical records, tax records, and other data must be retained for legally mandated periods.

Consent

For marketing emails, clinical photography for marketing use, and processing of sensitive health data — you may withdraw consent at any time.

Dental & Medical Data (Special Category)

⚕ Sensitive Data — Highest Protection

Dental and medical information is classified as "special category data" under GDPR and receives the strongest protections. We process it only where strictly necessary for providing healthcare and with your explicit consent.

Medical data — consultation notes, intraoral photos, 3D scans, X-rays, treatment records, Digital Smile Design files — is handled with strict confidentiality. Access is limited to:

  • Your treating dentist(s) and directly involved clinical team.
  • Dental laboratories producing your crowns, veneers, or aligners.
  • Administrative staff managing your appointments and records.
  • Our secure encrypted electronic medical records system.

Your dental data will never be shared with advertisers, insurers, or employers for commercial purposes without your explicit written consent. Before-and-after photographs are used for your clinical file only, unless you separately consent in writing to marketing use.

Sharing Your Data

We do not sell your personal data. It is shared only in these limited circumstances:

Service Providers

Carefully vetted third parties bound by data processing agreements — payment processors (Stripe, PayPal), email delivery services, cloud hosting, and dental imaging platforms. They process data only for purposes we instruct.

Dental Laboratories

Authorised labs producing your prosthetics receive the minimum data needed to fabricate your crowns, bridges, veneers, or aligners.

Group Entities

If you transfer care between our international clinic locations, relevant records may be shared for continuity of treatment.

Legal Requirements

We may disclose data when required by law, court order, or regulatory authority, or to protect rights, property, or safety.

Cookies & Tracking

Our website uses cookies and similar technologies to improve your experience.

Essential Cookies

Required for site functionality — session management, form security. Cannot be disabled.

Analytics Cookies

Anonymised data showing how visitors use our site. Individual tracking data is not shared with third parties.

Marketing Cookies

Used only with your consent to serve relevant dental service advertising. Opt out any time via browser settings.

Data Retention

We keep data only as long as needed, or as required by law:

  • Dental records (consultation notes, X-rays, scans, treatment files): minimum 10 years from last treatment, per healthcare regulations.
  • Financial and transaction records: 7 years for tax and accounting compliance.
  • Marketing consent records: until consent is withdrawn plus 3 years.
  • Consultation enquiries without treatment: 2 years, then securely deleted.
  • Website analytics data: up to 26 months, anonymised.

International Data Transfers

Because ETERNAL Dental operates internationally, your data may be transferred between our clinic locations for continuity of care.

Transfers outside the EEA rely on Standard Contractual Clauses (SCCs) approved by the European Commission, which impose equivalent data protection obligations on the recipient.

You may request a copy of the safeguards we have put in place for international transfers by contacting us at the address below.

Your Rights

Depending on your location, you have rights over your personal data. We honour these globally:

👁
Access
Request a copy of the data we hold about you.
Rectification
Correct inaccurate or incomplete data.
🗑
Erasure
Delete data where no legal retention applies.
Restriction
Restrict processing in certain circumstances.
📦
Portability
Receive data in a structured electronic format.
🚫
Object
Object to legitimate-interest or marketing processing.
🤖
Automated Decisions
Request human review of automated decisions.
Withdraw Consent
Withdraw consent at any time.

To exercise any right, contact dental@cliniceternal.com. We respond within 30 days. We may verify your identity before processing. EU/EEA residents dissatisfied with our response may complain to their national Data Protection Authority.

Children's Privacy

Patients under 18 require verifiable parental or guardian consent before consultation or treatment. The parent or guardian retains rights of access to the child's medical records as provided by law.

We do not knowingly collect personal data from any child under 13 through our website. If you believe we have inadvertently collected data from a minor online, please contact us immediately for deletion.

Security

We implement appropriate technical and organisational measures to protect your data:

  • TLS/SSL encryption on all data transmitted between your browser and our servers.
  • Encrypted storage for dental records, X-rays, 3D scans, and sensitive data.
  • Role-based access controls — staff only access data relevant to their duties.
  • Regular security audits and vulnerability assessments.
  • Staff training on data protection and clinical confidentiality.
  • PCI-DSS compliant payment processing — we never store full card numbers.

In the event of a data breach likely to risk your rights and freedoms, we will notify you and the relevant authority as required by law.

Third-Party Links

Our website may link to third-party services (Google Maps, social media, payment gateways). We are not responsible for their privacy practices. Please review their policies separately.

Changes to This Policy

We may update this Privacy Policy over time. The "Last Updated" date at the top shows when it was last revised. Material changes will be communicated by email or a prominent site notice before taking effect. Continued use of our services after changes constitutes acceptance.

Contact Us & Data Protection Officer

For questions, requests, or concerns about this Privacy Policy:

Privacy Email dental@cliniceternal.com
WhatsApp / Phone +62 877 77276824
Head Office Jl. Dewi Sri No.88E, Legian, Kecamatan Kuta Selatan, Kabupaten Badung, Bali 80361
We aim to respond to all data-related enquiries within 30 days. EU/EEA residents also have the right to complain to their national Data Protection Authority.

© 2026 ETERNAL Dental International. All rights reserved. This Privacy Policy was last reviewed on June 13, 2026 and complies with GDPR, UU PDP, and applicable healthcare privacy laws.

Your Cart 0

Added!