Privacy Policy
PRIVACY POLICY
PRIVACY POLICY
Last updated: November 2025
SCOPE OF THIS POLICY
This privacy policy applies ONLY to personal data collected through:
- Our website: drdent.co
- Email and SMS communications from Dr Dent
- Direct customer support interactions with Dr Dent
- Phone and mail communications initiated by Dr Dent
This policy does NOT apply to:
- Purchases made through Amazon (Amazon's privacy policy applies)
- Purchases made through TikTok Shop (TikTok's privacy policy applies)
- Social media platforms where you see our advertisements (their respective privacy policies apply)
If you purchase through Amazon or TikTok Shop, please refer to their respective privacy policies for information on how your data is handled.
WHO WE ARE
We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to goods we offer to individuals in the European Economic Area (EEA).
We, us, our: GALACTIC BRANDS Limited (trading as Dr Dent)
Personal data: Any information relating to an identified or identifiable individual
Special category personal data: Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership; genetic and biometric data; data concerning health, sex life or sexual orientation
Data subject: The individual who the personal data relates to
PERSONAL DATA WE COLLECT ABOUT YOU
The personal data we collect about you depends on the particular products and services we provide to you. We will collect and use the following personal data:
- Your name and contact information, including email address, telephone number, and billing/shipping address
- Information to check and verify your identity (e.g., date of birth if required for payment verification)
- Your billing information, transaction and payment card information
- Your order history, purchase history, and saved items
- Subscription preferences and billing dates (for subscription customers)
- Your contact history with our customer support team
- Information about how you use our website, including pages visited, time spent, and interactions
- Information from marketing emails and SMS (open rates, click rates, preferences)
- Device and browser information (IP address, browser type, operating system)
- Location data (approximate location based on IP address)
- Your responses to surveys, competitions, and promotions
- Communication preferences (email, SMS, post)
We collect and use this personal data for the purposes described in the section 'How and why we use your personal data' below. If you do not provide personal data we ask for, it may delay or prevent us from providing products and services to you.
HOW YOUR PERSONAL DATA IS COLLECTED
We collect personal data through the following methods:
Directly from you:
- When you make a purchase on our website
- When you create an account or subscribe to our products
- When you contact our customer support team (via live chat, email, or phone)
- When you sign up for marketing communications
- When you participate in surveys, competitions, or promotions
- When you communicate with us through social media or messaging platforms
Automatically through our website:
- Cookies and similar tracking technologies (see 'Cookies and Tracking Technologies' section below)
- Analytics tools (Google Analytics, Facebook Pixel, TikTok Pixel)
- Website usage data (pages viewed, clicks, time on site)
From third parties:
- Payment service providers (Shopify Payments, Stripe, PayPal, Klarna)
- Fraud prevention services
- Email and SMS service providers (Klaviyo)
- Advertising platforms (Google, Facebook, TikTok) when you interact with our ads and visit our website
COOKIES AND TRACKING TECHNOLOGIES
WHAT ARE COOKIES?
Cookies are small text files that are placed on your device when you visit our website. They help us provide you with a better experience by remembering your preferences, understanding how you use our site, and showing you relevant advertisements.
COOKIES WE USE
Essential Cookies (Always Active)
- Required for the website to function properly
- Remember items in your shopping cart
- Keep you logged into your account
- Process payments securely
- These cannot be disabled as the website would not work without them
Analytics Cookies
- Help us understand how visitors use our website
- Show us which pages are most popular
- Help us improve website performance
- Tools used: Google Analytics
Marketing/Advertising Cookies
- Remember that you visited our website
- Track which products you viewed
- Allow us to show you relevant advertisements on other platforms (Facebook, Google, TikTok)
- Help us measure the effectiveness of our advertising campaigns
- Tools used: Facebook Pixel, Google Ads, TikTok Pixel
MANAGING COOKIES
You can control and manage cookies through your browser settings. You can choose to:
- Block all cookies
- Accept only essential cookies
- Delete cookies after browsing
Please note that blocking or deleting cookies may affect your ability to use certain features of our website, such as staying logged in or maintaining items in your cart.
We do not sell your personal data collected through cookies to third parties. However, advertising platforms (Google, Facebook, TikTok) use cookies to deliver targeted advertising based on your website visits and interests. This is standard practice for online advertising and helps us show you relevant products.
HOW AND WHY WE USE YOUR PERSONAL DATA
Under data protection law, we can only use your personal data if we have a proper reason:
- Consent: Where you have given consent
- Contract: To perform our contract with you or take steps before entering into a contract
- Legal obligation: To comply with our legal and regulatory obligations
- Legitimate interests: For our legitimate business interests (so long as not overridden by your rights)
WHAT WE USE YOUR PERSONAL DATA FOR
| Purpose | Legal Basis | Data Used |
|---|---|---|
| Processing and fulfilling your orders | Performance of contract | Name, address, email, phone, payment information, order details |
| Managing subscription billing and renewals | Performance of contract | Payment information, subscription preferences, billing dates, order history |
| Sending transactional emails (order confirmations, shipping updates, subscription reminders) | Performance of contract | Name, email, order details |
| Customer support and responding to inquiries | Performance of contract & legitimate interests | Name, email, phone, contact history, order history |
| Processing payments securely | Performance of contract & legal obligation | Payment card information, billing address, transaction data |
| Preventing and detecting fraud | Legitimate interests & legal obligation | Payment information, IP address, device information, order history |
| Sending marketing emails and SMS about our products | Legitimate interests (with option to opt out) | Name, email, phone, purchase history, preferences |
| Improving our website and services | Legitimate interests | Website usage data, feedback, survey responses |
| Showing relevant advertisements on other platforms | Legitimate interests (with option to opt out) | Website browsing behavior, products viewed, cookie data |
| Analytics and understanding customer behavior | Legitimate interests | Aggregated usage data, purchase patterns |
| Compliance with legal requirements (e.g., tax, accounting) | Legal obligation | Transaction data, invoices, payment records |
| Enforcing our terms and policies | Legitimate interests & legal obligation | Account data, order history, communication records |
| Protecting against security threats and unauthorized access | Legitimate interests & legal obligation | IP address, device information, login attempts |
MARKETING COMMUNICATIONS
We will use your personal data to send you updates (by email, SMS, or post) about our products and services, including:
- Exclusive offers and promotions
- New product launches
- Tips for using our products
- Educational content about oral health
Legal basis: We have a legitimate interest in marketing to our customers. This means we do not usually need your explicit consent to send you marketing information. However, we will always provide an easy way to opt out.
YOUR RIGHT TO OPT OUT
You can opt out of receiving marketing communications at any time by:
- Clicking the 'unsubscribe' link in any marketing email
- Replying 'STOP' to any marketing SMS
- Contacting us at support@drdent.co
- Updating your preferences in your account settings
Please note: Even if you opt out of marketing, we will still send you essential transactional emails (order confirmations, shipping updates, subscription billing notifications, password resets) as these are necessary to provide our services.
We will never sell or share your personal data with other organizations for their marketing purposes.
WHO WE SHARE YOUR PERSONAL DATA WITH
We share your personal data only when necessary to provide our services and operate our business. We share data with:
SERVICE PROVIDERS
E-commerce platform:
- Shopify (website hosting and e-commerce platform)
Payment processors:
- Shopify Payments
- Stripe
- PayPal
- Klarna (buy now, pay later services)
Delivery and logistics:
- Royal Mail, DPD, and other courier services (to deliver your orders)
- Warehousing partners (to store and fulfill orders)
Communication services:
- Klaviyo (email and SMS marketing)
- Paperrun (postal mail services)
- Zendesk (live chat customer support)
Analytics and advertising:
- Google (Google Analytics, Google Ads)
- Meta/Facebook (Facebook Pixel, Facebook Ads)
- TikTok (TikTok Pixel, TikTok Ads)
Returns processing:
- ControlPort (returns management system)
Other service providers:
- Our bank (for payment processing)
- Accounting and tax services (for legal compliance)
- Fraud prevention services
LEGAL REQUIREMENTS
We may share your personal data if required by law, regulation, legal process, or governmental request.
BUSINESS TRANSFERS
If our business is sold, merged, or restructured, your personal data may be transferred to the new owners (with appropriate confidentiality protections in place).
INTERNATIONAL DATA TRANSFERS
Some of the third parties we work with are located outside the United Kingdom and European Economic Area (EEA), or use servers located outside these regions. This means your personal data may be transferred to, stored, or processed in countries such as the United States.
Countries where data may be transferred:
- United States (Shopify, Stripe, Google, Meta/Facebook, TikTok, Klaviyo, Zendesk)
- Other countries where our service providers operate
Safeguards we use:
- We only transfer data to countries and companies that provide adequate data protection
- We use standard contractual clauses approved by the UK and EU authorities
- We work with companies that participate in recognized data protection frameworks
- All transfers comply with UK GDPR and EU GDPR requirements
If you would like more information about international data transfers, please contact us.
HOW LONG WE KEEP YOUR PERSONAL DATA
We will not keep your personal data for longer than necessary for the purposes for which it is used.
Active customers:
- Account data: Kept while you have an active account
- Order history: Kept for 7 years (for accounting, tax, and legal purposes)
- Marketing preferences: Kept until you opt out or delete your account
Former customers (inactive accounts):
- If you have not placed an order in 7 years, we will delete or anonymize your account data
- Exception: We may keep limited data for legal/regulatory compliance (e.g., tax records)
Subscription customers:
- Subscription billing data: Kept while subscription is active, plus 7 years after cancellation
- This is required for accounting, dispute resolution, and legal compliance
Marketing data:
- If you opt out of marketing, we will keep a record of your opt-out preference (to ensure we don't contact you again)
- We will not keep other marketing data beyond what's necessary
Legal requirements:
- Some data must be kept for specific periods to comply with UK tax, accounting, and consumer protection laws
Following the end of the relevant retention period, we will delete or anonymize your personal data.
YOUR RIGHTS
You have the following rights, which you can exercise free of charge:
| Right | What It Means |
|---|---|
| Access | Request a copy of your personal data |
| Rectification | Request correction of inaccurate personal data |
| Erasure (Right to be Forgotten) | Request deletion of your personal data (in certain situations) |
| Restriction of Processing | Request that we limit how we use your personal data (in certain circumstances) |
| Data Portability | Receive your personal data in a portable format and transfer it to another service |
| Object to Processing | Object to direct marketing at any time, or object to processing based on legitimate interests |
| Not to be Subject to Automated Decision Making | Not be subject to decisions based solely on automated processing that significantly affect you |
| Withdraw Consent | Withdraw any consent you have given us (where we rely on consent) |
Important notes:
- These rights are not absolute and may be subject to limitations
- We may need to verify your identity before fulfilling requests
- Some data must be retained for legal or regulatory reasons (e.g., tax records)
HOW TO EXERCISE YOUR RIGHTS
To exercise any of these rights:
- Contact us at support@drdent.co or via Messenger @DrDent.co
- Provide enough information to identify yourself (full name, email address, order number)
- Specify which right you want to exercise and what information your request relates to
We will respond to your request within one month. If your request is complex, we may extend this by up to two additional months and will let you know why.
For more information on your rights, visit the UK Information Commissioner's Office (ICO) website: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
KEEPING YOUR PERSONAL DATA SECURE
We take data security seriously and have implemented appropriate technical and organizational measures to protect your personal data:
Security measures:
- Secure socket layer (SSL) encryption for data transmitted through our website
- Secure payment processing through PCI-DSS compliant payment providers
- Access controls limiting who can view personal data
- Regular security testing and monitoring
- Staff training on data protection and security
- Secure data storage with reputable service providers
Our certifications:
- We follow industry-standard security practices
- Our systems are regularly tested for vulnerabilities
Data breach procedures:
- We have procedures to detect, report, and respond to data breaches
- We will notify you and relevant authorities if a breach occurs that poses a risk to your rights
Your responsibility:
- Choose a strong password for your account
- Do not share your password with others
- Log out of your account when using shared devices
- Be cautious of phishing emails claiming to be from Dr Dent
For more information on protecting yourself online, visit: www.getsafeonline.org
HOW TO COMPLAIN
If you have concerns about how we handle your personal data, please contact us first:
Email: support@drdent.co
Messenger: @DrDent.co
We will do our best to resolve any issues.
If you are not satisfied with our response, you have the right to lodge a complaint with:
For UK customers:
- Information Commissioner's Office (ICO)
- Website: https://ico.org.uk/make-a-complaint
- Phone: 0303 123 1113
For customers in the EEA:
- Your local data protection supervisory authority in your country of residence
CHANGES TO THIS PRIVACY POLICY
This privacy policy was last updated in November 2025.
We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or services. When we make significant changes, we will notify you by:
- Sending an email to the address associated with your account
- Displaying a notice on our website
We encourage you to review this privacy policy periodically.
HOW TO CONTACT US
If you have any questions about this privacy policy, how we handle your personal data, or wish to exercise your rights, please contact us:
GALACTIC BRANDS Limited
Email: support@drdent.co
Messenger: @DrDent.co
We aim to respond to all inquiries within 48 hours during business days.