Privacy policy

This Privacy Policy based on the General Data Protection Regulation (GDPR) explains what personal data is collected in connection with our activities, how we process, use and protect this data, for what purposes we use it, as well as your rights related to your personal data


Privacy of individuals and protection of personal data are fundamental human rights. It is our duty to take care of the personal data that we collect, process and store. Your personal data is our responsibility and we collect and process them only when it is necessary, while ensuring measures for their protection.

DENTUM d.o.o., a member of the Adria Dental Group - the largest group of dental medicine in the Adriatic region, adheres to the following principles in order to protect the privacy and personal data of our patients and all persons whose personal data we process:

  • We do not collect more personal data than is absolutely necessary
  • We do not use personal data for any purpose without informing you in a timely manner
  • We do not store personal data longer than necessary
  • We never sell, lend, or distribute personal data
  • We do not send personal data to third parties without your knowledge and if it is not legal
  • We do not use any form of automated processing for decision-making or profiling
  • We do not transfer personal data outside the EU/EEA
  • We continuously ensure safe storage and protection of personal data

It is important to read this Privacy Policy, and we hope that you will take the time and pay attention. We have tried to make it as clear as possible and understandable to everyone, with the desire to maintain your full confidence in the way we handle your personal data.

If, after reading it, you will have further questions about the protection of personal data at DENTUM, please feel free to contact our Data Protection Officer at any time:

Igor Barlek, CIPP/E, Adria Dental Group Data Protection Officer:

  • by email at or
  • by regular mail to the address DENTUM d.o.o., Gradišćanska 36, 10000 Zagreb or
  • by regular mail to the address Adria Dental Group, Ul. Josipa Marohnića 3, 10000 Zagreb.

We regularly update our Privacy Policy to improve the protection of your data.

This Privacy Policy was updated on June 20, 2023.


DENTUM d.o.o., Gradišćanska 36, 10000 Zagreb, who is the controller of your personal data, determines the purposes and methods of processing your personal data and compliance with all security measures for your personal data, and is a joint controller with the affiliated companies - dental laboratories within Adria Dental Group, our group ADRIA DENTAL GROUP d.o.o., Ilica 1A, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb.


When registering potential patients for a free initial examination

For these purposes, we need your basic personal data (name and surname) and contact information (email and telephone) for effective communication and the best possible understanding of your wishes and needs, and to schedule your initial examination. You are welcome to provide us with dental images or OPG, but only if you have them and want to share them with us in accordance with the rules for ensuring the legality of handling health data as special categories of personal data according to the GDPR, with the highest level of security for the processing of such personal data. If you opt out of a free initial examination, we will permanently delete all your personal data.

When providing dental services to our patients

During the provision of dental medicine services, we are obliged to collect all data on your dental health while keeping patient records, as well as a set of personal health data (presence of chronic diseases and possible allergies, infections, specifics related to receiving anesthesia, etc.) necessary for providing dental services and the protection of your health while implementing certain specialist treatments and surgical procedures, in accordance with the rules for ensuring the legality of handling health data as special categories of personal data according to the GDPR, with the highest level of security for the processing of such personal data.

During the implementation of agreed treatments and multiple procedures for the purpose of monitoring the effectiveness of individual stages of the procedure, we also collect photos of the patients’ dental images, which are saved in the patient record.

In your patient record, we keep all data relevant to ensuring the highest quality of your dental health, which we are obliged to keep for ten years after completing the treatment in accordance with the legal regulations in the field of dental medicine, with full respect for the patients’ right to the confidentiality of data related to the state of health and in accordance with the regulations on professional confidentiality, while older data are archived.

In your best interest and for the purposes of ensuring the highest quality of dental services, we will refer you to another polyclinic within the Adria Dental Group or use the services of dental laboratories - members of the Adria Dental Group and, in accordance with the legal regulations in the field of dental medicine and professional confidentiality, we will also forward your medical documentation.

All members of our team are subject to professional confidentiality regarding everything they know about your state of health and access to all your personal data is strictly limited, and in accordance with the Health Care Act, we are obliged to provide access to your personal data at the request of the competent ministry, other state administration bodies in accordance with the special regulations of the Croatian Dental Chamber and competent judicial bodies.

We retain the necessary set of basic personal data (name, surname, PIN, address, service provided) for the purposes of issuing invoices for services in accordance with accounting and tax regulations.

Telephone call recording

The system of recording outgoing and incoming phone calls of patients is carried out for the purpose of analyzing complaints received and proving their resolution, as well as ensuring compliance and improving communication with patients. Recordings of phone calls are kept for the shortest period necessary to achieve the purpose, and no longer than one year from the date of recording, and are permanently deleted after the expiration of these periods.

Video surveillance

Only for the purpose of safety of our patients and employees and all persons included in the legal perimeters of the recording, and for the purpose of property protection and prevention of illegal actions directed towards the polyclinic's property and its protection against theft, robbery, burglary, violence, destruction, etc., in accordance with our justified and documented legitimate interest, we monitor only the acceptable parts within the business premises of the clinic and dental laboratory where recording perimeters are clearly marked with easily visible notices. We store video surveillance recordings for up to one month, depending on the number of records on the storage medium, and for a maximum of 6 months.

Selection of candidates for jobs and employment

During candidate selection and employment procedures, we collect basic data of the candidates with the intention of entering into an employment contract, such as name and surname, residential address, email address, phone number, education and work experience, and other information you provide us with in your CV, as a set of your personal data important for carrying out the selection and employment procedure. Upon ending the selection process, we hire the selected candidates and collect all necessary data in accordance with legal obligations, while applications and personal data of unsuccessful candidates are returned upon request or permanently destroyed, and with your prior consent, we retain your data for possible employment in the future.

We share the personal data of job candidates with our ADRIA DENTAL GROUP d.o.o., Ilica 1A, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb, as affiliated companies based on a valid legitimate interest, and in accordance with the provisions of the GDPR.

Right to object

Each of our patients is guaranteed the right to file a complaint or complaint about the services provided, whereby we collect the necessary set of personal data of the complainant and keep it for a period of up to 12 months, in accordance with regulations in the field of consumer rights protection.

Use of your personal data for sending newsletters

We send newsletters with news from our clinic, about our services and special offers based on your consent or a valid legitimate interest in using your email address for this purpose, and we use it until the withdrawal of consent or your objection and expressed desire to stop receiving further information.

Collection of your personal data on our website

Although you can use our website without providing personal information, when you contact us via our contact form to schedule a free initial examination or treatment, or for the purposes of possible employment, establishing a business relationship or query, we collect your name and surname and email address, and your phone number is extremely useful to us in order to return the call and determine your wishes and needs in the field of dental health as accurately as possible. As long as we have open communication in the sense of establishing cooperation and scheduling the initial examination, we will collect your personal data and delete them after ending the communication, after the expiration of all legal obligations, or ceasing the existence of legal grounds from the GDPR related to the processing of your personal data.

Our website is not designed to provide services persons under the age of 16, and for this purpose, it is necessary to attach the consent of the parents or legal guardians before providing personal data through our contact form.

Our website also contains links to other websites and social media (e.g. Facebook, Instagram, LinkedIn) and this Privacy Policy does not apply to them. We recommend reading of the privacy policy of each website and social media you visit, especially where you provide your personal data.


We cooperate only with reliable business partners who help us provide and improve our services and make our direct communication with you more efficient. We provide access to your personal data to authorized third-party processors for the purpose of processing personal data on our behalf and on the basis of our express instructions based on concluded contracts on the processing of personal data in accordance with Article 28 of the GDPR. These partners are obliged to strictly comply with the obligation of confidentiality in accordance with this Privacy Policy, with the contracts we have concluded and in accordance with the obligations from the GDPR.

Our chosen third-party processors are business partners who provide services for us to achieve contact with patients, staff selection, IT services and maintenance services for business applications and systems, protection of property and people, and web and email hosting, without which we would not be able to ensure the highest quality of our services.

For the purpose of providing the accommodation of our patients when arriving for the initial examination and treatment in our clinic, we share your necessary personal data with reliable business partners who provide us with additional accommodation services when our accommodation capacities are occupied.

If you sign up for a free initial examination via our “landing pages” that you find on the Internet, that is, on social media, your basic personal data (name, surname, email address and phone number) is accessed by our contracted processor, that is, platform provider Infusion Software Inc. in the USA, a country for which the European Commission has adopted a decision on the appropriate level of personal data protection and the rights and freedoms of the data subjects, and for such transfer of personal data we have provided the necessary protective measures based on the Standard Contractual Clauses of the European Commission from 2021 and additional protective measures in accordance with EDPB Recommendations 01/2020.


You are free to contact us at any time in order to exercise your rights in the field of the protection of your personal data. Your rights are as follows:

Right to access personal data

You have the right to access your personal data and to be informed about the type of data, the method of processing, the purpose and the period for which we process the data. We provide you with the opportunity to obtain a copy of your personal data.

Right to rectification of personal data

You have the right to rectify or supplement inaccurate or incomplete personal data that we have collected.

Right to erasure of personal data

You have the right to ask us to erase your personal data when the data are no longer necessary to fulfill the purpose for which they were collected, when you file a justified complaint, or your personal data are processed illegally.

Right to object

You have the right to object to certain handling of your personal data. For example, you can request that we stop processing your personal data for direct marketing purposes via the newsletter.

Right to restriction of processing

For example, you can ask us to limit data processing when erasure, rectification or objection regarding your personal data is pending and/or when we do not have a valid basis for processing your data, and you want us to keep them. When the processing is restricted, your data will be stored and will not be processed further. For example, if you dispute the accuracy of your data, the processing of such data will be restricted until accurate data is provided.

Right to data portability

When the processing is carried out by automated methods of processing based on a contract or consent, you have the right to obtain the personal data that you have provided to us in a structured and commonly used machine-readable format and to transmit such data to third parties at your own discretion.

Right to withdraw consent

If you have previously given your free express consent to the publication of intraoral images, images of your face, or audio/video recordings on our website or social media, you have every right to withdraw your consent at any time, and we will delete our posts containing your images or audio/video recordings.

If you want to exercise any of the aforementioned rights, feel free to submit a request:

  • by email at or
  • by regular mail to the address DENTUM d.o.o., Gradišćanska 36, 10000 Zagreb.

We will respond to your request as soon as possible, and no later than one month after receiving your request. If it is impossible to securely confirm the identity, we will be free to request an additional verification of the applicant’s identity.

If you believe that our handling of your personal data is not legal, you can lodge a complaint directly with the competent supervisory authority – Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb, phone: 01 4609 000, email:


Our website uses small text files and places them on your computer or device in order to customize the interface of your web browser. Cookies necessary to ensure the functionality of our website cannot be disabled. They are typically set in response to your actions involving a request for services, such as cookie settings, logging in, or filling out forms. The use of other cookies with which we would collect your personal data require your prior consent, and even without giving consent, you can still fully use our website and access to all its contents.

Our website uses the following necessary cookies:

Functionality cookies

ncc_c - 1 year - save information about interactions with the cookie banner, i.e. the type (marketing, analytics, necessary, all the above or none) of data that users have agreed to be stored
ncc_e - 1 year - save information about interactions with the cookie banner, i.e. the type (marketing, analytics, necessary, all the above or none) of data that users have agreed to be stored

Analytics cookies

_ga - 2 years - recognition of users for GA
_ga_0B1EN6LHX6 - 2 years - contains container ID, monitors/maintains user session duration for GA.


We reserve the right to adjust and improve the text of this Privacy Policy from time to time, primarily in order to comply with legal changes, that is, in case of changes regarding the purposes and methods of processing. However, we will not limit or reduce your rights arising from this Privacy Policy or from the relevant legal regulations. In case of changes that may affect your rights, we will inform you about it in a timely and appropriate manner.