1. Who We Are
Mamun's Ortho Dental ("we", "our", "us") is a private dental and orthodontic clinic operated by Dr. Mohammad Shamim Al Mamun (BDS, FCPS Orthodontics), located at Lalmatia, Dhaka, Bangladesh.
This Privacy Policy explains how we handle personal data collected through our website (mamunorthodental.com), our clinic management system, and during your interactions with our staff.
The data controller for all personal data processed by this website and clinic system is:
- Name: Mamun's Ortho Dental
- Address: Lalmatia, Mohammadpur, Dhaka-1207, Bangladesh
- Email: info@mamunorthodental.com
- Phone: +880 (available on the Contact page)
2. Information We Collect
2.1 Information You Provide
- Contact inquiries: Name, phone number, email address, and the message you submit via our contact form.
- Appointment booking: Name, age, gender, contact number, preferred date/time.
- Patient records: Full name, date of birth, age, gender, address, phone, email, medical history, diagnosis, prescriptions, treatment notes, and payment records — collected during clinical visits.
2.2 Information Collected Automatically
- IP address, browser type, device type, operating system.
- Pages visited, time spent, referral source (via server-side access logs only — no third-party analytics scripts are embedded by default).
- Session cookies required for login and system functionality.
2.3 Medical Data
Medical records (diagnoses, prescriptions, clinical notes) are classified as sensitive personal data. We handle them with heightened confidentiality, accessible only to authorised clinical staff.
3. How We Use Your Information
- To schedule and manage your appointments.
- To create, store, and print medical prescriptions and treatment records.
- To send appointment reminders or follow-up communications (if you have provided consent).
- To process and record payments and issue cash memos.
- To respond to enquiries submitted via the contact form.
- To comply with applicable healthcare regulations in Bangladesh.
- To improve the quality and security of our clinical services.
We will never use your data for unsolicited marketing, sell it to third parties, or share it beyond what is described in this policy.
4. Data Sharing & Disclosure
We do not sell, rent, or trade your personal information. We may share data only in the following limited circumstances:
- Authorised clinic staff: Doctors, receptionists, and administrative staff who need it to provide your care.
- Referral practitioners: If you are referred to a specialist, only the clinically relevant information is shared with your explicit knowledge.
- Legal obligation: If required by Bangladeshi law, court order, or regulatory authority.
- Hosting provider: Our website hosting provider may technically process data as a data processor; we ensure appropriate data processing agreements are in place.
5. Data Storage & Security
Patient records are stored on a secured local database server within Bangladesh. The following safeguards are in place:
- Password-protected access with role-based permissions (Admin, Doctor, Receptionist).
- Session-based authentication — all admin pages require valid login.
- Sensitive API endpoints are protected from public access via
robots.txtand server configuration. - The website operates over HTTPS (TLS) to encrypt data in transit.
- Database credentials are stored in a configuration file outside the public web root.
- Regular database backups are maintained.
Despite these measures, no electronic storage system is 100% secure. We encourage you to contact us promptly if you suspect any unauthorised use of your data.
6. Cookies & Tracking
We use the following types of cookies:
- Strictly necessary cookies: PHP session cookies (
PHPSESSID) required for login, access control, and form security. These cannot be disabled without breaking the site. - Preference cookies: A small cookie (
cookie_consent) that stores your cookie consent choice so you are not asked repeatedly.
We do not use Google Analytics, Facebook Pixel, or any third-party advertising trackers on this site. External fonts (Google Fonts) are loaded, which may result in your IP being sent to Google's servers under their own Privacy Policy.
You may clear cookies at any time through your browser settings.
7. Your Rights
As a patient or website visitor, you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Ask us to correct inaccurate or incomplete information.
- Deletion: Request that your data be erased, subject to our legal obligations to retain medical records.
- Objection: Object to certain types of processing (e.g., receiving communications).
- Portability: Request your data in a portable format (e.g., printed summary of your patient record).
To exercise any of these rights, please contact us at the details in Section 10. We will respond within 30 days.
8. Children's Privacy
We regularly treat children of all ages. Where the patient is a minor (under 18), we collect information from a parent or legal guardian. Parental consent is obtained before any treatment. We do not knowingly collect data from children online without parental involvement.
9. Data Retention
We retain patient records in accordance with Bangladeshi healthcare standards:
- Medical records & prescriptions: Minimum 5 years from the last visit, or as required by law.
- Contact form enquiries: 12 months, then deleted unless converted to a patient record.
- Payment records: 7 years for accounting and tax compliance.
- Server access logs: 30 days, then automatically overwritten.
10. Contact & Complaints
For privacy-related enquiries, data access requests, or complaints, please contact:
- Mamun's Ortho Dental
- Lalmatia, Mohammadpur, Dhaka-1207, Bangladesh
- Email: info@mamunorthodental.com
We take all privacy concerns seriously and aim to resolve complaints promptly. If you are unsatisfied with our response, you may escalate your concern to the relevant Bangladeshi regulatory authority.
This policy may be updated periodically. The "Last Updated" date at the top of this page will reflect any changes.