What we keep, and what we don’t.
A short, plain-English description of what data this website collects, why, and how it’s stored. We follow Zimbabwe’s Cyber & Data Protection Act (Chapter 11:12, 2021) and consider POPIA (South Africa) for diaspora visitors. Clinical records are kept separately — they’re never on the marketing site.
Last updated:
What we collect (and don’t)
On this website we collect only what you give us through the booking or contact forms — your name, a phone or WhatsApp number or email, the service you’re asking about, and an optional preferred time. We do NOT collect medical or dental history, ID numbers, medical-aid member numbers, or addresses on the website. Those stay between you and the dentist, in person, in our clinical software.
Why we collect it
To confirm your booking by WhatsApp or by phone. That’s the whole reason. We don’t use it for marketing, we don’t sell it, and we don’t pass it on to third parties for advertising.
How long we keep it
Booking requests live in our submission inbox for up to 90 days after we’ve confirmed your visit, then they’re deleted. If a visit didn’t happen, the request is deleted within 30 days. You can ask us to delete a request at any time before then.
Where it’s stored
Form submissions are processed by Netlify Forms (our hosting provider) and emailed to the practice inbox. Both Netlify and our email provider use industry-standard encryption in transit and at rest. We don’t use third-party analytics, advertising trackers, or session-recording tools on this site.
Cookies
This site does not use cookies for analytics, advertising, or session recording. The only browser storage we use is what your browser sets locally for the form (so a half-filled form doesn’t disappear on a tab refresh) — that stays on your device.
Your rights
Under the Zimbabwe Cyber & Data Protection Act (Chapter 11:12, 2021), you have the right to ask what we hold about you, to correct it, and to ask us to delete it. POPIA gives similar rights to South African visitors. To exercise any of these, email us at hello@ivyandbloom.co.zw — we’ll reply within 30 days.
Clinical records
When you become a patient, the dentist keeps your clinical records — examination notes, X-rays, treatment plans, billing — in our practice management software. Those records are governed by healthcare confidentiality rules and are kept for the period required by professional regulation. They’re separate from this website’s data, and they’re never published or marketed.
Changes to this notice
If we change how we collect or store information, we’ll update the “Last updated” date at the top of this page and, where the change is material, post a short note on the homepage for at least 30 days.
Contact
For privacy questions or requests, email hello@ivyandbloom.co.zw with the subject “Privacy request”. For complaints, the relevant regulator in Zimbabwe is the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) under the Cyber and Data Protection Act.
Anything we haven’t answered?
Drop us a quick message. We reply the same day.