
Last updated: 09-06-2026
Privacy Policy
1. Who we are
This website is operated by Oceanhouse Solutions Ltd ("we", "us", "our"), a company registered in England and Wales under company number 16731221.
Registered office address: 71-75 Shelton Street, London, England, WC2H 9JQ
Email: [email protected]
Phone: +44 7367 016329
We provide marketing and automation services to UK dental practices and other businesses.
We are a Data Controller for personal data we collect about visitors to this website and dentists / business contacts who interact with us. When we handle patient enquiry data on behalf of our dental clients, we act as a Data Processor; in that case, the clinic is the Data Controller.
2. Personal data we collect
We may collect and process the following types of personal data:
When you contact us or request a call:
Name
Email address
Phone number
Practice / business name
Website name
Role or job title
Any information you choose to include in messages or form fields
Website usage data:
IP address
Browser type and version
Pages visited and time spent
Referring websites or campaigns (e.g. UTM parameters)
Device and technical information
Communication data:
Emails you send us and our replies
SMS or WhatsApp messages to our business numbers
Call logs and, if applicable, call recordings with our team
For patient enquiries handled on behalf of clinics (processor role):
Name, contact details, preferred appointment times
Interest in clear aligner or other dental services
Basic suitability / screening answers (non-clinical where possible)
Appointment status (booked, rescheduled, cancelled, attended/no-show)
For patient data, please see section 7.
3. How we use your personal data (and legal bases)
We use your personal data for the following purposes:
To respond to enquiries and provide our services
To respond when you contact us via forms, email, phone or social media
To schedule and run discovery / clear aligner growth calls
Legal basis: performance of a contract or steps taken at your request before entering a contract; and legitimate interests in running our business
To send you relevant B2B marketing
To send dentists and business contacts information about our services, content, and offers that may be relevant to them
Legal basis: legitimate interests (B2B marketing to existing or likely business customers). You can opt out at any time.
To improve our website and services
To analyse how visitors use our website and campaigns
To test and improve our funnels and content
Legal basis: legitimate interests in improving and promoting our services
To measure advertising performance
To understand which advertising campaigns drive enquiries and bookings
To send conversion data to Meta via the Conversions API for advertising measurement and optimisation purposes, where you have consented to marketing cookies
Legal basis: consent (for advertising measurement tracking)
To comply with legal obligations and defend our rights
To keep appropriate records for tax, accounting, and regulatory purposes
To handle complaints, disputes, or legal claims
Legal bases: legal obligation, legitimate interests
4. How we collect your data
We collect data:
Directly from you when you fill out a form, book a call, email us, message us, or speak with us
Automatically via cookies and similar technologies when you use our website, managed through Google Tag Manager
From marketing platforms (e.g. Meta) when you respond to our ads and submit lead forms
Via server-side tracking tools where you have consented to marketing cookies (see Cookie Policy, section 5)
When we act as a processor for a clinic, we receive patient enquiry data from:
Forms and funnels we set up for that clinic
Call and message interactions through our integrated systems
The clinic's own systems where integrated
5. Who we share your data with
We use a number of trusted service providers ("processors") to help us run our business and deliver services. These include:
GoHighLevel — CRM and marketing automation platform
Google (Tag Manager and Analytics) — tag management and website analytics. Google may process data in the United States
Stape — server-side hosting provider used to route conversion events to Meta's Conversions API. Stape processes data in the EU (France) and does not retain event data beyond routing purposes
Meta (Facebook) — advertising platform. Where you have consented to marketing cookies, conversion event data (including hashed personal information) is sent to Meta for advertising measurement and optimisation purposes. Meta may process data in the United States
Cookiebot / Usercentrics — consent management platform used to record and manage your cookie preferences
These providers only process your data on our instructions and are bound by data protection terms.
We may also share your data where:
Required by law, regulation, or court order
Necessary to establish, exercise or defend legal claims
We sell or transfer part of our business (your data may be transferred as part of that transaction)
We do not sell your personal data.
6. International transfers
Some of our service providers may process personal data outside the UK/EEA (for example, in the United States). This includes Google and Meta.
Where this occurs, we ensure appropriate safeguards are in place, such as:
UK / EU Standard Contractual Clauses, or
Other transfer mechanisms recognised by UK data protection law
You can contact us if you would like more information about these safeguards.
7. Patient data we process on behalf of clinics
When we handle patient enquiries and appointment data for a dental clinic:
The clinic is the Data Controller
We act as a Data Processor, using tools such as GoHighLevel on their behalf
We process patient data to:
Capture enquiries submitted via ads, forms and landing pages
Contact patients (by phone, SMS, email) to answer basic questions, qualify interest, and book or reschedule consultations
Send reminders and follow-ups about booked appointments
Provide performance reporting to the clinic
We do not provide clinical advice or make clinical decisions. Any health-related information is used only to support booking and managing appointments.
For information about how your data is used in that context, and your rights, please refer to the privacy notice of the clinic you enquired with. If you contact us directly about your data and we are only a processor, we will pass your request to the relevant clinic.
8. How long we keep your data
We retain personal data only for as long as necessary for the purposes set out in this policy, including:
Enquiry and contact data: typically up to 2 years from last meaningful contact, unless you ask us to delete it sooner or we need to keep it longer for legal reasons
Website analytics data: in line with our analytics provider's default retention periods
Patient data processed for clinics: in line with the instructions of each clinic and our agreements with them
We may keep some information longer where required for legal, accounting or regulatory purposes.
9. Your rights
Under UK data protection law, you have the following rights in relation to your personal data we control:
Right of access — to obtain a copy of your personal data
Right to rectification — to correct inaccurate or incomplete data
Right to erasure — to ask us to delete your data in certain circumstances
Right to restriction — to ask us to restrict processing in certain circumstances
Right to data portability — to receive your data in a structured, commonly used format and have it transmitted to another controller where technically feasible
Right to object — to object to processing based on legitimate interests, including B2B marketing
Right to withdraw consent — where we process your data on the basis of consent (such as marketing cookie tracking), you may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal
You can exercise these rights by contacting us at [email protected]. We may need to verify your identity before acting on your request.
If we are processing your data on behalf of a clinic (as a processor), we may need to forward your request to that clinic to handle.
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you are unhappy with how we use your data: ico.org.uk.
10. Marketing communications
If you are a dental professional or business contact, we may send you information about our services that we believe may be relevant to you, based on our legitimate interests in B2B marketing.
You can opt out at any time by:
Clicking the "unsubscribe" link in our emails, or
Replying "STOP" to SMS, or
Contacting us at [email protected]
We will then stop sending you marketing communications, though we may still contact you about services you are receiving or other non-marketing matters.
11. Security
We take reasonable technical and organisational measures to protect personal data, including:
Encrypted connections (HTTPS) on our website and core systems
Use of reputable, security-conscious service providers
Access controls and role-based permissions
Multi-factor authentication on key systems
Regular review of user access and credentials
However, no method of transmission or storage is completely secure. We cannot guarantee absolute security of your data.
12. Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website and will show the date it was last updated.
Cookie Policy
Last updated: 09/06/26
1. About this policy
This Cookie Policy explains how Oceanhouse Solutions Ltd ("we", "us", "our") uses cookies and similar tracking technologies on our website and landing pages. For more information about how we use personal data more broadly, please see our Privacy Policy above.
2. What are cookies?
Cookies are small text files stored on your device when you visit a website. They help the site work properly and can also be used to remember preferences or understand how visitors use the site. We also use similar technologies such as tracking pixels and server-side data collection, which we refer to collectively as "cookies" in this policy.
3. How we manage your consent
We use a consent management tool called Cookiebot to manage your cookie preferences. When you first visit our website or landing pages, a banner will appear giving you the option to accept or decline non-essential cookies. You can change your preferences at any time by clearing your browser cookies and revisiting the site, which will re-trigger the consent banner.
Only strictly necessary cookies are set before you make a choice. All other cookies require your explicit consent before they activate.
We use Google Tag Manager (GTM) to manage all tracking and analytics tags on our website. GTM is configured to read Cookiebot's consent signals — when you accept or decline cookie categories, GTM uses those signals to determine which tags are permitted to fire. No marketing or analytics tags will fire without the relevant consent being granted.
4. The cookies we use
a) Strictly necessary cookies
These are essential for our website and landing pages to function correctly. They include Cookiebot's own consent record cookie, which stores your cookie preferences so we do not ask you again on every visit.
Cookie
Provider
Purpose
Expiry
CookieConsent
Cookiebot
Stores your cookie consent preferences
12 months
You cannot opt out of strictly necessary cookies. They do not store information used for marketing purposes.
b) Analytics / performance cookies (non-essential)
These help us understand how visitors use our pages so we can improve them. We only set these cookies with your consent. These cookies are managed through Google Tag Manager and will not be set if you decline analytics cookies.
Cookie
Provider
Purpose
Expiry
_ga
Google Analytics 4
Assigns an anonymous identifier to distinguish unique visitors and track usage patterns
2 years
If you decline analytics cookies, we will not track your individual browsing behaviour.
c) Advertising / marketing cookies (non-essential)
We use Meta (Facebook) advertising tools to measure the performance of our ads and build audiences for marketing. These tools are managed through Google Tag Manager and will only activate if you consent to advertising cookies.
Cookie
Provider
Purpose
Expiry
_fbp
Meta
Identifies browsers for advertising measurement and audience building
3 months
_fbc
Meta
Stores click information from Meta ads you clicked before visiting our site
3 months
These cookies help us understand which ads led to enquiries and avoid showing irrelevant advertising to people who have already contacted us.
5. Google Tag Manager
We use Google Tag Manager to manage the loading of all tracking and analytics scripts on our website. GTM itself does not set any cookies directly. It acts as a container that controls when other tools (such as Meta Pixel and Google Analytics) are allowed to load, based on the consent signals received from Cookiebot.
All tags within GTM are configured to require the appropriate consent category before firing. Marketing tags require advertising consent. Analytics tags require analytics consent. No tags fire before consent is given.
Google Tag Manager may process data in the United States. For more information, see Google's privacy policy at policies.google.com/privacy.
6. Server-side conversion tracking (Meta Conversions API)
In addition to the browser-based Meta Pixel above, we use Meta's Conversions API (CAPI) to send conversion event data directly from our servers to Meta.
How consent works with CAPI: CAPI is only triggered when a visitor has consented to advertising/marketing cookies via our Cookiebot banner. If a visitor declines marketing cookies, no data is sent to Meta via CAPI. This is enforced through our Google Tag Manager server container, which checks the consent signal before firing any outgoing requests to Meta.
Event data sent via CAPI may include:
Hashed versions of contact information submitted through our forms (such as name, email address, and phone number)
Event data such as the fact that an enquiry was submitted or an appointment was booked
This data is used solely for advertising measurement and optimisation purposes. We do not send sensitive health or clinical data via this tool.
Stape: Our server-side GTM container is hosted by Stape, a server infrastructure provider based in the EU (France). Event data passes through Stape's servers en route to Meta. Stape processes data solely for the purpose of routing events and does not retain or use event data for its own purposes.
For more information about how Meta handles conversion data, see Meta's Privacy Policy at facebook.com/privacy/policy.
7. Cookies on GoHighLevel-hosted pages
Some of our landing pages and booking forms are hosted on GoHighLevel, a third-party marketing platform. GoHighLevel may set its own strictly necessary cookies to keep forms and booking flows functioning correctly. These are operational cookies and do not require consent.
8. Your choices
You can manage your cookie preferences in the following ways:
Via our consent banner — accept or decline non-essential cookies when you first visit
Via your browser settings — most browsers allow you to view, delete, or block cookies from specific sites. Note that blocking cookies may affect how our pages function
Via Cookiebot — to withdraw consent, clear your browser cookies and revisit the site to re-trigger the banner
Please note that declining advertising cookies does not affect whether you see ads from us on Meta platforms — it only affects our ability to measure and optimise those ads.
For general information about cookies, visit www.allaboutcookies.org.
9. Changes to this policy
We may update this Cookie Policy from time to time, for example if we introduce new tools or tracking methods. The "Last updated" date at the top reflects when it was last changed. Significant changes will be reflected in an updated consent banner.
Cookie Declaration

Oceanhouse
Oceanhouse Solutions Ltd.
71-75 Shelton Street, London, England, WC2H 9JQ
16731221 Registered in England and Wales
ICO Registration No: ZC019145
© Copyright 2026. Oceanhouse Solutions Ltd. All Rights Reserved.