At The Eye Place we are committed to the highest privacy standards. However, you choose to interact with us, we will only collect data that is necessary for us to deliver the best possible service and ensure you are reminded about appointments or anything else relevant to your ongoing care. This policy provides detailed information on when and why we collect your personal information, how we use it and the very limited conditions under which we may disclose it to others.
Collection of your Personal Information
In addition to your basic contact information (name, date of birth, telephone numbers and your addresses) we will collect other relevant details including current and past health and medication information, your examination results, payment details and lifestyle information. We may also store associated information received from other health care professionals as part of your ongoing care.
How we use this information
The information we collect about you is used to ensure we provide you with the best and most appropriate products and services. In addition to your ongoing eyecare, we will remind you when appointments are due and suggest relevant products or services that we believe would be of interest. We use your contact information to respond to queries from you, and where appropriate your bank details to collect Direct Debit payments as agreed. We may occasionally contact you to ask for your feedback on services we have provided and to offer the opportunity to trial new products.
Our policy on storage, processing and retention of your information.
To provision and manage our services, your data is stored and processed by Optix Software Ltd within their UK facilities that are certified to ISO27001. If we collect Direct Debits from you these payments will be processed by Eyecare Payments Ltd.
To provision and manage our online services, your data is stored and processed by the following companies:
Shopify - for the integration with the website.
Salesforce - for the storage of eyecare records and automation of processes.
Zendesk - for interactions with customer service.
Klaviyo - for sending email marketing.
The above companies are compliant with the new GDPR regulations. Any third-party company is only permitted to process your data for the specified purposes and in accordance with our instructions.
We retain your information for as long as reasonably necessary to provide our products and services and to maintain records to satisfy tax and other legal requirements.
How and when we may share your Personal Information
Where necessary we may disclose your information to health care professionals including the NHS. We may also pass information to external agencies and organisations, including the police, for the prevention and detection of fraud and criminal activity. Should any claim be made, we may pass your personal information to our insurers and if our business is wholly or partially transferred to a third party, your personal information may be one of the transferred assets.
Your rights with respect to the Personal Information we hold
You are entitled to access the personal information that we hold on you; any such request should be made using our contact details below. If any data we hold is inaccurate, this will be corrected promptly on request. In certain circumstances you can request that we erase your data which we will do where this would not prevent us meeting our legal and regulatory obligations.
Updating your communication preferences
You may ask that we do not send you communications using any of the contact details we hold on our records, this may include your email, SMS, telephone and postal information. You may also request we restrict our communications to clinically necessary messages. Your personal preferences can be changed at any time by using the link at the end of every email and SMS message we send or by using our contact details below.
WEBSITE SPECIFIC PRIVACY INFORMATION
This section describes how your personal information is collected, used, and shared when you visit or make a purchase from ocoglasses.co.uk (the “Site”).
PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”. We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information, email address, and phone number. We refer to this information as “Order Information”.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access the personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfil contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
You can reach The Eye Place by email: email@example.com, telephone: 0333 311 2006, or by post at 28 Hanbury Street, London, E1 6QR
Last updated: May 2020