Romsey Eyecare understands that your privacy and the security of your personal information is extremely important. We are committed to protecting your privacy when you visit our website, provide your details to provide our services or quote for a service, provide support services or interact with the Company in any way. We want to ensure that we respect your privacy in everything we do.
This Privacy Notice sets out what personal data we collect, what we do with it and how we secure your data. We also explain your rights in relation to the personal data we hold about you and how you can exercise your rights or register a complaint.
Our contact details:
1 Victoria Place
Telephone: 01794 522747
Email of our Data Protection Officer: firstname.lastname@example.org
Personal Data we collect:
We only collect information required to provide our services to our clients. We currently collect and process the following personal information:
3. Address (physical/postal)
4. Telephone number
5. Email address (including business email address)
6. IP address
You are under no obligation to provide any information but if you do not then it might be more difficult to provide you with certain services or information. In some cases, we have a legal obligation to collect your personal data.
How we obtain and use personal data:
Most of the personal information we process was provided directly by you for one of the following reasons:
1. Booking an eye examination
2. Contracting us to provide a product or service.
3. To respond to enquiries or correspondence.
4. You agreed to receive marketing emails from us.
Legal Basis for processing personal data:
We always process personal data legally as required by legislation. The different legal bases we rely on are:
1. Consent: You gave permission to process the data for a specific purpose. Consent can be removed at any time by contacting our Data Protection Officer.
2. Legitimate Interests: The processing is necessary to provide our products and services to customers.
3. Performance of a Contract: We must process personal data in order to be able to meet our contractual obligations with customers and service providers.
4. Vital Interests: In an emergency we might provide personal data to save someone’s life.
5. Legal Obligation: We are required to process your personal data by law.
6. Public Interest: To carry out a task in the public interest.
What we do with the information:
We use personal data in the following ways:
1. To provide our services.
2. To provide quotes for our services.
3. To retain details of the guarantees on our products and services.
5. To send our marketing if you signed up to receive it.
6. To contact you, following your enquiry, reply to any questions, suggestions, issues or complaints you have contacted us about.
7. To provide information legally required by law.
We do not share information with third parties unless you have given your permission, we have notified you or are legally required to do so. We do not transfer personal data outside of the EEA and if such a transfer might become necessary, we will ensure that standard contractual clauses or other safeguarding measures are used and that you are aware of this transfer.
How we store your information:
Your information is securely stored on password protected hardware and in secure filing cabinets.
We keep personal data for only as long as necessary. In most cases, our retention period will come to an end when we are no longer legally required to keep your data or when your relationship with us ends. We review personal data we hold every two years to establish if it is still necessary for us to store and that the information we hold is accurate. In some cases, we are required to keep personal data for longer to comply with our legal obligations. When we no longer need your personal data or have a legal obligation to store the data, we will dispose of your information by deleting it from all our systems and securely disposing of paper files.
Please contact our Data Protection Officer for more information on our Retention Policy.
Your data protection rights:
Under data protection law, you have rights including:
1. Your right of access – You have the right to ask us for copies of your personal information.
2. Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
3. Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
4. Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
5. Your right to object to processing – You have the the right to object to the processing of your personal data in certain circumstances.
6. Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
7. Rights in relation to automated decision making and profiling.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. We will require you to provide proof of your identity through a driver’s licence or passport.
Please contact our Data Protection Officer if you want to exercise any of your rights.
How to complain:
In the first instance please send complaints to our Data Protection Officer. If you are not happy with the response you received or how we used your data, please send your complaint to the Information Commissioner’s Office.
Information Commissioner’s Office
Helpline number: 0303 123 1113
From time to time we may add or change functions, features or products to our website or add or change services. This, and our commitment to protecting the privacy of your personal information, may result in periodic changes to this Privacy Notice. We will make every effort to inform you of any changes.
Last updated February 2020