Last updated: 24/5/2018
Redgate Opticians are data controllers of your personal information for the purposes of any data-protection legislation that applies. You can contact the Redgate Opticians Data Protection Officer at 3-4 Queen Square, High Wycombe, HP11 2BP.
We may collect and process information about you including:
- your name;
- your date of birth;
- your contact phone numbers (including mobile);
- your email and postal address;
- your relevant health details including (a) current and past eye or hearing health conditions, general health conditions and glasses, contact-lens or hearing prescriptions, (b) current medication details, and (c) correspondence between your optometrist or audiologist and your GP or ophthalmologist;
- your examination and test results;
- your payment details;
- your employment, lifestyle and driving information;
- details of any prescription supplied to you by your healthcare professional or medical practitioner;
- information that you provide by filling in forms on our website;
- details of your visit to the website and any transactions you carry out on the website;
- any information or images you give us when you use our virtual try-on technology; and
- any other information you have voluntarily given us.
We mainly collect this information from you when you give it to us voluntarily, but we may also collect it from other sources if it is legal to do so. This includes from the NHS or other healthcare providers, institutions or people you have authorised to provide information on your behalf (for example, parents or guardians), third-party service providers, government, tax or law-enforcement agencies, and others. We can also combine this information with information from public sources.
We may use your personal information for:
- your eye-care treatment;
- providing our products and services to you;
- letting you know when your next appointment is due and reminding you to book a test if you’ve not had one for a while;
- processing and keeping personal information relating to your credit or debit card and order details so we can fulfil your order; and
- dealing with any queries or refunds.
Any processing we carry out will be done under the legal basis of performing our contract with you.
We may use the information for:
- marketing our products and services to you;
- carrying out customer-service surveys to make sure we continually improve our services to you;
- helping us review, develop and improve the products and services we offer, for example through research, analysis and planning;
- letting you know about changes to our products and services;
- responding to and dealing with any claims made against us;
- using cookies as set out in section 7 below; and
- responding to queries from you.
We may do this if we have legitimate interests in carrying out direct marketing, in measuring the level of customer satisfaction, in improving our products and services, and in managing our relationship with you.
We may also use the information for:
- carrying out security checks to protect against fraudulent transactions (when you buy a product or service from us or after you have placed an order) to prevent and detect crime.
We can do this if it is in our legitimate interest. For example, we may carry out identity checks or checks to identify any problems with your payment details.
We also may use the information to:
- keep to laws or regulations which apply to us, including preventing or detecting when we fail to do so;
- maintaining records for tax purposes;
- defending any claims and other corporate purposes; and
- managing and dealing with insurance claims.
We may do this if we have to by law.
If you do not register as a customer online but contact us through the website (or by email at email@example.com), you will be giving us personal information about yourself, including your email address, name and contact details. This may also include medical information, if you have given it to us.
You may also have to supply personal information (but not medical information) by entering a competition on our website. We will only use this information for the purposes of providing a reply, reviewing any feedback or improving the website.
If you are simply browsing our website, we will not collect any information which will identify you by name. However, we will collect information using cookies or traffic data which uses IP addresses or other numeric identifiers, which analyse how people use our website.
More information on cookies is set out in section 7 below.
We will keep personal information for as long as is reasonably necessary (or as defined under healthcare laws and regulations which apply) to provide products and services, including aftercare services, and to maintain records as needed to satisfy tax and other legal or regulatory requirements, as well as to protect and defend against claims.
Each Redgate store is operated by a company within the Redgate Group. When you place an order for products or services in a store, the data controller of the personal information will be that store. They will process that information, including any health information, on behalf of the store. Redgate also provides and processes IT, marketing and other services for each store and any associated personal information.
We may reveal your personal information to other people, including in the following circumstances.
- We use other organisations to help us process personal information but they are not allowed to use it for other purposes. We may use the information we receive from other organisations to add to and improve our databases of customer details.
- We may reveal personal information to health authorities, including NHS or national equivalent bodies.
- We may pass personal information to external agencies and organisations, including the police and other law-enforcement agencies to prevent and detect fraud (including fraudulent transactions) and criminal activity. These external agencies may check the information we give them against public and private databases and may keep a record of those checks to use in future security checks.
- If a claim is made, or could be made, against us or other members of the Redgate Group, we may pass personal information to our insurers.
- If we sell or buy any business or assets, we may reveal personal information about you to the prospective seller or buyer of that business or the assets.
- If we (or substantially all of our assets) are bought or taken over by another organisation (or there is a reorganisation within our corporate group), personal information we hold about customers will be one of the assets transferred.
- We may pass certain personal information to your employer, if you have been referred to us as a corporate eye-care customer.
- We may pass your personal information to others to keep to any legal obligation (including court orders), to enforce or apply our terms and conditions of use of website or other agreements we have with you, or to protect our rights, property and safety or those of our customers, employees or others.
Your personal information may be transferred to, stored and processed in one or more countries outside the European Economic Area (EEA), including Guernsey. Guernsey’s data-protection laws are similar to those in the EU and so these transfers are allowed.
If we transfer your personal information to others outside of the EEA, we take extra steps in line with data-protection laws. These include contract terms approved by the EU Commission with the relevant organisations receiving your personal information, whether members of the Redgate Group or not.
We also take reasonable steps to make sure your personal information is adequately protected in line with the requirements of the UK data-protection law.
You can update or change your personal information at your local Redgate store, by signing in to your account (if you are a registered online customer), or by contacting firstname.lastname@example.org.
You have certain rights under UK data-protection legislation, including the option to:
- access your personal information – we may charge a fee if we are allowed to do so by law;
- correct your personal information if it is inaccurate or incomplete;
- erase your personal information and prevent further processing in specific circumstances and where there is no other legal reason for us to continue keeping or processing that information. These include for example:
- if the personal information is no longer needed in relation to the purpose for which it was originally collected or processed;
- if you withdraw your permission;
- if you object to us processing your personal information;
- if you ask us to stop processing your personal information (although we are entitled to store your personal information, we cannot further process it if you ask us not to);
- if we move or transfer your personal information to another organisation; and
- if you object to us processing your personal information in the following circumstances.
- If processing is based on legitimate interests or carrying out a task in the public interest or when exercising an official authority.
- If information is processed for direct marketing.
- If information is processed for purposes of scientific or historical research and statistics.
To ask for any of the above rights, please contact your Redgate store or if you are a registered online customer, contact email@example.com or fill in an online form.
You have a right to complain to the Information Commissioner’s Office. They can investigate whether organisations are keeping to data-protection law. See ico.org.uk
We may use your personal information to contact you about our products and services.
To make sure that you continue to receive excellent healthcare, we will send you non-marketing material, such as appointment reminders and notices to remind you when your current prescription ends.
You may change your marketing preferences at any time either in store or by emailing firstname.lastname@example.org or phoning the customer service team on 01494 258690.
You can choose to stop receiving marketing emails from us by following the unsubscribe link and instructions on the marketing emails we send you.
We use a variety of security technology and procedures to help protect your personal information from unauthorised access and use. Examples of these are shown below.
- Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’.
- Using a different name for you so we can hide parts of your personal information from view.
- Controlling access to systems and networks as this allows us to stop people who are not allowed to view your personal information from getting access to it.
- Training our staff so we make them aware of how to handle information and how and when to report when something goes wrong.
- Regular testing of our technology and ways of working, including keeping up to date on the latest security updates.
We have no control over the contents of other websites or resources which are linked to our website. We accept no responsibility for them or the privacy practices they use, or for any loss or damage that may arise from you using those websites or resources.
What are cookies
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you.
Cookies can be “persistent” or “session” cookies.
When you use and access the Service, we may place a number of cookies files in your web browser.
We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:
– Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.
In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.
What are your choices regarding cookies
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
Where can your find more information about cookies
You can learn more about cookies and the following third-party websites:
- AllAboutCookies: http://www.allaboutcookies.org/
- Network Advertising Initiative: http://www.networkadvertising.org/