This privacy notice sets out how we, at the Eye Surgeon’s Group, use and protects any personal information collected or generated in relation to you whilst using our website www.eyesurgeonsgroup.co.uk.
We take your privacy seriously and have reviewed and updated our internal operational policies, processes and procedures to comply with the General Data Protection Regulation (EU) 2016 / 679 (“GDPR”) , UK Data Protection Act 2018 and successor legislation.
What is collected and the purpose of processing
The types of personal data collected when you use www.eyesurgeonsgroup.co.uk
If you contact us to arrange an appointment, you will use the email address listed on our website or our Contact Us form. In emailing us you are consenting to provide additional personal contact data in order for us to arrange your appointment:
- Email address
- Phone number
- Medical service requested
Legal basis for processing data
When you email us, you are agreeing to us using your data in order to contact you for the reason specified in the email.
Becoming a patient
If you decide to become a valued patient, we will require certain additional personal information in order to provide the requested medical services. During the patient registration process, further information will be provided to explain how this additional patient data will be used and the lawful basis for using it.
What we do with the information we gather
Is used to respond to your queries, requests or questions and to deliver services to you.
This data is stored for as long as you may be a patient with the Eye Surgeons Group. If you contact us and do not become a patient, we will store your contact details for 18 months.
If you become a supplier to our practice, you are required to provide us with your contact information and payment details for the performance of our contract together. This data is stored for as long as you may be a supplier with us and for seven years thereafter for legal reasons.
Links to other websites
This site may contain select links to external sites from time to time. Care has been taken to ensure that any sites listed on our website are reputable and relevant to our medical services.
As you probably realise, once you use these links we do not have any control over how that external site may use your personal data, so we cannot be responsible for the protection and privacy of any information you provide whilst visiting those sites.
Please do exercise caution and look at the privacy notices applicable to external sites.
Source of your data and recipients of your data
- Your Contact data is provided by you when you email us
- The cookie data comes from your use of our site
Any analytical data collected via cookies is anonymised and used solely by the Eye Surgeons Group for internal analytical purposes. This information is not passed to any other party. You have the option to opt out of analytical data collected via cookies, by using our cookie consent tool.
We may share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us.
Automated decision making
No automated decisions are made using any personal information collected using this site.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we receive from you when using this website or emailing us on the contact details provided.
Data Transfers outside the EEA
We do not send any Personally Identifiable data outside the EEA unless specifically requested by you.
Data Processor agreements
This applies to third party organisations we may use from time to time to manage this website.
We have ensured they have committed to implementing appropriate technical and organisational measures in place to meet their obligations under the Data Protection regulations.
You are entitled to ask about the data that is held about you, subject to certain exceptions. This is called a Subject Access Request (SAR). These should be made by email or in writing to our Data Protection Manager at the following addresses:
Address: St John & St Elizabeth Hospital, 60 Grove End Road, St John’s wood, London, NW8 9NH.
In addition, the Data Protection regulation provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
We make every attempt to ensure you are satisfied with the handling of your data queries or requests. However, you have the right to complain to the Information Commissioners Office (ICO) if you are not satisfied with the handling of your requests about the protection of your data. Follow the link below to report a concern to the ICO.
Last updated: January 2021