This webpage briefly outlines our company data protection policy.

It explains;

  • What is GDPR / Data Protection
  • How we collect your data / information.
  • Why we collect your data / information.
  • What personal data / information we collect and hold about you.
  • How we use and store the data / information.
  • Why we may share the data / information we have about you and who we may share it with.
  • Your rights!
  • Raising a concern

What is GDPR / Data Protection?

Data Protection / GDPR (General Data Protection Regulation) also known as ‘Privacy Notice’.

It is a legal framework that sets out guidelines for the collection and processing of personal information of individuals within the European Union. Its aim is to protect individuals from privacy and data breaches by clarifying what companies must do to safeguard these rights.

The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. The law was implemented on the 25th May 2018, replacing the EU Privacy Law of 1995.

How we collect your data / information?

  • If you contact us directly, in person or by telephone.
  • If you buy a product from us.
  • If you attend our practices and use our eye care services.
  • If your details are transferred from other health professionals.

Why we collect your data / information?

At our Optical Centre practices we aim to provide you with the highest quality healthcare. To do this we must keep records about you, your health, and the care we have provided for you.

What personal data / information we collect and hold about you?

Personal data is anything that can identify a person and can include information such as a name, a photo, an email address etc.

The personal data we may collect and process includes...

  • Your name, contact details and personal identifiers (such as date of birth and NHS number).
  • Your general and ocular health history, your family medical and ocular history, and any relevant signs or symptoms you tell us about.
  • Details of medicines, spectacles and contact lenses prescribed to you.
  • Details of examinations and other healthcare checks and treatments we provide.
  • Information relevant to your continued care from other people who care for you or know you well, such as other health professionals and relatives.

How we use and store information?

In addition to your healthcare needs we process your personal data for marketing purposes to meet a legitimate interest. This means we can tell you about eye care products and services that may be relevant to you, such as sending:

  • Information that you are due for an eye examination.
  • Information on our latest offers.
  • Our practice newsletter.

We keep all personal data securely in our filing or electronic systems which are only accessible to the healthcare professional working within our practices, or those under their supervision.

We keep any personal data we hold for ten years after our last contact with you or if under 18, until your 25th birthday. This is recommended as good practice by ‘The College of Optometrists’ and in line with NHS guidelines.

Your Rights!

  • The right to be informed - Individuals have the right to be informed about the collection and use of their personal data – also known as ‘privacy information’.
  • The right of access – individuals have the right to ask for a copy of the personal data we hold. We will provide it within one month, upon written request.
  • The right to rectification – if you ask us to correct personal data about you that is inaccurate or incomplete, we will do so within one month (unless we need longer, in which case we will discuss this with you).
  • The right to erasure – also known as the ‘right to be forgotten’. If you ask us to delete your personal data, we will do so if there is no compelling reason to continue processing the data. We will not usually delete healthcare data before our usual time limit as we have a duty to keep accurate records.
  • The right to restriction of processing – if you ask us to stop processing your personal data, we will do so if there is no compelling reason to continue processing the data.
  • The right to data portability - The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. We only pass your information onto other service providers/ organisations such as your GP, Ophthalmologist and suppliers of optical appliances or similar products, in connection with your ongoing healthcare treatment.
  • The right to object – if you object to us processing your data for marketing purposes, or for healthcare purposes, we will stop doing so, unless we are processing the data in respect of a legal claim or can otherwise show that our legitimate interest in processing the data overrides your rights and interests.
  • The right regarding automated decision making - The GDPR has provisions on making a decision solely by automated means and profiling. At Optical Centre we do don’t have or use this type of technology.

Raising a concern!

Please speak to us first if you have any questions or concerns about the way in which we process your personal data.

Ask for a copy of our full DATA PROTECTION POLICY!

If you wish to discuss your concerns you can contact the Managing Director at our Merthyr branch on 01685 388384.

You have the right to complain to the ico if you have a concern about our handling of your personal data which you do not think we can resolve. For more information on how to make a formal complaint visit their website on: https//

Call 01685 388384 now to make an appointment