top of page

PRIVACY NOTICE

Who we are

EDGE Eyewear (WM Eyecare Ltd) is a private independent Opticians operating from EDGE Eyewear,

Unit 20/21, Warrington Market, 2 Time Square, Warrington, WA1 2NT, United Kingdom. We are registered with the Information Commissioners Office as a Data Controller, registration number ZB403474.

Your Privacy

This policy provides detailed information on when and why we collect your personal information, how we use it and the very limited conditions under which we may disclose it to others.

Your privacy matters to us and we are committed to the highest data privacy standards, patient confidentiality and adherence with the Data Protection Act 2018 and UK GDPR. We adopt the six core principles of data protection.

Collection of your Personal Data

Where you provide personal data to us, we will become responsible for it as the data controller.

We will only collect data that is necessary for us to deliver the best possible service and ensure that you are reminded about appointments or information relevant to your ongoing care.

 

We collect your personal information directly from you, for example, when you visit our practice, get in touch with us by telephone or email, use our booking system or when you visit our website.

 

We may also collect it from other sources if it is legal to do so. This includes from the NHS or other healthcare providers, institutions or people you have authorised to provide information on your behalf (for example, parents or guardians), third-party service providers, government, tax or law-enforcement agencies, and others.

Main Categories and Type of Personal Data Collected and processed

Processing Activity
Personal Data Required/Held
Retention Time
Reason to hold Data
Optical service and products
Name, date of birth, telephone numbers, address and email. Current and past health and medication information, family history, your examination results, and lifestyle information. Data received other healthcare professionals as part of your ongoing care.
10 years after last contact or until age 25, whichever is later.
Contract - in order to provide the service or products you have requested. Where health data is processed, we do so for the provision of healthcare.
Hearing care service and products
Name, date of birth, telephone numbers, address and email. Current and past health and medication information, family history, your examination results, and lifestyle information. Data received other healthcare professionals as part of your ongoing care.
10 years after last contact or until age 25, whichever is later.
Contract - in order to provide the service or products you have requested. Where health data is processed, we do so for the provision of healthcare.
Reminders
Name, email address, address, telephone numbers.
10 years after last contact or until age 25, whichever is later or until asked to stop by you.
Contract - In order to provide the ongoing service appointment reminders are sent.
Marketing
Name, email address, address, telephone number.
Until asked to stop by you or until consent withdrawn by you.
Legitimate interests - we will provide information which we believe is of genuine interest to you. Consent - you have given consent to receive information about products or services that are of interest to you.
Credit/Debit card payments
Cardholder name, card number, security number.
Duration of the transaction.
Contract - you have agreed to provide these details to pay for the service or products ordered.
CCTV footage
Images
30 Days
Legitimate interests - Prevention and detection of crime. Prevention and detection of crime. Protection of our colleagues and visitors. Investigation of accidents, incidents, criminal activities and breaches of our policies.
Collection of online identifiers for analytical purposes (Cookies)
Cookie information, IP address, Device ID, Session ID, Interaction history, Website feedback
See Cookie Policy
Consent - Ensuring visitors get the best experience.

We treat all personal data as sensitive but acknowledge that we also process special category data including health data and children’s data.

Cookie Policy

What are cookies?

We may place small text files called ‘cookies’ on your device when you visit our website. These files contain a personal identifier allowing us to monitor your browsing activity, capture information about your device, general location and IP address, which would be considered as personal data.

Cookies are NOT viruses, any kind of malware, programs or applications. Cookies can't access any of the information held on your device and cannot directly identify you. 

 

Why do we use cookies?

Cookies serve several useful purposes for you, including:

  • Tailoring our website’s functionality to you personally by letting us remember your preferences, location or device type.

  • Improving how our website performs.

  • Improving your experience and allowing our website to recognise you when you return.

  • Allowing us to customise our website to your interests.

  • Understanding who our audience is so that we can provide content most relevant to you.

  • Allowing third parties to provide services to our website.

  • Helping us deliver interest-based advertising where appropriate in compliance with the applicable laws.

Types of cookies that we use

We use different types of cookies on our website. Some of these cookies are placed by us, while others are placed by our third-party plug-ins, suppliers or advertisers. These cookies may be deleted from your device at different times, such as at the end of your browsing session (when you leave the website) or after a pre-set amount of time, or they may persist on your device until you delete them.

We use the following types of cookies on our website: (See table below)

Essential cookies – these are cookies that allow our website to perform its essential functions. Without these cookies, some parts of our websites would stop working. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.    You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not send any personally identifiable information when sending to WIX Server in the US. 

Non-essential cookies – with your consent non-essential cookies are set when you visit our website. They serve to optimize the user experience, provide us with insights about how users use our website, or are used for marketing purposes.

To the extent personal data is processed via these cookies, the respective legal basis is your consent in accordance with Article 6(1)(a) GDPR. You may withdraw your consent at any time in the future  by adjusting your cookie settings.

Cookie Name
Purpose
Duration
Cookie Type
userType
used to identify logged in users
3 months
essential
wixSession2
used in connection with user login
15 days
essential
XSRF-TOKEN
used for security
Session
essential
_ASID
used to system monitoring/debugging
1 day
essential
_AVID
used to generate user-id for non-authenticated user
3 months
essential
_ansPAID
used to identify logged in users (Wix help center)
3 months
essential
_AC
used to authenticate logged in users (Wix help center)
15 days
essential
_WAGU
used to identify users on support channels
7 days
essential
_WAT
used to identify logged in users (Wix help center)
14 days
essential
SSR-caching
used to indicate the system from which the site was rendered
1 minute
essential
_wixCIDX
used for system monitoring/debugging
3 months
essential
_wixVIDX
used for system monitoring/debugging
3 months
essential
_wixAB3
used to save the state of the experiments the user has at Wix.com platform
6 months
essential
_wixAB3|<GUID>
used to save the state of the experiments the user has at Wix.com platform
4 hours
essential
hs
used for security
session
essential
wixLanguage
used in connection with customer login
12 months
essential
_wix_browser_sess
used to system monitoring/debugging
session
essential
svSession
used in connection with user login
session
essential
wixRec
used for system effectiveness measurement
2 hours
essential
wixvertical
used in connection with premium package picker
12 months
essential
_wixUIDX
used for support assistance identification
3 months
essential
wixMagento
used to save user state when using eCom
session
essential
wixClient
used to identify logged in users
14 days
essential
fedops.logger.sessionId
used for stability/effectiveness measurement
12 months
essential

Sharing of Personal Data

During the delivery of our service to you, we will share your data with other companies who are critical for the provision of our service to you and will be viewed as Data Processors. They are under contract with us and have provided sufficient guarantees that they will process your data only as per the terms of that contract and throughout processing activities will ensure your data is protected using appropriate technical and organisation measures.

 

Our operations are based in the UK, and your personal information is generally processed within the UK and countries within the European Economic Area (EEA). In some instances, we may transfer your personal information to third countries, for example, where our suppliers or cloud service providers are situated outside the UK and EEA.

 

If the recipient is situated in a third country that has not received an adequacy decision from the relevant regulator, we will ensure additional safeguards are in place including the use of applicable standard contractual clauses.

 

A full list of processors is available from our Data Protection Officer.

 

Where necessary we may disclose your information to health care professionals including the NHS. We may also pass information to external agencies and organisations, including the police, for the prevention and detection of fraud and criminal activity. Should any claim be made, we may pass your personal information to our insurers and, if our business is wholly or partially transferred to a third party, your personal information may be one of the transferred assets.

Securing and Processing of your Personal Data

To provide and manage our services your electronic data is stored and processed by Optix Software Ltd within their UK facilities, certified to ISO27001, which has appropriate security processes in place.

 

Your data is also stored within our own IT systems, which are secured to prevent access or intrusion by anyone who is not authorised to have access to your data. Our practice is operated to ensure that all records and equipment holding your personal data are physically protected.

 

In the unlikely event that we lose your data, or a device on which your data resides, or it is accessed by someone unauthorised, we will inform you if the loss or unauthorised access of your data has potential to cause you harm. We may report this to the Information Commissioners Office, who are responsible for regulating data protection legislation in the UK.

https://ico.org.uk/

Your Rights in Relation to Personal Data

Under UK data protection law, you have following rights which you can exercise by emailing our Data Protection Officer on EdgeEyewearDPO@clinicaldpo.com  

Right
Explanation
Right to be Informed

This means that we have to be transparent in how we collect and use your personal data

Right of Access

You have the right to access your personal data

Right to Rectification

If the information we hold about you is inaccurate or incomplete you can request that we correct this

Right to Erasure

You can request that we delete or remove personal data in certain circumstances

Right to Restrict Processing

You have the right to  request that we cease processing your data if

· you consider it inaccurate or incomplete and/or

· you object to the reason we're processing your data

We will review the validity of your request and respond to you with our decision

Right to Data Portability

Where you have consented to our processing your data or where the processing is necessary for us to deliver a contract you can request a copy of that data be provided to a third party

Right to Object

You have the right to object to our processing in certain circumstances and an absolute right to object to direct marketing

Rights relating to Automated Decision-Making including Profiling

We do not use automated decision-making or profiling

Where automated decision-making is applied, organisations must

· give you information about the processing

· introduce simple ways for you to request human intervention or challenge a decision

· carry out regular checks to make sure that our systems are working as intended

If you are unhappy with anything we have done with your data, you have the right to complain to the Information Commissioners Office.

To make a complaint to the Information Commissioners Office use the link below or call their hotline on Tel No.: 0303 123 1113.  

https://ico.org.uk/concerns/ 

How to Contact Us

For all data protection matters or questions relating to how we manage your data, you can contact our Data Protection Officer via these means:

 

Data Protection Officer: 

Clinical DPO

Phone Number:

0203 411 2848

Email: 

EdgeEyewearDPO@clinicaldpo.com

bottom of page