Pinders Privacy policy
Who we are?
Pinders Opticians is a private independent Opticians operating from Mansfield, Southwell, Warsop and New Ollerton. We are registered with the Information Commissioners Office as a Data Controller, registration number Z5543456.
• 5-9, Queen Street, Mansfield, NG18 1JL
• 20, Queen St, Southwell, NG25 0AA
• 1A Sherwood St, Warsop, Mansfield, NG20 0JP
• 33 Forest Rd, New Ollerton, Newark, NG22 9PR
Your Privacy
This policy provides detailed information on when and why we collect your personal information, how we use it and the very limited conditions under which we may disclose it to others.
Your privacy matters to us and we are committed to the highest data privacy standards, patient confidentiality and adherence with the Data Protection Act 2018 and UK GDPR. We adopt the six core principles of data protection.
Collection of your Personal Data
Where you provide personal data to us, we will become responsible for it as the data controller.
We will only collect data that is necessary for us to deliver the best possible service and ensure that you are reminded about appointments or information relevant to your ongoing care.
We collect your personal information directly from you, for example, when you visit our practice, get in touch with us by telephone or email, use our booking system or when you visit our website.
We may also collect it from other sources if it is legal to do so. This includes from the NHS or other healthcare providers, institutions or people you have authorised to provide information on your behalf (for example, parents or guardians), third-party service providers, government, tax or law-enforcement agencies, and others.
Practice Compliance Statement- National Data Opt Out
The national data opt-out was introduced on 25 May 2018, enabling patients to opt out
from the use of their data for research or planning purposes, in line with the
recommendations of the National Data Guardian.
Whenever you use a health or care service, important information about you is collected in
a patient record for that service. Collecting this information helps to ensure you get the best
possible care and treatment.
The information collected about you when you use these services can also be used and
provided to other organisations for purposes beyond your individual care, for instance to
help with:
• improving the quality and standards of care provided
• research into the development of new treatments
• preventing illness and diseases
• monitoring safety, and
• planning services.
This may only take place when there is a clear legal basis to use this information. All these
uses help to provide better health and care for you, your family and future generations.
Confidential patient information about your health and care is only used like this where
allowed by law. Most of the time, anonymised data is used for research and planning so that
you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used
in this way. If you are happy with this use of information you do not need to do anything. If
you do choose to opt-out your confidential patient information will still be used to support
your individual care.
To find out more and register your choice to opt out, please visit www.nhs.uk/your-nhsdata-matters/ You can change your mind about your choice at any time.
You can also find out more about how patient information is used at:
How patient information is used in research studies: www.hra.nhs.uk/information-about-patients/
How patient information is used in healthcare: https://understandingpatientdata.org.uk/how
Main Categories and Type of Personal Data Collected and processed.
|
Processing Activity
|
Personal Data Required/Held
|
Retention Time
|
Reason to hold Data
|
|
Optical service and products
|
Name, date of birth, telephone numbers, address and email
Current and past health and medication information, family history, your examination results, and lifestyle information.
Data received other healthcare professionals as part of your ongoing care
|
10 years after last
contact or until age 25, whichever is later
|
Contract – in order to provide the service or products you have requested
Where health data is processed, we do so for the provision of healthcare.
|
|
Reminders
|
Name, email address, address, telephone numbers
|
10 years after last contact or until age 25, whichever is later or until asked to stop by you
|
Contract – In order to provide the ongoing service appointment reminders are sent
|
|
Marketing
|
Name, email address, address, telephone number
|
Until asked to stop by you or until consent withdrawn by you
|
Legitimate interests – we will provide information which we believe is of genuine interest to you.
Consent – you have given consent to receive information about products or services that are of interest to you
|
|
Credit/Debit card payments
|
Cardholder name, card number, security number
|
Duration of the transaction
|
Contract – you have agreed to provide these details to pay for the service or products ordered
|
|
Collection of online identifiers for analytical purposes (Cookies)
|
Cookie information
IP address
Device ID
Session ID
Interaction history
Website feedback
|
See Cookie Policy
https://pindersopticians.co.uk/privacy
|
Consent – Ensuring visitors get the best experience.
|
We treat all personal data as sensitive but acknowledge that we also process special category data including health data and children’s data.
Sharing of Personal Data
During the delivery of our service to you, we will share your data with other companies who are critical for the provision of our service to you and will be viewed as Data Processors. They are under contract with us and have provided sufficient guarantees that they will process your data only as per the terms of that contract and throughout processing activities will ensure your data is protected using appropriate technical and organisation measures.
Our operations are based in the UK, and your personal information is generally processed within the UK and countries within the European Economic Area (EEA). In some instances, we may transfer your personal information to third countries, for example, where our suppliers or cloud service providers are situated outside the UK and EEA.
If the recipient is situated in a third country that has not received an adequate decision from the relevant regulator, we will ensure additional safeguards are in place including the use of applicable standard contractual clauses.
A full list of processors is available from our Data Protection Officer.
Where necessary we may disclose your information to health care professionals including the NHS. We may also pass information to external agencies and organisations, including the police, for the prevention and detection of fraud and criminal activity. Should any claim be made, we may pass your personal information to our insurers and, if our business is wholly or partially transferred to a third party, your personal information may be one of the transferred assets.
Securing and Processing of your Personal Data
To provide and manage our services your electronic data is stored and processed by Optix Software Ltd within their UK facilities, certified to ISO27001, which has appropriate security processes in place.
Your data is also stored within our own IT systems, which are secured to prevent access or intrusion by anyone who is not authorised to have access to your data. Our practices are operated to ensure that all records and equipment holding your personal data are physically protected.
In the unlikely event that we lose your data, or a device on which your data resides, or it is accessed by someone unauthorised, we have a duty to inform you immediately if the loss or unauthorised access of your data has potential to cause you harm. We will also report this to the Information Commissioners Office, who are responsible for regulating data protection legislation in the UK.
https://ico.org.uk/
Your rights in relation to personal data
Under UK data protection law, you have following rights which you can exercise by emailing our Data Protection Officer on RCPinderDPO@ClinicalDPO.com
|
Right
|
Explanation
|
|
Right to be Informed
|
This means that we have to be transparent in how we collect and use your personal data
|
|
Right of Access
|
You have the right to access your personal data.
|
|
Right to Rectification
|
If the information we hold about you is inaccurate or incomplete you can request that we correct this
|
|
Right to Erasure
|
You can request that we delete or remove personal data in certain circumstances
|
|
Right to Restrict Processing
|
You have the right to request that we cease processing your data if
· you consider it inaccurate or incomplete and/or
· you object to the reason we're processing your data
We will review the validity of your request and respond to you with our decision
|
|
Right to Data Portability
|
Where you have consented to our processing your data or where the processing is necessary for us to deliver a contract you can request a copy of that data be provided to a third party
|
|
Right to Object
|
You have the right to object to our processing in certain circumstances. For example, you can object to:
· direct marketing and
· processing for the purposes of scientific/historical and statistics
|
|
Rights relating to Automated Decision-Making including Profiling
|
We do not use automated decision-making or profiling
Where automated decision-making is applied, organisations must
· give you information about the processing
· introduce simple ways for you to request human intervention or challenge a decision
· carry out regular checks to make sure that our systems are working as intended
|
If you are unhappy with anything we have done with your data, you have the right to complain to the Information Commissioners Office.
To make a complaint to the Information Commissioners Office use the link below or call their hotline on Tel No.: 0303 123 1113.
https://ico.org.uk/concerns/
How to contact us?
For all data protection matters or questions relating to how we manage your data, you can contact our Data Protection Officer via these means:
Data Protection Officer: Clinical DPO
Phone Number 0203 411 2848
Email: RCPinderDPO@ClinicalDPO.com
Pinders Opticians - National Data Opt-Out Statement
Pinders Opticians is one of many organisations working in the health and care system to improve care for patients and the public.
Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
• improving the quality and standards of care provided
• research into the development of new treatments
• preventing illness and diseases
• monitoring safety
• planning services
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.
Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:
• See what is meant by confidential patient information
• Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
• Find out more about the benefits of sharing data
• Understand more about who uses the data
• Find out how your data is protected
• Be able to access the system to view, set or change your opt-out setting
• Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
• See the situations where the opt-out will not apply
You can also find out more about how patient information is used at:
https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and
https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)
You can change your mind about your choice at any time.
Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.
Health and care organisations have until July 2022 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation ‘is currently’ compliant with the national data opt-out policy. “
Pinders Cookie Policy
What are cookies?
We may place small text files called ‘cookies’ on your device when you visit our website. These files do not contain personal data, but they do contain a personal identifier allowing us to associate your personal data with a certain device. Cookies are NOT viruses, any kind of malware, programs or applications. Cookies can't see the files on your device.
Why do we use cookies?
Cookies serve several useful purposes for you, including:
- Allow you to access restricted content.
- Tailoring our website’s functionality to you personally by letting us remember your preferences, location or device type.
- Improves our website performance.
- Improving your experience and allowing our website to recognise you when you return.
- Helps us understand who our audience is so that we can provide content most relevant to you.
- Allows third parties to provide services to our website.
We use three types of cookies on our website?
- Essential cookies– Allow our website to perform its essential functions. Without these cookies, some parts of our websites would stop working.
- Performance cookies– Monitor how our website is performing, and how you interact with it. We use them to know how best to improve our website or services.
- Functional cookies– these are cookies that remember who you are as a user of our website. We use them to remember any preferences you may have selected on our website, like saving your username and password or settings.
Changing Cookie Settings?
You can alter your cookie settings on our website at any time using our cookie settings section.
Deleting cookies
Your internet browser generally accepts cookies automatically, but you can often change this setting to stop accepting them. You can also delete cookies manually.
Deleting or no longer accepting cookies may prevent you from accessing certain aspects of our website where cookies are necessary or because the website forgot your preferences.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.allaboutcookies.org
Essential cookies
Cookie
laravel_session
Purpose
This cookie is used internally by the website’s owners, when uploading or renewing website content.
Duration
1 Day
Cookie
XSRF-TOKEN
Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.
Duration
1 Day
Functional Cookies Purpose Duration
|
_hjClosedSurveyInvites
|
Hotjar cookie that is set once a visitor interacts with an External Link Survey invitation modal. It is used to ensure that the same invite does not reappear if it has already been shown.
|
365 days
|
|
_hjDonePolls
|
Hotjar cookie that is set once a visitor completes a survey using the On-site Survey widget. It is used to ensure that the same survey does not reappear if it has already been filled in.
|
365 days
|
|
_hjMinimizedPolls
|
Hotjar cookie that is set once a visitor minimizes an On-site Survey widget. It is used to ensure that the widget stays minimized when the visitor navigates through your site.
|
365 days
|
|
_hjShown
FeedbackMessage
|
Hotjar cookie that is set when a visitor minimizes or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimized immediately if the visitor navigates to another page where it is set to show.
|
365 days
|
|
_hjid
|
Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
|
365 days
|
|
_hjRecordingLastActivity
|
This should be found in Session storage (as opposed to cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records).
|
Session
|
|
_hjTLDTest
|
When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
|
Session
|
|
_hjUserAttributesHash
|
User Attributes sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated.
|
Session
|
|
_hjCachedUserAttributes
|
This cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. These attributes will only be saved if the user interacts with a Hotjar Feedback tool.
|
Session
|
|
_hjLocalStorageTest
|
This cookie is used to check if the Hotjar Tracking Script can use local storage. If it can, a value of 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.
|
Under 100ms
|
|
_hjIncluded
InPageviewSample
|
This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's pageview limit.
|
30 minutes
|
|
_hjIncludedIn
SessionSample
|
This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's daily session limit.
|
30 minutes
|
|
_hjAbsoluteSession
InProgress
|
This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
|
30 Minutes
|
|
_hjFirstSeen
|
This is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
|
Session
|
|
hjViewportId
|
This stores information about the user viewport such as size and dimensions.
|
Session
|
|
_hjRecordingEnabled
|
This is added when a Recording starts and is read when the recording module is initialized to see if the user is already in a recording in a particular session.
|
Session
|
Performance cookies
|
_gat_UA-92443388-37, _gid, _ga, _gclxxxx,
_gat_UA-145808401-2, _gat_
xxxxxxxxxxxxxx
xxxxxxxxxxxx
|
These cookies are set by Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies then we will not know that you have visited our site, and will not be able to monitor its performance.
|
Freedom of Information (FOI) Publication Scheme
Welcome to the publication scheme for Pinders Opticians. This scheme is required by the Freedom of Information Act 2000.
This publication scheme is a complete guide to the information routinely made available to the public by Pinders Opticians. It is a description of the information about our NHS services which we make publicly available. It will be reviewed regularly, and we will monitor its effectiveness.
Your rights to information
The aim of the Freedom of Information Act 2000 is to provide members of the public with access to information held by public authorities.
You are entitled to certain information in relation to the NHS services we provide under the Freedom of Information Act 2000.
Under the Data Protection Act 2018, you are also entitled to access your own clinical records or any other personal information held about you. See our Privacy Notice for details https://pindersopticians.co.uk/privacy
Feedback
If you have any comments about the operation of the Publication Scheme, or how we have dealt with your requests relating to the scheme, please send this to us in writing:
By email: RCPinderDPO@clinicaldpo.com
By post: Pinders Opticians, Freedom of Information, 33 Forest Road, New Ollerton, Newark, England, NG22 9PR.
Classes of Information
All NHS information at Pinders Opticians is held, retained and/or destroyed in accordance with NHS guidelines. Our commitment to publish information excludes any information which can be withheld under the exemptions set out in the Freedom of Information Act 2000. Where individual Classes are subject to exemptions, the main reasons are the protection of commercial interests and the protection of personal information under the Data Protection Act 2018. This applies to all Classes in the publication scheme. The information on this scheme is grouped into the following categories:
1. Who we are
We are an independent Opticians.
The following information can be found on our website https://pindersopticians.co.uk/
• Location(s), opening hours and contact details.
• Details on our products and services.
• Information about eye health, optical and ocular conditions, eye tests, glasses, and contact lenses.
Some of this information is also freely available in leaflets in our store.
We are regulated, amongst other laws, by the Opticians Act, 1989 and the UK Data Protection Act, 2018.
For registration details, please contact:
• Companies House at www.companieshouse.gov.uk - Registration of a company operating in the United Kingdom.
• The Information Commissioners Officer as required as a processor of personal data
• General Optical Council – registration as a company providing optical services.
2. Our services
If you are eligible for a free NHS sight test you can visit [Company Name} for your free test. We will also accept NHS vouchers against purchases of glasses and/or contact lenses.
To find out if you are eligible for a free eye test and/or NHS vouchers please see https://www.nhs.uk/nhs-services/opticians/free-nhs-eye-tests-and-optical-vouchers/.
If you would like to make an appointment please contact us.
3. Financial and funding information
Pinders Opticians will currently receive a fee for each NHS sight test performed in the UK.
If you would like further information about the value of the NHS vouchers accepted, and NHS charges, please visit:
• www.nhs.uk
These charges and voucher values are regularly reviewed by the NHS.
The fees paid by the NHS for each service are available from the practice on request. They include a contribution towards optometrists’ and staff salaries, equipment costs and other practice overheads. Information in this class will be published only where it is unlikely adversely to affect the commercial position of the firm or practice
4. Regular publications and information for the public
Information in relation to your eye test, the NHS https://www.nhs.uk/nhs-services/opticians/visiting-an-optician/
A range of patient leaflets in relation to prices, contact lenses, care for glasses, general contact lenses information and optical healthcare are available from Pinders Opticians.
5. Complaints
A copy of our complaints’ procedure can be obtained from Pinders Opticians. If you have a complaint, we recommend that you first contact the practice manager.
6. Our Policies and Procedures
Details of policies (e.g., Health and Safety and Privacy) are available from Pinders Opticians.
Please apply to the Practice for copies of the documents. Some are classified as being for internal use only and will not be made publicly available.
7. This publication scheme
Any changes to the publication scheme and any proposed changes or additions to publications already available will be published in this Class.
8. Cost of information
For the most part, you will only be charged for printed copies of information required. Some information is available free, but for others there may be a charge. The charges will vary according to how the information is made available. The charges are as follows:
• Information accessed via the website or provided by e-mail is free of charge except for charges made by your own internet service provider.
• Requests for single printed copies are free of charge.
• Requests for multiple printed copies or archived copies will attract a charge, to be paid in advance, to cover incidental costs such as photocopying and postage.
These charges will be reviewed regularly and notified to you when you make the request.
9. Useful resources
Websites
Information Commissioners Office www.ico.org.uk
10. Copyright
Material available through this publication scheme is copyright unless otherwise indicated. Unless expressly indicated to the contrary, it may be reproduced free of charge in any format or medium, provided it is done so accurately in a manner that will not mislead.
Where items are re-published or copied to others, you must identify the source and acknowledge copyright status. This permit does not extend to third party material, accessed through the scheme.
For Guidance notes on FOI publication schemes see https://ico.org.uk/for-organisations/guide-to-freedom-of-information/publication-scheme/
