Privacy Policy

This policy was last updated: 16th May 2019

Use of the website, www.ukeyesurgeon.co.uk, constitutes a legal agreement to the terms within this policy and your acceptance of this policy is deemed to occur upon your first use of the website. If you do not agree with the terms below, you are advised not to use the website.

This policy may change from time to time and you should check this page before using the website to ensure that you are aware of and accept any changes.

Policy Statement

The website www.ukeyesurgeon.co.uk is designed to promote the services of Mr Joe Devereux, Consultant Ophthalmic and Oculoplastic Surgeon. Treatments and services provided by Mr Joe Devereux will require the disclosure of personal data by patients and this privacy policy sets out how www.ukeyesurgeon.co.uk collects and processes personal data. We are committed to respecting and safeguarding all personal data disclosed to us.

Where applicable terms used in this policy shall have the meanings given by the Data Protection Act 2018 and General Data Protection Regulation.

By providing us with your personal data, you warrant that you are over 13 years of age.

About Us

Our office address is Devereux Partners Limited, 51 Holland Street, Kensington, London, United Kingdom, W8 7JB. We are registered with Companies House under registration number 07214760.

Where we manage personal data, we identify as a Data Controller and recognise and act on our obligations under data protection law applicable in the UK. For any issues relating to data protection the person responsible is Mr Joe Devereux who can be contacted by email to joe@ukeyesurgeon.co.uk

Personal Data we collect

Information that you provide to us is retained and processed in accordance with UK data protection legislation. This includes data given to us from the following:

Communications

We collect personal data when users submit an online Patient Referral Form. This collects your name, date of birth, address, email and contact number as well as GP details and your description of the problem you wish to enquire about. We will use this information to contact you and provide details of our services, make bookings, confirm bookings and deal with general company enquiries. Data is held on the grounds of being legitimate to our business interests.

We also collect personal data when our online GP Referral Form is submitted and this includes data relating to: GP’s name, GP’s contact telephone number, patient’s name, date of birth, contact email and telephone number.

We retain copies of emails sent to us on our servers which are hosted on by Hosting UK. For details of how your data is handled by this third party you should refer to their Privacy Policy at https://www.unitedhosting.co.uk/about/privacy-policy. Your personal data will be held by us in accordance with this Privacy Policy and will be on the basis of being legitimate to our business interests. Emails sent to us, including any attachments, may be monitored and blocked if the contents are considered a potential threat to the business or our systems or if deemed illegal.

Phone calls to us may be recorded and any data relating to the call may be retained by us. The data will be held on the basis of being for our legitimate business needs or in order to fulfil our contractual obligations if you are a client of ours. Calls may be tracked and data anonymized for analytical purposes.

We use a third-party secretarial service, PHF Services Limited, to manage bookings and billings on our behalf. Authorised personnel have limited access to your personal data and must comply with all applicable data protection law as a data processor. For further information see https://www.phf.uk.com

Use of the website

When you visit the website, www.ukeyesurgeon.co.uk we will log your Internet Protocol (IP) address, and the type of web browser used. This is not used to identify you as an individual user by us and we will not collect any personal data until you specifically provide this to us. Anonymised data may be used and share for analytical purposes (see Cookie Policy below).

Testimonials

We may ask clients for a testimonial in relation to our services or treatments and this may be used on our website. Personal data that identifies an individual will not be published online or in any printed material.

Special categories of data

Some of the information you provide to us may be considered as special categories of data and this includes any information provided in relation to: ethnic or racial origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life or criminal record. We take additional measures to ensure that all such data is processed securely and safeguarded at all times.

The legal basis for processing special categories of data is where processing is  necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3 (reference Article 9(2)(h) GDPR).

Children

We do not market this website at those under 18 years old. Consistent with the GDPR we will never knowingly request personally identifiable information from anyone under the age of 16 years old.

We will take appropriate steps to delete any personal data of individuals less than 16 years of age that has been collected on our website upon learning of the existence of such data.

Information we get from other sources

From time to time, we may need to obtain information from third parties about you. This will only apply where it is necessary to provide our services and as permitted by law.

How we use your data

UK data protection law requires us to have a “legal basis” for processing personal data. The legal basis we rely on are:

  • Performance of a contract we are about to enter into or have entered into with you;
  • Compliance with a legal or regulatory obligation;
  • Carrying out activities that are legitimate to our business interests;
  • Consent. However, generally, we shall not rely on consent as a legal basis for processing your personal data other than where the law requires it. Where our legal basis is consent, you have the right to withdraw consent any time.

We may use the information we collect from you as outlined in this table:

What we use your information forThe legal basis for doing so
To manage and personalise our services to you
  • Where necessary to carry out our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
  • It is in our legitimate interests to make sure that our customer accounts are well-managed, so that our customers are provided with a high standard of service, and to protect our business interests and the interests of our customers.
To confirm treatment/specialist availability and provide a price quotation
  • It is in our legitimate interests to provide our services to you
  • Where there is a contractual agreement for services to be provided.
To book a consultation
  • It is in our legitimate interests to provide our services to you
  • Where there is a contractual agreement for services to be provided.
To administer and improve the website
  • It is in our legitimate interests to develop and improve our products and services, so that we can continue to provide products and services that our customers want to use, and to make sure we continue to be competitive.
To personalise the content and user experience of the website
  • It is in our legitimate interests to develop and improve our systems and provide our customers with a high standard of service.
To allow us to respond to communications
  • Where necessary to carry out our agreement or to take steps to enter into an agreement with you.
To send email notifications which have been specifically requested
  • It is in our legitimate interests to give you information about our products and services that may be of interest.
To send marketing communications, where expressly agreed;
  • In the case of electronic marketing we have your permission to do so.
To provide third parties with statistical information about our users
  • It is in our legitimate interests to better understand how our customers use our products and what changes we could make to improve them.
To ask for feedback or testimonials
  • It is in our legitimate interests to better understand how our customers use our products and what changes we could make to improve them.
To deal with enquiries and complaints made by or about you
  • It is in our legitimate interests to make sure that our customer accounts are well-managed, so that our customers are provided with a high standard of service.
To recover debt and exercise other rights we have under any agreement with you, as well as to protect ourselves against harm to our rights and interests

 

  • Where necessary to carry out our agreement or to take steps to enter into an agreement with you.
  • Where there is a legal obligation.
  • It is in our legitimate interests to make sure that our business is run prudently and we can recover the debts owed to us, as well as making sure our assets are protected.

Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal data is kept private and stored securely until a time it is no longer required or has no use.

Our legitimate interests

When we use our legitimate interests as the legal basis for processing your personal information, we will consider and balance any potential impact on you and your rights before we process your personal data. We will only then proceed where we believe our interests are not overridden by the impact on you. Our legitimate interests include the management of our business operations.

Sharing Information

Disclosure

We don’t share, sell, or distribute your data to third parties, except as contractually agreed with you or as provided in this Privacy Policy. We may disclose your personal data if we are required to do so by law, in connection with any legal proceedings, and in order to establish, exercise or defend our legal rights, or if otherwise legally permitted.

Other Healthcare Professionals and staff

Personal data submitted via www.ukeyesurgeon.co.uk, provided by telephone or in-person may be shared with healthcare consultants working with Mr Joe Devereux who also provide treatments at the practice. All such information is treated as confidential and appropriate steps taken to ensure it is appropriately safeguarded.

Administrative staff may only access personal data if it is required for their role and are also under a duty to maintain confidentiality.

Data Processors

We may use Data Processors who act on our instruction in relation to the management of your data and they must adhere to all data protection laws and regulations. We will ensure that any Data Processors used only operate on our written instructions and comply with their obligations under the GDPR.

You will be informed of any other Data Controllers who have access to your data and who may determine processing activities separately to us, or as a Joint Data Controller.

Marketing

We will only send you emails about our services with your express consent. You have the option not to give consent and to withdraw consent at any time. You may withdraw your consent for us to contact you by emailing joe@ukeyesurgeon.co.uk. Non-personally identifiable visitor information may be provided to third parties for marketing, advertising or other uses.

Social media

www.ukeyesurgeon.co.uk has a social media account on Twitter. Personal information is not collated from social media although third parties may track you. You should refer to the Privacy Policy of Twitter for details of how they use data, see https://twitter.com/en/privacy

External links

Users of the website are advised to adopt a policy of caution before clicking on any external web links. Clicking an external link will take the user away from our website. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy. You encourage you to read the website privacy policy for any third party you click on to.

www.ukeyesurgeon.co.uk cannot guarantee or verify the contents of any externally linked website and users click on external links at their own risk. www.ukeyesurgeon.co.uk and its owner cannot be held liable for any damages, or the consequences of visiting any external links.

Payment Processing

This website does not process payments. Payments handled on our premises shall comply with the standard procedures and requirements as laid down by law to ensure that personal data is kept secure.

Data Retention

We keep your personal data in accordance with our Data Retention Policy which reflects our needs to provide services to you as contracted and also as required to meet legal, statutory and regulatory obligations. The need to hold information is regularly reviewed and data will be disposed of when no longer required.

Personal data from enquiry forms submitted to us shall be kept for a period of 12 months from when the enquiry is closed.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep such information confidential.

We take appropriate steps to ensure a safe processing of personal data, however, we cannot guarantee the security of data transmitted through our website or by email.  Any transmission is at your own risk.

Data Storage

Our website is hosted by Hosting UK. Any information that you supply to us may be stored and processed by their servers located in the UK. You can refer to their Privacy Policy at https://www.unitedhosting.co.uk/about/privacy-policy. Your data may be transferred in accordance with the relevant data protection law.

Rights of Data Subjects

We recognise a data subjects rights and will uphold these in accordance with data protection law. You should note that in some cases, we may limit or restrict the enforcement of these rights due to our legal or regulatory obligations.

You are entitled to see the information held about you and you may ask us about any of the following:

Subject access requests

Data subjects (i.e. individuals) have the right to access personal data that is held by us by submitting a subject access request (SAR). We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. A subject access request can be made by emailing joe@ukeyesurgeon.co.uk

Right to rectification

Data subjects have the right to request that we amend or change personal data that is inaccurate or incorrect.

Right to erasure

Data subjects have the right to ask us to delete personal data from our systems without giving any reason and at any time. We will act on any such request without delay. This right is not absolute and personal data may be retained for us where there is a lawful reason for us to do so and this takes precedence over the right of erasure.

Right to restrict processing

Data subjects have the right to rectification or erasure of personal data in the following circumstances:

  • Personal data is not accurate;
  • The processing of data is unlawful – data subjects may request that processing is restricted;
  • Data is required to exercise legal rights or defend legal claims;
  • Data is unlawful but there may be lawful grounds for processing, which override this right.

Right to data portability

Data subjects have the right to obtain and request the transfer of their data to different service providers.

Right to object

Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data under lawful grounds.

Right not to be subject to decisions based on automated processing

We do not use any automated processing that results in any automated decision based on a data subject’s personal data.

Using your rights

If you wish to invoke any of these rights, you should contact the person responsible for data protection by emailing us at joe@ukeyesurgeon.co.uk

Data Breaches

We will report any unlawful breach of data as required by the GDPR within 72 hours of the breach occurring, if it is considered that there is an actual, or possibility, that data within our control including the control of our data processors, has been compromised. If the breach is classified as ‘high risk’ we will notify all data subjects concerned using an appropriate means of communication. We will report any relevant breaches to the ICO, see below.


Cookies Policy

What are Cookies

Cookies are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website to provide the user with a tailored experience when navigating the website. Session cookies may be used to validate access to different parts of the website.

Disabling Cookies

If you are uncomfortable with the use of cookies, you can disable cookies on your device by changing the settings in the preferences or options menu in your browser.  You can set your browser to reject or block cookies or to tell you when a website tries to put a cookie on your device. You can also delete any cookies that are already stored on your device.  However, please be aware that if you do delete and block all cookies from our website, parts of the site may not fully function.

How we use Cookies

www.ukeyesurgeon.co.uk uses cookies to help us identify and track visitors, their usage of the website, and their website access preferences. Cookies are a user’s identification card for accessing the servers. On a user’s first visit to the website a Cookie Pop up will ask a user to allow or disallow the use of cookies on their computer or device. This complies with UK legislation which requires that explicit consent is given by users before reading files are left, or applied, on a user’s computer or device. To the extent that cookies data constitutes personally identifiable information, we process such data on the basis of your consent.

Types of Cookies

The types of Cookies we use are:

  • Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Cookies can be placed for a user’s session or will be persistent. See the below table for retention periods.

Cookies we use

COOKIEPROVIDERTYPEUSERETENTION PERIOD

NECESSARY

PHPSESSIDeyesurgeonuk.co.uk

HTTP

Preserves users’ session state across page requests

6 days

STATISTICS
_gaeyesurgeonuk.co.ukHTTPStatistical data on how user uses the website2 years
_gateyesurgeonuk.co.ukHTTPGoogle Analytics use to throttle request rate1 day
_gideyesurgeonuk.co.ukHTTPRegisters unique ID for statistics on website use1 day
collectgoogle-analytics.comPixelSends data to Google about user’s device & behaviourSession

 

Analytics

www.ukeyesurgeon.co.uk uses tracking software provided by Google Analytics to monitor its visitors, and to better understand how they use the site. See above table. The software will save a cookie to the user’s hard drive in order to track and monitor engagement and usage of the website. The cookie will not store, save or collect personal data. The data collected is only viewable by selected employees on a need-to-know basis and by Google.

Google’s privacy policy is available at http://www.google.com/privacy.html. Users may opt-out from having their data collected by disabling the tracking.

Consent to Cookies

If you accept the use of Cookies on this website, you consent to the processing of data about you by us and any third parties as identified above in accordance with this policy and our Privacy Policy. You have the right to withdraw your consent at any time by emailing joe@ukeyesurgeon.co.uk

Further information

Guidelines for the processing and handling of data and use of Cookies is available from the Information Commissioner’s Office, the UK supervisory authority on data protection, see www.ico.org.uk.

Information is also available at www.ec.europa.eu/ipg/basics/legal/cookies/index_en.html


Important Information

Questions and queries

If you have any concerns about how we handle your data, you can contact us by email to joe@eyesurgeonuk.co.uk

Changes to this policy

We reserve the right to change this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website.

You will be deemed to have accepted any changes to the terms of the privacy policy on your next visit of the website following the amendment.

Complaints

If you want to raise a concern about the use of your data, you can contact us by email to joe@eyesurgeonuk.co.uk. Alternatively, you can formally raise a concern or complaint to the Information Commissioner’s Office (ICO) directly on 0303 123 1113, or see the options for reporting issues on https://ico.org.uk/concerns/

No Waiver

No failure or delay by us in exercising any of our rights in accordance with this Privacy Policy or our terms and conditions shall be deemed to be a waiver of that right, and no waiver of a breach of any provision of the Agreement shall be deemed to be a waiver of any subsequent breach of the same or any other provision.

Severance

If one or more of the provisions of this Privacy Policy or our terms and conditions is found to be unlawful, invalid or otherwise unenforceable, those provision(s) shall be deemed severed from the remainder of these terms and conditions and shall remain enforceable.

Third Party Rights

The terms of this Privacy Policy shall not confer rights on any third parties and accordingly the Contracts (Rights of Third Parties) Act shall not apply.

Jurisdiction and Governing Law

The terms of this Privacy Policy and all disputes, whether contractual or otherwise, arising out of or in connection with the policy are governed by and shall be construed in accordance with the laws of England and Wales and each party submits to the exclusive jurisdiction of the English courts.

Copyright © 2019 Mr. Joe Devereux | www.ukeyesurgeon.co.uk


Latest News Latest News

Hinchingbrooke Hospital To Be Run By Private Company

Control of Hinchingbrooke NHS hospital has been handed over to Circle, the private hospital operator […]

Posted: 26 Nov 2010

Eye Surgeon Launches On Twitter

We have launched a new mini blog on twitter. To follow us and keep up […]

Posted: 05 Nov 2010

More news

Book a private appointment