Privacy policy

Overview

However you come into contact with iSightCornwall – we want to make sure everyone has a great experience with us. To help us do that, we’ve made some changes to our Privacy Policy to make it more user-friendly and to support the upcoming changes to EU data protection law.

The changes make it easier for you to understand what information we collect and why we collect it, ensuring that your privacy is always protected. Nothing is changing about your current settings or how your information is processed – we have always taken the utmost care with your personal information. We’ve simply improved the way we describe our practices and how we explain the options that you have to manage, export or delete your data.

Our Privacy Promise

Transparency – We will always tell you what data we’re collecting about you and how we use it. We only share your data with trusted partners with your permission and will never sell your data.

Secure – We are committed to always follow industry best practices to ensure your data is stored safely and securely. We protect the confidentiality, accuracy and availability of the information we collect about you.

Control – We will always give you control over the information you receive from us. You can choose the types of information you receive and whether you want to stop receiving information communications.

Our Privacy Policy

Information we collect about you

We may collect, store and use some or all of the following categories of personal information from you:

  • Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
  • Date of birth
  • Gender
  • Next of kin and emergency contact information
  • National Insurance number
  • NHS number
  • Tax status information
  • Benefits information (including claim forms for local and national statutory bodies)
  • Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process)
  • Employment records

We may also collect, store and use the following special categories of more sensitive personal information:

  • Information about your health, including any medical condition, health records
  • Information about criminal convictions and offences

We may also collect, store and use details (and copies) of your communications and interactions with us, including by email, telephone, post and online via social media channels.

How we collect personal information

We typically collect personal information about service users and customers through the service referral process, either directly from service users and customers or sometimes from specialist professionals, for example, eye department consultants opticians and GP’s. We may also collect information for the sale of products and equipment.

How and why we use your personal data

It is usually necessary for us to process your personal data in order to contact you to make an appointment, respond to your enquiry and send you information relating to our services, for example, an event local to you.

We will always verify at the start of your contact with us, how and by what method you wish to be contacted.

We will disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.

We do not share or sell your data to direct marketing agencies and services.

How we secure your personal data

We have appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

Our online security controls maintain confidentiality at all times, specifically for secure card payments. We are certified to the payment card data security standards (PCI-DSS) and never store card details.

Our entire site is accessed using https rather than http, meaning that all information that is sent and received is encrypted for additional security. You can see this in the address bar of your browser.

How long we will store your personal data

We will only retain your personal information for as long as necessary in line with our disposal and retention policies to fulfil the purposes we collected it for.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we achieve those purposes through other means, and the applicable legal requirements.

Your rights in relation to your personal data

It is important that the personal information we hold about you is accurate and up to date. Please keep us informed if your personal information changes during your contact with us.

Under certain circumstances, by law, you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your particular situation, which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.
  • If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data or request that we do not transfer a copy of your personal information to another party, please contact the Data Control Officer, Carole Theobald, Director of Operations in writing at iSightCornwall, The Sight Centre, Newham Road Truro Cornwall TR1 2DP

You will not have to pay a fee to access your personal information (or to exercise any of your other legal rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with your request in such circumstances, and in all cases, where we are permitted to do so by law.

We may need to request specific information from you in order to confirm your identity and ensure your right to access the information or exercise any of your other rights. This is another appropriate security measure, which we use to ensure that your personal information is not disclosed to any person who has no right to receive it.

Right to withdraw consent

Where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Contact us

If you have any questions about our Privacy Policy, including any requests to exercise your rights, please contact the Data Controller by post or email:

Data Controller

iSightCornwall

The Sight Centre

Newham Road

Truro

TR1 2DP

Or by email to info@isightcornwall.org.uk

In order to request a copy of the personal data that iSightCornwall holds about you, please send your request in writing to the Data Controller at the above address. To enable us to verify your identity and process your request, you must include all of the following information and documentation with your request:

  • Your full name;
  • The email address registered to your account;
  • A description of the data that you are requesting, including a date range;
  • A copy of your current and valid photo ID (e.g. passport photo page);
  • Proof of your address in the form of a photocopy of a utilities or service provider bill; and
  • The date of the request

If you are unhappy with our processing of your personal data, you have the right to complain to the Information Commissioner’s Office (ICO) at any time. We would, however, appreciate the chance to deal with any concerns before you approach the ICO, so please contact us by email in the first instance.

Amendments to this Privacy Policy

We reserve the right to update this privacy notice at any time and will notify you where we make any substantial changes.  We may also notify you in other ways from time to time about the processing of your personal information.

Updated 25 May 2018

A donation, however small, can change someone's life. Thank you for your support.

Keep in Touch
Fields marked with an * are required
back to top ^