The MSTC is committed to the highest privacy standards. However you choose to interact with us, we will only collect data that is necessary for us to deliver the best possible service and ensure you are reminded about appointments or anything else relevant to your ongoing care. This policy provides detailed information on when and why we collect your personal information, how we use it and the very limited conditions under which we may disclose it to others.
Collection of your Personal Information
In addition to your basic contact information (name, date of birth, telephone numbers and your addresses) we will collect other relevant details including current and past health and medication information, your examination results, payment details and lifestyle information. We may also store associated information received from other health care professionals as part of your ongoing care.
How we use this information
The information we collect about you is used to ensure we provide you with the best and most appropriate products and services. In addition to your ongoing eye care, we will remind you when appointments are due and suggest relevant products or services that we believe would be of interest. We use your contact information to respond to queries from you, and where appropriate your bank details to collect Direct Debit payments as agreed. We may occasionally contact you to ask for your feedback on services we have provided and to offer the opportunity to trial new products.
Our policy on storage, processing and retention of your information.
To provision and manage our services, your data is stored and processed by Optix Software Ltd within their UK facilities that are certified to ISO27001. If we collect Direct Debits from you these payments will be processed by Eyecare Payments Ltd. Any third-party company is only permitted to process your data for the specified purposes and in accordance with our instructions. We retain your information for as long as reasonably necessary to provide our products and services and to maintain records to satisfy tax and other legal requirements.
How and when we may share your Personal Information
Where necessary we may disclose your information to health care professionals including the NHS. We may also pass information to external agencies and organisations, including the police, for the prevention and detection of fraud and criminal activity. Should any claim be made, we may pass your personal information to our insurers and if our business is wholly or partially transferred to a third party, your personal information may be one of the transferred assets.
Your rights with respect to the Personal Information we hold
You are entitled to access the personal information that we hold on you; any such request should be made using our contact details below. If any data we hold is inaccurate, this will be corrected promptly on request. In certain circumstances you can request that we erase your data which we will do where this would not prevent us meeting our legal and regulatory obligations.
Updating your communication preferences
You may ask that we do not send you communications using any of the contact details we hold on our records, this may include your email, SMS, telephone and postal information. You may also request we restrict our communications to clinically necessary messages. Your personal preferences can be changed at any time by using the link at the end of every email and SMS message we send or by using our contact details below.
A cookie is a small text file containing information that a web site transfers to your computer’s hard disk for record-keeping purposes. A cookie cannot give us access to your computer or to your personal information. Most web browsers automatically accept cookies; consult your browser’s manual or online help if you want information on restricting or disabling the browser’s handling of cookies. If you disable cookies, you can still view the information on our web site, but the functionality of certain areas may be reduced.
Error: Error validating access token: The session has been invalidated because the user changed their password or Facebook has changed the session for security reasons. Type: OAuthException Code: 190 Subcode: 460 Please refer to our Error Message Reference.