How we use your data
Under European data protection laws, there must be a lawful basis for processing of your personal information. Newmedica utilises ‘Consent’ as its lawful basis, in that your personal data may be processed on the basis that you as the ‘data subject’ have consented to such processing.
- Information about Newmedica
- What personal information is collected?
- How is that information used?
- How long is the information kept for?
- Who is personal information shared with?
- How is personal information processed?
- How to update or amend personal information
- What rights do you have?
- What choices do you have?
- Protecting personal information
- Contact us
Information about Newmedica
- New Medical Systems Limited (a company registered in England and Wales with company number 06211226 and registered office at Castleworks, 21 St Georges Road, London SE1 6ES.
Newmedica are data controllers of your personal data for the purposes of applicable data protection legislation.
The Data Protection Officer for Newmedica is Mr Michael Davey [email protected]
What personal information is collected?
We may collect and process information about you including:
- your name
- your date of birth
- your contact telephone numbers (including mobile)
- your email and postal address
- your relevant health details including (a) current and past eye conditions, general health condition and spectacles or contact lens; (b) current medication details; and (c) correspondence between optometrist and your GP/ophthalmologist
- your examination and test results
- your payment details
- your employment/lifestyle/driving information
- details of any prescription supplied to you by your healthcare professional or medical practitioner
- information that you provide by filling in forms on Newmedica’s website
- details of your visit to the website and any transactions you carry out on the website
- any other information voluntarily provided to us by you from time to time
This information will primarily be collected from you as voluntarily provided to us, but we may also collect it from other sources where it is lawful to do so, including but not limited to, the NHS or other health care providers, institutions or individuals you have authorised to provide information on your behalf (eg parents or guardians), third party service providers, government, tax or law enforcement agencies, and other third parties. Such information can also be combined with information from public sources.
How is that information used?
Newmedica may use your personal information for the purposes of:
- your eye care treatment
- letting you know when your next appointment is due and reminding you to book an appointment if you’ve not had one for a while
- undertaking customer service surveys to ensure we continually improve our services to you
- helping us review, develop and improve the products and services we offer, for example through research, analysis and planning
- notifying you about changes to our products and services
- responding to queries from you
- processing and retaining personal data relating to your credit/debit card to enable the process of your payment and to deal with any queries or refunds of payment
- carrying out security checks to protect against fraudulent transactions at or following any payment you make to prevent and detect criminal activities. For example, we may undertake verification checks to identify any discrepancies with your payment details
- responding to and addressing any claims made against us
- using cookies and traffic data as set out in section 7 below
- to comply with laws or regulations applicable to Newmedica, including prevention and/or detection of non-compliance
- maintaining records for tax, compliance with laws, defence of claims and other corporate purposes
- managing and administrating insurance claims
In order to provide you with the products and services described above, we hold copies of your personal information at New Medical Systems Limited.
If you contact us through the website you will be providing us with personal information about yourself, including your email address, name and contact details. This may also include medical information, where volunteered by you.
If you are simply browsing our website, we will not collect any information which will identify you by name. However, we will collect information using cookies and/or traffic data which uses IP addresses or other numeric identifiers, which analyse navigation and use of the website.
More information on cookies use is set out below.
How long is the information kept for?
Personal information will be retained by the Newmedica Group for as long as is reasonably necessary (or as defined under applicable healthcare laws and regulations) to provide products and services, including aftercare services, and to maintain records as required to satisfy tax and other legal or regulatory requirements, as well as to protect and defend against claims.
Who is personal information shared with?
- We use third parties to help us process personal information but they may not use it for other purposes. We may use the information we receive from third parties to supplement, improve and add to our databases of patient details
- We may disclose personal information to health authorities, including NHS or national equivalent bodies
- We may pass personal information to external agencies and organisations, including the police and other law enforcement agencies, for the prevention and detection of fraud (including fraudulent transactions) and criminal activity. These external agencies may check the information we give them against public and private databases and may keep a record of such checks to use in future security checks
- We may pass personal information to our insurers in the event that a claim is made or could be made against us.
- If we or substantially all of our assets are acquired by a third party (or subject to a reorganisation within our corporate group), personal information held by us about patients will be one of the transferred assets
- We may pass your personal information to third parties in order to comply with any legal obligation (including court orders), or to enforce or apply our website Terms and conditions of purchase, Terms and conditions of use of website or other agreements we have with you or to protect Newmedica’s rights, property and safety or those of our patients, employees or other third parties
How is personal information processed?
We take reasonable steps to ensure that your personal information is adequately protected in accordance with the requirements of the General Data Protection regulation 2017.
How to update or amend personal information
You can update or amend your personal information by notifying [email protected]
What rights do you have?
You have certain rights under the General Data protection Regulation legislation including:
- to know how your data is used
- access your personal information
- rectify your personal information if it is inaccurate or incomplete
- erase your personal information and prevent further processing in specific circumstances and where there is no other lawful ground for continuing to retain and process that information.
- block or suppress processing of personal information.
- move, transfer or port your personal information to another organisation; and object to the processing of your personal information:
- if processing is based on legitimate interests or the performance of a task in the public interest/exercise of official authority
- processed for direct marketing
- processed for purposes of scientific/historical research and statistics
To request any of the above rights, please contact [email protected]
What choices do you have?
To ensure that you continue to receive excellent healthcare, we will send you text information about your appointments, letters about your appointments and treatment and notices to remind you, such as when your current prescription expires. We may also send you letters about further services we provide.
You may change your preferences for the way we communicate with you at any time by emailing [email protected]
Protecting personal information
We use a variety of security technologies and procedures to help protect your personal information from unauthorised access and use.
As effective as modern security practices are, no physical or electronic security system is entirely secure. We maintain encryption standards in line with or higher than NHS Digital Standards however we cannot guarantee the complete security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the internet. Any transmission is at your own risk.
In the event that there is an interception of your personal information or unauthorised access or use of our database, we are liable to the Information Commissioner for any resulting misuse of your personal information.
We have no control over the contents of third party sites or resources which are linked to our website and we accept no responsibility or liability for them or the privacy practices they use or for any loss or damage that may arise from your use of such websites or resources.
Newmedica Information Governance Toolkit Submission
To access Newmedica's Information Governance Toolkit Submission, please click here.
Last updated June 2018
© New Medical Systems Limited 2018. All rights reserved.