0
£0.00
Your Cart
empty cart Your cart is currently empty! Return to Shop
0 £0.00
Checkout
Book Now
0
£0.00
Your Cart
empty cart Your cart is currently empty! Return to Shop
0 £0.00
Checkout
Book Now

 

Last updated: March 2026

Your Privacy Matters to Us

We are committed to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner. This Privacy Policy explains who we are, how we collect, use, and share your personal information, and your rights under UK data protection law.

We take data protection very seriously and respect the confidentiality of your health records in line with our professional obligations as opticians and hearing care providers.

1. Who We Are

Iconic Opticians are an independent optician practices based in Devon. For the purposes of data protection law, we act as the Data Controller in relation to the personal data we process.

  • Contact Address: 73 Cornwall Street, Plymouth PL1 1NS
  • Telephone: 01752 415490  
  • Email: info@iconicopticians.co.uk

We are registered with the Information Commissioner’s Office (ICO) as a data controller. Our registration number is: 00010793609 .

As a provider of NHS General Ophthalmic Services (GOS), we are classified as a public authority and have therefore appointed a Data Protection Officer to oversee our compliance with data protection law.

2. The Data We Collect About You

We may collect, use, store and transfer different kinds of personal data about you. As a healthcare provider, we process both standard personal data and special categories of personal data (which includes health information).

Personal Data We Collect

Category Data Collected
Identity Data Name, title, date of birth, gender, NHS number.
Contact Data Home address, delivery address, email address, telephone numbers.
Health Data Current and past eye health, general health, medication information, family medical and ocular history, examination results (including retinal images), and lifestyle information relevant to your eye care.
Financial Data Bank account and payment card details (for processing payments and Direct Debits).
Technical Data Internet protocol (IP) address, browser type, and cookies when you use our website.
CCTV Imagery Images captured by CCTV cameras installed in and around our practice for security purposes.

We may also collect information from other healthcare professionals involved in your care, such as your GP or hospital ophthalmologist, where it is necessary for your ongoing treatment.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your data in the following circumstances:

Purpose Type of Data Legal Basis
To provide eye care services and products Identity, Contact, Health Contract (to provide you with the service you have requested). For health data, the condition is the provision of healthcare.
To provide NHS services Identity, Contact, Health, NHS number Public task (fulfilling our NHS GOS contract).
To manage appointments and send reminders Identity, Contact Legitimate interests (to ensure you receive ongoing care and do not miss appointments).
To process payments Identity, Financial Contract (to take payment for goods and services).
To send marketing communications Identity, Contact Consent (we will only send you promotional offers, newsletters, or information about new products if you have explicitly agreed)
To improve our website Technical, Usage Consent (via our cookie banner).
To prevent and detect crime CCTV Images Legitimate interests (protection of our staff, patients, and premises).

4. Marketing and Communication Preferences

We will only send you marketing communications (such as information about new frames, contact lens offers, or practice news) if you have given us your consent to do so.

You can withdraw your consent or change your preferences at any time:

  • By clicking the “unsubscribe” link in any marketing email.
  • By contacting us directly.

Please note that even if you opt out of marketing, we will still send you essential service communications, such as appointment reminders and confirmation of orders, as these are necessary for your care.

5. How We Share Your Personal Data

We will never sell your personal data to third parties. We may share your data with the following categories of recipients when necessary:

  • Healthcare Professionals: We may share your information with your GP, hospital ophthalmologists, or other healthcare providers involved in your care, particularly if we need to refer you for further treatment.
  • NHS Bodies: As an NHS GOS provider, we may share data with NHS England, NHS Digital, or Integrated Care Boards (ICBs) for the purposes of commissioning, payment, and quality assurance. We comply with the national data opt-out policy.
  • Third-Party Service Providers:
    • Blinkoms Optician Management Software Ltd (or similar): Our patient management system provider, certified to ISO27001.
    • Laboratories: For dispensing and manufacturing your glasses or contact lenses.
    • Eyeplan ltd: For processing Direct Debit payments of eye care membership plans
  • Law Enforcement: We may disclose your information to the police or other law enforcement agencies for the prevention and detection of crime.
  • Business Transfer: If our business is sold or merged with another organisation, your information may be transferred to the new owners, who will continue to be bound by this Privacy Policy.

All our third-party processors are contractually obliged to process your data securely and only in accordance with our instructions.

6. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. These include:

  • Secure, password-protected patient management systems.
  • Restricted access to your data to only those employees who need it to perform their duties.
  • Physical security measures within the practice, including secure disposal of paper records.
  • CCTV monitoring.

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the Information Commissioner’s Office (ICO) as required by law.

7. Data Retention (How Long We Keep Your Data)

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.

  • Adult Patient Records: We retain your records for 10 years after our last contact with you. This follows guidance from the College of Optometrists and ABDO.
  • Children’s Records: For patients under 18, we retain records for 10 years, or until the patient’s 25th birthday, whichever is later.
  • CCTV Footage: Retained for a maximum of 30 days.
  • Marketing Data: Retained until you withdraw your consent or ask us to stop.

In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

8. Your Legal Rights

Under UK data protection law, you have the following rights:

Right What This Means
Right to be Informed You have the right to be told how your data is used (this Privacy Policy fulfils that right).
Right of Access You can request a copy of the personal data we hold about you (a “Subject Access Request” or SAR).
Right to Rectification If the information we hold is inaccurate or incomplete, you can ask us to correct it.
Right to Erasure You can ask us to delete your data in certain circumstances. However, this does not apply to health records we are legally required to retain for your ongoing care.
Right to Restrict Processing You can ask us to suspend the processing of your data in certain scenarios.
Right to Data Portability You can request that we provide your data to you or another organisation in a machine-readable format.
Right to Object You have an absolute right to object to direct marketing. You can also object to processing based on legitimate interests.
Rights relating to Automated Decision-Making We do not use automated decision-making or profiling.

How to Exercise Your Rights

To exercise any of your rights, please contact us or our Data Protection Officer using the details in Section 11.

We will respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex, and we will notify you of this.

9. Cookies and Website Analytics

Our website uses cookies to distinguish you from other users and to improve your experience. Cookies are small text files placed on your computer or device.

We use the following types of cookies:

  • Strictly Necessary Cookies: Required for the website to function (e.g., to remember your cookie preferences).
  • Analytical/Performance Cookies: Allow us to count visits and see how visitors move around the site (e.g., Google Analytics). This helps us improve the way our website works.
  • Functional Cookies: Used to remember your choices (e.g., language preference).
  • Targeting Cookies: May be set by third-party services like YouTube or Facebook to show you relevant content.

When you first visit our website, you will be shown a cookie banner asking for your consent to set non-essential cookies. You can change your browser settings to block or delete cookies at any time, though this may affect the functionality of the site.

10. Changes to This Privacy Policy

We keep our Privacy Policy under regular review. This version was last updated in March 2026.

We reserve the right to update this policy at any time, and we will notify you of any significant changes by posting a notice on our website or contacting you directly where appropriate.

11. Contact and Complaints

If you have any questions about this Privacy Policy, or if you wish to make a complaint about how we have handled your personal data, please contact us first and we will do our best to resolve the issue.

Contact our DPO:

  • Email: iconicopticiansdevon@gmail.com
  • Post: FAO Data Protection Officer, Iconic Opticians, 73 Cornwall Street PL1 1NS

Right to Complain to the ICO

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection.

Information Commissioner’s Office (ICO)

  • Website: www.ico.org.uk
  • Phone: 0303 123 1113
  • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Iconic Opticians – Independent Opticians Devon: Unique Care for Every Eye

Independent Opticians Devon

 

ICONIC OPTICIANS

Navigation

Quick Links

Follow Us

Icon-facebook-1
© 2026 Iconic Opticians. All rights reserved. Designed and developed by NeeaStudios.