top of page

Privacy Policy for Patients

Mehta Opticians is registered as Data Controllers with the Information Commissioner. Mehta Opticians is the Data Controller for the purposes of collecting your information and processes personal information that relates to patients and is therefore required by law to comply with GDPR Act May 2018, which protects your privacy and ensures that your personal information is processed fairly and lawfully.

​

Our Commitment to Patients

​

Mehta Opticians is committed to ensuring that it complies with the GDPR and applies ethical principles to all aspects of its work to protect the interests of patients and maintain the confidentiality and security of any personal information held in any form by the practice. We will not sell, share, or rent this information to third parties, unless we have your explicit permission to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.

​

Why Does the Practice Hold Personal Information About Me?

​

We keep information about you to:

  • ensure Mehta Opticians can contact you easily

  • provide you with the best possible optical care

  • provide care for you under the NHS and enable administration of the NHS​

 

What Personal Information is Kept?

​

Personal information includes facts (e.g. treatment you have had) and opinions (e.g. any concerns you or Mr Mehta might have about your eye health). To provide the best possible care for you, accurate and comprehensive personal information is required. The following records are kept and updated regularly:

  • personal information and contact details, including your name, address and date of birth, telephone numbers and email address

  • eye, social and medical histories (e.g. past or current medical conditions, current medication, the name of your GP)

  • results of the examination of your eyes and eye health, including eye scans, OCT, and clinical photographs

  • information about appointments

  • any treatments and their costs

  • any proposed care, including advice we give to you and referrals you might need

  • any concerns you or your optical team might have

  • details of your consent for specific procedures

  • correspondence with other healthcare workers that relates to your care

​

How is My Personal Information Processed?

​

Sharing Relevant Information

To provide you with appropriate care, we might need to share personal data with:

  • another opticians or another health professional who is caring for you

  • your GP

  • a lens laboratory

  • NHS payment authorities

  • the Inland Revenue

  • the Benefits Agency, if you are claiming exemption or remission from NHS charges

  • a private eyecare scheme, if you are a member

In these cases, only the minimum information required will be shared. Rarely, the law requires us to pass on information to prevent serious crime or injury. Where possible, we will inform you of requests to share personal information.

We may use this information in the following ways:

  • Process orders submitted by you

  • To carry out our obligations arising from any contracts entered into by you and us

  • Verify your identity

  • Seek your views or comments on the services we provide

  • Notify you of changes to our services

  • Improve our services

​

Storage and Retention of Personal Information

​

We keep patient records for adult patients for a minimum of 10 years and for child patients for 10 years once they have turned 18.

We will not keep records for longer than necessary and after they are no longer required, records will be shredded by an authorised provider and certificates are issued to prove the confidential material has been destroyed correctly.

Personal information is stored on a secure password-protected practice computer system and a manual filing system only authorised practice staff have access to these systems. Back-ups of these data are made daily in line with the GDPR.

​

Your Right to Access Personal Information

​

You have the right, under GDPR to request a copy of the information held on you by our Practice. If you would like to make a request, please send this in writing to the DPO C/O Mehta Opticians at the address below:

​

1 High Street, Welshpool, Powys SY21 7JF

​

We do not charge a fee for this information, and will respond to your request within 30 days of its receipt.

If you have a query or would like more information, please contact us on 01938 552336 or write to the DPO at the address above.

​

What happens when visitors follow a link to another website?

​

Our website contains links to other websites. This privacy policy only applies to our Site, so visitors should always be aware when they are moving to another site to read the privacy statement of any site which collects personal information. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our Site.

We do not pass on any personal information about our visitors to any other site. In addition, if you linked to this Site from a third party site, we can not be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site and contact the owner or operator if you have any concerns or questions.

bottom of page