Data Protection Policy

1. The principles of data processing

The Association of Optometrists, as a body that processes personal information, aims to comply with the 8 principles of data processing under the Data Protection Act 1998. These are that personal data must be:

• Fairly and lawfully processed;
• Processed for limited purposes and only processed in a manner compatible with those purposes;
• Adequate, relevant and not excessive;
• Accurate and kept up to date;
• Processed in accordance with the data subject’s rights including the data subject’s rights of access and right to object to the processing of their data in certain circumstances;
• Secure: protected from unauthorised and unlawful processing, accidental loss;
• Not transferred to countries outside the European economic area without adequate protection being provided to the personal data on individual subjects.

2. Meaning of personal data

Personal data means any information about a living individual which:

• Identifies that individual (for example, by name, address, qualifications, credit card number, national insurance number);
• Together with other information which is held by, or is likely to come into the possession of the data controller that will identify that individual; or
• Includes any expression of opinion about the individual or indication of the intentions of the data controller or any other person in respect of the individual.

3. Personal data held

Personal data is stored electronically on the AOP database and, in paper format at the AOP offices.

The AOP does not store any information on those people visiting its website.

4. Security of personal data

The AOP shall continue to take appropriate technical and organisational measures to limit the opportunity for unauthorised or unlawful processing of personal data and to guard against accidental loss or destruction of or damage to personal data. Appropriate contractual obligations shall be incorporated into contracts which the AOP enters into with third parties.

The AOP will continue to ensure that appropriate staff are employed to undertake the AOP’s data processing and that they are aware of their responsibilities in relation to the processing of personal data as it applies to their area of work. Where appropriate, training will be given.

The AOP will review regularly the procedures by which staff process personal data.

5. Use of personal data held

The Association collects information for a wide variety of purposes, principally to carry out the objects set out in its Memorandum of Association including to provide or arrange for the provision of professional, financial, management, legal, accounting, insurance, commercial, public relations, advertising and other services and to disseminate and publish material conducive to the attainment of the objects of the Association.

We may check information provided with other information held by us or by others.

6. Right of access to personal data held

Requests for access to personal data must be made in writing to the Head of Business Services, enclosing evidence that they are the data subject.

Copies of personal data will be supplied to the address provided or to the permanent address held by the AOP.

7. Amendment of personal data held

Changes to personal data held can be made in writing or by telephone to the Membership & IT Department at the Association offices.

Any queries regarding data protection obligations should be addressed, in writing, to the Chief Executive of the Association.

The Association of Optometrists
61 Southwark Street
London
SE1 0HL

Telephone: 020 7261 0228

November 2005