Privacy policy

The Association of Optometrists (AOP) takes the privacy of your data very seriously.  This privacy policy sets out details of the information that we collect from you and how we may use that information. Please take your time to read it carefully. When using our website, this privacy policy should be read alongside the website terms and conditions. 

Who we are

This privacy policy applies to the Association of Optometrists (Company number 00404790).  Our registered office and principal place of business is 2 Woodbridge Street, London, EC1R 0DG. 

In order to provide our services, we will collect and use data about individuals. This means that we are a data controller and we are responsible for complying with data protection laws. 

If you have any questions about how we handle your personal data you can write to us at the business address above or email membership@aop.org.uk

Our processing of your personal information

The personal data that we collect will depend on our relationship with you.  For example, you may be a member of the Association, a subscriber, or someone who has attended one of our events. 

How we collect your personal data 

We obtain personal data directly from individuals in a variety of ways including from individuals who:

  • Complete a membership application or the online joining process

  • Complete a subscription form or the online subscription process

  • Register for our events

  • Register on our website

  • Attend meetings or events we host

  • Agree to or request to receive information including email notifications and/or newsletters

  • Notify of or submit a letter of claim

  • Contact us for specific support and/or to find out about membership 

  • Visit our office

  • Apply for open roles, such as job vacancies or Board positions 

We may also obtain personal data directly from individuals when, for example, we are establishing a business relationship with them, processing a purchase or transaction with them, or performing professional services for them through a contract.

We obtain personal information about individuals indirectly from sources including:

  • Public sources – personal data may be obtained from public registers

  • The General Optical Council (GOC)

  • Representatives of claimants

  • Google Analytics – tracking information about an individual’s computer, and visits to/use of the website 

  • Recruitment services – we may obtain personal data about candidates from an employment agency and other parties including former employers, and credit reference agencies

We may attach personal data to our customer relationship management records to better understand and serve the sector and individuals or pursue our legitimate interests.    

Types of personal data we collect

When you apply for membership we may collect and process your:

  • Contact details including title, name, home and/or work address, email and telephone number 

  • Personal details including date of birth, and other information which you may choose to provide including gender, ethnicity, education and qualification

  • Professional details including GOC number and date of registration, employer, and role

  • Personal information included within a declaration you may need to make on joining.  The declaration can include any outstanding or potential claims against you or your practice, or complaints about you or your practice, and/or any existing employment issues 

  • Financial information including bank account or payment card details

When you subscribe to Optometry Today we may collect and process your:

  • Contact details including title, name, email, delivery address and billing address 

  • GOC number

  • Financial information including bank account or payment card details

When you book an event as a non-member or subscriber we may collect and process your:

  • Contact details including title, name, email 

  • GOC number

  • Financial information including payment card details

When you register on the website we may collect and process your:

  • Contact details including title, name, email
     
  • GOC number

Other types of personal data we may collect from you includes:

  • Information provided relating to any purchases you make of our goods and/or services or any other transactions that you enter into through our website, including your name, address, telephone numbers, and email address

  • Contact details of individuals we work closely with including committee members, honorary associates, members of parliament, and other stakeholders

  • The website of AOP collects a series of general data and information via Google Analytics including geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths.  This general data and information is stored within the Google servers as part of their service provision to us

  • CCTV at our office may collect images of visitors

Special categories of information we collect

Depending on your relationship with us, we may need to collect the following special categories of information:

  • As a legal defence organisation and provider of medical malpractice insurance, members might on occasion be required to share health records with us.  These records are only accessible to our legal and regulatory staff dealing with the information

  • You may choose to provide us with your ethnicity when applying for membership or updating your details we hold about you

  • Dietary requirements for event attendees

  • Access requirements for event attendees

How we use your personal data

We aspire to be transparent when we collect and use personal data and tell you why we need it. Our use of your personal data will always have a lawful basis.  Specifically, we may use your data for the following purposes:

  • To process your membership application and deliver membership services to you including administration of your membership account, arranging medical malpractice insurance, provision of legal and regulatory support, processing claims or complaints, delivery of continuing education and training (CET) and recording of CET points, delivery of the AOP’s journal Optometry Today, professional advice, awareness communications and voting

  • To process and deliver your subscription to Optometry Today

  • To process your event registration, providing you with information regarding the event or webinar you have registered for, and to enable you to attend the event or webinar

  • To enable login to and personalisation of our website for you

  • To send information and marketing messages to you by email and/or post

  • To provide targeted and appropriate marketing messages

  • To administer, maintain and ensure the security of our information systems, applications and website

  • To recruit qualified candidates to our internal team, which is governed by different privacy terms and policies

Legal grounds for processing

We rely on one or more of the following legal grounds to process your personal data: 

  • Contract – processing your personal data is necessary for us to administer the pre-contract and contractual relationship to which you are party

  • Consent – we may rely on your freely-given consent at the time you provide your personal data to us. For email marketing and for passing data to third parties, we will use consent and we will always make it clear what your data will be used for and provide a link to our privacy policy and the ability to opt out of communications.  You can update your preferences at any time

  • Legitimate interests – our legitimate interests include communicating with our members, subscribers, event attendees or members of the profession, to keep them informed, provide protection and to operate an effective representative body

Who we share your personal information with

We may share personal data with trusted third-party service providers for the purposes set out above. This can include:

  • Underwriters and brokers

  • Publishers including print and mailing houses

  • If you use our legal support and defence services, we may need to engage external experts on your behalf. If you are an overseas member this may mean engaging experts within the country you are working, including those within and outside of the European Economic Area (EEA)

  • Abbey Legal - the provider of the AOP legal helpline

  • AOP event partners

  • If you are attending or speaking at an event we may share certain details (name, job title, and organisation only) with all delegates attending the event

  • Business system providers including a payment service provider

  • Website and customer relationship management system hosting providers

  • Auditors

We will not, without your express consent, supply your personal information to any third-party for their, or any other third-party’s, direct marketing. 

Marketing activities

We will only send you information in line with the preferences you indicated when you provided the personal data.  If, at any point, you would like to opt-out or change those preferences, you can do so online within the MyAOP section of the website.  

We would like to be able to pass your details to our third-party affinity partners who provide additional products and services intended to enhance your membership. We will only do this if you have opted into this option as part of your communication preferences. 

Retention of your personal data

Our data retention policies and procedures are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information. Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. 

Notwithstanding the other provisions of this section, we will retain documents (including electronic documents) containing personal data:

(a) To the extent that we are required to do so by law 

(b) If we believe that the documents may be relevant to any ongoing or prospective legal or insurance proceedings. Insurance cover is provided as part of your membership and we will need to keep information about your cover in case a claim arises against you in the future, including after you have retired or are no longer a member

(c) In order to establish, exercise or defend our legal rights

Your rights

You have legal rights in respect of the personal data we hold about you. The Information Commissioner’s Office (ICO) has published guidance on the full range of rights. If you have any questions, please contact us using the details provided above. The rights that are most relevant to the way in which we use your personal data include:

  • Right to be informed – you have the right to be told about the collection and use of the personal data you provide. This privacy policy sets out the purpose for which we process your personal data, how long we will keep your data and who we will share your data with 

  • Right of access – you can ask us to verify whether we are processing personal data about you and to obtain a copy of that data

  • Right to rectification – you have the right to have any incorrect personal data corrected or completed if you believe it is incomplete. Members and subscribers can update their contact details online

  • Right to erasure – this right, often referred to as the right to be forgotten, allows you to ask us to erase personal data where there is no longer a valid reason for us to keep it

  • Right to restrict processing – you have the right to ask us to restrict processing of your personal data

  • Right to object to marketing – you have the right to object to the processing (use) of your personal data in some circumstances. If we agree to your objection, we will stop using your data for that purpose, unless there is strong and legitimate reasons to continue using your data despite your objections.
    You have an absolute right to ask us to stop using your data for the purpose of direct marketing – in other words, trying to sell things to you

  • Right to withdraw consent – you can withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.  It may mean that we are not able to provide certain services to you and we will advise you if this is the case.

    We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This is a security measure to help us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded, repetitive, or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds
  • Your right to complain to the ICO - you have the right to complain to the ICO if you believe that any use of your personal information by us is in breach of applicable data protection laws and/or regulations.  More information can be found on the ICO website

Cookies

Our website uses cookies. To learn more, please refer to our cookie policy

Third-party websites

Our website includes hyperlinks to, and details of, third-party websites that are not governed by this privacy policy. While we try to link only to sites that share our high standards and respect for privacy, we have no control over, and are not responsible for, the content, security, privacy policies and practices of third-party websites. 

Security of personal information

We have put appropriate technical and organisational security policies and procedures in place to protect personal data from loss, misuse or alteration or destruction. We will store all the personal information you provide on our secure (password- and firewall-protected) servers. All electronic financial transactions will be entered via a third-party payment gateway. 

You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. You are responsible for keeping the password you use for accessing our website confidential. We will not ask you for your password, except when you log in to our website.

Updates to this privacy policy

This privacy policy is reviewed regularly and will be updated when necessary. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy.

This privacy policy was last updated on 23 May 2018.

.