Privacy Policy

We understand that privacy and the security of your personal information is extremely important. This policy clearly sets out what we do with your information and what we do to keep it secure. It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you.

This policy applies to you if you use our products or services in store, over the phone, online, through our mobile applications or otherwise by using our website or interacting with us on social media (our “Services”). This policy gives effect to our commitment to protect your personal information.

Who we are

When we say 'we' or 'us' in this policy, we’re referring to Iris Blue Optical Ltd, 263 Crow Road, Glasgow G11 7BE

What sorts of information do we hold?

• Information that you provide to us such as your name, address, date of birth, telephone number, email address, bank account and payment card details and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;
• Information about the Services that we provide to you (including for example, the things we have provided to you, when and where, what you paid, the way you use our products and Services, and so on);
• Sensitive medical details such as photographic imagery and details of relevant medical conditions.
• Information about any device you have used to access our Services (such as your device's make and model, browser or IP address) and also how you use our Services. For example, if you use our  website, we may try to identify when and how you use it.
• Your contact details and details of the emails and other electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication. We want to make sure that our communications are useful for you, so if you don't open them or don't click on any links in them, we know we need to improve our Services; and
• Information from other sources such as  specialist companies that provide customer information (like credit reference agencies, fraud prevention agencies, claims databases, marketing and research companies, social media providers and the DVLA as well as information that is publicly available.

How do we use your information?

The information we collect may be used to:

• Make available our Services to you;
• Process your orders;
• Send you recalls/reminders for any appointments due;
• Take payment from you or give you a refund;
• Where required, refer you on to another healthcare provider, eg. Your GP, or specialist hospital department
• Personalise your shopping experience, for example by understanding your eye care needs to provide you with personalised offers or services;
• Help us ensure that our customers are genuine and to prevent fraud;
• Conduct market research, either ourselves or with reputable agencies;
• For statistical analysis;
• Help us understand more about you as a customer, the products and services you consume.
• Find ways to improve our Services and websites;
• Contact you about products and services from us;
• Provide you with online advertising;
• Provide for the safety and security of our colleagues and customers; and
• Help answer your questions and solve any issues you have.
• On extremely rare occasions where your clinician deems the health of yourself or others to be at serious risk the strict rules of patient confidentiality may be over-ridden by contacting certain agencies eg. DVLA, social services team or the safeguarding team.

Our website uses Google Analytics and Google Ads to track user behaviour when spending time on this site and for remarketing purposes to serve ads online to previous visitors.

Third-party vendors, including Google, use cookies to serve ads based on a user’s past visit to the Iris Blue Optical Ltd site. Ads can be served to you as you continue to browse online and visit other sites across the Internet. Ads may be specific to actions that you have taken or the pages that you have visited on the site.. You can opt out of being served ads by re-configuring your Google Ad Settings or by visiting the Network Advertising Initiative opt out page.

Marketing

We may use a customer's image and words for marketing purposes. However we will not do so without obtaining clear, explicit, and informed consent beforehand, specifying exactly how and where this information will be used. Any information used for marketing will always be anonymised, unless we have obtained direct written consent to specify otherwise. 

Fraud Prevention Agencies

We have systems that protect our customers and ourselves against fraud and other crime. Personal information can be used to prevent crime and trace those responsible. If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies.

Who might we share your information with?

Our service providers

We work with partners, suppliers and agencies so they can process your personal information on our behalf…but only where they meet our standards on the processing of data and security! We only share information that allows them to provide their services to us or to facilitate them providing their services to you. For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive marketing from us, you might see online advertising that we have placed on the web sites you visit, or the interactive services you use.

Optometry-Ophthalmology Network e-research (SCONe)

We may share anonymised retinal images from your routine eye examinations with The Scottish Collaborative Optometry-Ophthalmology Network e-research (SCONe).

SCONe will only share this information to support research on important health topics with the potential to provide significant public benefit. 

This anonymised data may be used to research eye diseases (like AMD, glaucoma) and biomarkers (Alzheimers), study disease prevalence, develop detection technology, improve eye care services, and support teaching. 

SCONe will only agree to share data for this purpose if the projects have appropriate ethical and legal approval, have scientific merit, are well designed and carried out by trusted research organisations. 

SCONe keeps data safe through strict governance and required approvals (Uni/NHS, PBPP, Ethics). Anonymising / pseudonymising data. Storing and researching data exclusively within the secure Public Health Scotland National Safe Haven. Never selling or transferring individual data outside the Safe Haven. Click here for further information on SCONe’s strict privacy policy.

Such data sharing will never involve the release of personally identifiable data for use by researchers.

The legal bases for this are GDPR article 9(2)(j) “scientific or historical research purposes or statistical purposes” and 6(1)(e) “the performance of a task carried out in the public interest”.

Other organisations and individuals:

We may transfer your personal information to other organisations in certain scenarios. For example:

• If we're discussing selling or transferring part or all of a business, we may share information about you to prospective purchasers - but only so they can evaluate that business;
• If we are reorganised or sold to another organisation, we may transfer information we hold about you to them so they can continue to provide the Services to you;
• If required to by law, under any code of practice by which we are bound or we are asked to do so by a public or regulatory authority such as the Police or the Department for Work and Pensions;
• If we need to do so in order to exercise or protect our legal rights, users, systems and Services; or
• In response to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.

Keeping you informed about our products and services

We would like to keep you informed of offers and services that we think you might be interested in. Where you have consented to us doing so, we may do this through the post, by email, text message, online, using social media or by any other electronic means.

We will only send you marketing messages if you have opted in to receive them. If you wish to amend your marketing preferences at any time, you can do so by writing to us at Iris Blue Optical Ltd, 263 Crow Road, Glasgow G11 7BE or emailing info@irisblueoptical.com

Your rights

Access and correction of your personal information

You have the right to access the personal information that we hold about you in many circumstances. This is sometimes called a 'Subject Access Request'. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge.

Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.

If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.

If you would like to exercise these rights, please contact us as set out below.

Right to stop or limit our processing of your data

You have the right to object to us processing your personal information if we are not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise this right, please contact us as set out below.

How long will we keep your information for?

In accordance with legislation data contained within patient records are required to be kept as follows;

Optical 

• 7 years from the last appointment date for any adult patient.
• For a patient last seen under the age of 16 records must be held until they reach the age of 25.
• Full details must be retained so long as the patient is actively engaging our services.

Sharing your thoughts

When using our website or social media pages you may be able to share or comment. For example when you 'like', or review our Services. When doing this your personal information may be visible to the providers of those social networks, their other users and/or us. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts so you are comfortable with how your information is used and shared on them.

Security

We take security measures to protect your information including:

• limiting access to our buildings to those that we believe are entitled to be there (by use of passes, key card access and other related technologies);
• implementing access controls to our information technology, such as firewalls, ID verification and logical segmentation and/ or physical separation of our systems and information;
• never asking you for your passwords;
• advising you never to enter your password into an email or after following a link from an email.

Contact us

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:

By email: info@irisblueoptical.com

By post: Iris Blue Optical Ltd, 263 Crow Road, Glasgow G11 7BE

You also have the right to lodge a complaint with the UK regulator, the Information Commissioner. Go to ico.org.uk/concerns to find out more.

Policy change

This privacy policy was most recently updated in May 2025