Cathedral Eye Clinic respects your privacy and is committed to protecting your personal information. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 in all of our processing of personal data.
This policy explains what information we collect, how we use it, and your rights.
What Information We Collect
We may collect:
- Your name, date of birth, address, phone number and email
- Information you provide through website forms, emails, or phone calls
- Clinical information such as referral details, consultation notes, scans, images, and treatment records
- Payment information (we retain only minimal, non-identifiable card details required for transaction reconciliation).
We also create clinical data during your care.
We may process de-identified or pseudonymised information for clinical audit, service improvement, and permitted medical research.
How We Use Your Information
We use your information to:
- Provide medical assessment, diagnosis, and treatment
- Manage appointments and communicate with you
- Process payments and maintain accurate records
- Deliver safe and effective care
- Respond to enquiries
- Improve our services and monitor quality
- Comply with our legal and regulatory obligations
Information submitted through our website may be used to respond to your enquiry or provide relevant service information. We do not share website enquiry data with third parties for marketing or commercial purposes.
Disclosure of Information
We may disclose personal information only in the following circumstances:
- Where required to do so by law or regulation
- In connection with actual or prospective legal proceedings
- To establish, exercise, or defend our legal rights, including for fraud prevention and security
We do not release your information to third parties except as described in this privacy policy or where legally required.
Where Your Data Is Stored
Your data is stored on:
- Secure clinical systems
- Encrypted cloud platforms
- Secure servers in the UK
Where data is stored outside the UK, we use approved safeguards such as international data transfer agreements.
Keeping Your Data Secure
We protect your information using:
- Encryption
- Access controls
- Staff confidentiality agreements
- Regular security monitoring
Sending information over the internet is not completely secure, and you do so at your own risk.
Sharing Your Information
We may share your data with:
- Healthcare professionals involved in your care
- Diagnostic or laboratory service providers
- Prescription and pharmacy services
- Technical providers who support our systems (acting only on our instructions)
- Regulators or authorities where required by law
We do not share your information with external organisations for marketing or commercial purposes.
Your Rights
Under UK GDPR, you have the right to:
- Access your information
- Request corrections
- Request deletion (where appropriate)
- Request restriction of processing
- Object to certain processing
- Request data portability
Please contact our Data Protection Officer to exercise your rights.
Contact Us
For questions about this policy or your data:
Cathedral Eye Clinic
Email: info@cathedraleye.com
Phone: 028 9032 2020
If you are unhappy with how we handle your data, you can contact the complaints department.
You can also contact:
The Information Commissioners Office Northern Ireland
3rd Floor, 14 Cromac Place
Belfast
BT7 2JB
Tel: 028 9027 8757 or 0303 123 1114
Email: ni@ico.org.uk
Third-Party Websites
Our website may contain links to other websites. If you choose to follow these links, please be aware that we do not control the content, security, or privacy practices of external websites.
We cannot be responsible for the protection or privacy of any information you provide while visiting third-party sites. We strongly recommend that you read the privacy policy of any website you visit before sharing personal information.
If you have any questions about how we use or store your personal information, please contact us at info@cathedraleye.com. For security reasons, we may need to verify your identity before discussing any personal data.
Last Reviewed (25/11/2025)
