Please do not register on this site if you do not wish to have information processed by us as described in this policy. Please ensure that you have consent prior to entering another person’s personal data on this site.
This website www.rayner.com (the “Site”) is produced and operated by Rayner Intraocular Lenses Limited (“Rayner”). For the purpose of the General Data Protection Regulation [EC 2016/679] the data controller is Rayner whose registered office is at 10 Dominion Way, Worthing, West Sussex BN14 8AQ.
We are committed to protecting your privacy.
We review our privacy practices from time to time and it is important therefore, that you bookmark and periodically review any updates to this policy. This version was last updated on 1st June 2018.
1. THE INFORMATION WE GATHER
Information about or supplied by users of the Site is not gathered directly by us. The information is gathered via a contracted third party (“Service Provider”) on our behalf. The Service Provider is a registered data controller. The Service Provider uses a number of security measures including Secure Sockets Layer (SSL) software which encrypts and ensures the security of any information you input using the Site. The Service Provider is based in the United Kingdom.
The following information is gathered in two ways, directly and indirectly:-
Direct Information Gathering
Personal information is gathered directly when, for example, you register on the Site, complete online forms or correspond with us by, post, phone or email. Personal information is information from which you, or another person, can be identified, for example, name, address or date of birth. This includes personal data provided by you when you:
- create an account on our Site;
- subscribe to our service or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey; or
- give us feedback or contact us.
Gathering Tracking information is gathered indirectly when you access the Site. This information is automatically gathered. On each of your visits to the Site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from a page.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
2. HOW WE USE THE INFORMATION
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you. You have the right to withdraw consent to marketing at any time by contacting us.
This information is held securely by the Service Provider and we access it for the purposes of handling your enquiries, providing you with information you need or require on our products, processing orders, communicating with you, to ensure that content from the Site is presented in the most effective manner for you and for your computer and generally to maintain your account with us. For these purposes some, or all, of the personal information provided by you may be transferred from the Service Provider to us, or replicated by us and held by us in our own databases. The Service Provider may have access to the information in order to perform its functions but may not use it for any other purpose.
Personal data will be stored for as long as is reasonably necessary to provide to you the products and services you require.
We will use this information:
- to administer the Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve the Site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep the Site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of the Site about goods or services that may interest you or them.
3. REMOVAL OF PERSONAL INFORMATION AND “OPTING OUT”
If you have submitted personal data to us that you would like removed from our database and/or the database of our Service Provider you should contact us at email@example.com
If you have submitted personal contact details to us that you do not wish us to use for the purpose of sending you promotional material you should contact us at the above email address. You may opt out of receiving such material at any time.
4. UPDATING PERSONAL INFORMATION
Where personal information submitted via the Site requires updating, changes should be notified to us at the above email address.
5. DISCLOSURE OF YOUR INFORMATION
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances.
- Analytics and search engine providers that assist us in the improvement and optimisation of the Site.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Rayner or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
6. INTERNATIONAL TRANSFERS
In general, we do not transfer your personal data outside the European Economic Area (EEA). An exception to this general rule is where personal data is provided in connection with a product enquiry for a jurisdiction outside of the EEA. In such circumstances we will provide such personal data (including name and contact details) to our authorised distributor in the relevant jurisdiction.
7. DATA SECURITY AND DATA BREACHES
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. DATA RETENTION
By law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see your legal rights below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
9. YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your personal data. Please click on the links below to find out more about these rights:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us at firstname.lastname@example.org.
No Fee Usually Required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time Limit to Respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
10. LINKS TO THIRD PARTY WEBSITES
The Site may contain links or other references to websites published by third parties. These websites are not under our control and we are not responsible for the collection and use of your information by these websites.
11. HOW TO CONTACT US