top of page

Privacy Policy

Eagle Eye Care Limited (trading as EEC-Community Services)
Last updated: August 2025

1. Who We Are

EEC-Community Services is the trading name of Eagle Eye Care Limited, a company registered in England and Wales (Company No. 09692397).
Registered Office: 194 Totley Brook Road, Sheffield, S17 3QY.

In this Privacy Policy, “we”, “us” and “our” refer to EEC-Community Services / Eagle Eye Care Limited.

We are committed to protecting your privacy and handling your personal information responsibly and transparently, in line with:

  • UK General Data Protection Regulation (UK GDPR)

  • Data Protection Act 2018

  • Privacy and Electronic Communications Regulations (PECR)

  • NHS Data Security & Protection Toolkit

  • Guidance from the Information Commissioner’s Office (ICO)

  • Professional regulatory requirements (CQC, GMC, GOC, etc.)

If you have questions, you can contact us at:
contact@eec-communityservices.co.uk
08000 150 885

2. What This Privacy Policy Covers

This policy explains:

  • what personal information we collect

  • how we use it

  • who we share it with

  • our lawful bases for processing

  • how we secure and store your data

  • how long we keep it

  • your data protection rights

This applies to data collected via:

  • our website

  • clinic visits and consultations

  • phone, email or SMS communication

  • referrals

  • feedback or surveys

3. Information We Collect

3.1 Personal Data

We may collect:

  • name, address, email, phone number, date of birth

  • referral details

  • GP/optometrist information

  • appointment records

  • billing or payment information

3.2 Special Category (Health) Data

As a healthcare provider, we process medical information such as:

  • vision measurements and prescriptions

  • medical and ocular health history

  • symptoms, test results and diagnostic imaging

  • medications and allergies

  • lifestyle factors relevant to treatment

  • consultation notes

  • treatment history and outcomes

  • patient-experience feedback

3.3 Website & Analytics Data

This includes:

  • IP address

  • browser type and device details

  • pages visited

  • cookies and usage statistics

This information is not used to identify you personally.

4. How We Collect Your Information

We may collect information:

  • directly from you

  • from referring clinicians or optometrists

  • from NHS organisations

  • from other healthcare providers involved in your care

  • through diagnostic equipment or clinical systems

  • via website forms and enquiries

  • through online analytics tools

5. How We Use Your Information

5.1 To Provide Clinical Care

  • assess your needs

  • deliver treatment

  • record and manage your medical history

  • liaise with healthcare professionals

  • monitor outcomes and patient safety

5.2 To Manage Our Services

  • internal auditing and quality improvement

  • clinical governance

  • regulatory reporting

  • appointment management

  • financial administration

5.3 Communication

  • responding to enquiries

  • appointment confirmations and reminders

  • clinically relevant updates

  • administrative notifications

5.4 Marketing (Email and SMS)

We may send you information about services or updates only if you have provided explicit consent.
You can withdraw consent at any time.

5.5 Legal & Regulatory Compliance

We may process or share information where required by:

  • CQC

  • GMC / GOC

  • NHS organisations

  • MHRA

  • PHIN

  • ICO

  • HMRC

  • Law enforcement bodies

We do not sell your data or share it with third parties for marketing.

6. Lawful Bases for Processing

Under UK GDPR, our lawful bases include:

Article 6

  • 6(1)(b) – providing healthcare services

  • 6(1)(c) – legal/regulatory obligations

  • 6(1)(d) – vital interests

  • 6(1)(f) – legitimate interests (administration, service improvement)

Article 9 – Special Category Data

  • 9(2)(h) – medical diagnosis and the provision of healthcare

  • 9(2)(i) – public health requirements

  • 9(2)(j) – research, audit and service evaluation where appropriate

Marketing is based on consent (Article 6(1)(a)).

7. Who We Share Your Information With

Healthcare Professionals

  • your GP

  • optometrists

  • ophthalmologists

  • nurses and clinical support staff

  • medical secretaries

  • NHS hospitals

  • private healthcare providers

Regulatory Bodies

  • Care Quality Commission

  • General Medical Council

  • General Optical Council

  • MHRA

  • PHIN

  • NHS England

  • Integrated Care Boards

Service Providers (All GDPR-Compliant)

  • secure cloud storage providers

  • IT and cybersecurity suppliers

  • diagnostic system providers

  • patient-feedback platforms

  • accountants, lawyers, auditors

Where Required by Law

  • police

  • courts

  • HMRC

All partners are bound by strict confidentiality and data protection obligations.

8. Data Security

We use strong organisational and technical controls, including:

  • encryption of data at rest and in transit

  • secure cloud storage within the UK

  • access controls based on job roles

  • multi-factor authentication

  • staff IG and data-protection training

  • regular audits and monitoring

While we follow best practice, no online transmission is completely risk-free.

9. Where Your Data Is Stored

All personal and clinical data is held within the UK.
We do not transfer your data outside the United Kingdom.

10. Data Protection Officer (DPO)

Eagle Eye Care Limited has appointed a Data Protection Officer (DPO) to oversee data protection compliance.

You can contact the DPO at:

admin@eec-communityservices.co.uk
08000 150 885

The DPO acts independently and is responsible for monitoring GDPR compliance and advising on data protection matters.

11. How Long We Keep Your Data

We retain data in accordance with:

  • NHS Records Management Code of Practice

  • UK GDPR

  • Professional regulatory guidance

Typical retention periods:

  • Clinical records: minimum 10 years

  • Consultation/diagnostic records: minimum 10 years

  • Enquiry/website data: up to 24 months

  • Marketing consent records: until withdrawn

12. Your Data Protection Rights

You have the right to:

  • access your personal data

  • request correction of inaccurate data

  • request erasure (where applicable)

  • restrict or object to processing

  • request data portability

  • withdraw marketing consent at any time

To exercise your rights, contact us at contact@eec-communityservices.co.uk.

Right to Complain

If you are concerned about how your data is handled, you may contact:
Information Commissioner’s Office (ICO)
0303 123 1113
www.ico.org.uk

13. Cookies & Website Tracking

We use cookies and analytics tools to improve website performance.
You may disable cookies through your browser settings.

14. Third-Party Links

Our website may link to third-party websites. We are not responsible for their privacy practices.
We recommend reviewing their privacy policies.

15. Updates to This Policy

We may update this Privacy Policy periodically. Updated versions will be posted on our website with the revised “Last updated” date.

Contact Us

EEC-Community Services
Eagle Eye Care Limited
194 Totley Brook Road
Sheffield S17 3QY
contact@eec-communityservices.co.uk
08000 150 885

bottom of page