Privacy and cookies policy

The College of Optometrists is committed to protecting your personal information when you are using our services and resources. We want all interactions with the College to be safe environments for our members, non-members, as well as for other organisations and members of the public that interact with us. This Privacy and Cookies Policy relates to our use of any personal information we collect from you via the College of Optometrists’ websites.

This policy also applies to our use of any personal information you provide to the College, including by phone, SMS, email, in letters and other correspondence, and in person.

In order to provide you with our full range of services and benefits, we sometimes need to collect information about you.

This Privacy Policy, and accompanying Cookies Policy, explains the following:

  • what information The College of Optometrists may collect about you
  • how The College of Optometrists will use information we collect about you
  • when The College of Optometrists may use your details to contact you
  • whether The College of Optometrists  will disclose your details to anyone else
  • your choices regarding the personal information you provide to us
  • the use of cookies on The College of Optometrists’ websites and how you can remove cookies.

The College of Optometrists is committed to safeguarding your personal information. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal information, including the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) May 2018. These laws are referred to collectively in this Privacy and Cookies Policy as the "data protection laws". Our website companies take measures to secure personal data and provide resilience against online malicious attacks that can occur.

The College of Optometrists’ websites contain hyperlinks to websites owned and operated by third parties, including Wiley, the publisher of OPO, the General Optical Council, a range of sector and academic journals, BSI, Optometry Wales, Optometry Scotland and Optometry Northern Ireland and Docet. These third party websites have their own privacy policies, and are also likely to use cookies, and we therefore urge you to review them. They will govern the use of personal information you submit when visiting these websites, which may also be collected by cookies. The College of Optometrists does not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

Who are we?

The College of Optometrists is the professional body for optometrists. It qualifies the profession and delivers the guidance, development and training to ensure optometrists provide the best possible care. We recognise excellence through the College’s affixes, by building the evidence base for optometry, and by raising awareness of the profession with the public, commissioners, and health care professionals.

Our online services

Our websites are hosted externally. Names of third party hosts have been withheld to protect system and data. If you would like to request this information, please apply to data.protection@college-optometrists.org giving your reasons for requesting the data.

PURPOSE FOR COLLECTING DATACONTACT INFORMATIONEDUCATION HISTORYPROFESSIONAL INTERESTSPAYMENT DETAILSSENSITIVE/OTHERCPD FROM COLLEGE
Membership application and registering for a log inYesNoYesNoNoNo
Membership
Processing and managing:
a. Membership renewals
b. Communicating College
    benefits and information
c. Website login
d. Patient resource ordering
e. Window sticker ordering
f. Public member directory
YesNoYesYesNoNo
Scheme for Registration
Processing and managing:
a. enrolment
b. assessments
c. OSCE
d. exceptional circumstances
e. reasonable adjustments
f. appeals
YesYesNoNoYes. We 
collect ethnic
origin
information for
anonymised
statistical
purposes only.
No
Events
Processing and managing event bookings
YesNoNoNoYes. We will collect dietary information We will not pass your name and dietary requirements
together outside of the College. We keep delegate photos taken at events.
No
Member Directory
a. In order to provide the member service of a Member Directory, giving work addresses and work contact details.
YesNoNoNoNoNo
IP Logbook and Exam
a. To enable the College to run the logbook, get the sessions signed off by your mentor and for the College to approve the logbook entry.
b. To enable entry to the final examination.
YesNoNoNoYes. Includes the contact information for your ophthalmology mentor.No
CPD quiz information
a. In order to upload CPD points to members’ MyGOC area.
YesNoNoNoNoYes
Library photocopier requests
a. The College collects this data to enable us to provide this services for members.
YesNoNoNoNoNo
Pre-registration vacancy form
a. To enable supervisors to advertise their placements on the College website.
YesNoNoNoNoNo
University student representative application
a. To enable us to appoint representatives in each University.
YesNoNoNoNoNo
Museum visit
a. To allow the Curator to manage visits to the College museum and office.
YesNoNoNoNoNo
OiP subscription
a. To allow the College to manage paid subscriptions to OiP (non-members).
YesNoNoYesNoYes
Contact us
a. In order to provide College members and members of the public with an efficient service.
YesNoNoNoNoNo

For members

The College of Optometrists will use your personal information for a number of purposes, including the following:

  • Storing information against your membership record in order to use the information to alert you to, and provide you with information, services and resources from the College and Docet.
  • Sharing your details securely with third party data processors contracted to deliver College member services, such as printers and mailing houses.
  • Sharing your data with other bodies or organisations, such as the GOC, who record and publish your College member status and higher qualifications.
  • If you opt to have your name and practice details listed on the College’s member directory, this can be viewed by the public.
  • As a College event delegate, if you give your permission, your name and contact information (full name, mobile number, email address, job title, organisation, town/city of work and work setting) will be shared with event sponsors.
  • We share member data to meet sector research requests from non commercial third parties, but the data used for this would not leave the College and would, for these demographic and statistical purposes, be anonymised.
  • We may also pass member data to non-commercial researchers seeking optometrist’s responses to surveys and research requests.
  • We keep details of calls to the Clinical advice line, together with the response, and the contact details of the enquirer for training and monitoring purposes, or in case we need to get back to the enquirer, or if an issue occurs subsequently.
  • The College’s Acuity email may sometimes include advertisements from trusted third parties, that we believe are relevant to you and your relationship with the College. If you wish to unsubscribe from these newsletters, please click on the unsubscribe option in the footer of the email.

For non-members

To advise you of new resources and services offered by the College which we believe you should be made aware of, as a member of the profession. From May 2018, at the point you either resign your College membership, or fail to renew it, we will ask you if and how you want to be kept in touch with the College as your professional body. Unless you opt out of receiving these communications, we will only continue to communicate with you if there is a legitimate interest for our doing so.

For members of the public

  • If you have raised a query, we will use your details, and any other information provided to reply to you to the best of our abilities.
  • We keep details of calls to the Clinical advice line, together with the response, and the contact details of the enquirer for training and monitoring purposes, or in case we need to get back to the enquirer, or if an issue occurs subsequently.

For members

The College of Optometrists will contact you about your membership renewal annually, by post. We may also contact you by email, post, text and phone to remind you if you have not paid.

The College of Optometrists will contact you by email, with College news, CPD opportunities and updates for the profession.

The College of Optometrists will send you the quarterly journal, Acuity, by post.

The College of Optometrists will contact trainees, supervisors and assessors with regards to your Scheme for Registration Assessments and with information regarding requirements for the Scheme for Registration, your roles and responsibilities.

The College of Optometrists will contact facilitators regarding requirements and training regarding your role and for help with events in your area.

For Docet users

The College provides Secretariat services for Docet. The College and Docet use the same database. 

If you make a Docet communication preference request this will be added to the shared database and used for Docet communications only.

If you are a member of the College, and update your details through either the College or Docet, this will be updated on your database record and will be used by both organisations. 

If you are a not a member of the College and update your details via Docet, this will be recorded on the shared database and used by Docet. The College may contact you about appropriate events and other relevant services where we consider there is a legitimate interest.

For non-members

The College of Optometrists will contact you about new resources and services produced by the College.

The College of Optometrists will also contact you about the opportunity to re-join at membership renewal time.

Will I be contacted for marketing purposes?

Yes, by The College of Optometrists in relation to College member resources and services only and, if provided, in accordance with your stated preferences. We will never pass your personal and contact details to third parties for marketing purposes unless you have specifically opted-in as a delegate to receive information from the sponsors of College conferences and regional events.

We will keep your information within the College, except when we require third party providers of College services to have it to fulfil member services, so for example:

COMPANY NAMEPURPOSE
BarclaysMembership fees.
Trustee confirmation.
BCLA FocusFor the management of Optometry Tomorrow 2024 now incorporating BCLA Focus.
Bottomline Technologies, Sagepay, DMC SoftwareProcess Membership fees/expenses.
CAF BankTrustee confirmation.
CantarusAccess to the College's member app. 
Display Member Directory information on www.lookafteryoureyes.org
CAPITATo allow CAPITA to pay supervisor grant.
To notify CAPITA of changes to trainee/supervisor details.
Cloud based email, SMS, election and survey marketing platformsTo send College emails, questionnaires, and SMS messages, and to run Council elections.
EmployersTo confirm the Scheme for Registration fees payable for trainees and to share Scheme for Registration progression data.
Event sponsorsTo College event sponsors when delegates proactively opt in to receive further information from them.
EventsAIRTo provide event registration and sponsorship opportunities at Optometry Tomorrow.
GOCTo process GOC registration and to contact those who pre-registered before the OCSE but then failed.
To alert GOC that trainee is no longer able to practice.
Cc'd into off-scheme email with attached letter which states end date on the Scheme for Registration.
Receive affix information.
GoToWebinarTo run webinars that members sign up for.
HeritageRecord all library transactions.
Learning PoolTo populate database in learning management system for College members to access online learning.
Links courierTo organise exam documentation/equipment to arrive at our exams.
Mailing housesProduce membership and qualification certificates.
Mailing of patient leaflets.
Mailing of Scheme for Registration handbooks.
Mailing of enrolment letters.
Original subscription mailing.
Various member mailings such as Guidance/Acuity/Ad hoc projects.
Market research companiesCommissioned from time to time by the College to ask members views on College services, resources and the broader profession.
MarstonTo manage bookings, gown hire and photography for the Diploma Ceremony.
MOOBusiness cards.
NES ScotlandTo allow NES Scotland to pay supervisor grant in N.I and notify them of changes in trainee/supervisor details.
NHS Northern Ireland Central ServicesTo allow NHS Northern Ireland to pay the supervisor grant in N.I and to notify NHS Northern Ireland of changes in trainee/supervisor details.
NHS ScotlandTo allow NHS Scotland to pay the supervisor grant in Scotland and to notify NHS Scotland of changes in trainee/supervisor details.
NHS WalesTo allow NHS Wales to pay the supervisor grant in Scotland and to notify NHS Wales of changes in trainee/supervisor details.
NTTTo make phone calls and send emails to existing members who have not paid their membership subscription
OSCE venues (RCGP and RCP Liverpool)To provide venue with information ahead of our exams.
OpenAthensCreate online account for resource access.
QRSBarcode scanning at College events.
RipleyTo run our e-marking system in order to build the OSCE and create electronic marksheets.
Smart ImpactFunctioning websites
Tern ConsultancyStage 2 Assessment
TestReachTo facilitate the TCFA Independent Prescribing (IP) exam
The GOC and legal authoritiesIf required by law, we may need to pass on personal details to a legal authority.    
UKVITo qualify for GAE Visa.

We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in individual privacy statements that are made available to members at the point of every interaction with the College when members are required to give your details. The College also applies a Data Retention policy that details the purposes the data held is used for, the security arrangements under which it is held, and the period the data is retained. For a copy of the College’s Data Retention policy email: data.protection@college-optometrists.org

If you ask us to delete your information, then that is done as quickly as possible, within normal working hours. All other information retained, would be demographic and, for analysis purposes and from which an individual would not be personally identifiable.

You can receive a copy of the College’s data retention policy by emailing: data.protection@college-optometrists.org.

You can always ask us to delete your data held by the College by emailing the same address.

To have your data deleted by Docet, email enquiries@docet.info

Under the Data Protection Act you have the right to request a copy of the personal information The College of Optometrists holds about you and to have any inaccuracies corrected. (We require you to prove your identity with two pieces of approved identification). We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you on our files. Please address requests and questions about this or any other question about this Privacy and Cookies Policy via data.protection@college-optometrists.org or call 020 7766 4350.

For any other questions regarding the College’s use of your personal data, please email data.protection@college-optometrists.org or call 020 7766 4350.

What is a cookie?

A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer, tablet or mobile phone (all referred to here as a "device") web browser from a website's computer and is stored on your device's hard drive. Each website can send its own cookie to your web browser if your browser's preferences allow it. Many websites do this whenever a user visits their website in order to track online traffic flows. Similar technologies are also often used within emails to understand whether the email has been read or if any links have been clicked. If you continue without changing your settings, we’ll assume that you are happy to receive all cookies on The College of Optometrists’ websites. However, you can change your cookie settings at any time.

On The College of Optometrists’ websites, cookies record information about your online preferences and allow us to tailor our websites to your interests. During the course of any visit to a College of Optometrists’ website, the pages you see, along with a cookie, are downloaded to your device. Many websites do this, because cookies enable website publishers to do useful things like finding out whether the device (and probably its user) has visited the website before. This is done on a repeat visit by checking to see, and finding, the cookie left there on the last visit.

How does the College use cookies?

Information supplied by cookies can help us to understand the profile of our visitors and help us to provide you with a better user experience. It also helps us to provide a more personalised experience. For example, if on a previous visit you went to our education pages, we might find this out from your cookie and highlight educational information on your second and subsequent visits. The College of Optometrists uses this type of information to help improve the services it provides to its users.

Cookies used on The College of Optometrists’ website are listed below.

Controlling and deleting cookies

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit http://www.aboutcookies.org which gives step-by-step guidance on how to control and delete cookies for your browser type. You can then adjust your browser settings to your preferred level of protection. www.allaboutcookies.org is also a useful website.

Cookies used on this website

In order to facilitate sound information security practices our technical solution providers record interactions with this website in the form of Website server logs, this records your remote IP Address, the resources accessed on our website, date/time and your browser information. This information will be retained for up to 12 months to support our efforts in auditing and to safeguard our website.

NAMEPURPOSECONTENTEXPIRYCLASSIFICATION
owin.authenticationTo store currently logged in user account Session 
__RequestVerificationTokenUsed on forms to provide security protection on the site. Session 
ApplicationGatewayAffinityCookie used by web hosting setup to route users current session to the correct web server. Session 
ApplicationGatewayAffinityCORSCookie used by web hosting setup to route users current session to the correct web server. Session 

 

Learning Management System

NAMEPURPOSECONTENTEXPIRYCLASSIFICATION
Session

LP LMS uses a cookie to track the users session.

This cookie is created for every user who browses any page on the site.

  • This cookie is given the name TotaraSessionXXX where XXX is determined by $CFG->sessioncookie.
Contains a hash which is the session identifier.Session.Performance.
Remember username

LP LMS uses a cookie to remember the users username if the equivalent option is checked on the login page.

This cookie is created by the login page after the user logs in if the remember username functionality is set to On, or if the functionality is set to optional and the user has checked the remember username box on the login screen.

The remember username functionality can be disabled by browsing to Site administration > Security > Site policies and setting Remember username (rememberusername) to No.

  • This cookie is given the name TOTARAID_XXX where XXX is determined by $CFG->sessioncookie.
User’s login username as an rc4 encrypted value.60 days.Performance.

 

Google

NAMEPURPOSECONTENTEXPIRYCLASSIFICATION
_gaThis cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.Random number and textTwo yearsPerformance
_gatThis cookie name is associated with Google Universal Analytics, according to documentation it is used to throttle the request rate - limiting the collection of data on high traffic sites. It expires after 10 minutes.Random number and text10 minutesPerformance
_gidThis cookie name is asssociated with Google Universal Analytics. This appears to be a new cookie and as of Spring 2017 no information is available from Google. It appears to store and update a unique value for each page visited.Random number and textOne dayPerformance

 

Add this

NAMEPURPOSECONTENTEXPIRYCLASSIFICATION
loc Random number and textOne year 
sscAllows user to share webpage with many social sitesRandom number and textOne yearPerformance
uvcAllows user to share webpage with many social sitesRandom number and text.One yearPerformance

 

Hotjar

Relating to the user
Cookie nameDescription
_hjSessionUser_{site_id}
  • Set when a user first lands on a page.
  • Persists the Hotjar User ID which is unique to that site.
  • Ensures data from subsequent visits to the same site are attributed to the same user ID.
  • 365 days duration.
  • JSON data type.
_hjid
  • Set when a user first lands on a page.
  • Persists the Hotjar User ID which is unique to that site.
  • Ensures data from subsequent visits to the same site are attributed to the same user ID.
  • 365 days duration.
  • UUID data type.
_hjFirstSeen
  • Identifies a new user’s first session.
  • Used by Recording filters to identify new user sessions.
  • Session duration.
  • Boolean true/false data type.
_hjUserAttributesHash
  • User Attributes sent through the Hotjar Identify API are cached for the duration of the session.
  • Enables us to know when an attribute has changed and needs to be updated.
  • Session duration.
  • Hash data type.
_hjCachedUserAttributes
  • Stores User Attributes sent through the Hotjar Identify API, whenever the user is not in the sample.
  • Collected attributes will only be saved to Hotjar servers if the user interacts with a Hotjar Feedback tool.
  • Cookie used regardless of whether a Feedback tool is present.
  • Session duration.
  • JSON data type.
_hjViewportId
  • Stores user viewport details such as size and dimensions.
  • Session duration.
  • UUID data type.

General

Relating to the session
Cookie nameDescription
_hjSession_{site_id}
  • Holds current session data.
  • Ensures subsequent requests in the session window are attributed to the same session.
  • 30 minutes duration.
  • JSON data type.
_hjSessionTooLarge
  • Causes Hotjar to stop collecting data if a session becomes too large.
  • Determined automatically by a signal from the WebSocket server if the session size exceeds the limit.
  • Session duration.
  • Boolean true/false data type.
_hjSessionRejected
  • If present, set to '1' for the duration of a user's session, when Hotjar has rejected the session from connecting to our WebSocket due to server overload.
  • Applied in extremely rare situations to prevent severe performance issues.
  • Session duration.
  • Boolean true/false data type.
_hjSessionResumed
  • Set when a session/recording is reconnected to Hotjar servers after a break in connection.
  • Session duration.
  • Boolean true/false data type.
_hjLocalStorageTest
  • Checks if the Hotjar Tracking Code can use local storage.
    If it can, a value of 1 is set.
  • Data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.
  • Under 100ms duration.
  • Boolean true/false data type.
_hjIncludedInPageviewSample
  • Set to determine if a user is included in the data sampling defined by your site's pageview limit.
  • 30 minutes duration.
  • Boolean true/false data type.
_hjIncludedInSessionSample
  • Set to determine if a user is included in the data sampling defined by your site's daily session limit.
  • 30 minutes duration.
  • Boolean true/false data type.
_hjAbsoluteSessionInProgress
  • Used to detect the first pageview session of a user.
  • 30 minutes duration.
  • Boolean true/false data type.
_hjTLDTest
  • We try to store the _hjTLDTest cookie for different URL substring alternatives until it fails.
  • Enables us to try to determine the most generic cookie path to use, instead of page hostname.
  • It means that cookies can be shared across subdomains (where applicable).
  • After this check, the cookie is removed.
  • Session duration.
  • Boolean true/false data type.
Relating to Recordings
Cookie nameDescription
_hjRecordingEnabled
  • Set when a Recording starts.
  • Read when the Recording module is initialized to see if the user is already in a recording in a particular session.
  • Session duration.
  • Boolean true/false data type.
_hjRecordingLastActivity
  • Set in Session storage as opposed to cookies.
  • Updated when a user recording starts and when data is sent through the WebSocket (the user performs an action that Hotjar records).
  • Session duration.
  • Numerical Value (Timestamp) data type.
Relating to Feedback and Survey tools
Cookie nameDescription
_hjClosedSurveyInvites
  • Set when a user interacts with a Link Survey invitation modal.
  • Ensures the same invite does not reappear if it has already been shown.
  • 365 days duration.
  • Boolean true/false data type.
_hjDonePolls
  • Set when a user completes an on-site Survey.
  • Ensures the same Survey does not reappear if it has already been filled in.
  • 365 days duration.
  • Boolean true/false data type.
_hjMinimizedPolls
  • Set when a user minimizes an on-site Survey.
  • Ensures that the Survey stays minimized when the user navigates through your site.
  • 365 days duration.
  • Boolean true/false data type.
_hjShownFeedbackMessage
  • Set when a user minimizes or completes a Feedback widget.
  • Ensures the Feedback widget will load as minimized if the user navigates to another page where it is set to show.
  • 365 days duration.
  • Boolean true/false data type.

This Privacy and Cookies Policy may be updated from time to time so you may wish to check it each time you submit personal information to The College of Optometrists. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use The College of Optometrists’ websites to submit personal information to The College of Optometrists.

If you any questions or comments about this privacy policy, please contact Bill Scott, Director of Finance at bill.scott@college-optometrists.org or 0207 839 6000.

The College of Optometrists, 42 Craven Street, London, WC2N 5NG.

Last updated: 27 February 2024