Last modified: [2019-10-08]
Under this Privacy Notice, we, EyeBuyDirect, Inc. inform you what personal data of yours we collect when you visit our website or use our services, why we collect it, and what we do with it. Your personal data means any information relating to you, in particular your name and contact details such as your home address, your telephone number or your email address.
Please take the time to read this Privacy Notice carefully, it is very important that you fully understand how we are processing your personal data and how we are protecting your privacy. If you have any questions regarding our use of your personal data, you can of course contact us as set out below:
Our contact details are: EyeBuyDirect, Inc., firstname.lastname@example.org.
Our Data Protection Officer is: Laurent Teyssandier, email@example.com.
WHAT PERSONAL DATA WE COLLECT
Data we collect when you visit our website
When you access our website, we automatically collect and store some of your data in our server logs and in cookies, which are small files we send to your computer when you visit our website.
This data does not allow us to directly identify you; however, it records data related to your browsing on our website, such as the pages that you accessed, the date and time you accessed these pages, your search queries, information on your device (hardware model, operating system version, unique device identifier, Internet protocol address, hardware settings, browser type, browser language), the date and time of your request and referral URL.
We may use third-party advertising companies or affiliates to display advertisements on our website. These third-party advertising companies or affiliates may separately place or recognise a cookie file on your browser in the course of delivering advertisements to the Site. We cannot see the information collected or stored in third party cookies. We do not provide personal data about you to these third-party advertisers or affiliates or to any other third party.
The provision of your personal data is not required if you only want to visit our website. This means that you may refuse to accept cookies by configuring your web browser accordingly (for more information, refer to the ‘help’ section of your web browser). However, refusing cookies is likely to disrupt your navigation on our website, in particular by preventing you to access to certain parts of it.
Data we collect when you sign up or when you order products
Some of the services offered on our website require you to sign up. If you want to use these services, we will ask you to provide us with personal data, and we thank you to provide us with complete and accurate data, and also to inform us if your data needs to be updated. If you do not provide us with complete and accurate data, or if you do not inform us that your data needs to be updated, we may not be able to provide you with the services you requested.
We collect the following categories of your personal data:
Identification data, including your name, telephone number, e-mail address, home address, login and password, photograph and date of birth (or age).
Financial data, including your credit card information.
IT data, including data related to your browsing on our website, such as the pages that you accessed, the date and time you accessed to these pages, your search queries, information on your device (hardware model, operating system version, unique device identifiers, Internet protocol address, hardware settings, browser type, browser language), the date and time of your request and referral URL.
HOW WE USE PERSONAL DATA WE COLLECT
We only use your personal data within the limits authorized by laws and regulations. Sometimes, we shall use your personal data because the laws and regulations require us to do so. In any case, we do not make any automated decisions solely on automatic processing which may produce legal effects concerning you, or similarly significantly affect you.
We use your personal data for the following purposes:
We use your identification data to facilitate delivery of goods you have purchased from us, update you on the progress of your order, send reminders for replenishment, process automatic re-orders, handle returns and service your account and to contact you in case of a product recall. Such a process is based upon the agreement we enter into.
We use your financial data to process payments and refunds and to store minimum information as required by law related to IT security (including PCI-DSS) to fulfil our tax and other regulatory obligations.
We anonymise your IT data and use it to improve your experience on our website, identify and report on bugs and issues, assess the impact of changes we make on customer behaviour, analyse and improve the performance of the website. Such a process is operated for our legitimate interest.
HOW LONG WE KEEP PERSONAL DATA WE COLLECT
The period for which we store your personal data is shown in the table below:
DISCLOSURE TO THIRD PARTIES
At times we may share certain personal data with third parties to provide or improve our products and services and more specifically for the purpose of sending personalized and targeted notifications to customers. When we do, we require those third parties to handle it in accordance with relevant laws.
PERSONAL DATA WE SHARE
We inform you that we may share your personal data with companies outside of EyeBuyDirect, Inc. Group.
HOW WE PROTECT PERSONAL DATA
We have measures in place to protect your personal data against unauthorized access, use, or disclosure, including without limitation:
We implement and maintain sophisticated technical measures to ensure that your personal data is recorded and processed in complete confidentiality and security.
We implement and maintain appropriate restrictions on access to your personal data, and monitoring of the access, use, and transfer of personal data.
All of our employees who have access to your personal data are required to enter into non-disclosure or similar agreements, which imposes obligations on them to comply with our data privacy and confidentiality requirements.
We require any business partners and third-party service providers with whom we may share your personal data to comply with any applicable data privacy and confidentiality requirements.
We provide data privacy training on a regular basis to our employees and third parties who have access to personal data.
WHAT RIGHTS YOU HAVE
Under applicable data protection laws and regulations, you have right:
Of access to, rectification of, and/or erasure of your personal data;
To restrict or object to its processing;
To tell us that you do not wish to receive marketing information;
In some circumstances, to require certain parts of your personal data to be transferred to you or a third party
To the extent our processing of your personal data is based upon your consent, to withdraw your consent, without affecting the lawfulness of our processing based on your consent before its withdrawal.
We are committed to enabling you full exercise of your rights: to do so, you can contact us at the details set out at the beginning of this Privacy Notice. Please provide us with the following information, so that you can take your request with all due consideration:
Your name and surname, and a photocopy of your identity card;
Your specific petition (in other words, what rights you want to exercise);
The date of the application and your signature (if you sent your application by postal mail).
If you do not get satisfaction by contacting us, you can also lodge a complaint about our processing of your Personal Data with a data protection authority.
CHANGES TO THIS PRIVACY NOTICE
We regularly review our compliance with our Privacy Notice, in particular to make it compliant with new laws and regulations regarding data protection. But, even if this Privacy Notice may change from time to time, we will not reduce your rights under this Privacy Notice without your explicit consent.