Skip to main content
Home / Privacy Policy

Privacy Policy

Effective as of January 13, 2022

Last updated: 2022-12-29.

This Policy describes how Eyebuydirect, Inc. (“Eyebuydirect”), collects, uses, discloses, and safeguards your information. This Policy applies to individuals who access this website and any other websites that link to this Policy (collectively “Sites”), and where applicable, our Virtual Try-on technology (“VTO”), and certain other services as described below (collectively, the “Platforms”). Other EssilorLuxottica websites, products, and services may have their own privacy policies. This Policy, together with our Terms and Conditions of Use, collectively govern your use of our Site.This Policy applies to our Platforms that link to this Policy.

From time to time, we may change this Policy. If we do, we will post an amended version on this webpage. Please review this Policy periodically.

If you have any questions regarding our use of your personal data, you can of course contact us here:

Our contact details are: EyeBuyDirect, Inc., eyecare@eyebuydirect.com

Our Data Protection Officer is: Stéphane Larriere, DataProtectionOfficer@eyebuydirect.com

Our GDPR representative in the European Union is TNP Consultants. You may contact our representative at: representativeEBD@eyebuydirect.com

This Privacy Policy covers the following topics:

1. THE INFORMATION WE COLLECT

2. HOW DO WE USE YOUR INFORMATION

3. SHARING INFORMATION WITH THIRD PARTIES

4. COOKIES AND OTHER TRACKING TECHNOLOGIES

5. DIGITAL ADVERTISING & ANALYTICS / INTEREST-BASED ADS

6. THIRD-PARTY LINKS & PLUG-IN

7. BIOMETRIC INFORMATION WE COLLECT

8. NOTICE TO NEVADA RESIDENTS

9. NOTICE TO VIRGINIA RESIDENTS

10. NOTICE TO CALIFORNIA RESIDENTS

11. NOTICE TO CANADA RESIDENTS

12. YOUR CHOICES

13. CHILDREN’S PRIVACY

14. UPDATING YOUR INFORMATION

15. SECURITY

16. DO NOT TRACK SIGNALS

17. TRACKING ACROSS TIME AND TECHNOLOGIES DISCLOSURE

18. CONSUMERS WITH DISABILITIES

19. COOKIE POLICY

20. MOBILE MESSAGING PRIVACY POLICY

21. CONTACT

1. THE INFORMATION WE COLLECT

For the purpose of this policy, personal information is any information about an identifiable individual. We collect the following types of personal information:

Information You Provide

We may collect the following personal information that you voluntarily provide us in using our Platforms:

Communication. Re-stock reminders, processing automatic re-orders (that you have opted into), outreach regarding product recall.

Create an Account. If you create an account with us, you will provide us with your name, email address, birth date, and you will create a password for future logins. You can also choose to login with your Facebook, Amazon, or Google account instead.

Subscribe to Our Newsletter. If you subscribe to our newsletter, you will provide us with your email address.

Customer Service. If you contact our customer service department, you may need to provide us with additional information so that we can respond to your questions or concerns as completely and thoroughly as possible.

Purchases. When you make a purchase, you will provide us with your name, email address, phone number, physical address, payment account and credit card or gift card information. We also will collect your payment card, gift card, or other payment information. We use a third-party service provider to process payments.

Prescriptions. If you purchase prescription products, you will provide us with your eye prescription information

Find Your Match. If you use our Virtual Try-On, you will either upload a photograph of your face or you will allow the technology to take a scan of your face.

Loyalty Program. If you sign up for our loyalty program, you will provide us with your name, email address, birth date, and you may choose to provide us with your gender.

Track and Return Orders. If you check your order status or start a return, you will provide us with your order number and email address.

Refer a Friend. To refer a friend, you will provide us with your name and email address, and the email address of the friend you are referring.

Promotions. If you enter a sweepstakes, contest, giveaway, or other promotion (each a “Promotion”), you will provide us with your age or birth date along with, in certain instances, confirmation of residency.

Survey. If you are participating in a survey, you may provide your gender and age, income, ethnicity, family size, and marital status.

HIPAA. Some of the affiliates and brands covered by this Policy are subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). These affiliates and brands may collect additional information that is considered “protected health information” (“PHI”) as defined by HIPAA.

Biometric Information. We may collect biometric information to provide you with certain services. See the “BIOMETRIC INFORMATION” section of this Policy to learn more about how this information is collected, used, disclosed and stored.

Information as You Navigate Our Platforms

We automatically collect certain personal information through your use of the Platforms, such as the following:

Usage Information. For example, the pages on the Platforms you access, the frequency of access, and what you click on while on the Platforms.

Device Information. For example, hardware model, operating system, application version number, and browser.

Mobile Device Information. Aggregated information about whether the Platforms are accessed via a mobile device or tablet, the device type, and the carrier.

Location Information. Location information from Platform visitors on a city-regional basis.

Referral URL. If you came to the website through a prior link, the name of the website that sent you to EyeBuyDirect.

Third Party Information

In some cases, we may receive certain personal information from you about a third party. For example, when you refer a friend, you will provide the email address of a third party. If you submit any personal information about another individual to us, you are responsible for making sure you have the authority to do so and to allow us to use their personal information in accordance with this Policy.

2. HOW DO WE USE YOUR INFORMATION

We use the personal information we collect to improve our Platforms and to protect our legal rights. In addition, we may use the personal information we collect to:

Process your account registration;

Process and fulfill your order, including sending you emails to confirm your order status and shipment, and to provide other related communications;

Send you our newsletter;

Sign you up for our loyalty program;

Identify your preferences to customize our communications and marketing;

Manage and record your settings, consents, communications and opt-out choices;

Provide information regarding vision, vision care, and vision correction;

Administer a Promotion;

Review your job application;

Communicate with you about our Platforms or to inform you of any changes to our Platforms;

Operate and improve the Platforms, including to analyze visits to the Platforms and learn about our visitors so we can operate the Platforms and improve our products and services and deliver the best user experience;

Create audiences for our advertisements, target our advertisements, and generate reports about the performance of our advertisements;

Communicate with you, including responding to your inquiries;

Comply with the law and to maintain the integrity and security of our Platforms;

Defend our legal rights and the rights of others;

Investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Us and to otherwise fulfill our legal obligations; and

Fulfill any other purposes for which you provide it, or any other purpose we deem necessary or appropriate; and

3. SHARING INFORMATION WITH THIRD PARTIES

We may share the personal information that we collect about you in the following ways:

We engage service providers to perform services in connection with the operation of our business. We may share personal information with service providers to the extent necessary for them to provide services to you or us that are aligned with the purposes outlined above. Examples of these services include payment processing and authorization, text messaging services, fraud protection and credit risk reduction, product customization, order fulfillment and shipping, marketing and promotional material distribution, website evaluation, data analysis and, where applicable, data cleansing.

In proceeding with your online order, you agree that any information associated with the order, such as the delivery name and address (if different from yours), will be processed using service providers.

Personal information collected through our Platforms may be shared between the brands and affiliates, including future affiliates that are owned or operated by Luxottica.

We also share personal information with selected third parties for their own marketing purposes (except for your phone number or biometric information). This also includes information collected through pixels and other tracking technologies operated by third parties, as described elsewhere in this Policy. See the “YOUR CHOICES” section of this Policy for more information.

We may release personal information if we believe in good faith that: (i) the law or legal process requires it; (ii) we have received a valid administrative request from a law enforcement agency; or (iii) such release is necessary or appropriate (in our sole discretion) to protect the rights, property, or safety of Luxottica, or any of our respective affiliates, service providers, customers, or (iv) as Luxottica deems necessary to resolve disputes, troubleshoot problems, prevent fraud and otherwise enforce the Terms of Use.

We may also share your information with your consent or as otherwise disclosed at the time of data collection or sharing.

As with any business, it is possible that as ours develops, we might go through a business transition, such as a merger, acquisition by another company, or the sale of all or a portion of our assets, or buying online stores or other assets, including bankruptcy. In such transactions, information about customers will likely be transferred.

The Platforms may allow you to provide comments in various sections, such as in product reviews. Please be aware that the information you post in these areas may be available to visitors of the Platforms and to the general public. To the fullest extent allowed under applicable law, we do not monitor such content and are not responsible for material posted by you or others in these public forums.

We are a multinational organization with locations in many countries around the world. Your personal information may be stored and processed outside of your country, province or state of residence, in any jurisdiction where we have facilities or in which we engage service providers, to the extent allowed in accordance with applicable law. This means that your personal information may be transferred in jurisdictions that have less restrictive privacy laws than your country, province, or state of residence in which case we will ensure, through contractual means or otherwise, that it will receive adequate protection in compliance with generally accepted data protection principles. We take steps to process personal information according to the provisions of this Privacy Policy and the requirements of applicable law.

4. COOKIES AND OTHER TRACKING TECHNOLOGIES

Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons) (collectively, “Cookies”). To learn more about how we use cookies and to change your cookie settings, please see our Cookie Policy below.

5. DIGITAL ADVERTISING & ANALYTICS / INTEREST-BASED ADS

We may partner with ad networks and other ad serving providers (“Advertising Providers”) that serve ads on behalf of us and others on the Platforms and non-affiliated platforms. Some of those ads may be personalized, meaning that they are intended to be relevant to you based on information Advertising Providers collect about your use of the Platforms and other sites or apps over time, including information about relationships among different browsers and devices (“Interest-based Advertising”).

You may choose whether to receive some Interest-based Advertising by submitting opt outs. Some Advertising Providers may participate in the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, visit https://www.aboutads.info/choices, and https://www.aboutads.info/appchoices for information on the DAA’s opt-out program for mobile apps.

Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and the opt-out options for their members, see https://www.networkadvertising.org/choices. Please be aware that, even if you are able to opt out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads.

Opting out only means that those selected members should no longer deliver certain Interest-based Advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web browser or use a non-browser-based method of access (e.g., mobile app), your NAI / DAA browser-based opt-out may not, or may no longer, be effective. We support the ad industry’s 2009 Self-regulatory Principles for Online Behavioral Advertising (https://www.iab.com/wp-content/uploads/2015/05/ven-principles-07-01-09.pdf) and expect that ad networks we directly engage to serve you Interest-based Advertising will do so as well, though we cannot guarantee their compliance. We are not responsible for the effectiveness of, or compliance with, any third parties’ opt-out options or programs or the accuracy of their statements regarding their programs.

Advertising Providers may use data collected in connection with our advertising campaigns for the following purposes:

For measurement and insight reporting (to produce and provide us with reports measuring the impact and performance of our advertising campaigns).

To produce benchmarking reports to share with their other customers, but such benchmarking reports will not identify you.

To target our ad campaigns to specific groups of individuals having particular characteristics.

To improve and optimize advertising services (for example, to support the objectives of our ad campaigns, improve the effectiveness of their own advertising services and determine the relevance of ads to individuals).

To personalize ads that the Advertising Providers show, including to enhance user profiles with inferred interests.

For their internal purposes, including: (i) to promote and ensure the safety and security on and of their products and services; (ii) to detect and prevent malicious, deceptive, fraudulent, invalid or illegal activity; (iii) for research and development purposes; and (iv) to maintain the integrity of and to improve their products and services.

To combine it with other data collected by Advertising Providers in order to provide greater insights in respect of our advertisements.

We may also work with service providers that collect data about your use of the Sites and other sites or apps over time for non-advertising purposes subject to their privacy policies. We use analytics providers such as Google Analytics to gather and analyze aggregated anonymous user information. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Sites by going to https://tools.google.com/dlpage/gaoptout.

We use web analytics tools to enhance user experience by optimizing the efficiency, design, and quality of the Platforms. Our analytics tools use cookies and similar technologies to collect and analyze information related to user behavioral metrics on the Platforms, such as mouse movements, clicks, user inputs, scrolling, access time, visit duration, pages viewed, IP address (including approximate location), operating system, and page reloading. These tools provide insight into what works and what doesn’t work for users of the Platforms and they allow us to, for example, identify and repair technical errors such as broken links that impair the Platforms’ functionality. The web analytics tools also help us reconstruct the user experience to better understand, for example, where users may be encountering frustration or impediments to using the Platforms.

We use a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback campaigns, and similar features/functionality. This session replay software may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, pages visited and content, time on site, browser, operating system, device type (desktop/tablet/phone), screen resolution, visitor type (first time/returning), anonymized IP address, location (city/country), language, and similar metadata. This software does not collect information on pages where it is not installed, nor does it track or collect information outside your web browser.

We use this web-based analytics software because it gives us a tool to track the online behavior of visitors while on the Platforms and lets us replay visitors’ actions. This tool gives us the opportunity to make the Platforms better and, in turn, provide you with an enhanced online experience as well. Thanks to this tool, we are able to gain insight on how you and other visitors use the Platforms; for example, whether you can easily locate the “Find a Store” page or whether it takes multiple clicks to get to that page. Information about these small choices and interactions are of paramount value to us, as they can easily make your experience better and more intuitive and, more importantly, allow us to provide you with a more seamless, customer-friendly e-shopping experience while on the Platforms.

For more information on this session replay software, see Contentsquare’s Privacy Policy at https://contentsquare.com/privacy-center/privacy-policy/.

We may use pixel tags (also known as web beacons and clear GIFs) to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the services and response rates. Our Advertising Providers may use pixel tags to collect information for the purposes described above.

6. THIRD-PARTY LINKS & PLUG-IN

The Platforms may provide links to third-party websites or apps, including our social media pages. We do not control the privacy practices of those websites or apps, and they are not covered by this Policy. You should review the privacy policies of other websites or apps that you use to learn about their data practices.

The Platforms may also include integrated social media tools or “plug-ins,” such as social networking tools offered by third parties. If you use these tools to share information or you otherwise interact with social media features on the Platforms, those social media companies may collect information about you and may use and share such information in accordance with their own policies, including by sharing such information with us or the general public. Your interactions with third-party social media companies and the use of their features are governed by the privacy policies of the companies that provide those features. We encourage you to read the privacy policies for any social media accounts you create and use.

7. BIOMETRIC INFORMATION WE COLLECT

Through various technology features, including but not limited to our virtual technology features and/or when you upload a photo through one of our Platforms, we may collect data that potentially falls under the definitions of “biometric identifiers” or “biometric information” under the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1 et seq. and Texas Capture or Use of Biometric Identifier Act (“CUBI”), Bus. & Com. § 503.001 et seq. “Biometric identifiers” are defined as retina or iris scans, fingerprints, voiceprints, or scans of the hand or face geometry. “Biometric information,” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual.

Any collection of biometric identifiers and biometric information are for the sole purpose of assisting you in viewing how certain eyeglasses may look on your facial features. We will not disclose or disseminate any biometric information to any entity, other than those contracted parties that assist us in providing this service to you, or as required by applicable federal, state or local law, or required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.

We will not share your biometric identifiers and biometric information with any entity except in the following cases:

We will share your biometric identifiers and biometric information with contacted parties that assist us in providing services to you via our Platforms

We will share your biometric identifiers and biometric information where it is required by applicable federal, provincial, or local law

We will share your biometric identifiers and biometric information where it is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction

We shall retain any biometric identifiers or biometric information for the limited period of time required to provide you with the service, and shall not exceed six months as long as you consent to such retention, maintain an account with us, and expressly request to save your virtual profile to your account. If you do not maintain an account with us we shall retain biometric identifiers or biometric information for up to six months, but we will not be able to retrieve or connect your information to your identity. After six months, all biometric identifiers or biometric information we have collected from you shall no longer be retrievable or readable by our operating systems or applications.

We use appropriate technical, administrative, and physical safeguards to store, transmit, and protect from disclosure any biometric identifiers or biometric information collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same or more protective than the manner in which we store, transmit, and protect from disclosure other confidential and sensitive information.

Biometric information will only be collected by us with your prior explicit consent. Before using our virtual technology features, you will be prompted with a copy of this policy. By clicking “I accept” you are consenting to our collection and storage of your biometric identifiers or biometric information.

8. NOTICE TO NEVADA RESIDENTS

Nevada law allows Nevada residents to opt out of the sale of certain types of personal information. Subject to several exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. We currently do not sell personal information as defined in the Nevada law. However, if you are a Nevada resident, you still may submit a verified request to opt out of sales and will record your instructions and incorporate them in the future if our policy changes. You may send opt-out requests to eyecare@eyebuydirect.com or via our interactive web form located here.

9. NOTICE TO VIRGINIA RESIDENTS

The Virginia Consumer Data Protection Act (“VCDPA”) provides Virginia residents with the right to receive certain disclosures regarding the personal data we process about them. For purposes of this section, personal data means any information that is linked or reasonably linkable to an identified or identifiable natural person. Personal data does not include de-identified or publicly available information as the VCDPA defines those terms.

For a discussion of the categories of personal data we process, the purposes for our processing, the categories of personal data that we share with third parties, and the categories of third parties with whom we share personal data, please see Section 1 through 3 above, and Section [ ] below.

If you are a Virginia resident, the VCDPA grants you the right to: (1) confirm whether or not we are processing your personal data to access such personal data; (2) correct inaccuracies in your personal data, taking into account the nature of the personal data and the purposes of the processing of your personal data; (3) delete personal data you have provided or we have obtained about you; (4) obtain a copy of your personal data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another controller without hindrance, where the processing is carried out by automated means; and (5) opt out of the processing of your personal data for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

We process personal data for targeted advertising.

To exercise your rights, please email us at eyecare@eyebuydirect.com, with your name, the fact that you are a Virginia resident, and specifying the right(s) you wish to invoke. You may also submit your request via our interactive webform located here. If we refuse to take action regarding your request, you may appeal our decision by email us at eyecare@eyebuydirect.com. If you would like to opt out of targeted advertising, you may alter your cookie preferences by following the instructions in the Cooke Policy section of this Site.

10. NOTICE TO CALIFORNIA RESIDENTS

The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”), requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, sale, sharing, and retention of personal information and of the rights of California residents regarding their personal information. This section of the Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this section does not apply to you and you should not rely on it.

The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, de-identified or aggregated information or lawfully obtained, truthful information that is a matter of public concern. For purposes of this “NOTICE TO CALIFORNIA RESIDENTS” section we will refer to this information as “Personal Information.”

Notice at Collection of Personal Information

We currently collect and, in the 12 months prior to the Last Updated date of this Policy, have collected the following categories of Personal Information:

Identifiers (name, postal address, online identifier, Internet Protocol address, email address, date of birth or age)

Unique personal identifiers (device identifier; cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology; customer number)

Telephone number

Partial credit card (or other payment account) number

Insurance policy number

Medical information

Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application, or advertisement)

Geolocation data

Commercial information (records of personal property, products or services purchased, obtained, or considered; other purchasing or consuming histories or tendencies; or other commercial information)

Biometric information (imagery of iris, imagery of retina, fingerprint, imagery of face, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted)

Characteristics of protected classifications under California or federal law (sex/gender), age (40 and older)

Inferences drawn from above information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

We collect Personal Information directly from California residents and from advertising networks, data analytics providers, and operating systems and platforms. We do not collect all categories of Personal Information from each source.

In addition to the purposes stated above in the Section “HOW WE USE YOUR INFORMATION” we currently collect and have collected and sold the above categories of Personal Information for the following business or commercial purposes:

Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards

Helping to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for these purposes

Debugging to identify and repair errors that impair existing intended functionality

Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of your current interaction with us, provided that your Personal Information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your individual consumer’s experience outside the current interaction with us, including, but not limited to, the contextual customization of ads shown as part of the same interaction

Performing services including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services

Providing advertising and marketing services, except for cross-context behavioral advertising, to you provided that, for the purpose of advertising and marketing, our service providers and/or contractors shall not combine the Personal Information of opted-out consumers that the service provider or contractor receives from us, or on our behalf with Personal Information that the service provider or contractor receives from, or on behalf of, another person or persons or collects from its own interaction with you

Undertaking internal research for technological development and demonstration

Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us

Advancing our commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction

Sale, Sharing, and Disclosure of Personal Information

The following table identifies the categories of Personal Information that we sold or shared to third parties in the 12 months preceding the Last Updated date of this Privacy Policy and, for each category, the categories of third parties to whom we sold or shared Personal Information:

Category of Personal Information Categories of Third Parties
Identifiers (name, postal address, online identifier, Internet Protocol address, email address) Advertising networks; data analytics providers; social media networks
Unique personal identifiers (device identifier; cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology; customer number, unique pseudonym or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer or device) Advertising networks; data analytics providers; social media networks
Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application, or advertisement) Advertising networks; data analytics providers; social media networks
Commercial information (records of personal property, products or services purchased, obtained, or considered; other purchasing or consuming histories or tendencies; or other commercial information) Advertising networks; social media networks
Inferences drawn from above information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes Advertising networks; social media networks

We sold or shared Personal Information to third parties for the following business or commercial purposes:

Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards

Advancing our commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction

The following table identifies the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding the Last Updated date of this Privacy Policy and, for each category, the categories of recipients to whom we disclosed Personal Information.

Category of Personal Information Categories of Recipients
Identifiers (name, postal address, online identifier, Internet Protocol address, email address, date of birth or age) Subsidiaries and affiliates; operating systems and platforms
Credit card (or other payment account) information Payment processors
Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application, or advertisement) Subsidiaries and affiliates; operating systems and platforms; social media networks
Geolocation information Subsidiaries and affiliates; operating systems and platforms
Commercial information (records of personal property, products or services purchased, obtained, or considered; other purchasing or consuming histories or tendencies; or other commercial information) Subsidiaries and affiliates; operating systems and platforms
Education information Subsidiaries and affiliates
Biometric information (imagery of iris, imagery of retina, fingerprint, imagery of face, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted) Operating systems and platforms
Characteristics of protected classifications under California or federal law (sex/gender), age (40 and older) Subsidiaries and affiliates; operating systems and platforms
Inferences drawn from above information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes Subsidiaries and affiliates; operating systems and platforms

We disclosed Personal Information for the following business or commercial purposes:

Performing services including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services.

We do not knowingly collect, sell, or share the Personal Information of consumers under 16 years of age. We do not use Sensitive Personal Information for purposes other than those the CCPA and its regulations allow for.

Retention of Personal Information

We retain your Personal Information for as long as necessary to fulfill the purposes for which we collect it, such as to provide you with the service you have requested, and for the purpose of satisfying any legal, accounting, contractual, or reporting requirements that apply to us.

Your Rights

If you are a California resident, you have the following rights with respect to your Personal Information:

The right to know what Personal Information we have collected about you, including the categories of Personal Information, the categories of sources from which we collected Personal Information, the business or commercial purpose for collecting, selling or sharing Personal Information (if applicable), the categories of third parties to whom we disclose Personal Information (if applicable), and the specific pieces of Personal Information we collected about you;

The right to delete Personal Information that we collected from you, subject to certain exceptions;

The right to correct inaccurate Personal Information that we maintain about you;

If we sell or share Personal Information, the right to opt out of the sale or sharing;

If we use or disclose sensitive Personal Information for purposes other than those allowed by the CCPA and its regulations, the right to limit our use or disclosure; and

The right not to receive discriminatory treatment by us for the exercise of privacy rights the CCPA confers.

How to Submit a Request to Know, Delete, and/or Correct

You may submit a request to know, delete, and/or correct through our interactive webform available here or by calling us toll free at 1-855-393-2891 or emailing eyecare@eyebuydirect.com.

If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, we will require additional information to verify your authority to act on behalf of the California resident.

Our Process for Verifying a Request to Know, Delete, and/or Correct

We will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request.

We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure, deletion, or correction as applicable.

For requests to access categories of Personal Information and for requests to delete or correct Personal Information that is not sensitive and does not pose a risk of harm by unauthorized deletion or correction, we will verify your identity to a “reasonable degree of certainty” by verifying at least two data points that you previously provided to us and which we have determined to be reliable for the purpose of verifying identities.

For requests to access specific pieces of Personal Information or for requests to delete or correct Personal Information that is sensitive and poses a risk of harm by unauthorized deletion or correction, we will verify your identity to a “reasonably high degree of certainty” by verifying at least three pieces of Personal Information you previously provided to us and which we have determined to be reliable for the purpose of verifying identities. In addition, you must submit a signed declaration under penalty of perjury stating that you are the individual whose Personal Information is being requested.

Right to Opt Out of Sale or Sharing of Personal Information

If you are a California resident, you have the right to direct us to stop selling or sharing your Personal Information.

You may submit a request to opt out of sales or sharing through our interactive webform available by clicking on this link. You also may submit a request by calling us a 1-855-393-2891 or emailing us at eyecare@eyebuydirect.com. To opt out of our use of third-party advertising Cookies, please see the section “How You Can Opt Out of Cookies” above.

California privacy rights metrics
Request to Know (Access)

- Requests Received: 19
- Requests Completed in Whole or in Part: 19
- Requests Not Completed*: 0
- Average Days to Complete: 25

Request to Delete

- Requests Received: 758
- Requests Completed in Whole or in Part: 758
- Requests Not Completed*: 0
- Average Days to Complete: 25

Do Not Sell My Information

- Requests Received: 797
- Requests Completed in Whole or in Part: 797
- Requests Not Completed*: 0
- Average Days to Complete: 25

This data reflects all requests received from individuals in the U.S. as well as certain requests from individuals outside of the U.S. between January 1 and December 31, 2022.

* Requests may not be completed due to various factors including because a request was not verifiable, was made multiple times, or where we did not have any personal information associated with the requester.

Notice of Financial Incentives

EBD offers programs, benefits, and other offerings related to the collection, retention, use, or sale of your Personal Information that may be deemed a “financial incentive” or “price or service difference” under the California Consumer Privacy Act (“CCPA”). We are providing you this information so that you may make an informed decision on whether to participate in our programs, including our Loyalty Program, Referral Program, and Exclusive Club. Participation in our promotional programs is always optional! You can end program participation at any time by contacting us at eyecare@eyebuydirect.com to unsubscribe or cancel your participation in any program. We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights. Please note that we may add or change incentive programs, or their terms by posting notice on the program descriptions and terms linked to above, so check them regularly.

Each financial incentive or price or service difference relate to the collection and use of personal information is based upon our reasonable, good-faith determination of the estimated value of such information to our business, taking into consideration the value of the offer or benefit itself and the anticipated revenue generation that may be realized by rewarding brand loyalty. We calculate the value of the offer and financial incentive by using the expense related to the offer.

By participating in any of the referenced promotional programs, you agree that the benefits are reasonably related to the Personal Information collected, retained, used or sold.

Shine the Light Law

If you are a California resident, California Civil Code § 1798.83 permits you to request information regarding the disclosure of your personal information by us to third parties for the third -parties’ direct marketing purposes (as those terms are defined in that statute). To make such a request, please send an email to eyecare@eyebuydirect.com with the subject line “Shine the Light Request”.

11. NOTICE TO CANADA RESIDENTS

Please see Parts 1-3, above, for a description of the personal information held by us, a general account of its use, and what personal information we make available to related organizations. Subject to exceptions set out in privacy legislation, residents of Canada may request to view, update, or correct their personal information by contacting our privacy officer at the information provided in the “CONTACT” section below. In order to protect your privacy, we will take steps to verify your identity before granting you access to the information or enabling you to make corrections. Please keep in mind that certain information may be subject to exceptions if, for example, the information is protected by solicitor-client privilege, part of a formal dispute resolution process, about another individual that would reveal their personal information or confidential commercial information, or would be prohibitively expensive to provide. In some instances, you may have consented to the collection of your personal information. Subject to legal and contractual requirements and reasonable notice, you may withdraw your consent at any time; however, without your consent, we may not be able to provide you with our services or products if your personal information is necessary for us to be able to provide them.

12. YOUR CHOICES

To opt out of our email marketing or to unsubscribe from our email newsletters, you can contact our customer service department using the information in the “CONTACT” section below, or you can use the link provided at the bottom of each marketing message or newsletter. If you choose to opt out, you will continue to receive email communications related to our transactions with you.

If you would like to update your mailing information or want your name and address removed from our direct mailing list, you can contact our customer service department using the information in the “CONTACT” section below.

You can control the tools on your mobile devices. For example, you can turn on and off the GPS locator or push notification on your phone. Please consult your mobile device’s user guide for instructions on clearing cookies, enabling and disabling location services, and disabling push notifications.

When you make a purchase, you can choose to save your information to obtain a faster checkout for purchases and/or you can choose to receive emails or texts, which provide you with information regarding our other products and services. We obtain your consent before contacting you with certain non-emergency, automated, autodialed, prerecorded, or other telemarketing phone calls or text messages. You are not required to grant consent to telemarketing calls or texts as a condition of buying any goods or services. Also, you may revoke your consent at any time at the contact information listed at the end of this policy. Message and data rates may apply. We will retain your personal information for the period necessarily to fulfill the purposes of your personal information collection, unless a longer retention period is required or permitted by law.

13. CHILDREN’S PRIVACY

We understand the importance of protecting children’s privacy, especially in an online environment. Our Platforms are not intentionally designed for or directed at children less than 16 years of age. We do not knowingly collect personal information from children under the age of 16 without the consent of the child’s parent or guardian. We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the internet. If we are aware of any personal information relating to children that we have collected, we will take steps to securely remove it from our systems.

14. UPDATING YOUR INFORMATION

You may request to view, update, or correct your Personally Identifiable Information by contacting our privacy office at the information provided in the “CONTACT” section below. In order to protect your privacy, we will take steps to verify your identity before granting you access to the information or enabling you to make corrections.

15. SECURITY

We maintain reasonable and appropriate safeguards to help protect your personal information from loss and from unauthorized acquisition. We monitor activity on our Platforms to prevent any unauthorized disclosure of information. In addition, we utilize a licensed system for credit card authorization and fraud detection. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

16. DO NOT TRACK SIGNALS

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many online services, we currently do not alter our practices when we receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you can visit https://www.allaboutdnt.com, but we are not responsible for the completeness or accuracy of this third-party information.

17. TRACKING ACROSS TIME AND TECHNOLOGIES DISCLOSURE

Some information about your use of the service and certain third-party services may be collected by us or by third parties using tracking technologies across time and services and used by us and third parties for purposes such as to associate different devices you use and deliver relevant ads and/or other content to you on the service and certain third-party services.

We are committed to ensuring this Policy is accessible to individuals with disabilities. To request this Policy in an alternative format, please reach out to us at the Contact information provided below.

19. COOKIE POLICY

Like many other companies, Luxottica of America Inc. (“Luxottica,” “we,” “our,” or “us”) uses cookies and other tracking technologies (such as pixels and web beacons) (collectively, “Cookies”) when you visit our websites including our blogs and client portals (“Sites”), and use the services provided through our Sites (“Services”). This Cookie Policy explains how we use Cookies and how you can manage them. Please review the Privacy Policy featured on our Sites to learn more about our privacy practices.

This Cookie Policy covers the following topics:

1. Cookies and Online Tracking Technologies We Use

2. How You Can Manage Cookies

3. How to Contact Us

Cookies and Online Tracking Technologies We Use

“Cookies” are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).

We may use the following types of Cookies:

Strictly Necessary Cookies

These Cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these Cookies, but some parts of the Sites will not then work. These Cookies do not store any personally identifiable information.

Performance Cookies

These Cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Sites. They help us to know which pages are the most and least popular and see how visitors move around the Sites. If you do not allow these Cookies we will not know when you have visited our Sites and will not be able to monitor its performance.

We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Sites and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.

We may use Cookies and similar technologies third-party vendors provide to collect information on user behavior (e.g., screens and pages visited, buttons and links clicked, limited information entered, and user taps and mouse movements). This information enables us to monitor and improve the user experience.

Functional Cookies

These Cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these Cookies, then some or all of the Services may not function properly.

Targeting Cookies

These Cookies may be set through our Sites by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other websites. If you do not allow these Cookies, you will experience less targeted advertising.

Social Media Cookies

These Cookies are set by a range of social media services that we have added to the Sites to enable you to share our content with your friends and networks. They are capable of tracking your browser across other websites and building a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these Cookies, you may not be able to use or see these sharing tools.

How You Can Manage Cookies
Your Preferences

When you first visit our Sites, you may be presented with a banner that offers you choices about whether to accept or reject Cookies or tracking technologies of different types. If you wish to manage your Cookies, you can do so by clicking here.

Browser Settings

Cookies can be blocked by changing your Internet browser settings to refuse all or some Cookies. If you choose to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Sites.

You can find out more about Cookies and how to manage them by visiting www.AllAboutCookies.org.

Platform Controls

You can opt out of Cookies set by specific entities following the instructions found at these links:

Adobe: https://www.adobe.com/privacy/opt-out.html

Google: https://adssettings.google.com

Facebook: https://www.facebook.com/about/ads

Microsoft: https://account.microsoft.com/privacy/ad-settings/

Twitter: https://twitter.com/personalization

Advertising Industry Resources

You can understand which entities have currently enabled Cookies for your browser or mobile device and how to opt-out of some of those Cookies by accessing the Network Advertising Initiative’s website or the Digital Advertising Alliance’s website. For more information on mobile specific opt-out choices, visit the Network Advertising Initiative’s Mobile Choices website.

Please note that these opt-out mechanisms are specific to the device or browser on which they are exercised. Therefore, you will need to opt out on every browser and device that you use.

20. MOBILE MESSAGING PRIVACY POLICY

Eyebuydirect uses cookies to collect information around abandoned shopping carts. A cart is considered abandoned within one hour of inactivity/lack of purchase. Once the timer has expired an SMS message will be sent as a reminder.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. This includes affiliate or business partners the Opt in is not transferable to another party involved in their process.

21. CONTACT

If you have questions or wish to contact us about this Policy, please direct inquiries to:

Privacy OfficerLuxottica Retail North America, Inc.
4000 Luxottica Place
Mason, Ohio 45040
Phone: 513-765-4321
Email: privacyoffice@luxotticaretail.com