Last updated: [2020-06-16]
Our contact details are: EyeBuyDirect, Inc., firstname.lastname@example.org
Our Data Protection Officer is: Stéphane Larriere, email@example.com
1. What information we collect
1.1. Data we collect when you visit our website
When you access our website, we automatically collect and store some of your data in our server logs and in cookies, which are small files sent to your computer when you visit our website.
This data does not allow us to directly identify you; however, it records data related to your browsing activity on our website, such as:
The pages you accessed, and the date and time you accessed them.
Your search requests.
Information on your device, such as hardware model, operating system version, unique device identifier, internet protocol address, hardware settings, browser type, and browser language.
The referral URL (in other words, the website that sent you to EyeBuyDirect, if you came to our website through a prior link).
1.2. Data we collect when you sign up or when you order products
We always aim to deliver the highest level of customer service and experience. Some of the services offered on our website require you to sign up for them. If you want to use these services, we’ll ask you to provide us with accurate personal information, and also to let us know if your personal details change and need updating. If you don’t want to provide this information or any relevant updates, we may not be able to deliver the services you requested.
We collect the following types of personal data when you use our services:
Identification data, including your name, telephone number, e-mail address, home address, login and password, photograph, and date of birth (or age).
IT data, including data related to your browsing on our website, such as the pages that you accessed, the date and time you accessed these pages, your searches, information on your device (hardware model, operating system version, unique device identifiers, internet protocol address, hardware settings, browser type, browser language),and referral URL.
Financial data, including your credit card details, are not stored by us except the last four digits and expiration date. When placing an order, you are redirected to a third-party service provider who handles the payment process.
2. HOW WE USE PERSONAL DATA WE COLLECT
We only ever use your personal data within the limits authorized by laws and regulations, to deliver and enhance our services and your customer experience. Sometimes, we use your personal data because the laws and regulations require us to do so. We do not make any automated decisions, solely based on the automatic processing of your data, which could affect you.
We use your personal data for the following purposes:
We use your identification data to:
Facilitate delivery of your purchases.
Update you on the progress of your order(s).
Send re-stock reminders.
Process automatic re-orders.
Service your account.
To contact you in case of a product recall.
We anonymize your IT data and use it to:
Improve your experience on our website.
Provide the best possible customer service experience.
Help us to identify and report on bugs and issues.
Assess the impact of changes we make on customer behavior.
Analyze and improve the performance of the website.
The payments and refunds are processed through a third-party payment processor.
3. HOW WE SHARE YOUR INFORMATION
At times we may share certain personal information with third parties to provide or improve our products and services, or to send personalized and targeted messages to customers. When we do so, we require those third parties to handle it in accordance with relevant laws.
We may use third-party advertising companies or affiliates to display advertisements on our website. These third-party advertising companies or affiliates may separately place or recognize a cookie file on your browser in the process delivering advertisements to our site. We cannot see the information collected or stored in third party cookies. And we do not provide personal information about you to these third-party advertisers or affiliates, or to any other third party. Still,we seek to protect the integrity of our site and our customers’ privacy, and welcome any feedback about these third-party entities.
4. HOW WE PROTECT YOUR INFORMATION
We have robust measures in place to protect your personal data against unauthorized access, use, or disclosure, including without limitation:
We apply sophisticated technical measures to ensure that your personal data is recorded and processed in complete confidentiality and security.
We apply appropriate restrictions on access to your personal data, and monitoring of the access, use, and transfer of personal data.
All our employees who have access to your personal data are required to enter into non-disclosure or similar agreements, which imposes obligations on them to comply with our data privacy and confidentiality requirements.
We require any business partners and third-party service providers with whom we may share your personal data to comply with any applicable data privacy and confidentiality requirements.
We provide data privacy training on a regular basis to our employees.
5. Your rights
Under applicable data protection laws and regulations, you have the right:
Of access to, correction of, and/or erasure of your personal data.
To restrict or object to its processing.
To tell us that you do not wish to receive marketing information.
In some circumstances: to require certain parts of your personal data to be transferred to you or a third party.
To the extent our processing of your personal data is based upon your consent: to withdraw your consent, without affecting the lawfulness of our processing based on your consent before its withdrawal.
Your email and full name and last name, as registered with EyeBuyDirect.
Your specific petition (in other words, what rights you want to exercise).
The date of the application and your signature (if you sent your application by postal mail).
6. CALIFORNIA CONSUMER PRIVACY ACT DISCLOSURES
6.1. Personal Information Collected, by Category:
The personal information that EyeBuyDirect collects, or has collected, from consumers in the 12 months prior to the effective date of this Disclosure, fall into the following categories established by the California Consumer Privacy Act, depending on which EyeBuyDirect Service is used:
Identifiers such as your name, alias, address, phone numbers, or IP address.
Age, gender, or other protected classifications.
Commercial information, such as purchase.
Geolocation data, such as the location of your device or computer.
Audio or visual information.
Inference data, such as information about your purchase preferences.
6.2. Personal Information Disclosed for a Business Purpose, by Category:
The personal information that EyeBuyDirect disclosed about consumers for a business purpose in the 12 months prior to the effective date of this Disclosure fall into the following categories established by the California Consumer Privacy Act, depending on which EyeBuyDirect Service is used:
Identifiers such as your name, address, phone numbers, or IP address.
Your age, gender, or other protected classifications.
Commercial information, such as the details of a product you purchased if a third-party service provider is assisting to provide that product to you.
Audio or visual information.
6.3. Rights to Your Personal Information.
Under the California Consumer Privacy Act, you may have the right to request access to or the deletion of your personal information, along with information about the collection of your personal information, by EyeBuyDirect. If you wish to take any of these steps, please visit My Account or email us at firstname.lastname@example.org
Depending on your data choices, certain services may be limited or unavailable.
Once we receive and confirm your verifiable consumer request to delete, we will delete the personal information that we hold about you (to the extent provided by law) as of the date of your request from our records. However, please know that a business is not required to comply with a request to delete if it is necessary for the business to maintain the personal information in order to, for example, complete a transaction, detect security incidents, comply with a legal obligation, or otherwise use the personal information, internally, in a lawful manner that is compatible within the context in which the consumer provided the information.
Once submitted, you will receive an email within 10 days that we will use to verify your identity and provide confirmation of your request. We will respond to your request to access or request to delete your information within 45 days from the day we receive the request. If necessary, we may extend the time period to a maximum total of 90 days from the day we receive the request. In this case, you will receive an email notifying you of the extension and explaining the reason for the extension.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such a decision and provide you with a cost estimate before further processing your request.
6.4. Right to Opt-Out of Sale of Personal Information
Right to Opt-Out
The CCPA defines "sell" to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s personal information to another business or a third party for monetary or other valuable consideration.
How to Submit a Request to Opt-Out
How We Process a Request to Opt-Out
We will act upon your request to opt-out within 15 days from the date that you submit the request. However, we may deny the request if we have a good-faith, reasonable, and documented belief that the request is fraudulent. If we deny the request on this basis, we will notify the requesting party and provide an explanation of why we believe the request is fraudulent.
6.5. No Discrimination.
EyeBuyDirect will not discriminate against any consumer for exercising their rights under the California Consumer Privacy Act.
7. CHILDREN’S PRIVACY
We are especially sensitive about children’s information. We do not knowingly collect Personal Information from children under 13. If you are a parent or legal guardian and think your child under the age of 13 has given us information, you can contact us to remove the information. In addition, California minors (under 18 years of age) may in certain circumstances request and obtain removal of content or information. If you are a California minor, you may contact us to make a removal request.
8. EU RESIDENTS AND INFORMATION STORED IN THE UNITED STATES
The Services do not apply to residents of the European Union (EU). If you input your personal information on our website, please understand that your data will be stored in the United States whose privacy laws do not provide equal levels of protection as those of the EU Users who live in, or access our services from countries outside of the United States, thereby agree and consent to their personal information being collected and stored on servers located outside of their country of residence, and acknowledge that protection of this information is not guaranteed to match that level of protection assured to them under the laws of their country of residence or location.