EU Privacy Policy
EU Privacy Policy
Effective date: 29/10/2020
We respect your privacy and, therefore, we are committed to protecting any information we collect from you. This Privacy Policy will inform you how we look after your data, setting out the basis on which any data we collect from you, or that you provide to us, will be processed by us. Please read these terms carefully because by using our services, you agree to the collection and use of information in accordance with this policy.
We operate a website (easee.online) that you may use for the purpose of performing a vision test that may allow you to update your eyewear prescription (the Service). Your use of our Service is subject to this Privacy Policy and our Terms of Use.
Our use of any individually identifiable health information you provide is subject to the requirements of the United States’ Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the European General Data Protection Regulation 2016/679 (“GDPR”).
1. Purposes of Data Processing, Legal Basis, Legitimate Interests and Categories of data
1.1 General
We collect, store and process data exclusively in accordance with valid legal stipulations and only as much as this is necessary for the fulfillment of the contract obligations between ourselves and you. This comprises of:
Identity Data, which includes name, date of birth, gender, and webcam data. The only reason for collecting webcam data during the eye exam is to help us to provide you with accurate results. Through your webcam, we check the conditions of the room, measure your pupillary distance and verify that instructions are followed correctly.
Contact Data when you create an account, which includes email address, phone number, and home address.
Health Data, which includes information provided by you regarding your health conditions (e.g. pregnancy, diabetes, and eye surgery) and information collected from your previous glasses and contact lens prescription. When you perform our online eye test, you disclose certain information about yourself by (1) answering a series of questions to determine whether you are eligible to participate in the online eye test (the “Health Questionnaire”), (2) performing a series of tasks to help licensed optometrists or ophthalmologists (each an “eye care professional”) determine whether to issue you an updated prescription, and (3) communicating with us or our eye care professional in connection with your use of the Services (see more information about health data in section 2.1).
Financial Data, which includes details about your payment status. We use Stripe as a payment processor and do not store payment information ourselves (stripe is an independent personal data administrator and acts as a payment service provided by Stripe Inc., which allows users to make online payments). Payment processing services enable us to process payments by credit card, bank transfer or other means. To ensure greater security, we only share the information necessary to execute the transaction with the financial intermediaries handling the transaction. Some of our services may also enable the sending of timed messages to you, such as emails containing invoices or notifications concerning the payment.
Technical Data, which includes your internet protocol (IP) address, your login data, browser type, operating system and platform, and other technology on the devices you use to access this website;
Profile Data, which includes your email address and password for any accounts set up to access our services, purchases or orders made by you and feedback responses;
Usage Data, which includes information about how you use our website, products and services;
Marketing and Communication Data, which includes your preferences in receiving marketing from us and our third parties and your communication regarding reminders to finish or redo the test, promotions and informational emails.
All of the above processing of your personal data is conducted on the basis of your consent (Art. 6 Para. 1 lit. a) GDPR). As far as the processing is based on your consent, you have the right to withdraw your consent at any time. To exercise this right you can contact us at any time by email at [email protected].
1.2 Health information
“Health Information or Personal data concerning health” is information that relates to your past and present health or vision conditions (including medications, ailments, and prescriptions) that is derived from your use of our online eye test. Some Health Information may be subject to laws and regulations, including HIPAA and GDPR. Your health information is important to us in order to guarantee that you are eligible to undergo the online eye test and to support our eye care professional on the decision to whether or not issue a new prescription. Like any other personal data processed by us, the legal basis for processing your health information is Art. 6 Para. 1 lit. a) GDPR as the collection of the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
In order to facilitate your use of our online eye test and to help an eye care professional determine your need for an eyewear prescription, we may collect the following information when you use the Service:
your name, age, email address, username, or other personal information or health information contained in your easee account;
answers and written information that you submit during the Health Questionnaire.
your answers to actions taken during the test;
health Information prepared by an eye care professional who provides you Services.
any other information that you submit to us in connection with your Health Questionnaire, the test, the prescription check, or the validation service, including information exchanged in emails, texts, chats, or calls between you and easee.
In addition, we may use or disclose your health information to send appointment confirmations and reminders, and communicate with other providers, such as your eye doctor.
Any other uses or disclosures not set forth in this Privacy Policy may only be performed with your written permission, which you can revoke, in writing, at any time.
2. How do we collect your data?
2.1 Data uploaded by you
You directly provide us with most of the data we collect. Thereby, all the identity data, contact data, health data, financial data and profile data are uploaded by you (see section 2). We will not process any personal data of yours without first asking for your consent (Art. 6 Para. 1 lit. a) General Data Protection Regulation). We collect data and process data when you:
– Register online or place an order for our services;
– Voluntarily complete a customer survey or provide feedback on our message board or via email;
– Use our online eye test;
– Upload your visual acuity or prescription information manually or through an old prescription.
2.2. Information we automatically collect:
Information from cookies and other technologies
We collect and process data when you use or view our website via your browser’s cookies. You will find more information on how we use cookies, under section 11.
Web logs and Usage information
We record certain information and store it in log files when you interact with our Services. This information may include device and browser information, operating systems details, device type, internet protocol (IP) address, URLs of referring/exit pages, and search terms.
Through your computer
We may collect information about your approximate location from your IP address. Your location information is necessary to confirm your location while using the Services, so we can be sure that your results are reviewed by an eye care professional from your region.
3. How do we protect your data?
We have put in place appropriate technical and organizational security measures to prevent your data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. All online interaction with our services is protected with SSL/TLS.
In order to help secure your personal information, access to your data on our website is password-protected, and sensitive data is protected by encryption when it is exchanged between your web browser and our website. To protect any data you store on our servers, we also regularly audit our system for possible vulnerabilities and attacks.
However, it is your responsibility to protect the security of your login information. Please note that e-mails and other communications you send to us through our website are not encrypted, and we strongly advise you not to communicate any confidential information (including medical histories or financial information) through these means.
We will keep backups containing your data for at most 90 days. Additionally, we will irretrievably remove any personal information from our systems and keep anonymized log data for statistical and forensic purposes.
4. How do we use your information?
Some ways we may use your information include:
– to provide, personalize, and improve our Service;
– to provide you with the prescription services;
– to communicate with you, including to respond to your comments or questions, and to send you updates about your prescription;
– to help us improve the customer experience;
– to provide you information, recommendations, and marketing materials about our products and Services (see section 6 and 7);
– Images of you: when you submit a photo, webcam pictures, or other image of you, we don’t share those images with any third parties, but we may use them to assess the conditions of the room, measure your pupillary distance and verify that instructions are followed correctly.
We may use your health information and personal information to determine the vision correction that you need, and for quality assurance, internal testing and analysis, and to make improvements to the Services. Also, to communicate with you through our customer service, including replying to any questions you might have, we may use your health and personal information. In addition, we may use your health information and personal information to remind you to renew your prescription, or to send your old prescription before we can issue a new one.
If you receive an eyewear prescription as a result of your use of our online eye test, we will email you a copy of the prescription and/or add the prescription information to your easee account. If the eye care professional determines that you are not eligible for an updated eyewear prescription through our online eye test, then we will notify you.
5. Processing of your Data for Advertising and Informational Purposes
In addition to processing your data for the purpose of delivering the service, we also use your data in order to exchange information with you concerning your test, including reminders to redo the test, promotions and informational emails. Also, we might email you with special offers regarding our services and products.We offer you the possibility of registering for our newsletter. The processing of your electronic contact data for this purpose is thus affected solely on the basis of your consent (Art. 6 Para. 1 lit. a) GDPR). You may revoke your declared consent at any time with future effect without giving any reasons. For this purpose, you can contact us via [email protected] and we will reply as soon as possible.
6. Email
As a customer of easee you will receive emails. This way you will remain informed of the service provision and of any new offers and services that might be valuable to you. All communication through this channel will include an option to unsubscribe from this service.
Please be aware that if you unsubscribe, we will no longer be able to inform you of your vision status in the future. We will use your information only for the above purposes or a purpose closely linked to this. This way, your information will never be used unexpectedly.
7. Sharing your data with third parties
We make sure that any data shared with our partners remains secure and that you give us your consent before we disclose this information.
We will share your personal data with third parties where required by law, where it is necessary to administer our relationship with you or complete our obligations under a contract with you, or where we have another legitimate interest in doing so, as providing you with a service you have expressed interest in. This is the case, for example, when we share your test results with a partner you are willing to acquire eye accessories from, using, therefore, our services in order to first renew your glasses or contact lens prescription. We may also, upon your specific consent, share the data we collected with our business partners who wish to use this data for marketing purposes.
All our third-party partners are required to take appropriate security measures to protect your personal information. We only permit third-party service providers to process your personal data for specified purposes and in accordance with our instructions. To the extent reasonably possible, we will ensure all third-party providers that have access to your personal data, will act in accordance with relevant data privacy laws. In any case, if we share your information, we do so only as described below.
With an eye care professional: If you decide to purchase a prescription, we will share your health and personal Information with one or more eye care professionals, who will evaluate the results of your health questionnaire and eye test.
With our business partners: We may work with business partners such as optical retailers. Therefore, we may provide products or services to you jointly with our business partners. When we do this, we will clearly show you that a business partner is associated with your transaction, and we will only share information with them that is related to your transaction and in accordance with your request to share with that partner.
For legal purposes: We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with any applicable law.
With contractors: we may share your information with contractors that help us to provide you with our services, including, for example, payment processing and website-related services, such as web hosting.
With healthcare providers: Depending on the country you live, we may share your information with your health insurance in order to process your claim and so that we can complete the payment process.
8. No information from children
The protection of minors is a particular concern of ours. As set forth in the Terms of Use, we only process data from persons who, at the time of the test, have attained the age of 16. For this reason, we also collect information concerning your date of birth for verification purposes when an order is placed.
If you are under the age of 16, please do not attempt to register with us at this Site or provide any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 16, we will promptly delete that information.
9. EU citizens: what are your personal data protection rights?
The right to access – You have the right to request copies of your personal data from us. Therefore, we will provide the information once a year, free of charge, on whether personal data concerning you is being processed or not, and if so, what information is being processed.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our company’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that our company transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email [email protected].
10. Cookies
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology.
We use cookies in a range of ways to improve your experience on our website, including keeping you signed in and understanding your use of our website. Another reason that we deploy cookies is to statistically register the usage of our website and in order to assess the optimization of what we offer to you, including information specifically tailored to you.
10.1. What type of cookies do we use?
Functional cookies - we use these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
Advertising cookies - Our Company uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. Our Company sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.
Analytical cookies - we use Google Analytics, a web analysis service of Google Inc. Google Analytics uses cookies and text files, which enable an analysis of the usage of the website by you. On behalf of the operator of this website, Google will use this information in order to evaluate your usage of the website and to compile reports on the website activities.
10.2. How to manage cookies?
You can set your browser to not accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
11. Privacy Policy of other websites
Our website contains links to other websites. Our privacy policy applies only to our websites, so if you click on a link to another website, you should read their privacy policy.
12. Where do we store your data
If you provide us with personal information, your data will be stored in Europe, regardless of the country you live in. Therefore, by using and accessing our Services, users who reside or are located in countries outside of the European Union agree and consent to the transfer and processing of personal information on servers located outside of the country where they reside.
13. Changes to our Privacy Policy
We keep our privacy policy under regular review and place any updates on this web page. We will not reduce your rights under this Privacy Policy without your consent in accordance with applicable law. If the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.
14. How to contact us
If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy or otherwise need to contact us, our helpdesk is available from Monday to Friday between the hours of 9 a.m. to 6 p.m., CEST / CEDT, and can be reached via [email protected] or [email protected]. We will reply as soon as possible.
© 2022 easee Inc. All rights reserved.