PART I: A COMPREHENSIVE DESCRIPTION OF THE INFORMATION PRACTICES
CATEGORIES of PERSONAL information WE COLLECT
We collect “Personal Information” which is defined under the CCPA as any information that identifies,
relates to, describes, references, is capable of being associated with, or could reasonably be linked,
directly or indirectly, with a particular consumer, household or device, all as detailed in the table below.
Personal Information under the CCPA further includes Sensitive Personal Information (“SPI”) as
detailed in
the table below.
Personal Information does not include: Publicly available information that is lawfully made
available from
government records, that a consumer has otherwise made available to the public; de-identified or aggregated
consumer information; Information excluded from the CCPA or CPRA scope, such as: Health or medical
information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) and the
California Confidentiality of Medical Information Act (CMIA) or clinical trial data; Personal information
covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the
Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA) and the Driver’s
Privacy Protection Act of 1994.
We may have collected the following categories of Personal Information within the last twelve (12)
months:
| CATEGORY | EXAMPLE | COLLECTED |
|---|---|---|
| A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. | Yes: real name, shipping or billing address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, and phone number. |
| B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | Yes: name, age, gender, physical characteristics or description (vision tests), partial credit card number, health insurance policy number and medical information regarding eye care treatment when applicable, including prescription. |
| C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | Yes: Gender. |
| D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Yes: purchase habits, shopping history, transactions, partial credit card number. |
| E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | Yes: information we collect in relation to our Virtual Try-On tool may constitute biometric information under the CCPA. For more information on our processing of information that may constitute biometric information in relation to our Virtual Try-On tool, please review our Privacy Policy available here. |
| F. Internet or other similar network activity. | Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. | Yes: browsing history and search history within and outside our Properties, interaction with our Properties and our advertisement. |
| G. Geolocation data. | Physical location, approximate location derived from IP address or movements. | Yes: approximate geolocation extracted from IP, physical location and GPS when using the App and approving the GPS permission. |
| H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | Yes: pictures uploaded to the site, and recording customer service calls. |
| I. Professional or employment-related information. | Current or past job history or performance evaluations. | Yes: Governed by the Employee Privacy Policy. Please review if you are our employee, for candidates, please review the Candidate Policy. |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | No |
| K. Inferences drawn from other personal information. | Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | Yes: gender, certain demographic data, profiling. The profiling is not based on SPI. |
| L. Sensitive personal information. | Government-issued identifying numbers, financial account details, genetic data, precise geolocation, race or ethnicity, religious or philosophical beliefs, union membership, mail, email, text messages, biometric data, health data, and sexual orientation or sex life. | No |
categories of Sources of Personal Information
- Directly and indirectly from your actions within the Properties.
- Directly from you when you contact us, use the VTO tool, purchase, respond to a survey or provide feedback.
- From third-parties, advertising and analytic vendors, advertising networks, social networks share information with us when you log in, data enrichment vendors, etc.
USE OF PERSONAL INFORMATION
We may use the Personal Information collected as identified above, for the following purposes: to fulfill or
meet the reason you provided the Personal Information (support, respond to a query, review create an
account, use the VTO, purchase and deliver glasses and lenses, etc.); monitor and improve our Properties or
Services; provide the Services; marketing our Services; analyzing our Services, Properties and your use of
the Services and Properties; respond to law enforcement; or otherwise as detailed in our Privacy Policy.
We will not collect additional categories of Personal Information or use the Personal Information we
collected for materially different, unrelated, or incompatible purposes without providing you notice.
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE
We may disclose your Personal Information to a contractor or service provider for a Business
Purpose. When
we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and
requires the recipient to both keep that personal information confidential and not use it for any purpose
except performing the contract; we further restrict the contractor and service provider from selling or
sharing your Personal Information. In the preceding twelve (12) months, we might have disclosed the
following categories of Personal Information for a business purpose:
| "BUSINESS PURPOSE (AS DEFINED UNDER CCPA)" | "DATA CATEGORY (CORRESPONDING WITH THE TABLE ABOVE)" | CATEGORY OF RECIPIENT |
|---|---|---|
| Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards. |
Category A Category D Category F Category G |
Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards. |
| Helping to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for these purposes. |
Category A Category B Category F |
Subsidiaries, operational partner, security and fraud prevention providers, operating systems. |
| Debugging to identify and repair errors that impair existing intended functionality |
Category A Category B Category F |
Analytic providers, operational partner, security and fraud prevention providers, operating systems. |
| Short-term, transient use, provided the personal information that is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction. |
Category A Category D Category F Category G |
Advertising networks; data analytics providers; social media networks. |
| Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider. |
Category A Category D Category E Category F Category G Category H |
Payment processors, fraud prevention providers, payment orchestration providers, VTO providers for the sole purpose of providing the services, subsidiaries, affiliated companies, operating systems, CRM, ERP, shipping partners, health care providers, health insurance, Trust Pilot or other survey providers, customer support, cloud computing and storage vendors, fulfillment vendors, frames and lens vendors, etc. |
| Undertaking internal research for technological development and demonstration. |
Category A Category D Category F Category G Category H |
Developers, operating systems, cloud and hosting providers, SaaS platforms for task management and development, customer support and optimization tools. |
| Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned or controlled by the business. |
Category A Category D Category F Category G Category H Category K |
Developers, operating systems, cloud and hosting providers, security providers, SaaS platforms for task management and development, customer support and optimization tools. |
| Providing advertising and marketing services, except for cross-context behavioral advertising, to you provided that, for the purpose of advertising and marketing, our service providers and/or contractors shall not combine the Personal Information of opted-out consumers that the service provider or contractor receives from us, or on our behalf with Personal Information that the service provider or contractor receives from, or on behalf of, another person or persons or collects from its own interaction with you. |
Category A Category D Category F Category G Category K |
Advertising networks; data analytics providers; social media networks. Marketing service providers and technical platforms such as E-mail and text messaging providers, CRM and tracking tools (tracking within the Properties). |
| Advancing our commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction. |
Category A Category D Category F Category G Category K |
Advertising networks; data analytics providers; social media networks. Marketing service providers and technical platforms such as E-mail and text messaging providers, CRM and tracking tools (tracking within the Properties). |
SALE OR SHARE OF PERSONAL INFORMATION
We do not “sell” or “share” information as most people would commonly understand that term, we do not, and
will not, disclose your Personal Information in direct exchange for money or some other form of payment.
For retargeting and analytic purposes, when we promote our Properties and advertise our products, we use
third-party providers and tracking tools, advertising networks and social media. They provide these services
by placing cookies, pixel or other tracking technology on our Properties and sharing with these vendors the
online identifiers and online behavior information. The CCPA defines these actions as “sharing” or
“selling”.
In the preceding twelve (12) months, we “sell” or “share” the following categories of Personal Information
for a business purpose:
| PURPOSE OF SALE OR SHARE | DATA CATEGORY (CORRESPONDING WITH THE TABLE ABOVE) | CATEGORY RECIPIENT |
|---|---|---|
| Targeted advertising, CCBA, promoting the Properties and Services, analytics and | marketing tools, analytic tools, advertising networks, social media networks, media buying, search platforms. |
Category A Category F Category G |
CHILDREN UNDER AGE 16
We do not knowingly collect information from children under the age of 16.
DATA RETENTION
The retention periods are determined according to the following criteria:
- For as long as it remains necessary in order to achieve the purpose for which the Personal Information was initially processed.
- To comply with regulatory obligations. For example: transactional data will be retained for up to seven years (or even more under certain circumstances) for compliance with our bookkeeping obligations purposes.
- To resolve a claim, we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.
PART II: EXPLANATION OF YOUR RIGHTS UNDER THE CCPA and how to exercise them
YOUR RIGHTS UNDER THE CCPA AND HOW CAN YOU EXERCISE THE RIGHTS?
If you are a California resident, you may exercise certain privacy rights related to your Personal
Information. You may exercise these rights free of charge, except as otherwise permitted under applicable
law. We may limit our response to your exercise of these privacy rights as permitted under applicable law,
all as detailed herein:
| CALIFORNIA PRIVACY RIGHT | DETAILS |
|---|---|
| The right to know what Personal Information the business has collected and access rights. | The right to know what Personal Information the business has collected about the consumer, including the categories of personal information, the categories of sources from which the Personal Information is collected, the business or commercial purpose for collecting, selling, or sharing Personal Information, the categories of third parties to whom the business discloses Personal Information, and the specific pieces of Personal Information the business has collected about the consumer. You can exercise your right by reviewing this Notice and the Privacy Policy, in case you would like to receive the specific pieces please fill in this form to receive a copy of your data: https://privacy.saymine.io/GlassesUSA. |
| Deletion Rights. |
The right to delete Personal Information that the business has collected from the consumer,
subject to certain exceptions.
You can exercise your right for deletion in the following ways:
|
| Correct Inaccurate Information | The right to correct inaccurate Personal Information that a business maintains about a consumer. At any time, you may correct any of the account data we collect, or otherwise you may contact us at: privacy@glassesusa.com. |
| Opt-Out of Sharing for Cross-Contextual Behavioral Advertising (“CCBA”) or from selling, where applicable. |
You have the right to opt-out of the “sharing” of your personal information for
“cross-contextual behavioral advertising,” often referred to as “interest-based advertising” or
“targeted advertising”. You may opt out through the “do not
sell or share my personal information” button available within the Properties’ footer
or within the App settings.
You may further opt out through device settings (opt-out from tracking AAID, ADID, please see
the following for information applicable to all devices:
https://thenai.org/opt-out/mobile-opt-out/).
Further, you can opt-out from interest-based advertising, CCBA, by using Self-Regulatory Program
for Online Behavioral Advertising such as:
Digital Advertising Alliance’s (“DAA”): https://www.aboutads.info/choices and
https://www.aboutads.info/appchoices, and the
Network Advertising Initiative (“NAI”):
https://www.networkadvertising.org/choices.
Last, you are able to install privacy-controls in the browser's settings to automatically signal
your opt-out preference to the websites you visit (like the “Global Privacy Control”). We honor
the Global Privacy Control as a
valid request to
opt-out of the sharing of information linked to
your browser.
In any event, please keep in mind:
|
| Non-Discrimination | The right not to receive discriminatory treatment by the business for the exercise of privacy rights conferred by the CCPA, including an employee’s, applicants, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights, denying a consumer goods or services, charging different prices or rates for goods or services, providing you a different level or quality of goods or services, etc. |
| Data Portability | You may request to receive a copy of your Personal Information, including specific pieces of Personal Information, including, where applicable, to obtain a copy of the Personal Information you provided to us in a portable format. In case you would like to receive the specific pieces please fill in this form to receive a copy of your data: https://privacy.saymine.io/GlassesUSA. |
NOTICE OF FINANCIAL INCENTIVE
We may, at times, offer you various financial incentives such as loyalty programs, discounts and special
offers when you provide us with contact information and identifiers such as your name and email address.
When you sign-up for our loyalty program, email list or other discounts and special offers, you opt-in to a
financial incentive. You may withdraw from a financial incentive at any time by opting out from our email or
closing your loyalty member account. Generally, we do not assign monetary or other value to Personal
Information, however, California law requires that we assign such value in the context of financial
incentives. In such context, the value of the Personal Information is related to the estimated cost of
providing the associated financial incentive(s) for which the information was collected. You can end program
participation at any time by contacting us at privacy@glassesusa.com to
unsubscribe or cancel your
participation in any program. We will not discriminate against you, in any manner prohibited by applicable
law, for exercising these rights.
AUTHORIZED AGENTS
You can designate an authorized agent to submit requests on your behalf. However, we will require written
proof of the agent’s permission to do so and verify your identity directly.
RESPONSE TIMING AND FORMAT
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we
require more time (up to an additional forty-five (45) days), we will inform you of the reason and extension
period in writing. We will deliver our written response by mail or electronically, at your option. If we
determine that the request warrants a fee, we will tell you why we made that decision and provide you with a
cost estimate before completing your request.
CONTACT US:
privacy@glassesusa.com
UPDATES:
This notice was last updated on July 11, 2023. As required under the CCPA, we will update our Privacy
Policy
every 12 months. The last revision date will be reflected in the “Last Modified” heading at the top
of this
Privacy Policy.
PART III: OTHER CALIFORNIA LAWS AND RIGHTS
CALIFORNIA DIRECT MARKETING REQUESTS:
California Civil Code Section 1798.83 permits you, if you are a California resident, to request certain
information regarding disclosure of Personal Information to third parties for their direct marketing
purposes. To make such a request, please contact us at: privacy@glassesusa.com
DO NOT TRACK SETTINGS:
Cal. Bus. And Prof. Code Section 22575 also requires us to notify you how we deal with the “Do Not Track”
settings in your browser. As of the effective date listed above, there is no commonly accepted response for
Do Not Track signals initiated by browsers. Therefore, we so not respond to the Do Not Track settings. Do
Not Track is a privacy preference you can set in your web browser to indicate that you do not want certain
information about your web page visits tracked and collected across websites. For more details, including
how to turn on Do Not Track, visit: www.donottrack.us.
