WHO ARE WE
OPTELEC is the data controller and responsible for the use your personal data. OPTELEC has different brands, who each have their own websites. OPTELEC is a wholly owned subsidiary of the Vispero group of companies. An overview of companies that fall within the scope of the Vispero group, can be found here.
WHAT PERSONAL DATA DO WE COLLECT?
We collect data that you choose to provide to us when you visit, make a purchase or interact on our Site, by corresponding with us, when subscribing to our newsletter or promotional activities or when filling out surveys. Such personal data may include the following:
General categories of personal data
- Your contact details - Your name, your company name, postal address, email address, phone number and geographic region.
- Your account data and electronic identification data - Your account and the information you add, including your password and information we automatically collect when you visit or interact with the Site, such as IP or MAC address, operating system , browser type and other unique identifiers for the computer, mobile or other device you use to access the Site and any referring website.
- Financial characteristics - The data we collect when you purchase a product or use a Service, such as the amount and date of your purchase, the product you purchase or Service you use, payment method, payment status, discount, delivery method and delivery address.
- Personal characteristics - Gender, date of birth, profession or job, national register number, insurance company and policy number.
- Your communication data - Information we receive if we communicate with you through our commercial offices, at events and exhibitions, online or via our apps. We also collect information about the purchase you do and any complaints and comments that you make.
- Any other personal data - Other information you provide to us, either voluntarily or upon request.
Special categories of personal data
- Your medical file - Information about your eye condition. We receive this information either directly from you or through a third party, such as your optician or another regional institution.
PURPOSES AND LAWFUL BASES FOR WHICH WE USE PERSONAL DATA
We collect and use your personal data for the purposes described below and on the following lawful bases:
- For the performance of our agreement with you - In order to manage and handle your purchases and any receipt of that purchase, to provide you with the relevant products, to take payments for the products that you have purchased and to give refunds or exchanges or other Site feature.
- For our legitimate interests as a business when those interests are not overridden by your interests, fundamental rights or freedoms - Our legitimate interests to analyse visits to and use of the Site to improve and develop our products and Services; to generate aggregate statistics on Site use in order to deliver the type of content, features and promotions that you like the most; to ensure the security of our Services; to provide customer service and support to you, to run surveys and competitions and to notify you about changes to our products.
- For compliance with legal obligations - We will need to process your personal data to verify your identity and to prevent fraud, hacking, cheats and spamming; and to facilitate our response to legal processes (e.g., a court order, warrant or subpoena).
- Based on your consent - We will process special categories of personal data in order to provide you with the right product(s) and for insurance companies to be able to assess the whether or not they will cover the purchase.
We also use your personal data based on your consent when you sign up to receiving our marketing communications through our Site or otherwise expressly consent to the use of your personal data. We always give you the choice whether or not you wish to receive marketing communications from us. To provide you with information that you request from us or which we feel may interest you. You can withdraw your consent at any time by sending an email to firstname.lastname@example.org or by opting-out by following the opt-out instructions in the relevant marketing communication. We will process your personal data in order to provide you with the right product and for insurance companies to be able to rate the risk to be insured by your insurance company.
WHO WE SHARE YOUR PERSONAL DATA WITH
We do not share your personal data other than described in this paragraph:
- Other members of the Vispero Group - We will share your information with other members of the Vispero Group for group analysis and business information purposes, to improve our Services.
- Website hosting partners and processors - We engage third party vendors, agents, service providers, and affiliated entities to provide services to us on our behalf, such as support for the internal operations of our websites, online stores (including payment processors and third parties we use for sending your orders to your home address), Services (e.g., technical support), as well as related offline product support services, data storage and other services.
- Third parties in case of legal requirement - We will also disclose your personal data if we believe we are required to do so by law, or that doing so is reasonably necessary to comply with legal processes; when we believe necessary or appropriate to disclose personal data to law enforcement authorities, such as to investigate actual or suspected fraud or violations of law or breaches of security; to respond to any claims against us; and, to protect the rights, property, or safety of OPTELEC, our customers, or the public. Such third parties may include law enforcement and fraud prevention agencies.
- Third parties with consent - We will also disclose information about you, including personal data to any other third parties, where you have expressly consented or requested that we do so, such as marketing agencies, advertising providers or insurance companies.
- Third parties in case of a corporate transaction - In addition, your personal data may be disclosed as part of any merger, sale, reorganization, transfer of OPTELEC's assets or businesses, acquisition, bankruptcy, or similar event.
- Third party company communications - Our trusted service providers, such as marketing agencies, advertising partners, website hosts and other third parties who provide services to help us tailor our marketing to you.
The security of your personal data is important to us. Therefore we will take reasonable steps to ensure that your personal data are properly secured using appropriate technical, physical and organizational measures, so that they are protected against unauthorized or unlawful use, alteration, unauthorized access or disclosure, accidental or wrongful destruction, and loss.
Please keep in mind that no website or internet transmission is completely secure. Therefore, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. We urge you to take steps to keep your personal data safe, such as closing your web browser when finished using the Site.
CHILDREN UNDER THE AGE OF 16
If you are under the age of 16 and insofar as we rely on consent as legal basis to process your personal data, we will do so if and to the extent that consent is given or authorised by your parents or legal guardian.
We will generally retain the personal data we processed through our Site and Services for as long as it is required for purposes for which the data were collected. Unless we inform you otherwise, this will usually be the period of 3 years after the last interaction with you plus the length of any applicable statutory retention period following such activity.
The information which we collect about you may be transferred to countries other than your country of residence. The laws of these countries may not afford the same level of protection to your personal data. OPTELEC will ensure the adequate standard of security is in place and that all applicable laws and regulations are complied with in connection with such transfer. For data transferred outside the European Economic Area, OPTELEC is using European Commission-approved Standard Contractual Clauses which can be found here or other legally acceptable mechanisms that ensure an adequate level of protection. Where applicable, you are entitled to receive a copy of the relevant contract (such as Standard Contractual Clauses) showing that appropriate safeguards have been taken to protect your personal data during such transfer.
We will take steps in accordance with applicable legislation to keep your personal data accurate, complete and up-to-date. You are entitled to have any inadequate, incomplete or incorrect personal data corrected. You also have the right to request access to your personal data and to obtain a copy of it as well as additional information about the processing and to request us to erase the personal data we hold about you.
The following rights apply in addition to the above to European residents:
- Right to restriction: you have the right to restrict the processing of your personal data, for example in case we no longer need your personal data in view of the initial purposes but they are required by us for the establishment, exercise of defence of legal claims.
- Right to object: you have the right to object to our processing of your personal data which is based on our legitimate interests. We will no longer process your personal data upon your request, unless we have compelling legitimate grounds for the continuation of the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. You may also object to our use of your data for direct marketing purposes. To that end, you may also use the unsubscribe button provided for in every email we send.
- Right to withdraw consent: in cases where we rely on your consent for using your personal data, you can withdraw such consent at any time by sending an email to: email@example.com
- Right to data portability: under circumstances, you have the right to have your personal data transmitted to another data controller in a structured, commonly used and machine-readable format.
- Right to obtain a copy of personal data safeguards used for transfers outside your location: you can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Union. We may redact data transfer agreements to protect commercial terms.
- Right to lodge a complaint: in case you have a question or complaint about how we process your personal data, you can send an email to firstname.lastname@example.org. Alternatively, you could consider to lodge a complaint with a supervisory data protection authority.
For further information regarding your rights, or to exercise any of your rights, please contact us at email@example.com or see section 'How you can contact us' for more details. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
LINKS TO OTHER WEBSITES
CHANGES TO THE POLICY
HOW YOU CAN CONTACT US