Specsavers Privacy Notice for U.S. Residents
This Privacy Notice is for U.S. residents. For EU/UK residents, please reference our policy at https://www.specsavers.co.uk/legal/privacy-statement.
This is the Privacy Notice of Ainsly Inc. ('we', 'us'), which trades as Specsavers and operates www.specsavers.com ('our website'). We refer to our website, all features, functionality and content of our website as the ‘Services’.
The protection of your personal information is of utmost importance to us, so we set out herein how we collect and process personal information about you (referred throughout as ‘Personal Data’), how we use and protect your Personal Data, and your rights in relation thereto. In simplest terms, Personal Data is information, or a combination of pieces of information, that could reasonably allow you to be identified. By using our website and/or using the Services, you are accepting and consenting to the collection, use, disclosure and other handling of your Personal Data as described below.
1. Personal Data collected or received from you
In the course of providing our Services, we collect or receive your Personal Data in a few different ways. Often, you choose what information to provide about yourself, but sometimes we require certain information for you to use and for us to provide you the Services.
A. Personal Data you provide directly to us
When you use the Services or engage in certain activities, such as registering for an account with Specsavers, requesting Services or information, or contacting us directly, we may ask you to provide some or all of the following types of information:
- Contact and profile information: namely, your first and last name, email address, postal address (including postcode) and telephone number.
- Account information: namely, your email address, password, log-in details, transaction details and successful referrals
- Credit card information: namely, the name on the card, card type, card number, expiry date and security code is collected and processed by our third party payment processor, which is currently Stripe (the 'Payment Processor'). Payment details you provide to initiate payments on our website are encrypted and maintained using industry standard methods designed to ensure security against loss or theft. The Payment Processor operates a secure server to process payment details, encrypt your credit/debit card information and authorize payment. Please note that we do not have any access to your payment details, such as your credit/debit card information and use and storage of that information by the Payment Processor is governed by the Payment Processor's applicable terms of service and privacy policy (available at: https://stripe.com/gb/legal and https://stripe.com/gb/privacy).
- Lens prescription: namely, the power for each eye which we require to provide you with the lens products that you order from us and may include any photos of your prescription you email to us or upload to your profile.
- Survey responses: we may, from time to time, run surveys on the website for research purposes. Customers may be asked to provide certain information such as why a prescription has been canceled, what they like about the product, and how they feel about interactions with customer service. If you choose to respond to or participate in them, you may be required to provide Personal Data.
- Communications to us: for example reporting a problem or submitting queries, concerns or comments regarding our website, its content or your account.
You are under no obligation to provide any such Personal Data. However, if you should choose to withhold requested information, we may not be able to provide you with certain Services.
B. Personal Data that may be automatically collected
We, along with third parties, also may collect Personal Data about you, your computer or device and your use of the Service via automated means (for more information about these technologies, see our separate Cookies Policy. This Personal Data may include:
- Personal Data about your visits to the website and use of the Services, the resources you access, any data you download and information related to the ways in which you interact with the website and the Services.
- IP addresses (including the general information in such address, such as city, county and postcode), unique device identifiers, other information about your mobile phone or other mobile device(s), browser types and browser language.
- Referral pages and links, URLs, number of clicks, pages viewed, how long you're on a page, your search queries and results.
- Personal Data about your device, computer and/or browser you use as well as the device's operating system. This may include your device hardware model, operating system version, or mobile network information.
We may also combine Personal Data that we collect from you with Personal Data we obtain about you from third parties and affiliates.
C. Personal Data from third parties
We may obtain additional information about you from third parties such as marketers, partners, researchers and others, but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your Personal Data to us.
We use the information we receive from these third parties to maintain and improve the accuracy of the records we hold about you, and to offer you products that we believe you would be interested in.
D. Anonymous, pseudonymous or de-identified data
We may use Personal Data and other information about you to create anonymized and aggregated information, such as de-identified demographic information, de-identified location information, de-identified purchasing information, information about the computer or device from which you access the Services, or other analyses we create. Anonymized and aggregated information is used for a variety of functions, including the measurement of visitors’ interest in and use of various portions or features of the Services. Anonymized or aggregated information is not Personal Data, and we may use such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes. Our use and disclosure of anonymized and/or de-identified information is not subject to any restrictions under this Privacy Notice and we may disclose it to others without limitation for any purpose.
We may pseudonymize your data through a technique called "hashing". We may use pseudonymized data with our partners (such as Facebook) to find additional potential customers for our products and services by finding people with similar preferences. These partners will keep the data secure and will only use such data for the purpose for which we provide it to them.
2. How we use your Personal Data and the basis on which we use it
We may use your Personal Data for the following purposes:
- Identification and authentication: we use your identification information to verify your identity when you access and use our website and to ensure the security of your Personal Data. We use your Personal Data for this purpose so that we can comply with our contractual obligations to you.
- Processing orders: we use your Personal Data to process the orders you have requested and notify you of your order status. This is so we can provide the services to you in line with our contractual obligations to you.
- Improving our website and services: we analyze information about how you use our website and services to provide an improved experience for our customers. It is in our legitimate business interests to use the information provided to us for this purpose, so we can understand any issues with our website and services to improve it.
- Communicating with you: we may use any of the categories of your Personal Data when we communicate with you, for example if we are providing information about changes to our website or Services or if you contact us with questions. It is in our legitimate interests that we are able to provide you with appropriate responses and provide you with notice about our services.
- Marketing: we may use your Personal Data to personalize the marketing messages and special offers we send to you, to make them more relevant and interesting, as this is in our legitimate business interests. Where necessary, we will obtain your consent first. If you do not want to receive marketing messages from us, you can opt-out using the 'Unsubscribe' functionality in our communications to you or by contacting us at the details below.
- Exercising our rights: we may use any of the categories of your Personal Data to exercise our legal rights where it is necessary to do so, for example to detect, prevent and respond to fraud claims, intellectual property infringement claims or violations of law or the contract.
3. Information sharing
We may share your Personal Data with third parties and affiliated entities under the following circumstances:
- Service providers and business partners. We may share your Personal Data with our service providers and business partners that perform marketing services and other business operations for us. For example, we currently, and may in the future, parth4er with other companies to process secure payments, fulfil orders, optimize our services, send newsletters and marketing emails, support email and messaging services and analyze information. Our service providers and business partners will only act as processors on our behalf and use your information to the extent and for the duration necessary to perform their functions.
- Public information. If you post information or content publicly on or through the Services (including when you submit comments or reviews of our products or Services), or post content publicly elsewhere, including on your social media accounts, that relates to us or the Services, we may receive and share that public information with third parties, based on our legitimate business interest in marketing our products and services.
- Disclosures to Protect Us or Others (e.g., As Required by Law and Similar Disclosures). We may access, preserve, and disclose your Personal Data, other account information, and content if we believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) respond to your requests; (iii) protect yours’, ours’ or others’ rights, property, or safety; (iv) to enforce Specsavers policies or contracts; (v) to collect amounts owed to us; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable.
- Asset purchasers. We may share your Personal Data with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. In these types of transactions (such as a sale, merger, liquidation, receivership, or transfer of all or substantially all of Specsavers’ assets), member information is typically one of the business assets that is transferred. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your Personal Data uses it in a manner that is consistent with this Privacy Policy.
- Interest-Based Advertising and Third Party Marketing. We may use third-party Web analytics Services on the website, such as those of Google Analytics. We may also share certain information about you and the device you use to access the Services in order to deliver tailored advertising. These service providers use the technology described in the ‘Personal Data and automated collection’ section and our Cookies Policy to help us analyze how users use the website and to deliver advertising. The information collected by the technology (including your IP address) will be disclosed to or collected directly by these services providers, who use the information to evaluate your use of the website. Learn about opting out of Google Analytics.
4. Information security and storage
We implement technical and organizational measures designed to safeguard the privacy of your Personal Data from loss, alteration, unauthorized access or improper use. These measures are aimed at ensuring the on-going integrity and confidentiality of Personal Data. To this end, we regularly evaluate our security measures to ensure the security of the processing and only authorized personnel have access to our customers’ Personal Data. Backups are run to prevent loss of information and our internet servers are housed in secure facilities. Whilst we cannot guarantee or warrant that loss, alteration, unauthorized access or improper use of information will never occur, we use all reasonable efforts to prevent it.
Unfortunately, despite these measures, the transmission of information via the internet is never completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to the website, and any transmission is at your own risk. You can help us prevent unauthorized access to your Specsavers account and your Personal Data by choosing a secure password and protecting it appropriately and limiting access to your device and browser by logging out of your account after you have finished your session. Finally, we recommend that you change your password from time to time for additional security. Please advise us immediately if there is any unauthorized use of your account by any other Internet user or any other breach of security.
5. International data transfer
Your Personal Data may be transferred to, stored, and processed in a country outside the United States.
When we do, we put in place appropriate safeguards in accordance with applicable legal requirements to ensure that your data is adequately protected.
6. Retention
We keep your Personal Data for as long as you have an active account with us, or as otherwise necessary for the purposes described in this Privacy Notice as updated from time to time. When determining any longer retention period, we consider what is necessary to comply with our legal obligations (such as financial reporting obligations) and the expectations of regulators (including data protection regulators), resolve disputes or collect fees owed, conduct audits, as well as the amount of time which personal data is actually useful for the purposes described in this Privacy Notice. Afterwards, we dispose of your Personal Data securely, but may retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
As stated above, you can request us to erase some or all of your Personal Data from our systems, and you can delete your account with us at any time, by contacting us using the contact details set out below.
7. External Links
Our website may contain links to external websites. We assume no responsibility for the privacy practices or the content of those websites. Therefore, please read carefully any privacy policies on those websites before either agreeing to their terms or using those websites.
8. Contact us
If you need to contact us in connection with our use of your Personal Data, then please contact >hello@support.specsavers.com or +1-833-356-4349 . We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy.
9. Changes to the policy
You may request a copy of this privacy notice from us using the contact details set out above. We may modify or update this privacy notice from time to time. You will be able to see when we last updated the privacy notice because we will include a revision date. Changes and additions to this privacy notice are effective from the date on which they are posted. Please review this privacy notice from time to time to check whether we have made any changes to the way in which we use your Personal Data.