The manager of your personal data is OPTIC GURU, SIA, reg. No. 50103179811, address: Mednieku Street 21/23, Ogre, LV-5001, Latvia (hereinafter referred to as the COMPANY).
In order to be able to use the services of the COMPANY, you voluntarily entrust us with your personal data, thus becoming a BUSINESS CUSTOMER (hereinafter referred to as the CLIENT). While the COMPANY undertakes to respect your rights to the legal processing and protection of the personal data and to observe all other regulatory requirements applicable to the processing of personal data.
The purpose of this POLICY document is to provide you with the information provided in the regulatory enactments regarding the processing of your personal data in the course of the provision of the service (hereinafter - POLICY) . Below you will find the following information:
Chapter 1 About how and what personal data we collect;
Chapter 2 Why we handle them (our intentions and reasoning);
Chapter 3 If and how we pass them on;
Chapter 4 How we protect data and how long we keep them
Chapter 5 How these data are available to the CLIENT;
Chapter 6 Our Commercial Disclaimer.
This POLICY is permanently available to the public and we have the right to make corrections or additions to it.
1 Collected personal data and methods of obtaining data
1.1. The following CLIENT'S personal data can be processed using the COMPANY's services:
1.1.1. Name and surname;
1.1.2. Cell Phone Number;
1.1.3. E-mail address;
1.1.4. Delivery address;
1.1.5. Five products for visual correction (PWR, BC, DIA, CYL, AXIS);
1.1.6. Image taken from the video surveillance system of the premises;
1.1.7. Internet protocol addresses (source IP address, date and time).
1.2. Payment cards, bank account data are not processed in the COMPANY systems, but payment and automatic payment functions are provided by a safe third party service, which does not receive personal data (only order number and amount) from the COMPANY and the CLIENT can independently carry out remote money transfer.
1.3. With the help of this POLICY we inform the CUSTOMER that by using the COMPANY services the CLIENT's personal data are obtained in the following ways:
1.3.1. collecting the data provided by the CLIENT to us by filling in any forms and information fields on our web sites ;
1.3.2. collecting data provided by the CLIENT to our employees during communication (by phone, e-mail or on-site);
1.3.3. collecting data received from third parties (for example, doctor referrals) in the framework of the goods or services required;
1.3.4. obtaining data from the operation of the video surveillance system;
1.3.5. collecting connection data at the time of the use of the site.
1.4. This POLICY is applicable to the processing of data, regardless of the form and / or environment the CLIENT has provided his / her personal data and on which company's electronic systems or in paper form they have been processed.
2 Purpose of the data processing, legal basis and purpose
2.1. COMPANY processes personal data for the following purposes:
2.1.1. For the sale of goods and services:
- to identify the customer for the conclusion and performance of a service contract;
- a guarantee for the fulfilment of obligations, as well as consideration and processing of other claims;
- improvement of goods and services, development of new goods and services;
- to promote the use of the service;
- for advertising and distribution of goods and services for commercial purposes;
- for customer retention, loyalty and satisfaction measurement;
2.1.2. Business Planning and Analysis:
- for the preparation of reports, incl. statistics and business analysis;
- planning, accounting and measuring the efficiency of the company;
- customer surveys.
2.1.3. Providing information to the state administration and operational activities institutions in cases and in the extent specified in external legal regulations.
2.1.4. Protecting our property, investigating incidents and complaints, and monitoring the quality of service provision.
2.1.5. To monitor and improve our website activity and security.
2.2. The legally obtained personal data will only be used for the following purposes:
2.2.1. In order to verify the identity of the CLIENT for the purpose of establishing the contractual obligations, as well as to ensure fulfilment of the contractual obligations. To communicate with the CLIENT in the context of contractual obligations and to inform about any changes in the particular service;
2.2.2. In order to fulfil the obligation imposed by the external regulations binding to the COMPANY;
2.2.3. In order to ensure and improve the quality of the provision of the Company, as well as to enable the Company to expand its business by promoting its goods or services by informing about them in a safe and reasoned way or by consulting the customers who have given their voluntary consent;
2.2.4. In order to able to protect their legitimate interests of the COMPANY.
3 Processing and transfer of personal data
3.1. We disclose personal data of our clients only within the European Union and only to our affiliated companies, our cooperation partners who are directly involved in the provision of the requested service to the CLIENT, for example, to the supply companies. In the cases when personal data are processed by third parties, they must process Personal Data in accordance with these guidelines and binding Personal Data Protection Law requirements, and solely for the purpose of providing these services.
3.2. We provide the above-mentioned third parties with the minimum amount of personal data of the CLIENT for the performance of the requested service.
3.3. The transfer of information to other third parties can only be done in a safe manner and only on the basis of a legally justified request or statutory activity.
4 Data storage and protection
4.1. The CLIENT from his side is solely responsible for the strength, frequency of changing, uniqueness of his User Access Password (when the passwords do not match on the various Internet resources that he uses) and the secrecy of the access data. The CUSTOMER is informed and agrees that all actions performed on the COMPANY’s site using the User's access data are binding to the CLIENT and will be considered as CLIENT's.
4.2. The COMPANY, for its part, is concerned about the CLIENTS's data security, and we make reasonable use of all available technical and organizational capabilities to store data so that they are not available to third parties. All data are stored on servers that meet high security standards and are protected against unauthorized access and misuse. We ensure that all reasonable steps are taken to protect the provided electronically transferred personal information and their transmission over the Internet. The connection between the CLIENT equipment and our servers takes place in a secure, encrypted connection (SSL technology).
4.3. COMPANY keeps and processes the CLIENT's personal data while there is at least one of the following criteria:
4.3.1. While the contract with the CLIENT is valid;
4.3.2. While in accordance with the procedures prescribed by external regulations, the COMPANY or the CLIENT can exercise their legitimate interests (for example, to submit objections or to initiate a civil claim in the court);
4.3.3. While one of the parties is required to store the data;
4.3.4. While the CLIENT’s agreement on the relevant processing of personal data is in force, if there is no other legitimate basis for the processing of the above mentioned data.
After the circumstances referred to in this clause expire, the CLIENT's personal data are irreversibly anonymized. The purpose of the COMPANY is to provide its services in the way to protect in the formation also from accidental or abusive destruction. Therefore, after anonymizing or deleting information on our servers, it may take some time before these changes in the data completely apply to all of our IT systems and their backups.
4.4. Only COMPANY employees, the performers who need to know this information in order to provide the service and who must comply with strict contractual privacy requirements, who may be subject to disciplinary action or even dismissal in the event of gross negligence of these requirements, may access personal information.
5 Availability of information to the CLIENT
5.1. The purpose of the COMPANY is to provide the CLIENT with access to his or her personal information.
5.2. In case of any changes in the information provided by the CLIENT to us at the conclusion of the service agreement or during the further cooperation, as well as if the CLIENT has discovered that we process inaccurate personal data, we ask the CLIENT to correct this information himself or inform us about the need to correct the specific personal data.
5.3. According to the Personal Data Protection Laws, it is our responsibility to provide the CLIENT with information about what information the CLIENT has at our disposal.
5.4. The CLIENT has the right to have free access to this information no more than twice a year. In case the CLIENT requests the access more often, we will provide it for remuneration, the amount of which will be such as to cover the cost of preparing this information.
5.5 A CLIENT can file a claim for the exercise of his rights:
5.5.1. In the form of a written application on-site in our office, Mednieku street 21/23, Ogre, presenting a personal identification document;
5.5.2. By e-mail, sending us an application form, signed with a secure electronic signature, to the e-mail address firstname.lastname@example.org;
5.5.3. It is allowed to modify the CLIENT data only in a limited amount by telephone, and only if the CLIENT can be safely and unambiguously identified by the telephone.
5.6. Upon receipt of the CLIENT's request to exercise his/her rights, we verify the identity of the CLIENT, evaluate the request and execute it in accordance with the regulations.
6 Commercial announcements
6.1. We communicate with the CLIENT using the CLIENT's contact information. If the site user agrees to become our customer, we will use the data specified in the customer's questionnaire only for the provision of services and for sending information in the manner specified by the CLIENT.
6.2. The minimum amount of data to be provided by a site user in order to be able to provide our services is: name, password, mobile phone number and current, accessible email address. All other information indicated is voluntary and helps us send more and personalized shipments to the CLIENT.
6.3. We communicate commercial notices, our and / or third party services and other non-related notifications about direct provision of contracted services (e.g. customer surveys), in accordance with the CLIENT's consent or external regulations.
6.5. In order to post or display CLIENT's personalized ads on the site, we do not link the used identifiers from cookies or similar technologies with sensitive personal data categories.
6.6. We are constantly striving to improve our services. It also includes the analysis of the information sent, for example by reviewing whether the specified email addresses, telephone numbers are valid, whether the newsletter has been opened, the links to which they are addressed, and whether there has been any response.
6.7. We can also communicate, including commercial notices, by using automated email or text messaging systems.