Supermax, Inc. d/b/a/ Aveo Vision (“Company”, “We”, “Our”) respects your privacy and is committed to protecting it through our compliance with this policy. This document describes the types of information we may collect or that you may provide when you access, use, or register with Aveo Vision’s website and mobile application (collectively “Services”) and our practices for using, maintaining, protecting, and disclosing that information.
Information We Collect and How We Collect It
We collect information from and about users of our Services:
- Directly from you when you provide it to us
- Automatically when you use the Services
Information You Provide to Us
When you use or register with the Services, we may ask that you provide information by which you may be personally identified, such as your name, telephone number, postal address, email address, date of birth, location, contact lens prescription, eye doctor information, credit card information, and any other identifier by which you may be contacted online or offline (“Personal Information”).
This information includes:
- Information that you provide by filling in forms in the Services. This includes information provided at the time of registering to use the Services, posting material, and requesting further services. We may also ask you for information when you report a problem with the Services.
- Details of transactions you carry out through the Services and of the fulfillment of your orders. You may be required to provide financial information before placing an order through the Services, and we are required by law to verify or obtain a copy of your prescription from the medical professional whom you designate.
- Records and copies of your correspondence (including e-mail addresses and phone numbers), if you contact us.
- Your responses to surveys that we might ask you to complete for research purposes.
Automatic Information Collection
When you download, access, and use the Services, it may use technology to automatically collect:
- Usage Details. When you access and use the Services, we may automatically collect certain details of your access to and use of the Services, including traffic data, location data, logs, and other communication data and the resources that you access and use on or through the Services.
- Device Information. We may collect information about your computer, mobile device, and internet connection, including the computer or mobile device’s unique device identifier, IP address, operating system, browser type, mobile network information, and the device’s telephone number.
We may track your use across different websites and services. In some countries, including countries in the European Economic Area (“EEA”), the information referenced above in this section may be considered personal information under applicable data protection laws. If you do not want us to collect this information, then do not use the Services.
Use of Personal Information We Collect
We may use the information we collect from you in the following ways:
- To set up your account with us.
- To personalize your user experience and to allow us to deliver the type of content and offerings in which you are most interested.
- To deliver service messages and other services and content you request, and to send information related to accounts and services, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
- To conduct an aggregated analysis of the performance of our Services.
- To store your credit card information, contact lens prescription, and eye doctor information, in order to fulfill recurring orders, expedite future orders, and automate the billing process.
Legal Basis for Processing Personal Information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only (i) where we need the personal information to perform a contract with you; (ii) where the processing is in our legitimate interests and not overridden by your rights; or (iii) where we have your consent to do so. We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Security of Your Personal Information
The security of your Personal Information is important to us. When you enter sensitive information (such as credit card number) on our Services, we encrypt that information using secure socket layer technology (SSL).
Aveo Vision takes reasonable security measures to protect your Personal Information to prevent loss, misuse, unauthorized access, disclosure, alteration, and destruction. Please be aware, however, that despite our efforts, no security measures are impenetrable.
If you use a password on the Services, you are responsible for keeping it confidential. Do not share it with any other person. If you believe your password has been misused, please notify us immediately.
Your Data Protection Rights Under the General Data Protection Regulation (GDPR)
If you are a resident of the EEA, you have the following data protection rights:
- If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing firstname.lastname@example.org.
- In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information. Again, you can exercise these rights by emailing email@example.com.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing firstname.lastname@example.org.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Updating and Accessing Your Personal Information
If your Personal Information changes, we invite you to correct or update your information. We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account, request that we no longer use your information to provide you services, or delete your Personal Information, you may do so through your account settings, or contact us at email@example.com. We will respond to your request to have your Personal Information updated as soon as possible. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Choices About Use of Your Information
You can use some of the features of the Services without registering, thereby limiting the type of information that we collect.
You may unsubscribe from receiving certain promotional emails from us. If you wish to do so, simply follow the instructions found at the end of the email. Even if you unsubscribe, we may still contact you for informational, transactional, account-related, or similar purposes, including messages about your current Aveo Vision account and services.
Third-Party Disclosure and Links
The Services may include links to other websites whose privacy practices may differ from those of Aveo Vision, including but not limited to Visibly, Inc. If you submit Personal Information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any third-party websites you visit.
Social Media Features
Notice Concerning The Information Of Children
Aveo Vision is not directed to children under the age of 13 and does not intentionally collect any information from children under the age of 13. Please contact us if your child has provided Personal Information to us and we will delete the information.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect Personal Information.
In order to be in line with Fair Information Practices, we will take the following responsive action. Should a data breach occur, we will notify the users via email. We also agree to the Individual Redress Principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
International Data Transfers
Changes to This Policy
Aveo Vision may change this Policy from time to time. If we make any changes to this Policy, we will change the “Last Updated” date below and may notify you by email (sent to the e-mail address specified in your account). We encourage you to review this Policy whenever you visit the Services to understand how your Personal Information is used.
Questions About This Policy
If you have any questions about this Policy, our practices related to the Services, or if you would like to have us remove your information from our database, please feel free to contact us at firstname.lastname@example.org.
Last Updated: February 25, 2019