At Designer Glasses, we respect your privacy rights and take the security of your Personal Data very seriously.
Data protection laws changed from 25th May 2018 when the General Data Protection Regulations (“GDPR”) came into effect, giving individuals greater rights on the Personal Data or Personally Identifiable Information (“PII”) that we hold about them. Even after the Brexit transition on 31st December 2020, UK organisations must still comply with GDPR requirements, as the Data Protection Act 2018 already enacts the EU GDPR’s requirements in UK law.
Personal Data is any information capable of identifying an individual (“Data subject”). This information may include but is not limited to: Name, address, email, telephone number, IP address.
How do we collect Personal Data
Designer Glasses holds Personal Data requested on our website for the purpose of replying to an enquiry. If you choose to withhold any Personal Data required, it may not be possible to provide a response.
Designer Glasses holds Personal Data for our Clients for the purpose of performing a contract. This legal basis applies to data required to process an online payment or deliver a product purchased online.
Designer Glasses may collect financial information for payment processing through a third party payment processor but retains no financial or personally identifiable information on its own systems.
It is very important that the Personal Data that we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at firstname.lastname@example.org and we will update it accordingly.
How do we use your Personal Data
Designer Glasses will only process Personal Data where we have a legal basis to do so.
Designer Glasses uses Personal Data from our website for the purpose of fulfilling an enquiry.
Designer Glasses uses Personal Data from our website for the purpose of direct marketing, asking for consent as appropriate.
Designer Glasses uses Personal Data from our Clients for the purpose of fulfilling a contractual obligation.
Designer Glasses may use Personal Data where it is necessary for our legitimate interests and the interests and fundamental rights of the data subject do not override those interests. These legitimate interests include:
- Evaluating how customers use our services.
- Developing our services and growing our business.
- Recovering debts owed to us.
- Advising customers of changes to our services or prices.
- Advising customers of changes to our policies.
- Designer Glasses may use Personal Data where we need to comply with a legal obligation.
How do we protect your Personal Data
Designer Glasses has put in place appropriate security measures and controls to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees and other third parties who have a business need to use such data. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
When you enter Personal Data on our website, it is encrypted in transit using TLS/SSL and transmitted over HTTPS.
We maintain appropriate administrative, technical and physical safeguards to protect Personal Data at rest on our systems. This may include password protection, access/authentication controls, pseudonymisation and encryption.
How long do we retain your Personal Data
Designer Glasses will only retain your Personal Data for as long as is necessary to fulfil the purposes for which it was collected for, including for the purposes of satisfying any legal, accounting, regulatory or reporting requirements.
Personal Data collected from our website for the purpose of responding to an enquiry is retained by Designer Glasses for 30 days and then is securely deleted.
Designer Glasses will retain Personal Data on behalf of our Clients for as long as required to provide our services to that Client or as otherwise required to by law.
International Transfer of Personal Data
Designer Glasses do not transfer Personal Data to systems outside of the European Economic Area (“EEA”).
Controller and Processor
Designer Glasses processes Personal Data both as a Controller and as a Processor as defined in the GDPR.
All Personal Data is stored securely on Digital Ocean or Amazon Web Services. All website hosting is performed in accordance with the highest security regulations. Designer Glasses has sought confirmation from its providers, ensuring compliance with the GDPR. Eg. All data is processed on servers in the European Economic Area only.
Third Party Processors
Designer Glasses works with a number of third party service providers including but not limited to the ones named in the ‘Controller and Processor’ section.
These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the Personal Data provided to these service providers to that which is reasonably necessary for them to perform their functions. We have sought confirmation that our third party processors and service providers are GDPR compliant, thus requiring them to maintain the confidentiality of any Personal Data provided to them.
Designer Glasses does not carry out business with or knowingly collect any Personal Data from anyone under the age of 13. In the event that we find out or are informed that we have collected information from a child under the age of 13, we will delete that Personal Data as quickly as possible.
Special Category Data
Designer Glasses does not by default collect any Special Category or sensitive personal data. Special Category data is defined in the GDPR as information that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
Depending on whether you need to enter an eyesight prescription as part of purchasing a product, we may need to collect information about your ocular health.
Data breach or compromise of Personal Data
Designer Glasses have put in place procedures to deal with any suspected data breach.
In the event that Personal Data is compromised as a breach of security, Designer Glasses will promptly notify any affected data subjects or Clients as well as the Information Commissioner’s Office (“ICO”) in compliance with the GDPR.
From 25th May 2018, you will have extended rights in relation to our use of your Personal Data. These are:
Right of access to your Personal Data
You are entitled to a copy of the personal information we hold about you and certain details of how we use it. You will not have to pay a fee to access your Personal Data. However, we may charge a reasonable fee if your request is manifestly unfounded, excessive or repetitive.
If your request is made electronically, we will provide the Personal Data in a commonly used electronic format, once we have verified your identity. Else it will be in writing.
Right to rectification
Designer Glasses takes reasonable steps to ensure that the Personal Data we hold about you is accurate and complete. However, if you do not believe that this is the case, please contact us and make a request for rectification verbally or in writing.
Please note that Designer Glasses can refuse to comply with a request for rectification if we believe that we are satisfied that the data is accurate or that a request is manifestly unfounded or excessive (In which case we can charge a reasonable fee before dealing with the request).
In either case we will contact you within one month of the request.
Right to erasure
This right is also known as ‘the right to be forgotten’. It is not absolute and only applies in certain circumstances, whereby you have the right to ask us to erase your personal information. An example would be where the Personal Data we collected is no longer necessary for the original purpose for which it was collected or where an individual withdraws their consent (Where consent was the lawful basis for holding the data).
Please note that a request for right to erasure also needs to be balanced against other factors, for example according to the type of personal information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.
Right to restrict processing
This is not an absolute right but in certain circumstances, as an alternative to requesting the erasure of Personal Data, you are entitled to ask us to stop using your Personal Data. An example would be where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to process your personal information.
When processing is restricted, Designer Glasses are still permitted to store the Personal Data but not to use it.
Right to data portability
In certain circumstances, you have the right to ask that we transfer any Personal Data that you have provided to us to another organization or third party. The Personal Data will be provided free of charge and in a structured, commonly used and machine readable form such as a CSV file.
Right to object
You can ask us to stop sending you direct marketing messages at any time. Designer Glasses will stop processing Personal Data for direct marketing purposes as soon as we receive an objection.
Right not to be subject to automated-decision making
An individual has the right to object to their Personal Data being input into a system or computer and a decision or profile being calculated by an automatic process rather than by a human.
Designer Glasses do not make automated decisions or carry out profiling using Personal Data.
Right to withdraw consent
Where Designer Glasses has asked you for explicit consent, you have the right to withdraw your consent to further use of your Personal Data at any time. Please note we may not be able to provide you certain services if you withdraw your consent.
If you wish to exercise any of the rights set out above, you can do so by contacting us in the ‘How to Contact Us’ section below. You will not have to pay a fee. However, we may charge a reasonable fee for the administrative costs of complying with the request if your request is manifestly unfounded, excessive or repetitive.
We may also need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (Or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
Once we have confirmed your identity, we will endeavour to implement any requests within 7 days and no later than one month from the time of the original request.
Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Links to other websites
How to Contact Us
If you wish to contact Designer Glasses, wish to withdraw your consent or have any additional questions about Designer Glasses collection and storage of your Personal Data, our details are:
L Dollay Optometrist Limited
259 Bexley Road
Tel: + 44 (0) 800 731 8118
or by email at email@example.com
If you are not happy with any aspect of how Designer Glasses collect and use your data, you have the right to lodge a complaint to the Information Commissioner’s Office (“ICO”) https://ico.org.uk/, who are the UK supervisory authority for data protection issues.
However, we would be grateful if you could contact us first if you do have a complaint so that we can try to resolve it for you.
Last updated: 01/01/2021