Effective Date: September 1, 2021
Last Reviewed On: August 31, 2021
What Personal Information Do We Collect (and How Do We Collect It)?
“How We Use and Share Personal Information” for more information about why we collect the categories of information below.
Non-Personal Information Collected
Sources of Personal Information
We obtain all of the categories of Personal Information listed above from the following categories of sources:
More About Cookies
We and our third-party service providers automatically collect statistics from your browser, email interactions with us, or device on site usage patterns and your preferences through cookies, web logs, web beacons, and third-party service providers. This information may include Internet protocol (IP) addresses, device ID and type, browser type, Internet service provider (ISP), referring/exit pages, the operating system used by your device, date/time stamp, your mobile device's geographic location, and/or clickstream data.
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. We use session ID cookies to allow visitors to easily navigate during checkout and access their account information. A persistent cookie remains on your hard drive for an extended period of time. We use a persistent cookie to welcome visitors returning to the site and to associate appropriate advertisements for our visitors.
Most Internet browsers allow you to disable, turn the cookie feature off, or reject cookies entirely by changing the settings on your Internet browser. Changing these settings may affect your ability to use certain features and functions of the Websites. Without a session ID cookie, your ability to complete a purchase and checkout will be limited.
If you are accessing our Websites on your mobile device, we may use mobile device IDs (the unique identifier assigned to a device by the manufacturer) or Advertising IDs (for iOS 6 and later), instead of cookies, to recognize you. We do this to store your preferences and track your use of our Websites. Unlike cookies, device IDs cannot be deleted, but Advertising IDs can be reset in 'Settings' on your iPhone.
You may interact with content on our Websites through social media plugins provided by Facebook, Twitter, Google and LinkedIn. We do not control the information that these companies collect when you choose to use their social media tools, whether through cookies or otherwise, nor do we control how these companies use any information they collect. We encourage you to review their privacy policies before interacting with these social media tools.
How Do We Use and Share Personal Information?
We may use or disclose the Personal Information we collect for one or more of the following business purposes:
Disclosures of Personal Information for a Business Purpose
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information to our third-party service providers for the business purposes described above:
We use third-party service providers to provide certain services on our behalf. As part of their services to us, these service providers may have access to some or all of the data that we maintain, including transaction data and your Personal Information, but they are always required to maintain the confidentiality of information they receive from us and are restricted from using the information for any purposes other than those authorized by us.
In addition to third-party service providers, we share all of the categories of Personal Information we collect with government entities (if required by law or reasonably necessary to avoid harm).
Sales of Personal Information
In the preceding twelve (12) months, we have not sold personal information. Our policy is that we do not and will not sell your personal information, unless you give us your consent or direct us to do so.
Opting Out of Communications
You may opt out of receiving (choose not to receive) some types of communications from us to you. The process by which you may opt out is described below, and may be identified in the communication you receive.
If you would like to opt out of future emails, you may click on the “unsubscribe” link at the bottom of the email you receive, or call us at 1-800-637-3597. If you would like to opt out of future direct mailings and telephone calls, you may do so by calling us at 1-800-637-3597. If you no longer want to receive text notifications, you may opt out of receiving further text messages by (a) replying STOP to the text you receive, or (b) by calling us at 1-800-637-3597. Your request to opt out of telephone calls and/or text messages will be recorded with your name and telephone number in our internal records. Your request to opt-out of emails and direct mails will be recorded with your name, email address, and physical address in our internal records. We will process opt out requests within a reasonable time. It may take up to 30 days to process your requests related to direct mailings, text notifications, and telephone calls and up to 10 days to process your requests related to email. You are not required to consent to receive emails, direct mailings, or telephone calls as a condition of purchase. Please note that direct mailings are often prepared many weeks in advance, and you may continue to receive mail for 6 to 10 weeks. Please also note that, even if you opted out of receiving marketing communications from us, we may still contact you for transactional or informational purposes, such as for customer service, exam appointment reminders, or product recalls. We also may need to contact you with questions or information regarding any exams you have had or orders you have placed.
Sale of Personal Information
Contests and Drawings
We may sponsor or host contests or drawings from time to time. Some contests may be offered in conjunction with a third-party sponsor, and you will be notified at the time of the contest as to whether a third-party sponsor is involved and whether the third-party sponsor will be receiving your Personal Information to send promotional communications or for other purposes. You have the ability to choose whether or not to enter the contest at that time based on the terms and conditions associated with that particular contest. Please read all terms and conditions carefully before making your choice.
Links to Third Party Web Sites
We display personal testimonials of satisfied customers on our Websites in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you may contact us at [email protected].
We may verify your prescription information provided with your order with your doctor or eye-care provider as required by federal law. For more information about your Protected Health Information, please see our HIPAA Notice.
We have implemented appropriate physical, electronic, and administrative procedures to safeguard and prevent unauthorized access to, maintain data security of, and correctly use the Personal Information we collect online. Please note that there is risk involved in using the Internet. Thus, our goal is to provide a reasonable level of security based on general industry standards. We therefore recommend that you use every precaution to protect your Personal Information when using the Internet and any other links.
All transactions occur through our secure server, protected by a DigiCert® Secure Site Certificate. That means that we use encryption to secure Personal Information sent from your computer to our servers. In addition, credit card numbers and other sensitive information are encrypted in our database(s) to provide a second layer of security for your Personal Information. When credit card information is transmitted online, we use Secure Sockets Layer (“SSL”) server software to prevent unauthorized access to the information. SSL is a highly sophisticated method of scrambling data as it travels from your computer to our Website servers. You can identify the secure connection by looking for a locked padlock icon at the lower portion of your browser window or on the left side of the URL in the address/search bar.
Our Websites and Services are not directed to children under the age of 16 and we do not knowingly collect Personal Information from children. No one under age 16 may provide any Personal Information on our Websites. It is our policy not to knowingly solicit or permit children under the age of 16 to provide their Personal Information for any purpose. In accordance with the Children's Online Privacy Protection Act of 1998 (“COPPA”) and our internal policies, if a person under age 16 submits information to us through any part of our Websites, and we know that the person submitting information is under age 16, we will not use it for any purpose. We will delete the information as soon as we discover it, and we will not disclose it to third parties. If you are under the age of 16, please do not use our Websites and our Services.
Your Rights and Choices About Your Personal Information
Updating Your Information
If you ever need to update or delete any Personal Information on file with us, you may call us at 1-800-637-3597 or email us at [email protected]. If you need to update your Personal Information when re-ordering, you will have a chance to make changes to your payment information, shipping, and billing address(es) at checkout.
Your California Privacy Rights – California Consumer Privacy Act (CCPA)
The following rights apply only to California residents:
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
We do not disclose Personal Information to any third parties for their direct marketing purposes.
In addition, under California law, website operators are required to disclose how they respond to web browser 'do not track' signals or other similar mechanisms that provide users with the ability to exercise choice regarding the collection of Personal Information of a user over time and across third-party websites, to the extent the operator engages in that collection. We do not respond to any such 'do not track' signals, as no one ‘do not track’ standard has gained consensus.
California law also requires website operators to disclose whether third parties may collect Personal Information about their users' online activities over time and across different websites when the users use the operator's website. We do not knowingly permit third parties to collect Personal Information about an individual user's online activities over time and across different websites when a user uses our Websites.
Third parties that have content embedded on our Websites (such as social networking features) may set cookies on a user's browser and/or obtain information about the fact that a web browser visited our Websites from a certain IP address. These third parties cannot collect any other Personal Information from our Websites unless you provide it to them directly.
Deletion Request Rights
You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:
Only you, or a person or a business entity that is registered with the California Secretary of State that you authorize to act on your behalf (“Authorized Agent”), may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You (or your Authorized Agent) may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
In some instances, we may ask you to provide other documentation to verify your identity. If this happens, we will contact you directly with this request. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. If we cannot verify your identity with a high degree of certainty, we may only be able to provide a report with category-level information and we may not be able to delete some of your Personal Information.
Authorized Agents use the same process as described above to submit requests. Authorized Agents must provide a power of attorney or other documentation demonstrating their authority to submit a request on your behalf, as well as providing sufficient information to verify your identity.
Please note that if you or your Authorized Agent submit a request over the phone, you (or your authorized agent) must also email your forms to [email protected] within 15 days of the request submission.
We will not discriminate against you for exercising any of your California privacy rights under the CCPA. Unless permitted by the CCPA, we will not:
Please know that if you ask us to delete your Personal Information, or you exercise your right to opt out of the sale of your Personal Information, it may impact your experience with us, and you may not be able to participate in certain programs or services which require usage of your Personal Information to function.
Your California Privacy Rights – Shine the Light
The following rights apply to California residents.
We share Personal Information with other businesses with our affiliates. You may ask us for more information about this sharing and whether it affects you directly by contacting us at the address below. See “How Do We Use and Share Personal Information?” for more information.
National Vision, Inc. 2435 Commerce Avenue NW Building 2200 Duluth, GA 30096