Last modified: 06/12/2021
Essilor International ensures compliance with the obligations arising from the Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and other legislation on the protection of personal data and privacy.
Under this Privacy Notice, we, Essilor International, acting as the Controller, inform you what personal data of yours we collect when you visit our website or use our services, why we collect it, and what we do with it (the Purpose). Your personal data means any information relating to you, in particular your name and contact details such as your home address, your telephone number or your email address.
Please take the time to read this Privacy Notice carefully. It is very important that you fully understand how we process your personal data and how we protect your privacy. If you have any questions regarding our use of your personal data, you can of course contact us using the contact details provided below:
Our contact details are: Essilor International, 147, rue de Paris, 94220 Charenton-Le-Pont, France.
The contact details of our Data Protection Officer are: Data Protection Office, email@example.com.
WHAT PERSONAL DATA WE COLLECT
Data we collect when you visit our website
When you access our website, we automatically collect and store some of your data in our server logs and in cookies, which are small files we send to your computer when you visit our website.
This data does not allow us to identify you directly. However, we do record data related to your browsing on our website, such as the pages that you accessed, the date and time you accessed these pages, your search queries, information on your device (hardware model, operating system version, unique device identifier, Internet protocol address, hardware settings, browser type, browser language), the date and time of your request and referral URL.
The provision of your personal data is not required if you only want to visit our website. This means that you may refuse to accept cookies by configuring your web browser accordingly (for more information, refer to the ‘help’ section of your web browser). However, refusing cookies is likely to disrupt your navigation on our website, in particular by preventing you from accessing certain parts of it.
We collect the following categories of your personal data:
- IT/Analytics data including data related to your browsing on our website, such as the pages that you accessed, the date and time you accessed these pages, your search queries, information on your device (hardware model, operating system version, unique device identifiers, Internet protocol address, hardware settings, browser type, browser language), the date and time of your request and referral URL.
- Contact form data including your name, email, address, phone, job role, practice information (Essilor account number, address and phone number),e-mail address of contact, the reason for contact, a file, the date and time of your request.
HOW WE USE PERSONAL DATA WE COLLECT
We only use your personal data within the limits authorized by the laws and regulations. Sometimes, we may use your personal data because the laws and regulations require us to do so. In any case, we do not make any automated decisions based solely on automatic processing which may produce legal effects on you, or similarly significantly affect you.
We use your personal data for the following purposes:
- We use your IT/Analytics data to (i) ensure the technical management of the website (including solving technical issues, ensuring technical security, improvements), (ii) for analytics and other statistical purposes. Such a process is allowed based on your acceptance of our [Cookies Policy];
- We use your contact form data to (i) to proceed with your request and provide you answers. Such a process is allowed by Art.6 para. 1 lit. (B) of the General Data Protection Regulation EU 2016/679 (GDPR) permitting the processing of your personal data for the purpose of fulfilling our contract with you.
HOW LONG WE KEEP PERSONAL DATA WE COLLECT
The period for which we store your personal data is shown in the table below:
|Category of data||Retention period|
|IT/Analytics data||[2 years]|
|Contact form data||[2 years]|
PERSONAL DATA WE SHARE
Please note that we may, subject to legal permission, share your personal data with :
- Other companies of the EssilorLuxottica Group;
- Companies, organisations, public authorities outside of the EssilorLuxottica Group (e.g. hosting providers, market and analyst service providers, database management and maintenance services).
Some of these recipients of the data may be located in countries outside the European Union/European Economic Area.
For recipients located in the countries indicated at the following link (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en), the European Commission has decided that this country ensures an adequate level of protection by reason of its domestic law or of the international commitments it has entered to.
For recipients located outside the above-mentioned countries, there is no adequate decision by the European Commission; this means that the level of data protection in such a country is not comparable with the level of data protection in the European Union. Therefore, we use it as an appropriate safeguard to secure your personal data such as the EU Standard Contractual Clauses.
Companies and other organizations that process your personal data on our behalf are expressly appointed as Data Processor.
|Category of data||Category of recipients / solution||Location|
|Contact form data||Ibexa CMS||EEA|
|IT/Analytics Data||Google Analytics||EEA|
Essilor International may transfer Your Personal Data outside the European Economic Area ("EEA") to locations that may not guarantee the same level of protection.
However, Essilor International only transfers Your Personal Data outside the EEA:
- When the transfer is made to a location or by a method or in circumstances that the European Commission considers to ensure adequate protection of Personal Data;
- When standard data protection clauses approved by the European Commission or a competent data protection supervisory authority have been implemented; or,
- When none of the above apply, but the law may still allow such transfer, for example, if it is necessary for the declaration, exercise or defence of a right in a judicial proceeding.
HOW WE PROTECT PERSONAL DATA
We have measures in place to protect your personal data against unauthorized access, use, or disclosure including, without limitation, the following measures:
- We implement and maintain sophisticated technical measures to ensure that your personal data is recorded and processed in complete confidentiality and security;
- We implement and maintain appropriate restrictions on access to your personal data, and on monitoring the access, use, and transfer of personal data;
- All of our employees who have access to your personal data are required to enter into non-disclosure or similar agreements, which imposes obligations on them to comply with our data privacy and confidentiality requirements;
- We require any business partners and third party service providers with whom we may share your personal data to comply with any applicable data privacy and confidentiality requirements;
- We provide data privacy training on a regular basis to our employees and third parties who have access to personal data.
WHAT RIGHTS YOU HAVE
Under applicable data protection laws and regulations, you have the right to:
- Access, rectify, and/or erase your personal data;
- Restrict or object to its processing;
- Tell us that you do not wish to receive marketing information;
- In some circumstances, require certain of your personal data to be transferred to you or a third party;
- To the extent our processing of your personal data is based upon your consent, withdraw your consent, without affecting the lawfulness of our processing based on your consent before its withdrawal.
We are committed to enabling you to exercise your rights and, to do so, you can contact us using the contact information set out at the beginning of this Privacy Notice. Please provide us with the following information, so that we can act on your request with all due consideration:
- Your name and surname, and a photocopy of your identity document;
- Your specific request (in other words, what rights you want to exercise); and
- The date of the application and your signature (if you send your application by post).
CHANGES TO THIS PRIVACY NOTICE
We regularly review our compliance with our Privacy Notice, in particular to ensure that it complies with new laws and regulations regarding data protection. But, although this Privacy Notice may change from time to time, we will not reduce your rights under this Privacy Notice without your explicit consent.
CONFIDENTIALITY AND SECURITY