Privacy policy

1. INFORMATION WE COLLECT AND HOW WE USE YOUR INFORMATION

This privacy policy covers personal information, non-personal information and aggregate reporting.

Personal Information is any information that is associated with your name or personal identity.  

We use personal information to understand your needs as a customer and to provide you with the best service possible. Once you choose to provide us with your personal information you can be assured it will only be used to support and improve your customer relationship with Daysoft.   We collect personally identifiable information when you register with us and when you use our services. We may also receive information about you from our business or marketing partners. We ask you for personal data only when it is needed to provide goods or services you have enquired about, asked us to provide or to respond to your requests for information.  On our web pages you can register an account, order products, request information and subscribe to marketing and support materials. Our registration process requires you to provide us with your name, address, date of birth, phone numbers, and email address together with information on your contact lens prescription and confirmation that you are a successful soft contact lens wearer.  Specifically, we will use your information to help you complete a transaction or order, to communicate with you, to provide service and support, and to update you on services and benefits.  Occasionally we may also use your information to contact you for market research regarding Daysoft products or services.

Non-Personal information refers to data on usage and service operation that is not associated with a specific personal identity.

Daysoft and its technology providers may collect and analyses non-personal information to evaluate how visitors use the Daysoft website. This is automatically collected when visiting, viewing content or ordering on Daysoft.com.   The sole purpose of collecting this information is to improve your experience when using the website.  The information is collected passively and is processed through code which is embedded on the website.  The Website uses cookies to collect this non-personal information including standard internet log details and your behavioural patterns.  This will also include your device IP address, device type, information on the operating system and the browser used, your chosen language and geographic location.    We may also monitor your interaction with our website through capturing data on mouse use, and keystrokes as well as noting pages visited on the website and the time and date that the website pages were accessed.  This enables Daysoft to provide a better customer experience, identify customer preferences, diagnose and resolve technical problems, analyse trends and assists in the ongoing improvement of the Website.

WHAT ARE COOKIES?

Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance Website functionality. The data contained in a cookie can be retrieved by the website when you visit the relevant site. Cookies cannot affect your device but they do collect information that can be used to enhance the site.  Cookies can either be session cookies which will expire as soon as you leave the site or persistent cookies which will remain on your device until deleted automatically or manually.

We use session cookies to remember your login while you are ordering, thus making for an easier ordering process. This cookie expires when you close the browser session. We subscribe to Google Adwords and Google Analytics which use persistent cookies to recognise and count the number of visits to www.daysoft.com and to see how visitors move around our website while they are using it. This helps to improve the website and service to customers. We also use persistent cookies to monitor and improve the performance of our TV campaigns. These cookies identify which campaign is most likely to have initiated the visit, create timestamps that allow us to match conversions to earlier visits and generate anonymous IDs for each device used to visit the site.

Daysoft also uses cookies to support its remarketing programme on the Google Display Network.  This allows us to show adverts to users who have previously visited daysoft.com.  You can opt out of this advertising by visiting adssettings.google.com.  We do not use cookies to record personal details. 

Many browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer you can set your browser preferences to reject all cookies prior to visiting our website. Please note that in doing so, you would be able to view most of our content but unable to place an order on the Website.

To find out more about cookies, including how to see what cookies have been set and how to manage or delete them, visit www.allaboutcookies.org.

2. LEGAL BASES FOR STORING AND PROCESSING DATA

We ask you to provide your email address, name, delivery address, billing address, date of birth and, if you create an account, a password. In certain circumstances you may also be asked to provide a telephone number.

The above data is processed principally to allow us and our logistics partners to fulfil your orders. The legal basis for this processing is therefore contractual.

We also process your email address and your password to allow you to sign in to your account. The legal basis for processing this data is our legitimate interest in maintaining the security of your account.

We may also process your email address to send information about: the progress of an order, product safety information or to inform you of changes to our Privacy Policy. It is our legitimate interest that you receive this information.

If you opt-in and consent to receiving marketing information (surveys, newsletters and competitions) we will occasionally process your email address for the purpose of sending these marketing materials. Our legal ground for processing your email address is your consent. You may withdraw your consent at any time by changing preferences in your account or through the unsubscribe link at the foot of our marketing emails.

We also process your personal information to identify your account when you are in contact with our Customer Care team. The legal ground for this processing is our legitimate interest in providing a high standard of customer care.

Address details (Post codes) may be processed to gauge response to advertising campaigns. We may also process your date of birth to create an anonymised age profile of our customers. It is our legitimate interest to use this anonymised information, to ensure that advertising campaigns are effective.  Date of birth can also be used by our Professional Care Desk and Customer Care team to identify or rule out any age-related factors in customer feedback, e.g. presbyopia in the over 40s. The legal ground for this processing is our legitimate interest in providing a high standard of customer care.

Contact lenses are medical devices and we are therefore subject to additional obligations. We may retain and process your information to ensure compliance with EU (and UK) laws and regulations, including the Medical Devices Regulations 2002, the Medical Devices Directive 93/42/EEC and as amended.

3. WHAT INFORMATION DO WE SHARE?

Daysoft will not sell, rent or lease your personal information to others. Daysoft works with third party service providers and suppliers to deliver products, services and customer solutions.  Suppliers and service providers are required to keep the information received on behalf of Daysoft confidential and may not use it for any other purpose other than to carry out the service they have agreed with Daysoft.   These service providers may change from time to time or we may work with additional service providers to better accommodate our customers.  Examples of these functions include delivering packages, sending postal mail and email, providing marketing assistance and data analysis, handling credit card transactions, fulfilling orders and providing customer service.

We reserve the right to disclose customer’s personal data with any holding company, subsidiary, affiliated business or strategic partners but we only share customer information which relates to our dealings with those businesses and to continue to provide a quality service to our customers.

We will not share personal information with any other third party without your permission unless to:

• Respond to duly authorised information requests of governmental authorities,
• Comply with any law, regulation or court order,
• Help prevent fraud or to enforce or protect the rights and properties of Daysoft,
• Protect the personal safety of Daysoft employees and third parties on Daysoft property,
• Transfer personal data on the acquisition or transfer of a business/part of a business.

4. KEEPING YOUR INFORMATION SECURE

Daysoft is committed to protect the data it collects (from customers / employees / all sources). Daysoft has and maintains policies, procedures, physical and software based security measures to prevent unauthorised access or disclosure, to maintain data accuracy, and to ensure the appropriate use of data we collect. 

Our website www.daysoft.com ensures all data in transit is encrypted using EV SSL (Extended Validation Secure Socket Layer) provided by Symantec (www.symantec.com). SSL encryption ensures that information sent between Daysoft and its customers cannot be seen by anyone else.    Extended Validation gives customers peace of mind that the website and Daysoft have been verified by Symantec.  Customers can ensure that SSL is in place when visiting www.daysoft.com by checking there is an unbroken padlock symbol displayed on the browser.

In addition to providing EV SSL encryption, Symantec continually monitors and scans www.daysoft.com for malware and vulnerabilities to ensure the website remains secure.

Daysoft does not store or process or have access to customer credit card payment data, please see Section: Payment Service Providers. Credit card data is used only for processing payment and refunds, and is not used for any other purpose. 

5. PAYMENT SERVICE PROVIDERS

Daysoft partners with third party payment service providers (PSPs), these include but are not limited to WorldPay (www.worldpay.com) and PayPal (www.paypal.com). PSPs are used to process customer payments on behalf of Daysoft. Please note that all PayPal transactions are subject to the PayPal Privacy Policy.

 During the order process on www.daysoft.com, customers may be transferred to web pages hosted by a PSP to complete the payment step of the process. All PSPs partnered by Daysoft are Payment Card Industry Data Security Standard (PCI DSS) compliant.

Daysoft’s partnered PSPs takes full responsibility for the security of your transactional data. We have taken reasonable steps to ensure that no transactional data that passes to our PSP’s servers can be used, changed or examined by third parties.  Unless under obligation by law, our partner PSPs will not share personal information with any other organisation or individual without the consent of Daysoft. 

6. WHERE DATA IS STORED

Most data is collected and stored in the E.U., however on occasion it is necessary to transfer data outside the EU. For example, we use third party email service and customer survey platforms. When doing so, data is transferred to these technology partners both of which comply with the EU - US Privacy Shield Framework.  Please click the relevant link to review the privacy policy of each of these partners.

The data may also be processed or analysed by the Daysoft or its partners. By submitting your personal data you agree to this transfer, storing and processing of data.  We will take all steps necessary to ensure your data is secure and kept in accordance with this Privacy Policy.

We have taken reasonable steps to protect your personal data, although we cannot guarantee the security of your data once transmitted to our website. We will strive to prevent unauthorised access to your data using strict procedures and security features.

7. RETENTION PERIOD 

Personal information will be held by us for as long as is reasonably necessary to provide products and services, including aftercare services, and to maintain records as required to satisfy tax and other legal or regulatory requirements, as well as to protect and defend against claims.

Daysoft will regularly review the length of time that we hold personal data with consideration to the original purpose for collecting that data. We will securely delete or dispose of information that is no longer needed or will either update or safely archive information that is out of date.

8. YOUR RIGHTS OVER YOUR PERSONAL INFORMATION

You have certain rights regarding your personal information, subject to local law. These include rights to:

• access your personal information;
• update or correct the information we hold about you;
• erase your personal information;
• restrict our use of your personal information;
• object to our use of your personal information;
• receive your personal information in a usable electronic format and transmit it to a third party (data portability);
• lodge a complaint with your data protection authority.

Please contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate. Please note that we may require additional information from you in order to meet such requests. If you would like to discuss or exercise such rights, please get in touch using the details outlined below in the Contact Us section below. We reserve the right, subject to applicable law, to decline any request which is disproportionate or may jeopardize the privacy of others. We may retain an archived copy of your records as required by law, in particular relating to Medical Devices regulations, or for so long as is necessary in support of the purposes for which the data was collected or processed.

We are committed to finding a fair resolution to any complaint or issue regarding your privacy. If, you feel that we have not properly assisted with your complaint or issue, you may complain to the Information Commissioners' Office at www.ico.org.uk

9. CHILDREN'S DATA

Children merit specific protection with regard to their personal data as they may be less aware of the risks, consequences and safeguards concerned and their rights in relation to the processing of personal data. A parent or guardian or individual with parental responsibility, may order contact lenses on the Daysoft website on behalf of a child under 16.  Where a date of birth of a child under 16 is registered during the order process, the individual ordering will be required to confirm that they are the parent or guardian or individual with parental responsibility ordering on behalf of the child.  

We do not knowingly collect personal information from children under 13. If a parent or guardian finds that a child has provided with personal information without their consent, he or she should contact us. If we discover that a child under 13 has provided us with personal information, we will delete this information.

10. CHANGES TO OUR PRIVACY POLICY

Any information that we collect is subject to the privacy policy in effect at the time that information is collected. However, we may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them clearly on our website or by sending you an email or other notification, and we’ll indicate when such changes will become effective.

11. CONTACT US

If you have any questions about this Privacy Policy please let us know by contacting the appropriate office below:

Daysoft Logistics Limited is registered under and abides by the Data Protection (Jersey) Law 2005 (Registration number 17035).