For this GDPR Privacy Notice, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Optikam Tech, Inc. (“Optikam”) will be the controller of your Personal Data processed in connection with the Services.
Note that we may also process Personal Data of our customers’ end users or employees in connection with our provision of Services to customers, in which case we are the processor of Personal Data. If we are the processor of your Personal Data (i.e., not the controller), please contact the controller party in the first instance to address your rights with respect to such data.
What Patient Personal Data Is Collected by the OptiTab App end- user (“Eye Care Professional”)?
The Patient Personal Data collected on the iPad using the OptiTab App by the Eye Care Professional is not shared with Optikam. The Eye Care Professional has full control over how the Personal Data is processed. The Eye Care Professional has the ability to delete data upon request.
• Personal Data: Customer Name, Customer or Order Number, Eyewear Measurements (Pupilary Distance, Fitting Heights, Pantoscopic Tilt, Rear-Vertex Distance, Frame Wrap, Near-Pupilary Distance, and Frame Measurements), Customer Pictures (Measurement and Frame Selection), Eyewear Prescription(Rx),Measured Frame and Lens Type, Lifestyle Information
o Purpose for Customers: This type of Personal Data is processed by the Eye Care Professional in order to create a customer profile, order the
eyewear and provide effective after-sale support.
What Personal Data Do We Collect?
We collect Personal Data about you when the Eye Care Professional has an active Optikam Cloud Service Subscription (“Cloud”). You provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.
• Personal Data: Customer Name, Customer or Order Number, Eyewear Measurements (Pupilary Distance, Fitting Heights, Pantoscopic Tilt, Rear-Vertex Distance, Frame Wrap, Near-Pupilary Distance, and Frame Measurements), Customer Picture (Measurement), Measured Frame and Lens Type.
o Purpose for Eye Care Professionals: We process this type of Personal Data in order to facilitate data sharing between the Eye Care Professional and its agents.
o Purpose for Optikam: To limit Personal Data exposure to Optikam, Optikam does not have access to the Customer Name, Customer or Order Number and the Customer Picture is pixelated to exclude all areas that are not relevant to eyewear measurements. We process the remaining Personal Data in order to provide the Eye Care Professional with troubleshooting and support.
o Purpose for Prospects: Optikam does not sell, rent or license Personal data it collects.
What Eye Care Professional Data Do We Collect?
We collect Data from the Eye Care Professional that relates to the use of the OptiTab App.
• Eye Care Professional Data: Device type, Device ID, Operating System Version, IP Address, OptiTab App Version and Usage Analytics such as App Usage, Enclosure Status, Measurement Errors.
o Purpose for the Eye Care Professional: We process this type of Data to offer the Eye Care Professional usage information for training and troubleshooting purposes.
o Purpose for Optikam: We process this type of Data for our legitimate interests in providing the Services and performing analytics to improve the Products and Services and understand how Eye Care Professionals interact with the Products and Services.
oPurpose for Prospects: Optikam does not sell, rent or license data it collects.
How and With Whom Do We Share Your Data?
We share Personal Data with agents who work on our behalf. We also share Personal Data when we believe it is necessary to:
• Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
• Protect us, our business or our users, for example to enforce our Terms of Service, prevent spam or other unwanted communications and investigate or protect against fraud
• Maintain the security of our products and services
If we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.
How Long Do We Retain Your Personal Data?
We retain Personal Data about you for as long as the Eye Care Professional has an active Cloud Service Subscription and for 3 years after its expiry. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
What Security Measures Do We Use?
We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity. For example, Optikam is continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction or alteration. Some of the safeguards we use to protect Personal Data are firewalls, data encryption, and information access controls.
What Rights Do You Have Regarding Your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. We provide tools and support to allow Eye Care Professionals to process your requests regarding your rights to your personal data. For more information about these rights, your Eye Care Professional can email us at firstname.lastname@example.org. Please note that in some circumstances, we may not be able to fully comply with a request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify of such a decision. In some cases, we may also need you or the Eye Care Professional to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of the request. Given the limited visibility that our agents have to your Personal Data, in order for us to access your Personal Data, the Eye Care Professional’s Cloud Service Subscription account name and time stamp of the measurement profile will be required.
• Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
• Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
• Erasure: You can request that we erase some or all of your Personal Data from our systems.
• Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
• Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.
Transfers of Personal Data
The Services are hosted and operated in the United States (“U.S.”) through Optikam and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Optikam in the U.S. and will be hosted on U.S. servers, and you authorize Optikam to transfer, store and process your information to and in the U.S., and possibly other countries. You hereby consent to the transfer of your data to the U.S.
What If You Have Questions Regarding Your Personal Data?
If you have any questions about this GDPR Privacy Notice or our data practices generally, please contact us using the following information:
Optikam Tech Inc.
787 Liege Street W Montreal, QC H3N 1B1
Data Protection Officer and contact information:
Peter Szymborski email@example.com