Privacy Policy of yourdomain.com
Information on the processing of your personal data (GDPR Art. 13)
1) Important Note on Products and Health Data
We sell self-adjusting multifocal glasses for general use. These products are not medical devices, do not provide diagnosis/therapy, and do not require health data. We invite you not to send medical information through the Site's forms.
2) Processed Data
- Navigation/Use: IP address (masked where possible), user-agent, pages/events (view_item, add_to_cart, purchase), referrer, consent status.
- Account/Orders: First name, last name, email, phone number, addresses, products purchased, total amount, payment outcome, shipping tracking, return/support history.
- Payments: Managed by third-party providers; we receive outcomes and transaction IDs (not full card numbers).
- Communications: Content of messages (forms / email / chat if present).
- Cookies: See Cookie Policy.
3) Purposes and Legal Bases for Processing
- Online sales and support (Contract): Art. 6.1.b (Contract Execution) - Cart, checkout, payments, shipping, returns, warranty.
- Legal obligations (Legal): Art. 6.1.c (Legal Obligation) - Tax/accounting obligations.
- Security / anti-fraud (Legitimate Interest): Art. 6.1.f (Legitimate Interest) - System protection and fraud prevention.
- Essential measurement (Legitimate Interest): Art. 6.1.f - Aggregate statistics for service improvement.
- Advanced statistics / personalization (Consent): Art. 6.1.a (Consent) - Requires your explicit consent.
- Marketing / remarketing (Consent): Art. 6.1.a (Consent) - Requires your explicit consent.
Consent Mode v2:
We send ad_user_data and ad_personalization signals. Without marketing consent, advertising tags are blocked or limited; measurement remains aggregate / non-personalized.
4) Details and Third-Party Providers
- Tag management: Google Tag Manager (no profiling).
- Analytics: Google Analytics 4 (IP masking; advertising reports only with consent).
- Advertising: Google Ads / Conversion Linker (only with marketing consent).
- Social remarketing (opt.): Meta Pixel (only with consent).
- External content (opt.): YouTube embed (loaded only with consent).
- Email marketing (opt.): Newsletter/CRM platform (only with consent; transactional emails on a contractual basis).
- Payments: Payment providers (securely manage transaction data).
- Shipping: Couriers / fulfillment (receive only data necessary for delivery / return).
5) Methods and Security
Electronic processing with adequate technical/organizational measures, authorized personnel, Data Processors as per Art. 28 GDPR. We adopt measures aimed at ensuring data confidentiality and integrity.
6) Data Recipients
Your data may be shared with:
- IT / hosting / CDN providers.
- Analytics / ads platforms (within consent limits).
- Payment processors and couriers.
- Legal/accounting consultants.
- Authorities where required by law.
We do not sell personal data.
7) Extra-EU Transfers
Possible transfers to third countries via Standard Contractual Clauses and supplementary measures, as required by the GDPR.
8) Retention Periods
- Orders / invoices: Up to 10 years (legal obligations).
- Account / support: Up to 24 months from the last useful contact.
- Security logs: Up to 12 months.
- Marketing: Until consent is revoked or 24 months of inactivity.
- Cookies / IDs: As per the Cookie Policy.
9) Your Rights (Art. 15-22 GDPR)
You have the right to: Access, rectification, erasure, restriction, portability, objection, withdrawal of consent; complaint to the Supervisory Authority.
Requests: Send to info@yourdomain.com. For cookie consents, use the "Cookie Settings" panel (if implemented).
10) Minors
The Site is not directed at minors; we do not process special categories of data.
11) Customer Match / Personalized Lists (Optional)
Any uploads to advertising platforms occur only with documented consent and hashing according to provider requirements. You can revoke this at any time.
12) Changes to the Policy
This policy may be updated. Check the most recent version published.