(EFFECTIVE AS 23.02.2017)
The Ray-Ban.com website (hereinafter "Website") is managed by Luxottica Group S.p.A., in its quality of Data Controller (hereinafter “Luxottica”) and the applicable security and privacy measures on this website have been defined and developed to guarantee that personal information is processed correctly in compliance with local and international safety and privacy regulations.
This policy illustrates how Luxottica, directly or through its subsidiaries, process personal information of the users (hereinafter, “user”, “users” or “you”) according to art. 13 the Italian Legislative Decree no. 196/2003 (hereinafter “Italian Privacy Code”) and art. 13 EU General Data Protection Regulation (hereinafter, the “GDPR”) and how this information is used, shared and how may be accessed, changed or deleted. As proof of its commitment towards privacy, Luxottica has defined this policy within the wider scope of a global management model on privacy, to ensure total compliance with privacy as the foundation of Luxottica’s company culture. All personal information supplied by you through this Website is used exclusively for the objectives described below.
2. SOURCE AND TYPE OF PERSONAL INFORMATION
Luxottica processes different types of information on the user collected from different sources, such as:
- information provided directly by the user;
- information obtained from automatic tracking systems when using the Website and its services.
More specifically, Luxottica may process the following identification personal data of the user:
a) Information provided by the user during the registration process or when completing the order (e.g. name and surname; e-mail address; password; gender; country (nation); postal address and phone numbers for deliveries, credit card and financial information) and other information contained in any correspondence or requests sent by the user. Luxottica may also ask the user to provide some information if problems with our service on the Website are reported;;
b) Information relating to the user’s social network profile, if public. If the user decides to log in through social network applications or to link his/her Luxottica account to the user’s public profiles available on social networks, and share his/her actions through the Website on those channels via the corresponding plug-ins (e.g. Facebook Connect, I like, fb share, etc.), some data published by the user on his/her social network will be collected by the Website and processed for the corresponding functions. The use of the said plug-in entails sharing the corresponding actions and information on the related social networks;
c) Information relating to the use of the Website by the user. For security purposes we process the log files related to each session when the user logins into his/her account, as well as information on payment transactions that will be processed through our provider;
d) Navigation information. When the user surfs the Website, Luxottica uses some technologies (cookies, see below for more information) that automatically collect certain items of information relating to the way in which the user uses our products and services, such as the IP address or other unique code of the device (computer, mobile or other devices) employed by the user to browse the Website, identification as registered user or not, technical information that may include the URL from where a user originates, browser information, language. This information helps us to continuously improve the browsing experience and the mechanisms of purchase of our products and services, and to monitor the correct operations of the Website. This information only includes statistical data relating to the actions performed by the user, and is not intended to be associated with the user’s identifying data. However, Navigation data may identify you, only when matched with your identification personal information;
e) Image provided by the user (both registered and unregistered users), if he/she takes part in the Virtual Try-On experience and he/she authorizes the storage of his/her image in Luxottica’s servers.
All the identification data abovementioned are hereinafter jointly defined “information”.
3. PURPOSES OF THE PROCESSING
3.1 Contractual purposes
The information collected by Luxottica are used for the following contractual purposes without prior users’ consent according to art. 24 Italian Privacy Code and art. 6 GDPR:
- to allow users’ to register to the Website;
- to provide the services available through the Website (e.g. management of the registration process and access to the account, account management);
- to take part to the Virtual Try-On experience and to register, upon users’ request, his/her image in Luxottica’s servers;
- to manage online orders, to supply products and services, to process payments and e-payments, to transmit orders, products, services;
- for the technical management of the Website and its operational functions (including logistics), including solving any technical problems, statistical analysis, tests and research;
- to prevent or uncover fraudulent activities or misuse that is damaging to our website or threatening the security of the transactions;
- to comply with the requirements of the laws, regulations, protocols and national and EU legislation;
- for the implementation of decisions of public Authorities;
- to protect the safety of an individual;
- for Luxottica’s defence in court, for example, in case of violations by the web-users, or in order to protect the rights and the property of Luxottica;
- to fulfil the user’s requests (e.g. management of requests for information);
- to send to users operational communications related to the supply of the service or products, sales and after sales assistance.
3.2 Marketing purposes
The information collected by Luxottica are used for the following marketing purposes with users’ prior consent according to Article 23 Italian Privacy Code and art. 7 GDPR:
- to participate in and manage promotions and contests as available from time to time on the Website, if any;
- to send commercial and promotional communications and periodical updates (e.g. via e-mail, phone, SMS/MMS, postal service, social network and newsletter) related to Luxottica's products, services, initiatives and events organised by, or in collaboration with, Luxottica;
- for the purpose of conducting, by post, telephone or e-mail, statistical analyses, surveys and market research relating to Luxottica’s products and services.
Furthermore, according to art. 130, c. 4 Italian Privacy Code, if the user is already our customer, Luxottica may send him/her commercial emails on similar products, events, fairs and services already provided by Luxottica. The users may opt out at any time.
4. Processing modalities
The processing of users’ information is made only if necessary and is carried out by means of operations indicated in Article 4 Italian Privacy Code and 4 GDPR and namely: collection, registration, organisation, storage, consulting, processing, modification, selection, extraction, comparison, use, interconnection, access and communication, blocking, erasure and destruction of the data. Users’ data is processed electronically through the Website and the servers in which it is stored.
5. Categories of persons who can access information
Any personal information given or collected by connecting to the Website will be processed by Luxottica as Data Controller. Personal information will be processed by the Luxottica staff deputed to the processing of the personal information being collected:
- employees and consultants authorised to manage the Website and supply the related services (e.g. customer services, management of Luxottica Computer Systems, management of IT sytems, storage of images in case the users take part in the Virtual Try-On experience, etc.), in their quality of persons in charge of the processing and/or systems administrators and/or internal data processors;
- demployees and consultants in the marketing, finance, administration, accounting and other relevant department of Luxottica, in their quality of persons in charge of the processing and/or internal data processors.
- suppliers of services to manage the Computer Systems and the Website (e.g. hosting providers, market and analyst service providers, database management and maintenance services);
- suppliers of online payment services, who may access; credit card information and other user’s financial information;
- suppliers of order entry related services, shipping of products and/or other services available through this Website;
6. Third parties to which information can be communicated
In addition, user’s information may be communicated to third parties for the following reasons:
- to permit to third companies a merger, acquisition or sale of all or part of Luxottica’s assets;
- to fulfill the obligation provided by the law, regulations, protocols and national and EU legislation;
- to implement laws required by public Authorities;
- to allow Luxottica’s defence in court, for example, in case of violations by the web-users.
7. Data transfer outside the EU
8. Nature of providing personal information and the consequences of the refusal
Luxottica undertakes to protect users’ information. Luxottica advises that the password is one of the protection mechanisms of the account, therefore users are invited to use a password sufficiently secure and stored in a safe place, limiting access to it on their own computers and browsers, disconnecting it after having visited the site. Luxottica undertakes to protect the information received from users. All personal information supplied is kept on secure servers and within its internal systems. Luxottica uses adequate safety measures to protect information from non-authorised access or non-authorised changes, and from the circulation or distribution of data. To prevent non-authorised access, to maintain the accuracy of the data and guarantee the proper use of information, Luxottica uses adequate physical, electronic and managerial procedures to safeguard and protect the information and data stored in our system.
Information on purchase transactions (e.g. credit card number) is handled securely through selected suppliers that guarantee that they have adopted the most adequate security measures. Furthermore, a secure system for authorising credit card payments and identifying fraudulent activities is used. Luxottica uses the standard SSL (Secure Sockets Layer) to protect the confidentiality of your personal information. Although no computer system is completely secure, Luxottica believes that the measures it has implemented reduce the possibility of security problems to an appropriate level for the type of data involved.
10. Storage and deletion of information
- the purposes for which they were collected;
- the consent received from the user;
- local and international regulations.
Personal information is kept and deleted in accordance with Luxottica security policy for the time necessary to achieve the purposes for which data were collected and further processed, including any retention period required under the applicable legislation (e.g. retention of accounting documentation). Luxottica will process users’ information for contractual purposes (section 3.1 a-d) for 10 years after the termination of the contract; for Virtual Try-On experience (section 3.1. e) for 14 days from the storage of the image, in case of unregistered user, or for a maximum of 24 months from the storage of the image in case of registered users; for 24 months for marketing purposes from the collection of the said information. Users’ information is processed at the premises of Luxottica and in the places where the servers are located. In case of EU citizens, the servers are based in EU, while of the other users servers are based in their relevant country of residence. For further information, contact Luxottica to the details below.
To improve browsing on the Website, Luxottica uses “cookies”. A cookie is a small file, generally made up of letters and numbers, which is downloaded onto a computer when the user logs onto specific websites. Cookies permit a website to recognize the user’s computer, to trace its browsing through several pages of a website and to identify those users who return to a website. Cookies do not contain information that personally identifies the user, but the personal information that Luxottica records on the user may be linked to information retained in the cookies and taken from them.
Cookies can be technical, analytics and profiling:
a) Technical cookies are used to carry out and to facilitate your browsing, to provide you and to allow you to use the services of the Website. The Cookies allow you, during a second access, for example, not having to re-enter data such as the username for the login.
b) Analytic cookies are used to analyze and to monitor the way you use the Website (e.g. number of accesses and page viewed), in order to enable us to make constructive amendments to the Website in the functioning and browsing.
c) Profiling cookies are used to track your browsing on the Website and to create profiles about your tastes, habits, choices, etc. These cookies can be used to send you advertising messages in line with the preferences that you have already shown in the online browsing.
11.1 Use of proprietary technical cookies
The Website uses the following technical proprietary cookies.
This cookie is created on the first request processed by WebSphere Commerce runtime
This cookie contains the value of the store ID of the session. This value is used to select the store to execute the command, if one is not specified on the URL.
This is a user session cookie that flows between the browser and server over either SSL or non-SSL connection. It is used for user identification over non-SSL connections. It contains user session values such as login timeout, session identifier, etc.
This cookie only exists if it is a generic user (-1002) session. This cookie stores the session values such as storied, langid, contracts, etc.
WebSphere Commerce uses a secure authentication cookie to manage authentication data. An authentication cookie flows only over SSL, and has a timestamped signature for increased security. This cookie is used to authenticate the user over SSL-connections.
This cookie is used to persist user ID, language ID, and currency for each store ID visited in the session. Multiple sets of identifiers can exist if the user visits more than one store.
Luxottica does not use profiling cookies.
11.2 Third party analytical cookies
Luxottica utilizza i seguenti cookie analitici:
a) Google Analytics
This Website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files which are stored on users’ computer and enable an analysis of their usage of the Website. The information about the use of this Website generated by the cookie is generally transferred to a Google server in the USA and stored there. If IP anonymization is activated on this Website, then users’ IP address will first be shortened by Google, however, within the member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be transmitted to a Google server in the USA and shortened there. Google uses this information on behalf of the operator of this Website to evaluate users’ Website usage, to compile reports on the Website activities, and to provide additional services connected with the Website and Internet usage to the Website operator. The IP address transmitted from users’ browser as part of Google Analytics will not be combined with other Google data. Users’ can authorize the use of Google analytics cookies, continuing the browsing on the website after having read the banner on the site. However, users’ can prevent the storage of cookies by a corresponding setting of the browser software, however, in this case, users’ may not be able to fully use all of the functions of this Website. Users’ can also prevent Google from recording the data generated by the cookie and those referring to users’ usage of the Website (including IP address) and from processing these data by downloading and installing the browser plug-in provided under the following link http://tools.google.com/dlpage/gaoptout?hl=itde).
Users can prevent data-recording by Google Analytics by clicking the following link. An Opt-Out-Cookie is set which prevents the future recording of your data when you visit this website.
Then click here: Deactivate Google Analytics
More detailed information on the conditions of use and data protection can be found at http://www.google.com/analytics/terms/it.html or at https://www.google.de/intl/it/policies/.
Luxottica points out that Google Analytics was expanded on this Website to include the code “anonymizeIp” to ensure anonymized recording of IP addresses (referred to as IP-Masking).
b) Adobe Analytics
This Website uses Adobe Analytics, a web analysis service of Adobe. (“Adobe”).
The information about the use of this Website generated by the cookie is generally transferred to an Adobe server in the USA and stored there.
More detailed information on the conditions of use and data protection can be found at https://www.adobe.com/privacy/optout.html#4
c) MobileApp Tracking
This Website uses MobileApp Tracking, a web analysis service of Tune Inc. (“Tune”).
The information about the use of this Website generated by the cookie is generally transferred to a Tune server in the USA and stored there.
g) Google Maps
Luxottica receives no information on the content of the data transmitted and its usage by Google.
For this reason, please refer to the Google data-protection clarification for further information: http://www.google.it/intl/it/policies/privacy/
11.3 Social media plug-ins
Most specifically, the Website uses:
Luxottica has integrated the twitter.com web-message service on the Website. This is provided by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. Twitter offers the so-called “Tweet” function. This can be used to post messages of up to 140 characters in length, also with website links, on the user’s own Twitter account. If users use Twitter’s “Tweet” function on the Websites, the respective website with users’ account will be linked to Twitter and publicly disclosed there. Data are also transmitted to Twitter in this process.
Luxottica receives no information on the content of the data transmitted and its usage by Twitter. For this reason, please refer to the Twitter data-protection clarification for further information: http://twitter.com/privacy
Twitter offers users the option of defining the own data-protection settings under the following link: http://twitter.com/account/settings.
Luxottica has integrated the Pinterest service on the Website, provided by Pinterest. Luxottica receives no information on the content of the data transmitted and its usage by Pinterest. For this reason, please refer to the Pinterest data-protection clarification for further information: https://about.pinterest.com/en/privacy-policy
Luxottica has integrated the Instagram service on the Website, provided by Instagram. Luxottica receives no information on the content of the data transmitted and its usage by Instagram. For this reason, please refer to the Instagram data-protection clarification for further information: http://instagram.com/about/legal/privacy/
Luxottica has integrated the Youtube service on the Website, provided by Google. Luxottica receives no information on the content of the data transmitted and its usage by Google. For this reason, please refer to the Google data-protection clarification for further information: http://www.google.it/intl/it/policies/privacy/
Luxottica has integrated the Facebook service on the Website, provided by Facebook, with its likes and widget. Luxottica receives no information on the content of the data transmitted and its usage by Facebook. For this reason, please refer to the Facebook data-protection clarification for further information: https://www.facebook.com/policy.php
Furthermore, the Website uses the following third party analytical cookies:
- Click Tale;
- Google AdWords;
- Doubleclick floodlight;
- Commission Junction;
- Affiliate Window;
11.4 Use of the Web beacon
11.5 Enabling or disabling cookies and web beacons
Please note that refusing/disabling cookies may limit the usability and the easy navigation of the website.
12. Underage users’ data
This Website is not intended for minors of 18 years and Luxottica does not intentionally collect personal information from them.
If any information about minors is unintentionally recorded, Luxottica will provide to cancel it in a timely manner upon request of the users.
13. Data subject’s rights in relation to personal information
According to art. 7 Italian Privacy Code, the users have the right to obtain from Luxottica the confirmation about the existence of personal data referring to them and their communication in an intelligible form; users can also ask to know the source of data; the purposes and modalities of the processing; users can also obtain an update, correction or integration of data. Moreover, users may, at any time, revoke their consent, requesting the interruption of the processing, the deletion, anonymization or the block of the information being processed. Users may refuse, fully or partially, the processing: a) for legitimate reasons on the processing data concerning them; b) for the purpose of sending advertising material or for carrying out market researches or commercial communications.
Users have also the rights referred to in articles 16-21 GDPR (right of confirmation, right to be forgotten, right of processing limitation, right of data portability, right to object) and the right to complain to the Supervisor Authority.
Furthermore, Luxottica offers tools to users to update and amend the personal information given. Indeed, every registered user may access his/her own information and update it (e.g. through user account). Besides, it is also possible for users to modify and update their preferences on how they wish to receive e-mails or other communications from Luxottica. Users may also request that their information on their account is deleted.
You can also exercise the right at any time by clicking here or by contacting us at email@example.com. Luxottica will respond within a reasonable time frame, after verifying users’ identity.
14. Contact information
15. Data Protection Officer
17. Links to third party websites