Privacy Policy

Peek Vision Privacy and Cookie Policy

Last Updated: 6th August 2020

Introduction

The Peek Vision Foundation and Peek Vision Ltd (“we”,“our”, “us”) are committed to protecting and respecting your privacy.

The Peek Vision Foundation, is a registered charity (registered charity number 1165960) and a company limited by guarantee incorporated in the United Kingdom (registered number 9919543), and Peek Vision Ltd, a company incorporated in the United Kingdom (registered number 09937174), both with the registered address 90a High Street, Berkhamsted, Hertfordshire, England HP4 2BL, and for the purpose of the General Data Protection Regulation (the “GDPR”), we are the Data Controller.

This policy sets out the basis on which we will process any personal data or usage information we collect from you, or that you provide to us, in connection with your use of our website at www.peekvision.org (the “Website”) and the products Peek Acuity and Peek Acuity Pro (our “Products”). Please read this policy carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data.

Please click on each heading to read more information. If you do not agree with this Privacy Policy in general or any part of it, you should not access the Website or use our Products.

What Types of Information Do We Collect and How Do We Use It?

Information You Give Us. You may provide information by contacting us via our Website or email, telephone, instant chat, social media or otherwise, signing up for our newsletters or alerts.

As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organisation, we will use your information to:

communicate with you;
where consent is provided, sign you up for our newsletters or alerts;
contact you via telephone and email;
identify our customers;
ship products to you, purchased by you through our Website e-commerce solution;
administer and provide services and customer support per your request;
personalise our services for you;
enforce our Website terms and conditions;
if you have opted in to marketing, communicate with you about products, services, promotions, events and other news and information we think will be of interest to you; or
provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information).

We do NOT process or store credit card data details.

Technical Usage Information. When you visit the Website or use our Products, we collect the information sent to us by your computer, mobile phone, or other access device. This information includes:

your IP address;
device information including, but not limited to, identifier, name, and type of operating system;
mobile network information;
standard application usage data of our Products; and
standard web information, such as your browser type and the pages you access on our Website.

We collect this information in order to:

personalise our Website to ensure content from the Website is presented in the most effective manner for you and your device;
monitor and analyse trends, usage and activity in connection with our Website and services to improve the Website;
administer the Website and for internal operations, in order to conduct troubleshooting, data analysis, testing, research, statistical analysis;
keep the Website safe and secure;
measure and understand the effectiveness of the content we serve to you and others;
Review technical analytical usage logs to improve our Products and detect potential software bugs; or
Provide requested services to you.

Do we use Cookies?

We use cookies to collect information about your browsing activities over time and across different websites following your use of our services. They allow us to recognise and count the number of users and to see how users move around the Website when they are using it. This helps us to improve the services we provide to you and the way the Website works. You can find more information about cookies and how to manage them at http://www.allaboutcookies.org/.

We also use Google Analytics which is a web and application analytics tool that helps us understand how users engage with our Website and Products. For more information on how we use Google Analytics, cookies and identifiers please reference the section below named ‘How We Use Cookies and Identifiers’.

How do we share your personal data?

We do not sell, rent or lease your personal information to others except as described in this Privacy Policy. We share your information with selected recipients. These categories of recipients include:

cloud storage provider, G Suite, to store the personal data you provide and for disaster recovery services, as well as for the performance of any contract we enter into with you;
IT Services providers that provide us with SaaS services, including AgileCRM, Campaign Monitor and Mail Chimp, who we use to store our customer relationship management information; and
analytics and search engine provider, Google Analytics, that assist us in the improvement and optimisation of the Website and Products.
Fulfillment houses and couriers in order to package, ship and deliver our Products.

We will share your information with law enforcement agencies, public authorities or other organisations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:

comply with a legal obligation, process or request;
enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
detect, prevent or otherwise address security, fraud or technical issues; or
protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).

We will also disclose your information to third parties:

in the event that we sell any business or assets, in which case we will disclose your data to the prospective buyer of such business or assets; or
if we or substantially all of our assets are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.

Where do we store your personal data?

The information that we collect from you will be transferred and stored at/processed using SAAS providers (as described in the section titled ‘How Do We Share Your Personal Data’). As described in Your personal data is also processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff are engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.

White Listed Countries: which was found to have an adequate level of protection for personal data under Commission Decision 2000/518/EC of 26 July 2000.
Privacy Shield: complies with the US Department of Commerce's EU-US Privacy Shield and has certified that we adhere to the EU-US Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. For more information about the EU-US Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield website.
Model Clauses: The personal data that we collect from you will be transferred to, and stored at/processed using SAAS providers, under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision [2001/497/EC – if using set I of the controller-to-controller Model Clauses] [2004/915/EC – if using set II of the controller-to-controller Model Clauses] [2010/87/EU – if using the controller-to-processor Model Clauses].

The Security of Your Personal Data

Unfortunately, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Website or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organisational measures to safeguard your personal data against loss, theft and unauthorised use, access or modification.

We will, from time to time, host links to and from the websites of our affiliates or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.

How Long Do We Store Your Personal Data?

We will retain your information as follows:

if you contact us via email or purchase products through our e-commerce solution we will keep your data for 6 years after, as per statutory requirements;
your details provided when signing up to our newsletter or alerts will be kept until you opt out, once opted out it may take up to 90 days before your data is deleted;
your technical usage information will be kept for 26 months.
Website analytical data, including location data, will be kept for 50 months;
data on your use of our Products/services/our Website will be kept for 26 months; and
After you have terminated your use of our Products/services/our Website, we will store your information in an aggregated and anonymised format.

Your Rights

In certain circumstances you have rights in relation to the personal data we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing a utility bill that clearly states your full name and address. To exercise any of your rights, please email [email protected]. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.

Access: You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
Portability: You have the right to receive a subset of the personal data you provide us if we process it on the bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal data to another party. If you wish for us to transfer the personal data to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal data or its processing once received by the third party.
Correction: You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed.
Erasure: You may request that we erase the personal data we hold about you in the following circumstances: where you believe it is no longer necessary for us to hold the personal data, we are processing it on the basis of your consent and you wish to withdraw your consent, we are processing your data on the basis of our legitimate interest and you object to such processing, you no longer wish us to use your data to send you marketing or you believe we are unlawfully processing your data. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
Restriction of Processing to Storage Only: You have a right to require us to stop processing the personal data we hold about you other than for storage purposes in the following circumstances: you believe the personal data is not accurate for the period it takes for us to verify whether the data is accurate, we wish to erase the personal data as the processing we are doing is unlawful but you want us to simply restrict the use of that data; we no longer need the personal data for the purposes of the processing but you require us to retain the data for the establishment, exercise or defence of legal claims; and you have objected to us processing personal data we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal data whilst we determine whether there is an overriding interest in us retaining such personal data.
Objection: You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.

Objection to Marketing

At any time you have the right to object to our processing of data about you in order to send you marketing information, and we will stop processing the data for that purpose.

How We Use Cookies and Identifiers?

Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. The types of Cookies we use include:

Strictly necessary Cookies. These are Cookies that are required for the operation of the website. They include, for example, Cookies that enable users to log into secure areas of the website.

Analytical/performance Cookies. They allow website providers to recognise and count the number of visitors and to see how visitors move around the website when they are using it. This helps website providers to improve the way the website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality Cookies. These are used to recognise users when users return to the website. This enables website providers to personalise our content for you, remember a user’s preferences (for example, a user’s choice of language or region). They also help make the shopping cart and checkout process possible as well as assist in security issues and conforming to regulations.

Targeting Cookies. These Cookies record a user’s visit to the website, the pages a user has visited and the links a user have followed. Website providers will use this information to make the website more relevant to users.

Google Analytics Cookies and Identifiers. We use Google Analytics which is a web and application analytics tool that helps us understand how users engage with our Website and Products. Identifiers such as cookies and app instance IDs are used to measure user interactions with a customer’s sites and/or apps, while IP addresses are used to provide and protect the security of the service, and to give the customer a sense of where in the world their users come from.

Google Analytics mainly uses first-party cookies to report on visitor (aka. user) interactions on Google Analytics customers’ websites. Users may disable cookies or delete any individual cookie. Learn more

In addition, Google Analytics supports an optional browser add-on that - once installed and enabled - disables measurement by Google Analytics for any site a user visits. Note that this add-on only disables Google Analytics measurement.

Our Products use Google Analytics to collects an app-instance identifier — a randomly generated number that identifies a unique installation of an App. Google Analytics also collects Internet Protocol (IP) addresses to provide and help protect the security of our service, and to provide a sense of which country, state, or city in the world our users come from (also known as "IP geolocation").

Cookies We Use

Name	Expiry	Description
FluentLocale	End of Session	Set to ensure the website delivers content in the correct language to a visitor
SECSESSID	End of Session	Session based - not stored beyond the user's website visit - Contains information about their current session on the site (for example, their shopping cart, etc.)
__cfuid	1 year	Use to manage the application security and routing.
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
AMP_TOKEN	30 seconds to 1 year	Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.

Complaints

In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at [email protected], and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the Information Commissioner’s Office or the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.

Changes

Any changes we will make to this policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this policy.

Contact

Questions, comments and requests regarding this policy are welcomed and should be addressed to [email protected].