Vivid VisionPrivacy Policy

Last updated May 28th, 2024

Scope

This Privacy Policy (the “Policy”) sets forth the privacy principles that Vivid Vision, Inc. (“Vivid Vision” or “Company”; "us", "we", or "our") follows when processing Personal Data received from customers or prospective customers. For purposes of this Policy, Personal Data means information about an identified or identifiable individual that is received by Vivid Vision and recorded in any form.

This Policy applies to the https://www.seevividly.com/ website (the “Vivid Vision Site”), to the https://www.iheartvt.org/ website (the “IHVT Site”), and Vivid Vision-branded software and applications (the “Products”) or our products, software, and associated services (the “Site”, the “IHVT site”, and “Products” collectively referred to as the “Services”). As a visitor to our websites or a user of our services, the collection, use, and sharing of your data are subject to this privacy policy.

For your convenience, this Site or our Services may contain links to other websites. This Policy and procedures described here do not apply to those sites.

Definitions

For the purposes of this Privacy Policy:

Application means the software program provided by the Company downloaded by You on any electronic device, named Vivid Vision

Account means a unique account created for You to access our Service or parts of our Service. Company (referred to as either "the Company", "We", "Us" or "Our" in this Privacy Policy) refers to Vivid Vision, Inc., 2565 3rd St Suite 318, San Francisco, CA 94107, USA.

Country means the United States of America.

Device means any device that can access the Service such as a computer, a cellphone, tablet, or head-mounted display.

Distributor means any authorized agent who supplies the Service to businesses and consumers in accordance with a contract with the Company.

Personally Identifiable Information (“PII”) means any information relating to a natural person

Service refers to the websites and any Vivid Vision-branded software and applications

Third-party Applications means any services or content (including data, information, products or services) provided by a third-party that may be displayed, included or made available by the Service.

Websites refers to Vivid Vision, accessible from https://www.seevividly.com/ and I Heart VT, accessible from https://www.iheartvt.org/.

You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Our Role

We comply with the Data Protection Act no 2472/1999, Law no. 3471/2006 and the General Data Protection Regulation (EU) 2016/679 (also known as the “EU Privacy Laws”) when gathering, using, disclosing, or otherwise processing personal data about you. Vivid Vision is classified as a data controller or joint controller depending on how our Services are utilized. Our address is Vivid Vision, Inc. 2565 3rd St Suite 318, San Francisco, CA 94107, USA.

What Type of Information Do We Collect?

We may collect, use, store, and/or transfer the following information to provide, improve, and protect our Services:

Contact Information - name, title, address, personal or clinic/practice address, email address, and/or phone number
User Information - username, password, purchase details, billing address and payment information, professional organization affiliation
Technical Information - your IP address, operating system, software platform, device ID, usage data and other technical information on the device you use to access our Services
Health Information - limited information regarding conditions affecting your vision
Marketing Information - marketing preferences, tracking pixels, browser type and similar information set by you regarding marketing collected from us using our Services

How We Use the Information We Collect

We use information to enhance and provide features, products, and functionality for our Services. These uses may include:

User Information may be used for the creation of accounts and user profiles and to provide you the Service (both paid and unpaid)
Contact and Marketing Information may be used for communication with you about our application or the device(s) used to access our application; for communications or marketing regarding our Services; and/or for notifications about updates to our Services, promotional information about new or current products, and notification about acquisition, merger, or partnership with other entities
Contact, User, and Technical information may be used for the provision of customer service and support
Technical information may be used for data logging and crash reports to enhance the operation of our services and to ensure secure, reliable, and robust performance of our application
Health Information may be used for the creation and provision of better vision tests and personalized treatment plans related to your visual conditions
Any Information may be used for compliance with legal obligations

You have the ability to opt-in, opt-out, limit, review, or request we delete this information at any time by contacting us using the contact details at the end of this Policy.

The Specifics

Our Services

We may collect personally identifiable information such as a username and email address when you register an account for personal/home use. Clinics using Vivid Vision may be asked to provide name, email address, physical address, and payment information. In addition, clinics will create a unique username and account that is associated with a date of birth and information about the patient’s binocular vision status, such as the presence or absence of amblyopia and strabismus or other visual disorders. This information allows your clinician to create a treatment or testing plan unique to each patient.

Some of our Services may collect various types of anonymous and non-personally identifiable information, including device details and configuration, location data, head and/or body movements, IP address, and software logs and crash reports for all laptops, personal computers (PCs), mobile devices, and head mounted displays that access and use the software application. This information is important for optimizing our Services.

Our software application relies on third-party applications, such as Oculus and Steam VR, to deliver components of our Services to you. These applications are separate from Vivid Vision, however our software may communicate with these applications. You access these applications and their associated websites at your own risk; by accessing them you leave our website. These third-party applications are not under our control and we are not responsible for the contents of any application or website, including the game content, privacy policies, or tracking technologies they may use. We encourage you to check the applicable privacy policy to determine how they will handle any personal information they collect from you.

Oculus’ Privacy Policy can be located at: https://www.oculus.com/legal/privacy-policy/

Steam’s Privacy Policy can be located at: https://store.steampowered.com/privacy_agreement/

Google’s Privacy Policy (for Daydream VR users) can be located at: https://policies.google.com/privacy

Visitors to the Vivid Vision Site interested in knowing if there is a clinic that offers our Services near them, or to be notified when such a clinic is available, have the option of providing their name, email address, and other contact information.

Visitors to the Vivid Vision Site interested in becoming a Vivid Vision provider have the option of providing the name and email address to Vivid Vision. If the request is from a territory in which we utilize the services of a Distributor, we may share contact information with a certified Distributor that services the requester’s area.

Visitors to the IHVT Site interested in becoming a participant in the I Heart VT program have the option of providing contact and payment information to enroll in the program. Vivid Vision may share contact information with a member’s affiliate professional organization for the purpose of providing credit for time spent during an educational event associated with the I Heart VT program.

Some components of our Services utilize the video conferencing platform Zoom. Zoom’s privacy policy may be located at: https://zoom.us/privacy.

Some of our Services use marketing information such as Google Analytics, Cookies, and similar technologies such as tracking pixels to improve them. Google Analytics provides an approximate location derived from the IP address that visited our website. Other anonymous data such as browser information, device information, operating system, and language are collected. Our websites may implement third-party software, such as reCAPTCHA, that collects your information for security purposes. We do not collect information such as gender, sex, or information related to personal finances. You can control cookies through your browser settings and other tools.

Google Analytics

The websites use functions of the web analytics service Google Analytics, a division of Google Inc. 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies." These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. The data collected in this way is anonymous, however, this data is stored and processed by Google. Google may use this information for its own promotional purposes, in accordance with Google’s Privacy Policy available at: https://policies.google.com/privacy.

You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=en.

You can learn more about how to safeguard your data at: https://support.google.com/analytics/answer/6004245.

Facebook Pixel

We use the Facebook Pixel from Facebook, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland on our websites.

This allows visitor actions to be tracked after the user interacts with our Facebook advertisement. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous, however, this data is stored and processed by Facebook. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can prevent the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by visiting: https://www.facebook.com/settings?tab=ads.

What Information We Share

Vivid Vision takes your privacy seriously. We do not share your information with other third-party subprocessor applications or companies that have not been vetted by us, and will not send you marketing material without your consent. We do not sell your information.

Most visitors to our websites are not required to provide us with personal data. However, some components of our Services may require you to provide us with contact information. In these situations, if you choose to withhold this information, it may not be possible for us to provide access to certain parts of our website and for us to respond to your query. If you send us inquiries via the Vivid Vision Site or IHVT Site, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request. In the event that you are contacting us with the intent to purchase or use our Services, you may be connected with an authorized distributor in your area.

The Services may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to review the privacy policies of each website you visit or application you utilize.

We do not share information with third parties for their own direct marketing purposes except to allow Vivid Vision Providers to contact you about vision care. If we disclose any Protected Health Information (as that term is defined in 45 C.F.R. Part 160) to third parties, we will do so in accordance with the Health Insurance Portability and Accountability Act, as amended (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act, as amended (“HITECH”), and any other applicable state and federal privacy and security laws, as they may be amended from time to time.

Patients looking for a clinic or eye care provider that offers Vivid Vision have the option of submitting contact information to a clinic through the Vivid Vision Site. Vivid Vision may share this information with the provider of your choice to help you schedule an appointment.

How We Protect Your Data

We have implemented measures intended to protect the privacy of users of our Services. These include encryption, pseudonymization, training, and other cybersecurity measures.

Our websites use secure socket layer (SSL) encryption for security and to protect the transmission of sensitive content, such as the requests you send to us. SSL encrypted connections display as "https://" and the lock symbol in your browser line. If SSL encryption is enabled, the data you submit to us cannot be read by third parties. All PII is contained behind a secure network and is only accessible by a limited number of individuals with access rights to such information.

Payment may be required to use our Services. Vivid Vision will never ask you for a credit card number by email. We only provide product information and articles. All online financial transactions are processed through a licensed third party financial organization. These organizations include Chase Bank, Foxycart, Wix Payments, and Paypal. We encourage you to check the applicable privacy policies to determine how they will handle any personal information they collect from you.

Foxycart’s privacy policy is available at: https://www.foxy.io/privacy-policy.

Paypal’s privacy policy is available at: https://www.paypal.com/us/webapps/mpp/ua/privacy-full.

Chase's privacy policy is available at: https://www.chase.com/digital/resources/privacy-security/privacy/consumer-privacy-notice.html.

Wix’s privacy policy is available at: https://www.wix.com/about/privacy.

Wix’s privacy policy is available at: https://stripe.com/privacy.

Lawful Basis

We only collect and process personal data when we have a lawful basis. This includes consent (you have provided us with your consent to process data) and contract (processing of your data is necessary for the performance of a contract with you, for example providing Vivid Vision’s software application to you when your clinician activates a license for home use or other legitimate business interests in order to carry out any requests or orders made by you via our website). At any time, you can contact us to withdraw consent.

Vivid Vision has never been requested by a federal agency to disclose any of its customer's private information. Please note that in rare cases we may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

How Long will Your Data Be Held?

For clinic notification (when a Vivid Vision clinic is available in your area) we will hold your contact information for at least 7 years. For contracted services, we will hold your data for at least 7 years in line with our own policies, business, and legal requirements.

Subprocessors

Vivid Vision is committed to transparency regarding how your information is collected and shared. These third-party companies and individuals acting as our subprocessor help us to:

facilitate our Services
provide the Services on our behalf
perform Services-related services

The following subprocessors are utilized by Vivid Vision.

Vivid Vision 3rd Party Subprocessors:	Service Provided	Location	Website
Amazon Web Services, Inc.	Cloud service and infrastructure provider	USA	https://www.aws.com
Google LLC	Cloud service provider, email, and storage	USA	https://www.google.com
ZenDesk, Inc.	Support service	USA	https://www.zendesk.com
Hubspot CRM	Cloud-based customer relationship management	USA	https://hubspot.com
Slack Technologies, Inc.	Communication technology	USA	https://slack.com
The Rocket Science Group, LLC (MailChimp)	Cloud-based email and marketing services	USA	https://mailchimp.com
Github, Inc.	Software code repository	USA	https://github.com
FoxyCart.com LLC / Foxy.io	Payment processor	USA	https://www.foxy.io
PayPal	Payment processor	USA	https://www.paypal.com/
Stripe	Payment processor	USA	https://stripe.com/
Chase Paymentech	Payment processor	USA	https://merchantservices.chase.com/
Intuit, Inc.	Invoicing	USA	https://www.intuit.com/
Dialpad (US)	Call and fax service	USA	https://www.dialpad.com
Dropbox, Inc.	Cloud storage and file hosting	USA	https://www.dropbox.com/
JN Projects Inc. dba HelloSign	Cloud-based electronic signature and document storage	USA	https://www.hellosign.com/
Atlassian Pty Ltd	Cloud-based collaboration tool	USA	https://www.atlassian.com/
Wix	Content management	USA	https://www.wix.com/
Zoom Video Communications, Inc.	Video and web conferencing	USA	https://zoom.us/
Zapier, Inc.	Data integration	USA	https://zapier.com/
TeamViewer GmbH	Remote IT management service	Germany	https://www.teamviewer.com/
VISUS GmbH	European Distribution	Germany	https://visus.de/

We perform due diligence on each subprocessor to evaluate their privacy, security and confidentiality practices, and execute an agreement with them that implements their obligations.

When we bring on a new vendor or other sub-processor who may handle any Personal Information, remove a sub-processor, or change how we use a sub-processor, we will update this Privacy Policy.

Your Rights

Rights

You may have rights to access, update, rectify, port or erase certain personal information that we have about you or restrict or object to certain activities in which we engage with respect to your personal information. To submit a request with respect to these rights, please contact us at regulatory@seevividly.com and clearly describe your request.

We may in some cases transfer your personal data to service providers and business partners outside of the EEA. Some of these recipients may be located in countries for which the European Commission has issued adequacy decisions. In each case, the transfer is thereby recognized as providing an adequate level of data protection from a European data protection law perspective (GDPR Art. 45).

By entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC) as referred to in GDPR Art. 46(5) or other adequate means, we have established that such recipients will provide an adequate level of data protection and that appropriate technical and organizational security measures are in place to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

EU-U.S., UK Extension, & Swiss-U.S. Data Privacy Framework

Vivid Vision complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Vivid Vision has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Vivid Vision has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Vivid Vision commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Vivid Vision by email regulatory@seevividly.com or phone +1 (877) 877-0310.

Vivid Vision has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.

Vivid Vision is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Third Party (Onward) Transfers

Vivid Vision remains responsible for all the personal information we receive under the DPF and that we subsequently transfer to third parties acting as agents on our behalf if they process personal information in a manner inconsistent with the DPF principles, unless Vivid Vision proves we are not responsible for the event giving rise to the damage.

California Online Privacy Protection Act (CalOPPA)

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. See more at by visiting the CalOPPA website here: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf.

According to CalOPPA we agree to the following:

Users can visit our website anonymously
Once our privacy policy is created, it will be available as a link on our homepage
Our privacy policy link includes the word ‘privacy’ and can be easily found when entering our website
Users of our website or application will be notified of any changes to our privacy policy:
On our privacy policy page
Users of our website or application are able to change their personal information by:
Emailing us

How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Do our websites allow third-party behavioral tracking?

We use the following tools to help us better understand web traffic and traffic patterns to better serve our customers:

Google Analytics
Facebook Analytics

Children's Online Privacy Protection Rule (COPPA)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur, we will notify users via in-site notification within 7 business days.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. We collect your email address in order to:

Send information, respond to inquiries, and/or other requests or questions.
Market to our mailing list or continue to send emails to registered parties after the original transaction has occurred.

In accordance with CAN-SPAM, we agree to the following:

Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor opt-out/unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can:

Follow the instructions at the bottom of each email

We will then remove you from ALL correspondence.

Modification, Review, and Contact

This policy is periodically reviewed and may be amended from time to time. Any amendments to our privacy policy will be posted as a notification on our privacy policy page.

You can contact us at any time to:

Update, rectify, or request a portable copy of certain personal information that Vivid Vision has about you
Delete information that Vivid Vision has about you

If you have any additional questions about Vivid Vision’s collection, storage, or use of data, please contact us by:

Phone: (877) 877-0310
Fax: (888) 965-8846
Email: regulatory@seevividly.com
Website: https://www.seevividly.com/contact

PRIVACY POLICY