Eyewear fashion • Contact lenses • Eye examination

FREE* EYEWEAR CONSULTATION

Privacy Policy

Van der Geest Optiek ("we," "us," "our") is the owner of the website www.vandergeestoptiek.com (the "Website"). We are committed to protecting the privacy of our customers and online users ("you," "your," "yours"). This Privacy Policy describes how we handle the personal data we process through our Website, through our store, and through the services offered on the aforementioned platforms (the"Services"). This Privacy Policy therefore applies to your use of our Website and Services, together with the use of our store.

By visiting our Website or providing us with your personal data, you accept and agree to the terms of this Privacy Policy. All personal data processed by us will be treated in strict accordance with the European General Data Protection Regulation (Regulation (EU) 2016/679) (the"GDPR").

1. Data controller

The controller with regard to all personal data that we process is Van der Geest Optiek, located at Generaal Cronjéstraat 86, 2021JL, Haarlem, registered with the Chamber of Commerce in the Netherlands under number 34070312.

If you have any questions, please contact us by sending an email to (info@vandergeestoptiek.com).

2. Personal data collected

2.1 We process information from visitors to our store and users of our Website, including when you wish to receive information from us, make an appointment via the form on our Website, or send us an email requesting information. We process personal data on the basis of: (i) consent (in accordance with Article 6(1)(a) of the GDPR), (ii) the contract (in accordance with Article 6(1)(b) GDPR), (iii) compliance with a legal obligation (in accordance with Article 6(1)(c) GDPR), and (iv) legitimate interests (in accordance with Article 6(1)(f) GDPR).

In the form on our Website, we may ask you to provide one or more of the following personal data:

a) first and last name;
b) telephone number;
c) email address; You can contact us at any time by email (info@vandergeestoptiek.com) to request information. If you send us such an email, we may process the personal data and information you provide in your email.

We may combine the information you provide with other information we have processed about you, both online and in-store (including but not limited to your purchase history, your address, information about eyeglass prescriptions, and/or the date of purchase), together with information we receive from public information sources and third parties (e.g., Google).

If you provide us with personal data about another person, you hereby declare that you are authorized to do so and that you allow us to use this information in accordance with this Privacy Policy.

2.2 When you use our Website, we may process and record your IP address. Your IP address is stored in a temporary log file. We may share information about your use of our Website with affiliated companies and partners, as further described in Sections 3.2 and 3.3 of this Privacy Policy.

3. Purpose of data processing

3.1. We process your personal data, as described in Article 2.1 of this Privacy Policy, for the following purposes:

a) to fulfill our obligations to provide you with our Services or products (through shipping and billing), or to fulfill other requests (such as online eye tests or contacting one of our stores) (based on the contract (in accordance with Article 6(1)(b) GDPR));

b) to contact you regarding follow-up services (such as passing on the results of an online eye test), to answer your questions, to provide requested information, and/or to give advice (based on consent (in accordance with Art. 6(1)(a) GDPR));

c) to request information (based on the contract (in accordance with Art. 6(1)(b) (GDPR));

d) to secure our business objectives (based on legitimate interests (in accordance with Art. 6.1(f) GDPR)), for:

  • data analysis to improve the efficiency of the Services;
  • audits to verify that our internal processes are functioning properly and to comply with legal or contractual requirements;
  • fraud and security checks, such as detecting and preventing identity fraud or cyber attacks;
  • supplementing, improving, or modifying our Website, products, and Services
  • identifying trends in the use of the Services, to gain insight into which parts of our Services are most interesting to users; and
  • determining the effectiveness of our promotional campaigns, so that we can tailor our campaigns to the needs and interests of our users.

e) to analyze personal data (e.g., purchase history, information about eyeglass prescriptions, country and/or city for shipping, language) in order to provide personalized service offers (based on consent and legitimate interest (in accordance with Articles 6(1)(a) and (f) GDPR)), to:

  • reminding you that you need a new eye exam 180 (three hundred and thirty) days after your last eye exam;
  • to better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests; and
  • better understand your preferences so that we can deliver content through the Services that we believe will be relevant and interesting to you;

and

f) to comply with various legal obligations, including tax obligations (based on compliance with a legal obligation (in accordance with Art. 6(1)(c) (GDPR));

3.2. In connection with marketing and promotional materials relating to our products and Services, we may provide your personal data, as described in Article 2.1 of this Privacy Policy, to our partners, including our store in your region. Our local store may therefore contact you with such marketing and promotional materials. If you prefer to opt out of such communications, please contact us by sending an email to (info@vandergeestoptiek.com).

3.3. We use the automatically generated data, as described in Section 2.2 of this Privacy Policy, and your business data and personal data, as described in Section 2.1 of this Privacy Policy, to perform aggregate analyses for internal research and statistical and strategic purposes. This aggregate information does not identify you or your business. We use the aggregated information to optimize our Website, Services, and products and to learn more about the use of our Website and products so that we can improve them.

4. Data retention

4.1. We will continue to process personal data for a period of two (2) years after your last purchase, or for as long as is legally required or necessary and permitted for the purpose or purposes for which the data was obtained. Immediately after these periods, we will destroy and/or anonymize the personal data.

4.2. The following (non-exhaustive) list of criteria is used to determine our retention periods (i) the duration of our ongoing relationship with you and the Services we provide; (ii) our potential subjection to any legal obligation(s); and (iii) other legal requirements (such as applicable statute(s) of limitations, litigation, or internal or external investigations).

4.3. Notwithstanding Section 5.1 of this Privacy Policy, we may process the personal data for a longer period (i) if you ask us to retain the personal data for an additional two (2) years; or (ii) to comply with statutory retention periods (as required, for example, by tax legislation); or (iii) to demonstrate compliance with applicable legal obligations (arising, for example, from the GDPR or marketing legislation).

4.4. If you request the deletion of your personal information by contacting us through the process described in Section 8 of this Privacy Policy, all of your personal information processed through our Website will be deleted, as required by applicable law. This does not apply if we are required by law, for the completion of the transaction for which the information was processed, or for internal use, to retain such information.

5. Data protection

All personal information we process is treated confidentially. We will therefore take appropriate technical and organizational measures to secure and protect personal data against destruction, loss, alteration, unauthorized disclosure or access, or any other processing of such personal data, insofar as the above occurs accidentally or unlawfully. These measures guarantee an appropriate level of security given the nature of the data and the risks involved in processing the data. For example, we use Security Socket Layer encryption throughout the Website.

6. Data retention

6.1. Without prejudice to Articles 3, 6.1, and 6.2 of this Privacy Policy, we will not disclose any personal information or personal data to third parties without your express consent, unless we are required to do so by applicable law or by order of the competent supervisory authority.

6.2. However, we would like to point out that we may pass on your personal data and information to our store, as set out in Article 3.2 of this Privacy Policy.

6.3. We may engage other data processing companies to process personal data exclusively on our behalf. Such data processing companies are only entitled to process the data necessary for the performance of their services and activities and in accordance with our express written instructions. The processor guarantees that it has taken appropriate technical and organizational measures to ensure that the processing of personal data complies with the requirements of this Privacy Policy and the GDPR. The processor also guarantees the protection of the rights of all data subjects. The processing of personal data by a processor is always governed by a written data processing agreement between us and the processor. For additional information about these data processing companies, please contact us in accordance with the process described in Article 7 of this Privacy Policy.

7. Your rights

7.1. You have the right to request confirmation from us as to whether or not we are processing your personal data. You can view and change the personal data you provide when registering as a customer with us at any time via your account on the Website. You also have the right to send us a request to receive such information by sending an email to (info@vandergeestoptiek.com). Furthermore, you have the right to send us a request to view, receive, transfer, correct, delete, or completely withdraw your consent to the processing of your personal data. We will handle your request immediately and in accordance with the GDPR. We will also send you a response without undue delay, at least within one month of receiving your written request.

7.2. You have the right to object to the processing of your personal data by us at any time. In the event of such an objection, we will no longer process your personal data unless we demonstrate that 1) we have compelling legitimate grounds for the processing which override your interests, rights, and freedoms; or 2) processing is necessary for the establishment, exercise, or defense of legal claims. We will respond to you without undue delay, within a maximum of one month after receiving your written request.

7.3. If you have any complaints about our data processing or your previous requests, you can contact us at info@vandergeestoptiek.com. You also have the right to lodge a complaint with the relevant data protection authority. In the case of the Netherlands, this is the Dutch Data Protection Authority.

7.4. If you have any questions or comments, please contact us at info@vandergeestoptiek.com.

8. Third-party websites

Our Website may contain hyperlinks that lead to external websites maintained by third parties. We cannot accept any responsibility for the content of these websites or for the way in which these websites handle your data. Please ensure that you read the applicable Privacy Policy, if any, of the websites you visit.

9. Revisions to this Privacy Policy

Please note that this Privacy Policy may be revised from time to time. Any revised Privacy Policy will be posted on our Website, where the most current version will be available at all times. We encourage you to check our Website and Privacy Policy regularly. If we make a change to this Privacy Policy that would affect your privacy rights, we will either ask for your consent to the change or continue to comply with our previous Privacy Policy when it comes to information we processed when it was in effect. The last revision took place in May 2021 in Haarlem, the Netherlands.