Privacy Policy
Effective March 14, 2024
- INITIAL PROVISIONS
- This is the Privacy Policy of CamCom s.r.o., a company incorporated in the Slovak Republic, ID No.: 54 691 168, with its registered office at Zimná ul. 411/6, 945 01 Komárno, Slovak Republic (also “we”, “us” or “our”). We refer to all our products, services, websites, and apps, including in particular (but not limited to) our product “Auglio”, collectively as the “Services” in this Privacy Policy.
- We respect the need for privacy and protection of personal information, including but not limited to any personal data. For the purposes of this Privacy Policy, personal data shall mean any information relating to an identified or identifiable natural person, where an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (the “Personal Data”).
- We always process Personal Data in accordance with this Privacy Policy and applicable legislation, such as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”).
- Please read this Privacy Policy carefully to understand how we collect, process, and protect Personal Data if you use the Services, and what rights you have in this connection. By using the Services and/or providing any Personal Data to us, you consent to be bound by this Privacy Policy and warrant that all Personal Data provided by you is accurate and that you are authorized to provide such Personal Data to us.
- For the purpose of this Privacy Policy and unless the context requires otherwise, we shall be considered as the data controller of Personal Data.
- CATEGORIES OF PERSONAL DATA
- We collect, process and protect, in particular, the following categories of Personal Data:
- Personal Data
- identification data (e.g., first name, last name, sex, account user name);
- contact information (e.g., e-mail address, telephone number);
- order information (e.g., products purchased);
- payment information;
- IP address; and
- other Personal Data you share with us.
- Tracking & Cookies Data
We use cookies and similar tracking technologies to track activity related to the Services. Please refer to Article 7 to learn more.
- Personal Data
- We collect, process and protect, in particular, the following categories of Personal Data:
- PURPOSES OF PERSONAL DATA PROCESSING
- We process Personal Data for the following purposes:
- fulfillment and compliance with our contractual and statutory obligations, such as the provision of the Services agreed upon between you and us;
- marketing activities related to the Services;
- provision of access to the Services;
- monitoring of the usage of the Services;
- detection, prevention, and addressing of technical issues;
- improvement of the Services;
- conducting market research; and
- protection of our legitimate interests.
- We process Personal Data for the following purposes:
- RETENTION AND TRANSFER OF PERSONAL DATA
- We will retain and process Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy and only to the extent necessary to comply with our legal obligations, resolve disputes, exercise our rights, and protect our interests. In particular, we will process Personal Data for the following periods of time:
- Personal Data according to Article 3.1 a) will be processed for the duration of our contractual and statutory obligations;
- Personal Data according to Article 3.1 b) will be processed until you reject our use of Personal Data for marketing activities (such as rejecting our newsletters or other marketing communication);
- Personal Data according to Article 3.1 c), d), and e) will be processed as long as you use the Services;
- Personal Data according to Article 3.1 f) and g) will be processed as long as our legitimate interest lasts or until you refuse such Personal Data processing;
- Personal Data according to Article 3.1 h) will be processed as long as our legitimate interest lasts.
- Please note that we may retain usage data for internal analysis purposes. We retain usage data generally for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Services, or if we have a legal duty to retain this data for longer time periods.
- Personal Data we process may be transferred to (and maintained on) a computer located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. We store all Personal Data to fulfill our legal obligation subject to Art. 6 of GDPR for the purposes of the legitimate interests pursued by the controller and for the performance of a contract for all our customers irrespective of their location. Your consent with this Privacy Policy followed by your submission of respective Personal Data represents your agreement to such transfer.
- We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that no Personal Data are transferred to any organization or a country unless there are adequate controls in place ensuring the security of Personal Data.
- We will retain and process Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy and only to the extent necessary to comply with our legal obligations, resolve disputes, exercise our rights, and protect our interests. In particular, we will process Personal Data for the following periods of time:
- DISCLOSURE OF PERSONAL DATA
- We may disclose Personal Data to a third party in particular in connection with:
- Business Transactions
We may disclose Personal Data to any third party that acquires all or substantially all of our business, stocks, or assets, or with whom we merge or undergo any other form of corporate restructuring. If we do, we will inform such a third party of the requirement to process Personal Data in accordance with this Privacy Policy. - Disclosure for Law Enforcement
We may, under certain circumstances, be required to disclose Personal Data by law or in response to requests made by public authorities (e.g., a court or a government agency). - Legal Requirements
We may disclose Personal Data if we believe in good faith that such disclosure is necessary in order to: (i) comply with a legal obligation, (ii) protect and/or defend our rights or property, (iii) prevent or investigate possible wrongdoing in connection with the Services, (iv) protect the safety of users of the Services or the public, (v) protect against legal liability.
- Business Transactions
- By (i) clicking the [“I agree”] button during the registration as our client, (ii) by clicking the [“I agree”] button before using the Services, (iii) or simply by using the Services, you consent to our sharing of Personal Data with third parties such as:
- our affiliates;
- hosting providers;
- advertising partners; or
- partners providing services for the purpose of fulfilling the obligations arising from the provision of Services, such as delivery and payment providers who will then act as the processors of Personal Data.
- We may disclose Personal Data to a third party in particular in connection with:
- BIOMETRIC DATA
- When using the virtual try-on tool, virtual mirror, or a similar feature that is a part of our Services (the “Virtual Try-On”), we may need to scan your face and reconstruct it in a virtual three-dimensional (3D) environment in order to produce a demonstration of your augmented appearance (e.g., you wearing eyewear, jewelry, etc.). We do not collect, store, use, or otherwise process the images or videos of your face taken during the Virtual Try-On or any other biometric information or identifiers. In case we come to the possession of some of your biometric information or identifiers we shall delete or anonymize them without undue delay upon gaining knowledge thereof. We will not sell, make available or otherwise distribute your biometric information or identifiers to any third parties unless required by a court order or applicable law.
- While using the Virtual Try-On, you have the option to save the image of your face within the virtual environment by clicking on the “save image” button. You will also have the option to save certain measurements, for example, your pupillary distance, in order to make the Services more accurate and so you do not have to take such measurements every time you use the Services. Such images and measurement data will be saved on your device only and we will not have access or the ability to gain access to it.
- You hereby acknowledge that we do not control and therefore cannot be held liable for any third-party software, whether directly or indirectly accessed through our Services. We are not responsible for collecting, recording, storing, retrieving, using, disseminating, or otherwise processing your biometric information or identifiers by a third party that accessed your biometric information or identifiers through our Services.
- TRACKING, COOKIES, AND IP ADDRESSES
- Cookies are computer files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also use beacons, tags, and scripts to collect and track information and to improve and analyze the Services. Cookies allow us to recognize whether you re-entered our website from the same device, to record some of your stored parameters, and to verify whether you belong to a particular category of users to which certain communication should be targeted. We may use for example the following categories of cookies:
- session cookies to operate the Services;
- preference cookies to remember your preferences and various settings; or
- security cookies for security purposes.
- You can instruct your browser to refuse cookies except for technical cookies or similar or to indicate when a cookie is being sent.
- When you visit our website for the first time, we ask you whether you accept cookies.
- With your consent we also use Google Analytics and similar services that collect third-party cookies. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Aside from Google Analytics, Google uses Google Tag Manager which is a tag management system created by Google to manage JavaScript and HTML tags used for tracking and analytics on websites. The information about your use of the Services (including your IP address) generated by the cookies will be transmitted to and stored by Google on servers in the USA and other countries. Google will use this information for the purpose of evaluating your use of the Services, compiling reports on the Services activity for the Services operators, and providing other services relating to the Services activity and internet usage. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf. By using our Services, you consent to the processing of your data by Google in the manner and for the purposes set out above as further detailed in Google privacy policy available at: https://policies.google.com/privacy.
- The Services and the communications generated by the use of the Services, such as promotional e-mails, may also contain electronic images known as “web beacons”. Web beacons generally work in conjunction with cookies, and we may use them in the same way we use cookies (see above).
- Cookies are computer files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also use beacons, tags, and scripts to collect and track information and to improve and analyze the Services. Cookies allow us to recognize whether you re-entered our website from the same device, to record some of your stored parameters, and to verify whether you belong to a particular category of users to which certain communication should be targeted. We may use for example the following categories of cookies:
- DIRECT MARKETING
- By clicking the [“I agree”] button during registration as a user of the Services or simply by using the Services, or by clicking the [“I agree”] button when subscribing to our newsletters or other marketing communications, surveys, etc., you agree that we may use your electronic contact details, which may be derived from your current or past usage of the Services, or permit selected third parties to use this data, to contact you via electronic means (such as e-mail) with marketing information about the Services.
- You may opt out of marketing communications by disabling this function via the unsubscribe link provided in each e-mail or other communication you receive, or by sending an e-mail request to [email protected] specifying that you wish to opt out from marketing communications.
- SECURITY
- We are committed to storing all Personal Data securely. Therefore, we have implemented adequate physical, technical, and organizational measures and plans for protecting and securing Personal Data (which do not, however, deprive you of your responsibility for taking adequate steps to secure your data, particularly for the transmission of data). Our aim is to eliminate any unauthorized or unlawful processing of Personal Data as well as any accidental, unauthorized, or unlawful accessing, use, transferring, processing, copying, transmitting, alteration, loss, or damage of Personal Data.
- Where we have given you (or where you have chosen) a password that enables you to access certain parts of the Services, you are responsible for keeping this password strong and confidential. We ask you not to share the password with unauthorized persons.
- Unfortunately, the transmission of information via the internet is never completely secure. Although we will do our best to protect Personal Data, we cannot guarantee the security of Personal Data transmitted by you. Any such transmission is at your own risk. Once we have received Personal Data, we will use strict procedures and security measures to protect Personal Data and prevent unauthorized access.
- To maintain the highest standard of Personal Data protection, all information you provide to us is stored on secure servers behind firewalls. We restrict access to Personal Data to employees, contractors and agents who need to know such Personal Data in order to operate, develop or improve the Services.
- Certain parts of the Services that collect personal data also use Secure Sockets Layer (SSL) encryption or other types of encryption. We back up all Customer data in the data center located in the European Union, which enables an expedited recovery in case of a disaster or other event of similar nature, and whenever possible, we will ensure the pseudonymization or anonymization of all personal or related data (except for names and e-mail addresses).
- In case, depside our best efforts, a Personal Data breach occurs which is not unlikely to result in a risk to the rights and freedoms of our clients or users, we will undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the supervisory authority and, if your Personal Data has been a part of the breach and none of the exceptions in Article 34(3) of the GDPR apply, you as well. We will describe to you the nature of the breach in clear and plain language, what measures we implemented and will yet to implement and what consequences the breach is likely to have.
- YOUR RIGHTS
- Subject to the rules and conditions set forth in the GDPR, you are or may be eligible to the following rights in relation to your Personal Data:
- Right of Access
You are eligible to request from us confirmation, as to whether or not Personal Data concerning you are being processed and, if this is the case, you may access further information about such processing.
Your right of access can be exercised in accordance with the applicable laws. However, where requests from you are manifestly unfounded, excessive, or repetitive, we may either:- charge a reasonable fee, considering the administrative costs of taking the actions requested; or
- refuse to act on the request.
- Right to Erasure (Right to be Forgotten)
You are eligible to request from us the erasure of Personal Data concerning you without undue delay and we shall have the obligation to erase such data without undue delay if all respective conditions are met under the GDPR. Please note that the erasure of your Personal Data may result in our inability to provide you with our services. - Right of Rectification
You are eligible to request from us without undue delay the rectification of inaccurate or incomplete Personal Data concerning you. - Right to Object
You are eligible to object, on grounds relating to your particular situation at any time, to the processing of Personal Data. - Right of Restriction of Processing
You are eligible to request from us the restriction of processing of Personal Data. - Right to Data Portability
You are eligible to receive Personal Data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and you have the right to transmit those data to another controller without hindrance from us to which Personal Data have been provided. - Right to Withdraw Consent
You are eligible, where the processing is based on consent, to withdraw your consent at any time. Such withdrawal shall not affect the lawfulness of processing based on your consent before its withdrawal.
- Right of Access
- If you feel that your Personal Data have been processed unlawfully, please contact us at [email protected] and we will resolve the problem. You have the right to lodge a complaint with the competent supervisory authority. A list of competent supervisory authorities in the European Union is available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm. In the Slovak Republic, the competent supervisory authority is the Office for Personal Data Protection of the Slovak Republic. You can learn more at http://www.dataprotection.gov.sk/.
- Please keep in mind that we respond to all inquiries within 30 days. Any requested change, once we have verified your identity and the request’s legitimacy, may take up to five (5) business days to take effect.
- Subject to the rules and conditions set forth in the GDPR, you are or may be eligible to the following rights in relation to your Personal Data:
- SURVEYS AND TESTIMONIALS
- From time to time, we may request information via surveys. Participation in these surveys is voluntary and you may choose whether or not to participate and disclose the requested information. Information requested may include contact information (such as name and e-mail address), and organization information (organization name, job position). Contact information will be used to share the results if the participant selects to receive them. Survey information will be used for purposes of research, monitoring, or improving the user experience and satisfaction with the Services.
- From time to time, we may also post various texts such as testimonials, quotes, case studies, white papers, etc. on our websites that may contain personal information. We shall obtain your consent to post your name along with such a text. If you wish to update or delete any text containing your personal information, please contact us at [email protected].
- FINALPROVISIONS
- The Services may, from time to time, contain links to and from websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.
- The Services are not addressed to anyone under the age of 16. We do not, to our best knowledge, collect Personal Data from anyone under the age of 16. If you are a parent or a guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.
- We reserve the right to amend, modify, supplement, or otherwise change this Privacy Policy at any time and for any reason. Any new version of this Privacy Policy supersedes its previous version as of the date of effectivity of the new version. If you are our registered user and we have your e-mail information, we will inform you about any substantial amendments to this Privacy Policy by e-mail.
- If you have any questions about this Privacy Policy or our privacy practices, please contact us by e-mail at [email protected].
- PRIVACY ARTICLE
- If customers and/or website visitors of Customer choose to use the Virtual Try-On feature, this will lead to the processing of their Personal Data for which CamCom will act as the data controller within the meaning of article 4 under 7 GDPR. CamCom warrants that it will comply with the GDPR as well as any and all other European and national regulations governing the protection of personal data applicable at any point in time. CamCom will among others obtain any necessary consents and will inform the data subjects about the processing of their Personal Data.
This Privacy Policy enters into force and become effective as of 14. 3. 2024.