This site has limited support for your browser. We recommend switching to Edge, Chrome, Safari, or Firefox.

Panier 0

Sorry, looks like we don't have enough of this product.

Products
Pair with
Subtotal Free
View cart
Shipping, taxes, and discount codes are calculated at checkout

Your Cart is Empty

PRIVACY POLICY

 

At EyeLights, protecting your personal data is a top priority.

We comply with applicable data protection laws, including French Law No. 78-17 of January 6, 1978 (the “Data Protection Act”) and Regulation (EU) 2016/679 of April 27, 2016 (the “General Data Protection Regulation” or “GDPR”).

This Privacy Policy (“Policy”) explains how we collect, process, and protect your personal data when you use the mobile application “EyeLights” (the “App”) or the website https://eye-lights.com/ (the “Website”), jointly referred to as the “Services.”

 

Please note: This Policy does not govern the use of cookies and other tracking technologies. For more information, please refer to our Cookie Policy.

 

1. Data Controller

The data controller is:

EYELIGHTS, a French simplified joint stock company (SAS) registered with the RCS of Toulouse under number 819 514 118, with its registered office located at 308 Allée du Lac, 31670 Labège, France (“we,” “us,” or “our”).

 

 

2. What Personal Data Do We Collect?

The term “personal data” refers to any information that identifies or can be used to identify you, either directly or indirectly, as a natural person.

We may collect the following categories of personal data:

· Identification data (first name, last name, email address, mailing address, phone number);

· Professional information (company name, job title, resume/CV, LinkedIn profile URL);

· Order-related data;

· Login data (login logs, encrypted passwords);

· Third-party authentication data (e.g., name and email from Google or Facebook, if you choose to log in using those services – we do not collect your third-party password);

· Browsing data (IP address, pages visited, date and time of access, browser type, operating system, user ID, MAID);

· Location data;

· Data from recorded customer support calls (call content, date);

· Financial data (bank account information, payment card details);

· Any information you voluntarily submit via our contact forms.

Mandatory data fields are clearly indicated during data collection.

 

 

How Do We Collect Your Personal Data?

We collect your personal data directly from you when you provide it voluntarily—such as when filling out a contact form, creating an account on the App or Website, or placing an order.

Purposes, Legal Bases, and Retention Periods

 

Purpose

Legal Basis

Retention Period

To provide access to and use of our Services via your account

Contract performance

For as long as your account remains active; login logs: 1 year; inactive accounts deleted after 2 years (subject to prior notice); archived for 5 years for evidentiary purposes

Order and customer relationship management

Contract performance

Duration of contractual relationship; archived (excluding bank details) for 5 years; card data retained by payment provider until end of withdrawal period; CVV not stored

Usage analysis, service improvement, statistics

Legitimate interest

Personal data retained [to be completed]; anonymized data retained indefinitely

Lead generation / marketing prospects

Legitimate interest

3 years from last interaction

Customer reviews

Legitimate interest

2 years from publication

Sweepstakes and contests

Contract performance

Duration of promotional activity + archived 5 years

Newsletters and promotional emails

Legitimate interest (customers); consent (prospects)

3 years from last interaction or until withdrawal of consent

Responding to contact/demo requests

Legitimate interest

3 years from last interaction

Legal and accounting documentation

Legal obligation

Invoices: 10 years; transaction data (excluding banking): 5 years; contracts and signatures: 5 or 10 years depending on status (B2B/B2C)

Responding to data subject rights requests

Legal obligation

Identity documents: deleted after verification; B2B opt-out info: retained 3 years

3. Who Has Access to Your Data?

Authorized access to your personal data:

(i) Authorized employees of EyeLights

(ii) Third-party processors acting on our behalf (e.g., accounting, hosting, email marketing, analytics, CRM, secure payment, order processing, cookie consent tools)

(iii) Independent data controllers (our partners), responsible for their own data processing. We disclaim any liability for their processing of personal data and invite you to consult their terms of use and privacy policies;

(iv) Competent legal authorities, as required by law, including judicial, police, or administrative authorities if requested.

Rest assured: We have implemented all necessary precautions, as well as appropriate technical and organizational measures to ensure the security, integrity, and confidentiality of your personal data.

We ensure that our subcontractors maintain a similar level of protection regarding the processing of your personal data.

Be assured that your personal data will never be sold, rented, or exchanged with third parties.

4. International Data Transfers

Your data is primarily stored and processed on OVH servers located in Roubaix, France.

Some data may be transferred outside the European Union as part of the tools we use (see section “Who Has Access to Your Data?”). Such transfers are secured through:

· Transfers to countries recognized as providing adequate protection by the European Commission (Article 45 GDPR)

· Transfers under appropriate safeguards, such as Standard Contractual Clauses, Binding Corporate Rules, or approved certification mechanisms (Article 46 GDPR)

· Transfers based on specific derogations provided under Chapter V of the GDPR

You may request a copy of the tools used for international transfers by contacting us as detailed in the “Your Rights” section below.

5. Your Rights Regarding Your Personal Data

You have the following rights concerning your personal data:

- Right to be informed
This Privacy Policy provides the necessary information.

- Right of access
You have the right to access all your personal data at any time.

- Right to rectification
You have the right to correct inaccurate, incomplete, or outdated personal data.

- Right to restriction of processing
You may request restriction of processing in certain cases defined under Article 18 GDPR.

- Right to data portability
Under certain conditions (Article 20 GDPR), you have the right to receive the personal data you provided in a structured, machine-readable format and request its transfer to a recipient of your choice.

- Right to erasure (“right to be forgotten”)
You may request deletion of your personal data and prevent future collection.

- Right to object
You may object to the processing of your personal data. We may continue processing for legitimate reasons or legal defense. Regarding marketing, you can object at any time via the unsubscribe link at the bottom of promotional emails.

- Right to lodge a complaint
You may submit a complaint to a competent supervisory authority (in France, the CNIL) if you believe processing violates applicable laws.

- Right to define post-mortem directives
Relating to the retention, deletion, and communication of your personal data and designating a person responsible for execution. You may transmit general directives to a CNIL-certified digital trustee or specific directives to the contact below. You may modify or revoke these directives at any time.

You can exercise the rights above by contacting us at: customercare@eye-lights.com

Or by mail:

EyeLights
308 Allée du Lac,
31670 Labège,
France

Please include a copy of a valid, signed ID to verify your identity.

6. Updates to This Policy

We may amend this Privacy Policy at any time to reflect regulatory, jurisprudential, editorial, or technical changes. Updates take effect upon publication. Please review this Policy regularly. We will notify you of significant changes through appropriate means.

Effective Date: March 31, 2025