COLORON / Medicontur Ltd.

PRIVACY POLICY

In effect from: 24.01.2023

1 An introduction on how we use your personal data

This Data Protection Policy outlines how Medicontur collects and processes your personal data as user of the Website (hereinafter, “user”, “users”, “data subject” or “you”) in compliance with the EU General Data Protection Regulation 2016/679 (hereinafter, the “GDPR”).
As outlined in more details below, Medicontur processes your personal data in order to provide you with its products and services as well as to allow you to join engagement programs, prize competitions and events organized by Medicontur for its clients. If you want to receive the latest news, offers and promotions on the Medicontur world, Medicontur will process – with your prior consent – your personal data in order to send you marketing communications, also customised upon your preferences and interests. In any case, Medicontur will process your personal data securely, adopting all adequate security measures, and allowing the access to your personal data only to authorised persons and third parties both located in EU and in the United States according to modalities compliant with applicable data protection laws.
All personal data provided by you through this Website is used exclusively for the purposes and with the modalities as described below.

2 What kind of personal data do we use and where are they collected from?

Medicontur processes your personal data which are collected directly from you as well as from the other sources, as outlined in the categories of personal data listed below (hereinafter, collectively referred to as “Personal Data”):
a) Personal Data provided directly by you
Medicontur processes the following categories of Personal Data directly provided by you:
  • Identifiable information provided during the registration process, the creation of an account on the Website or when completing your purchase order or join Medicontur engagement programs, prize competitions and events, such as name and surname, e-mail address, user ID, password, gender, country of residence, postal address and phone numbers;
  • Financial information and data related to your credit card for the purchase of products through the Website;
  • Information contained in any correspondence or requests sent by you to Medicontur or asked you by Medicontur if problems with our service on the Website or purchased products are reported;
  • Information relating to your social network profile, if public and if you decide to log into the Website through social network applications or to link your Medicontur account to your public profiles available on social networks, and share your actions through the Website on those channels via the corresponding plug-ins (e.g. Facebook Connect, I like, fb share, etc.). If you decide to share such information, Personal Data published on your social network profile will be collected by the Website and processed for the corresponding functions. Thus, the use of the said plug-in entails sharing the corresponding actions and information on the related social networks.
b) Personal Data obtained from automatic tracking systems when you browse the Website and use its services
  • Medicontur processes the following categories of Personal Data collected through the automatic tracking systems when you browse the Website and use its services:
  • Information relating to your usage of the Website. For security purposes, Medicontur processes the log files related to each session when the user logins into his/her account, as well as information on payment transactions that will be processed through Medicontur e-payment provider;
  • Navigation information collected when you surf the Website. Medicontur uses some technologies (e.g. cookies and automatic tracking systems) that automatically collect certain items of information relating to the way in which the user utilizes the Website such as the IP address or other unique code of the device (computer, mobile or other devices) employed by the user to browse the Website, identification as registered user or not, technical information that may include the URL from where a user originates, browser information, language. This information helps us to continuously improve the browsing experience and the mechanisms of purchase of Medicontur products and services, and to monitor the correct operations of the Website. This information only includes statistical data relating to the actions performed by the user, and is not intended to be associated with the user’s identifying data. In any case, navigation data may identify you, only when matched with your identification personal information.
For further information on the use of Personal Data collected through cookies and tracking systems, please read carefully the Medicontur Cookie Policy available here.

3 FOR WHAT PURPOSES and why DO WE USE YOUR PERSONAL DATA?

Medicontur processes your Personal Data for the following purposes:

3.1 Contractual Purposes – We need to be able to provide you our products and services
Medicontur processes your Personal Data for the purposes necessary for the provision of services and products offered through the Website, and in particular for the following Contractual Purposes:
  • To allow you to register to the Website and create your own account;
  • To provide the services available through the Website (e.g. management of the registration process and access to the account, account management, the reminder for products in the shopping cart, etc.);
  • To manage the sale of products and online orders, and to supply products and services;
  • To process payments and e-payments, also with reference to invoicing obligations;
  • To provide sales and after-sales services (including, for example, fraud prevention, returns, guarantee warranty and customer support), also sending to users operational communications related to the supply of the service or products, sales and after sales assistance;
  • To fulfil the user’s requests (e.g. management of requests for information, [booking of eyesight checks], providing the “share with a friend” feature, to notify you with the “back in stock” feature, etc.);
  • To permit you to join Medicontur engagement programs;
  • To allow you to participate in contests, prize competitions and initiatives promoted by Medicontur.
The data processing activities for Contractual Purposes are necessary for the provision of products and services required. If you don’t want your Personal Data to be processed for such purposes, it will not be possible for Medicontur to provide the required products and services.

3.2 Law Purposes – We need to ensure compliance with legal obligations
Medicontur can process your Personal Data to ensure compliance with legal obligations, and in particular for the following Law Purposes:
To comply with the requirements of the laws, regulations, protocols and national and EU legislation;
To implement the decisions of public Authorities.
The data processing activities for Law Purposes are necessary as they are required by applicable laws. If you don’t want your Personal Data to be processed for such purposes, you cannot use the Website.

3.3 Marketing Purposes – You can decide whether we can use your personal data for our marketing related activities
Medicontur processes, with your prior consent, your Personal Data, for the following Marketing Purposes:
  • To send commercial and promotional communications and periodical updates (e.g. via e-mail, phone, SMS/MMS, postal service, social network and newsletter) related to Medicontur's products, services, initiatives and events.
  • To carry out statistical analyses on the customer audience.
  • The data processing activities for Marketing Purposes are discretionary subject to either your prior consent or your objection. You may freely decide not to provide Personal Data for the Marketing Purposes, as well as you may subsequently withdraw your consent to process the Personal Data already provided: in this case Medicontur will not send you marketing communications to update you on offers and promotions on Medicontur products, services and initiatives

3.4 Segmentation and Profiling Purposes – You can decide whether you want marketing communications better tailored on your needs

If you provided your consent to the processing of your Personal Data for Marketing Purposes, Medicontur may process your Personal Data for Segmentation Purposes to analyse your Personal Data related to spending volume, product category, date of birth and methods of purchase in connection with activities performed for Marketing Purposes. This activity is carried out by Medicontur on the basis of Medicontur’s legitimate interest to provide a service in line with your needs, adequately balanced with your rights given the limited amount of processed Personal Data. The processing of Personal Data for Segmentation Purposes falls among the Legitimate Interests Purposes for which we refer to following paragraph.
In case you consented to install cookies and other technologies with the banner prompted to you on our website, additionally to what is stated above, Medicontur processes your Personal Data for Profiling Purposes to analyse your interests and preferences, including browsing data with specific reference to pages consulted and products viewed on the Website, in order to offer personalised services and send targeted marketing communications on this basis. This activity is carried out by Medicontur on the basis of Medicontur’s legitimate interest to provide a service in line with your needs, adequately balanced with your rights given the consent provided through the cookie banner and in line with our Cookie Policy. This activity will help Medicontur to provide you with offers more in line with your profile. The legitimate interest can be found in the need of Medicontur to optimise the marketing communications and it is balanced by the need to provide You with information that we consider relevant for you.

3.5 Legitimate Interest Purposes – Medicontur’s and your rights are adequately balanced, unless you object to it
In addition to the processing for Segmentation and Profiling Purposes, Medicontur also processes your Personal Data for additional Legitimate Interest Purposes and, in particular:
  • To exercise or defend legal claims in court proceedings or in an administrative or out-of-court procedures relating to the rights of Medicontur, of its group companies and/or of their representatives, shareholders, officers and directors;
  • To enable the technical management of the Website and its operational functions, including solving any technical problems, to perform tests, updates and upgrades that cannot be performed through non-personal data;
  • To prevent or identify fraudulent activities or misuses of the Website or against the Medicontur group and/or the users of the Website;
  • To complete a potential merger, sale of assets, transfer of all or a material part of its business, or financing transaction by disclosing and transferring the Personal Data to the third party or parties involved in the transaction as part of the transaction;
  • To conduct, surveys and market researches relating to Medicontur’s products and services by post, telephone or e-mail;
  • To anonymise Personal Data in order to perform statistical analysis.
The processing of your Personal Data with regard to the above-mentioned Legitimate Interest Purposes and Segmentation Purposes is carried out pursuant to article 6, letter f) of the GDPR, for the pursuit of Medicontur’s legitimate interest, which is adequately balanced with your interest since the data processing is performed within the limits strictly necessary to perform such economic activities. Such data processing activity is not mandatory and you can object to such data processing at any time through the modalities as per this Data Protection Policy. In such case no data processing will be carried out by Medicontur for such purposes, except in case where Medicontur demonstrates the existence of legitimate prevailing arguments or the exercise of a Medicontur 's right pursuant to Section 21 of the GDPR.

4 What modalities do we use to process your personal data?

The processing of your Personal Data is carried out, electronically and manually, only within the limits necessary to pursue the purposes outlined above.
Medicontur undertakes to protect users’ Personal Data. Medicontur advises that the password is one of the protection mechanisms of the account. Therefore, users are invited to use a password sufficiently secure and stored in a safe place, limiting access to it on their own computers and browsers, disconnecting it after having visited the Website. All Personal Data provided for by users is kept on secure servers, adopting adequate security measures to protect Personal Data from non-authorised access, to maintain the accuracy of Personal Data and guarantee the proper use of information. Furthermore, a secure system for authorizing credit card payments and identifying fraudulent activities is used. Medicontur uses the standard SSL (Secure Sockets Layer) to protect the confidentiality of your Personal Data.

5 To whom are your personal data communicated?

Medicontur may communicate your Personal Data to:
  • third parties service providers entrusted with processing activities that provide services or assistance and advice to Medicontur, with special - but not exclusive - reference to technology, accounting, administrative, legal, insurance, IT, marketing, data analysis matters;
  • persons and authorities whose right to access personal data is recognized by law, regulations or provisions issued by legally empowered authorities; and
  • competent authorities.
The abovementioned recipients will process your Personal Data as data controllers, data processors or persons in charge of processing, depending on the circumstances.
A complete list of data processors is available, upon request to Medicontur, through the modalities as per this Data Protection Policy.

6 Where are your data transferred? 

Medicontur may transfer your Personal Data to the recipients listed above, also located outside of the European Union and, in particular, in the United States. For transfers from EU to countries not considered adequate by the European Commission, Company has put in place appropriate and suitable safeguards to protect the Personal Data. Accordingly, Personal Data are transferred in compliance with the requirements and the obligations provided by applicable data protection laws as per Articles 44 et seq. of the GDPR. For further information with regard to the appropriate or suitable safeguards and the means by which to obtain a copy of them, the user can contact Medicontur with the modalities as per this Data Protection Policy.

7 How long are your personal data retained by Medicontur?

Medicontur retains Personal Data for the time strictly necessary to achieve the purposes for which Personal Data were collected and further processed, including any retention period required under the applicable legislation.
Medicontur will process your Personal Data for Contractual and Legitimate Interest Purposes for the duration of the contract (in case of an account created on the Website, of a purchase, or in relation to services provided by Medicontur) and for 10 years from the completion of the sale or of the provided service.
Personal Data processed for Law Purposes will be stored for the period strictly necessary to comply with applicable laws.
Furthermore, for Marketing and Profiling Purposes, including Segmentation Purposes, Personal Data will be processed for 7 years from the last purchase and/or from the last contact with you (e.g. subscription to a prize competition, participation to an event, opening of a newsletter), notwithstanding the right to withdraw the consent provided or object to the processing at any time.

8 How can you exercise your personal data?

At any given time, you can exercise the following rights:
a) To obtain from Medicontur confirmation of the existence of Personal Data and to be informed of its content and source, verify its accuracy and request its integration, update or amendment;
b) To request the erasure, anonymisation or restriction of the processing of Personal Data processed in breach of the applicable laws;
c) To object in whole or in part, on legitimate grounds, to the processing of the Personal Data;
d) To withdraw the consent to the processing of the data (if and to the extent such a consent is necessary);
e) To request Medicontur to limit the processing of your Personal Data where:
  • You contest the accuracy of the Personal Data until Medicontur has taken sufficient steps to correct or verify its accuracy;
  • The processing is unlawful but you do not want us to erase your Personal Data;
  • Medicontur no longer needs your Personal Data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
  • You have objected to processing justified on legitimate interests, pending verification as to whether Medicontur has compelling legitimate grounds to continue processing;
f) To object to the processing of your Personal Data in case of processing based on legitimate interest, unless Medicontur demonstrates the existence of compelling legitimate grounds for the processing or for the establishment, exercise or defence of legal claims;
g) To request the erasure of your Personal Data without undue delay;
h) To receive an electronic copy of your Personal Data, if you would like to port your Personal Data to yourself or a different provider, when Medicontur is relying upon your consent or the fact that the processing is necessary for the provision of the services and the Personal Data is processed by automatic means; and
i) To file a complaint with the relevant data protection supervisory authority.
You can exercise your rights above, at any time, by contacting our Customer Service Team here. Medicontur will respond within a reasonable time frame (and, in any case, within the limits of applicable law), after verifying users’ identity.
Furthermore, Medicontur offers tools to users to update and amend the Personal Data. Indeed, every registered user may access his/her own information and update it (e.g. through user account). Besides, it is also possible for users to modify and update their preferences on how they wish to receive e-mails or other communications from Medicontur. Users may also request that their information on their account is deleted.

9 How can you contact Medicontur?

The Data Controller of the processing of your Personal Data is Medicontur Ltd., with registered office in Herceghalmi út 1, 2072 Zsámbék, Hungary) Should you have questions or comments on this Data Protection Policy or on any data processing carried out by Medicontur, Medicontur may be contacted through the link available in the previous paragraph.

10 How can you contact our data protection officer?

Medicontur has appointed a Data Protection Officer according to Article 37 of the GDPR, which can be contacted at the following email address info@coloron.eu or to the address of Medicontur provided for in section “How can you contact Medicontur?” of this Data Protection Policy.

11 How can you keep track of changes to this data protection policy?

For legal and/or organisational reasons, this Data Protection Policy may undergo changes. We suggest, therefore, to check this Data Protection Policy regularly and to refer to the latest version of it. In any case, changes will be notified in advance and an updated version of the Data Protection Policy will be always available on the Website.

12. COOKIE POLICY

12.1 What are cookies?
A cookie is a small text file, usually consisting of letters and numbers, which is transferred and stored, for a time determined by the operator, on the device used by the user (a computer or any mobile device) when the user accesses the website. For example, some cookies uniquely identify one device, distinguishing it from another.
Please note that other similar technologies used to collect information about the device you are using, such as pixel tags, web beacons or social network plug-ins, also fall into the general category of “cookies”.
12.2 Why we use cookies
Some cookies are absolutely necessary to allow the Site to function properly and provide the user with a good browsing experience, such as simply moving from one page of the Site to another, and providing the services envisaged therein (e.g. purchasing and paying for glasses). Other cookies are necessary to make browsing easier and faster, e.g. by remembering registration data or the contents of the shopping bag, or to make browsing as in line as possible with the user’s preferences and characteristics. In addition, certain cookies are useful for providing the operator of the Site with information that can be used for statistical purposes, for example to know the number of users connected, as well as for sending personalised promotional messages, or to ensure a direct link with social networks.
12.3 What information do cookies contain
The information collected in the form of cookies generally relates to information about the user’s device, such as IP address, login details, operating system and platform used, time zone setting, country of origin, information about visits to the Site including the URL, length of visit, search terms typed on the Site, products viewed or placed in the shopping bag, page response times, download errors and information about page interaction, such as the number of clicks or browsing patterns.
Generally, this information is not sufficient to identify the user personally, but it could be if it is read in combination with each other or with additional information collected by Medicontur or a third party.
We have coded and distinguished cookies according to how long they are stored on the user’s device, the party who installs and manages them and, above all, the purposes for which they are installed.
a) Terms
Session cookies are defined as cookies installed when the Site is opened and deleted when the browser is closed, or when the Site is closed or the session expires. The information is thus stored temporarily and allows, for example, navigation to be maintained.
Permanent cookies are cookies that are stored on the user’s device for a period predetermined by the operator, even after closing the browser. They allow, for example, the user’s name and password to be saved or preferences to be remembered, so that the user does not have to enter them again when opening the site.
b) Who installs cookies
First-party cookies are those installed and managed directly by Medicontur. On the other hand, third-party cookies are installed by an operator through a domain different from that of the Site on which the user is browsing and are not directly controlled by Medicontur. This is the case, for example, with the statistical analysis cookies installed by Google Analytics or when the Site incorporates elements from advertising platforms or other services. The installation of third-party cookies is however subject to prior authorisation by Medicontur.
c) Purposes of the cookies used by Medicontur on this Site
  • Strictly necessary (or technical) cookies: they ensure the proper functioning of the Site and the use of the services existing on it. They make it possible, for example, to recognise the language of the country from which the user is connecting and to save the choices made on the banner containing the short privacy policy (consent to the use of cookies), thus avoiding having to make the choice again each time the site is accessed, to make a purchase of a product. They also improve the user experience by storing log-in data or pre-selected products in the shopping bag. They are used exclusively to ensure the basic functionality of the Site and, therefore, prior consent of the user is not required for their installation. The user can set their browser to block these cookies, but as a result some or all parts of the site will not work.
  • Analytical cookies: some are installed and managed directly by Medicontur and are used to analyse how the Site is used, to count accesses, traffic sources, pages viewed, so as to allow the operator to make changes and improvements to the Site. They may collect data in anonymous form for statistical purposes only. Other analytical cookies may be instead installed by third parties in order to track the user’s activity on the Site drawing useful information for Medicontur. To help the user in making a more informed decision on whether or not to consent to the collection of such cookies, please read Google’s respective privacy policies (https://policies.google.com/privacy?hl=en-US )
  • Marketing and profiling cookies: they track the user’s navigation on the Site, allowing the creation of personalised content on the Site, showing the user products of their interest or similar to those already viewed, sending advertising messages in line with the preferences expressed: refusal or withdrawal of consent will not interfere with the possibility of accessing or browsing the Site. Other analytical cookies may be instead installed by third parties in order to track the user’s activity on the Site drawing useful information for Medicontur. To help the user in making a more informed decision on whether or not to consent to the collection of such cookies, please read Google’s respective privacy policies, regarding Google Adsense (https://policies.google.com/privacy?hl=en-US ).
  • Social Network Cookies: these allow the user to use the various social network functions, thanks to the use of plug-ins, integrated into our Site, which allow a direct connection with the social network server. The plug-in is managed by a third party. These cookies are not necessary for browsing. For information on the use of cookies by social networks and to give informed consent, we invite the user to consult the social networks’ respective privacy policies:
            Facebook: https://en-gb.facebook.com/about/privacy/
            Google: https://policies.google.com/privacy?hl=en-GB
            Instagram: https://help.instagram.com/1896641480634370?ref=ig
            YouTube: https://support.google.com/youtube/answer/7671399?p=privacy_guidelines&hl=en-GB
12.4 A short guide to managing cookies: how to install and delete them
Strictly necessary cookies, enabling the basic functions of the Site, are installed automatically when the Site is opened, without requiring consent. With regard to the other categories of cookies, for which it is necessary to give consent or not, the first time the user accesses the site they will see a cookie banner (Privacy Preferences) containing the short privacy policy and a link to the Cookies Policy. If the user has already communicated their preferences via the cookie banner, the cookie banner will no longer be displayed automatically if you access the site again in the next 6 months. The user may, however, at any time view and change his preferences via the Cookie Policy Settings in the footer.
However, if consent has already been given to the use of cookies, in order for the cookies collected prior to their revocation to be deleted, the user must delete them via the settings of their browser. Below are instructions on how to change the cookie settings on the browsers most commonly used by users:
Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en-GB
Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
Microsoft Edge: https://support.microsoft.com/en-gb/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd
Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
Internet Explorer: https://support.microsoft.com/en-gb/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
12.5 Who has access to the information collected via cookies
With reference to the cookies installed by Medicontur, only Medicontur personnel in charge, previously trained and instructed to carry out such tasks, may access the information collected through cookies. With reference to third party cookies, information is collected and used by Medicontur and by external parties linked to Medicontur by a contractual relationship. For further information on the processing of personal data and on our collaborations with third parties, please consult this Privacy Policy.