Privacy Policy

Privacy Policy


Last update: May 9, 2022

This Privacy Policy describes how your personal information is collected, used and shared when you visit www.glasse-sun.com (the "Site") or make a purchase.
Carl hauser ("carl hauser", "carl hauser glasses", "us", "us" or "our") is committed to protecting the privacy and confidentiality of personal information we may collect. Carl hauser has developed this Privacy Policy (“Privacy Policy”) to advise you about our information practices, such as the types of information we collect and how we use that information, and to inform you about your privacy rights and how the law protects you . We urge you to read this Privacy Policy carefully to understand our policies and practices regarding your personal information and how we will use or handle it. By visiting any part of our website (as set out below) or providing personal information to Carl hauser in any way,

We have appointed a Data Privacy Manager to oversee issues related to this Privacy Statement. If you have any questions about this Privacy Statement, including any requests to exercise your legal rights, please contact the Data Privacy Manager using the details set out below.

Contact information

Full name of legal entity: SUN MANAGEMENT LIMITED

Data Privacy Manager's Name or Title: E-Commerce Manager

Email address: support@carl-hauser.com


We have categorized and categorized our Privacy Policy under the various sections below. Please read them carefully to understand your rights and our terms as a company:
A. Application of this Privacy Policy
This Privacy Policy applies to www.carl-hauser.com and to all other pages, features or online services owned or controlled by carl-hauser.com. and posting a link to this Privacy Policy (collectively, the "Sites"), regardless of whether is accessing a computer, mobile device, or any other device in the following ways. Please note, however, that this Privacy Policy does not apply to the use of unaffiliated websites linked to our website. Once you enter another website (whether through an advertisement, service or content link), please be aware that we are not responsible for the privacy practices of such other website.
B. Purpose of this Privacy Policy
The purpose of this privacy policy is to provide you with information about how carl-hauser Eyewear collects and uses your personal information through your use of this website, including what you may provide through this website when you register for an account, register to receive information or communications from any information from us, to purchase products or services, or to request further services or information from us.
C. Children under the age of sixteen
This website is not designed for or directed at children under the age of 16. We do not knowingly collect information about anyone under the age of 16 on this website. If we become aware that this website has inadvertently collected personal information from anyone under the age of 16, we will attempt to delete that information as soon as possible. If you think we may have any personal information about a child under the age of 16, please contact us at support@carl-hauser.com.
D. Changes to the Privacy Policy and Your Obligation to Notify Us of Changes
This version was last updated on May 9, 2022, historical versions are available by contacting us.
We reserve the right to add, change, update or modify this Privacy Policy at any time without notice by posting such changes, updates or modifications on the website. Any such changes, updates or modifications will be effective immediately upon posting on the website. If we make material changes to this Privacy Policy, we will update it by email or at https://www.carl-hauser.com/pages/privacy-policy
However, unless you give your consent, carl-hauser will not use your personal information in a manner that is materially different from that described in our privacy policy published at the time of collection of your personal information. Please review this Privacy Policy periodically to ensure you are aware of any changes to our practices.
It is important that the personal information we hold about you is accurate and up-to-date. Please keep us informed if your personal information changes during your relationship with us. You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information, age, gender, location and financial details. If you contact us to make changes, we will use our best endeavours to make the requested changes in our activity database as soon as reasonably practicable. Please note, however, that information may be retained internally for our administrative purposes and residual data may remain on backup media or for other reasons.
E. Third-Party Content, Links to Other Sites, and Carl-hauser INC. Content Found Offsite
This website may contain links to third-party websites, plugins and applications, and some of the content on this website may be hosted and provided by third parties over which carl-hauser has no control. When you click on a link to any other website or location, you are leaving our website and going to another website where another entity may collect personal information from you. We have no control over, do not review and are not responsible for these external sites or their content. Please note that the terms of this Privacy Policy do not apply to these external websites, their privacy statements or content, or your personal information collected after you click on a link to these external websites. We encourage you to read the privacy policy of each website you visit.

Furthermore, carl-hauser eyewear content may be included on web pages and websites not related to carl-hauser eyewear and beyond our control. These third parties may collect data independently or solicit personal information by using their own means, pixel tags or other technologies, and may have the ability to track your use of their websites and services. carl-hauser Inc. is not responsible for the privacy practices or content of any third party.

Data we collect about you
Personal data or personal information means any information about an individual that can identify that person. It does not include de-identified data (anonymous data).
We may collect, use, store and transfer different types of personal data about you, which we combine as follows:
Identity data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender. Contact data includes billing address, shipping address, email address and phone number. Financial data includes bank account and payment card details. Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us. Technical Data includes Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technologies on the device you use to access our website . Profile data includes your username and password, your purchases or orders, your interests, preferences, feedback and survey responses. Usage Data includes information about how you use our website, products and services. Marketing and Communication Data includes your preferences for receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data, such as statistical or demographic data, for any purpose. Aggregated data may be derived from your personal data, but is not considered personal data legally as it does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users who access certain website features. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we will treat the combined data as Personal Data and will use it in accordance with this Privacy Statement.
We do not collect any special categories of personal data about you (this includes about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, about your health, and genetic and biological characteristics data). We also do not collect any information about criminal convictions and offences.
If you fail to provide personal data
If we are required by law to collect personal data, or under the terms of a contract we have with you, and you fail to provide that data as requested, we may not be able to perform a contract we have or are attempting to enter into with you (for example, to provide you with goods or Serve). In this case, we may have to cancel the product or service you have with us, but we will notify you if this is the case at the time.
How your personal data is collected
We use different methods to collect data about you from you, including through:
interact directly. You may provide us with your identity, contact details and financial data by completing a form or by contacting us by post, telephone, email or otherwise. This includes personal data you provide when: using our products or services; creating an account on our website; subscribing to our services or publications; requesting marketing communications to be sent to you; participating in contests, promotions or surveys; giving We have some feedback. Automation technology or interaction. When you interact with our website, we may automatically collect technical data about your equipment, browsing behavior and patterns. We collect this personal data through the use of cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites that use our cookies. The first time you visit this website, a pop-up box will be displayed with details of our Cookie Notice, allowing you to opt-in to third-party cookies on this website. If you choose not to take any action, you agree to our use of cookies. Please note that some website features may not be available if you do not opt ​​in. You can turn off all cookies that are not strictly necessary, however, you can restrict your access to certain functions on this website that rely on cookies. You can also simply set your browser to accept cookies but clear them at the end of each session. The cookies we use are in our Cookie Policy. third party or public source. We may receive personal data about you from various third parties and public sources. Technical data from: analytics providers; advertising networks; and search information providers. Contact, financial and transactional data from technology, payment and delivery service providers. Identity and contact data from data brokers or aggregators. Identity and contact data from public sources such as company buildings and electoral registers. How we use your personal data
We will only use your personal data as permitted by law. Most commonly, we will use your personal data in the following situations:
Where we need to perform a contract we are about to enter into or have entered into with you. Where our legitimate interests (or those of a third party) are necessary and your interests and fundamental rights do not override those interests. Where we need to comply with legal or regulatory obligations.
Generally, we do not use consent as a legal basis for processing your personal data other than to send you third-party direct marketing communications via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Purposes for which we will use your personal data
We describe in a table below all the ways in which we plan to use your personal data and the legal bases we rely on to do so. We have also identified our legitimate interests where appropriate.
Please note that depending on the specific purpose for which we use your data, we may process your personal data for a number of lawful reasons. If you require details about the specific legal basis on which we process your personal data, please contact us , a number of which are listed in the table below.

Purpose/Activity
type of data
Lawful basis for processing, including legitimate interests
Register you as a new client/client
(a) Identity
(b) Contact details
perform a contract with you
To process your order or request and provide you with products/services, including:
(a) Administering payments, fees and charges
(b) collect and recover money owed to us
(a) Identity
(b) Contact details
(c) Finance
(d) Transactions
(e) Marketing and Communications
(a) to perform a contract with you
(b) Necessary for our legitimate interests (to collect debts owed to us)
To manage our relationship with you, including:
(a) notify you of changes to our terms or privacy policy
(b) ask you to leave a comment, take a survey or provide other feedback
(a) Identity
(b) Contact details
(c) Introduction
(d) Marketing and Communications
(a) to perform a contract with you
(b) must comply with legal obligations
(c) Necessary for our legitimate interests (updating our records and researching how customers/customers use our products/services)
To enable you to enter contests, complete surveys or provide other feedback
(a) Identity
(b) Contact details
(c) Introduction
(d) use
(e) Marketing and Communications
(a) to perform a contract with you
(b) Necessary for our legitimate interests (to study how customers/customers use our products/services, to develop them and to grow our business)
To administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and data hosting)
(a) Identity
(b) Contact details
(c) Technology
(a) Necessary for our legitimate interests (to operate our business, provide administrative and IT services, cyber security, fraud prevention and in the context of business restructuring or group restructuring activities)
(b) must comply with legal obligations
To provide you with relevant website content and advertisements and to measure or understand the effectiveness of the advertisements we provide to you
(a) Identity
(b) Contact details
(c) Introduction
(d) use
(e) Marketing and Communications
(f) Technology
Necessary for our legitimate interests (to study how customers/customers use our products/services, to develop them, to grow our business and to inform our marketing strategies)
Use data analytics to improve our website, products/services, marketing, customer/client relationships and experience
(a) Technology
(b) use
Necessary for our legitimate interests (define clients/customer types for our products/services, keep our website updated and relevant, grow our business and inform our marketing strategy)
To advise and advise you on products/services that may be of interest to you
(a) Identity
(b) Contact details
(c) Technology
(d) use
(e) Introduction
Necessary for our legitimate interests (to develop our products/services and to grow our business)
 
Marketing
We strive to provide you with choices regarding the use of certain personal data, particularly with regard to marketing and advertising.
Our promotional offers
We may use your identity, contact, technical, usage and profile data to form a view of content we think you may want or need, or content that may be of interest to you. This is how we decide which products, services and offers may be relevant to you (what we call marketing).
If you request information from us or purchase goods or services from us, or you have provided us with your details when entering a contest or registering for a promotion, and in each case you have not opted out, you will receive our Marketing communications accept this marketing.
third party marketing
We will obtain your express opt-in consent before we share your personal data with any company outside our group of companies for marketing purposes.
opt out
You can contact us at any time to ask us or a third party to stop sending you marketing communications.
If you choose not to receive marketing communications, this does not apply to personal data provided to us in connection with product/service purchases, warranty registrations, product/service experiences or other transactions.
change purpose
We will only use your personal data for the purpose for which we collected it, unless we reasonably believe that we need to use it for another reason and that reason is compatible with the original purpose. If you would like to know how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis that allows us to do so.
Please note that where required or permitted by law, we may process your personal data in accordance with the above rules without your knowledge or consent.

Disclosure of your personal data
Third parties to whom we may choose to sell, transfer or merge parts of our business or assets. Alternatively, we may seek to acquire other businesses or merge with them. If our business changes, the new owner may use your personal data in the same way as set out in this Privacy Notice.
We require all third parties to respect the security of your personal data and process it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes, only allow them to process your personal data for specific purposes and in accordance with our instructions.
International transfer
Some of our external third parties may be located outside the European Economic Area (EEA) and the processing of your personal data may therefore involve data transfers outside the EEA.
Whenever we transfer your personal data out of the EEA, we will ensure a similar level of protection for it by ensuring that at least one of the following safeguards is in place:
We will only transfer your personal data to countries which the European Commission considers to provide an adequate level of protection for personal data. For more details, see European Commission: Adequacy of Personal Data Protection in Non-EU Countries. Where we use certain service providers, we may use specific contracts approved by the European Commission that provide the same protection of personal data as in Europe. For more details, see European Commission: Model contract for the transfer of personal data to third countries. If we use providers located in the United States, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protections for personal data shared between Europe and the United States. For more information, see European Commission: EU-US Privacy Shield.
If you would like to know more about the specific mechanisms we use to transfer your personal data out of the EEA, please contact us.
Data Security
We have put in place appropriate security measures to prevent accidental loss, unauthorised use or access, alteration or disclosure of your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties with a business need to know. They will only process your personal data in accordance with our instructions and are subject to a duty of confidentiality.
If you provide us with your credit card information, it will be encrypted using Secure Sockets Layer technology (SSL) and stored with AES-256 encryption. While no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement other generally accepted industry standards. 
We have procedures in place to deal with any suspected breach of personal data and will notify you and any applicable supervisory authority where we are required by law to do so.
data retention
We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including to satisfy any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we take into account the amount, nature and sensitivity of the personal data, the risk of harm that may result from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can To accomplish these purposes by other means and as required by applicable law.
By law, we are required to retain a customer's basic information (including contact, identity, financial and transactional data) for at least six years after the customer ceases to be a customer for tax purposes.
Details of other retention periods for different aspects of your personal data are contained in our retention policy, which you can request by contacting us.
In some cases, you can ask us to delete your data, and in some cases we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, In such cases, we may use the information indefinitely without further notice to you.
your legal rights
In certain circumstances, you have rights under data protection laws in relation to your personal data. Please visit the glossary below to learn more about these rights:
Request access to your personal data. Request correction of your personal data. Request deletion of your personal data. Object to the processing of your personal data. Request restriction of processing of your personal data. Request the transfer of your personal data. Right to withdraw consent.
If you would like to exercise any of the above rights, please contact us.
Usually no fee
You can access your personal data (or exercise any other rights) without paying a fee. However, if your request is manifestly unfounded, repetitive or excessive, we may charge a reasonable fee. Or, in these circumstances, we may refuse to comply with your request.
what we may need from you
We may need to request certain information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to anyone who is not authorized to receive it. We may also contact you to request additional information about your request in order to expedite our response.
response time limit
We try to respond to all legitimate requests within one month. If your request is particularly complex or you have made many requests, it may sometimes take us more than a month. In this case, we will notify you and keep you informed.
10. Shopping
Our store is hosted on Shopify Inc. They provide us with an online e-commerce platform that enables us to sell our products and services to you.
Your data is stored through Shopify's data storage, databases, and general Shopify applications. They store your data on secure servers behind firewalls.
pay
If you choose a direct payment gateway to complete your purchase, Shopify stores your credit card data. It is encrypted via the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is only stored for as long as it takes to complete the purchase transaction. Once completed, your purchase transaction information will be deleted.
All direct payment gateways adhere to the standards set by PCI-DSS, administered by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express, and Discover.
PCI-DSS requirements help ensure that credit card information is handled securely by our stores and their service providers.

11. Glossary
legal basis
Legitimate interest means our business's interest in conducting and managing our business so that we can provide you with the best service/product and the best and safest experience. Before we process your personal data for our legitimate interests, we ensure that we consider and balance any potential impact on you (both positive and negative) and your rights. We will not use your personal data for activities for which our interests are overridden by affecting you (unless we have your consent or otherwise required or permitted by law). You can contact us for more information on how we assess our legitimate interests in response to any potential impact of a particular activity on you.
Performance of a contract means the processing of your data as necessary to perform a contract to which you are a party or to take steps at your request prior to entering into such a contract.
Complying with a legal or regulatory obligation means processing your personal data when it is necessary to comply with a legal or regulatory obligation to which we are subject.
third party
internal third party
Other companies in our group of companies may act as joint controllers or processors and may be located within our European Union.
external third party
Service providers that may act as processors within or outside the EU and provide IT, systems administration and other services. Professional advisers who may act as processors, including lawyers, bankers, auditors and insurance companies, legal, insurance and accounting services providing advice, banking, within or outside the EU. HMRC, regulators and other agencies that may act as processors inside or outside the EU, are required to report processing activities in certain circumstances.
your legal rights

You have the right to:
Request access to your personal data (often referred to as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check whether we are processing it lawfully.
Request correction of the personal data we hold about you. This enables you to correct any incomplete or inaccurate data we hold about you, although we may need to verify the accuracy of new data you provide to us.
Request deletion of your personal data. This allows you to ask us to delete or delete personal data that we have no good reason to continue processing. You also have the right to ask us to delete or delete your personal data for which you have successfully exercised your right to object to processing (see below), where we may process your information unlawfully or where we need to delete your personal data to comply with local law. Please note, however, that due to specific legal reasons, we may not always be able to honor your removal request, and if applicable, we will notify you when you request it.
Object to the processing of your personal data where we rely on a legitimate interest (or the interests of a third party) and your particular circumstances make you want to object to the processing on this basis, as you believe it affects your fundamental rights and freedoms . You also have the right to object to our processing of your personal data for direct marketing purposes. In certain circumstances, we may demonstrate that we have compelling legitimate grounds for processing your information, which override your rights and freedoms.
Request restriction of processing of your personal data. This allows you to ask us to suspend the processing of your personal data: (a) if you want us to determine the accuracy of the data; (b) our use of the data is unlawful but you do not want us to delete it ; (c) you need us to keep the data even if we no longer need it because you need it to establish, exercise or defend a legal claim; or (d) you object to our use of your data but we need to verify that we have overridden All legitimate reasons to use this data.
Request the transfer of your personal data to you or a third party. We will provide you or a third party of your choice with your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information for which you originally consented to our use or we use that information to contract with you.
Withdraw consent anytime we rely on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out prior to your withdrawal of consent. If you withdraw your consent, we may not be able to provide you with certain products or services. We will let you know if this is the case when you withdraw your consent.