Daysoft Privacy & Cookie Policy
Daysoft Limited and Daysoft Logistics Limited respect and are committed to protecting your privacy.
Our relationship with you is valuable and we understand the importance you place on the privacy and security of information that personally identifies you. Whether you are a first-time visitor to our website or a regular user, we take your privacy seriously. This privacy policy is provided to inform you how Daysoft collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.
Any reference to “We”, “Us”, “Our”, “Site” and “Daysoft” within this policy refers to and applies to both Daysoft Logistics Limited and Daysoft Limited. Daysoft Logistics Limited operates the website for sale and supply in all countries, excluding the Channel Islands, where the site is operated by Daysoft Limited.
1. Information we collect and how we use your information
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.
Device information
- Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
- Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimise our Site.
- Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
- Disclosure for a business purpose: shared with our processors Shopify, Gorgias, Klaviyo, PayPal, and ReCharge.
Order information
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit / debit card numbers, PayPal details, email address, and phone number, contact lens prescription and confirmation that you are a successful soft contact lens wearer.
- Purpose of collection: to provide products or services to you to fulfil our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor Shopify, Gorgias, Klaviyo, Yotpo, PayPal, ReCharge, Royal Mail, DPD, DHL, FedEx, MHI, and any Government authorities required for the collection of applicable import charges.
Customer support information
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit / debit card numbers, PayPal details, email address, and phone number, contact lens prescription and confirmation that you are a successful soft contact lens wearer.
- Purpose of collection: to provide customer support.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor Shopify, Gorgias, Klaviyo, Yotpo, PayPal, ReCharge, Gorgias, Royal Mail, DPD, DHL, FedEx, MHI and any Government authorities required for the collection of applicable import charges.
Once you choose to provide us with your personal information you can be assured it will only be used to support and improve your customer relationship with Daysoft. We may also receive information about you from our business or marketing partners. Occasionally we may also use your information to contact you for market research regarding Daysoft products or services.
Cookies
A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
We use the following cookies to optimise your experience on our Site and to provide our services.
Cookies necessary for the functioning of the store
| Name | Function |
| _ab | Used in connection with access to admin. |
| _pandectes_gdpr | Used for the functionality of the cookies consent banner. |
| _pay_session | The cookie is necessary for the secure checkout and payment function on the website. This function is provided by shopify.com. |
| _secure_session_id | Used in connection with navigation through a storefront. |
|
_shopify_country |
Cookie is placed by Shopify to store location data. |
| _shopify_m | Used for managing customer privacy settings. |
| _shopify_tm | Used for managing customer privacy settings. |
| _shopify_tw | Used for managing customer privacy settings. |
| _storefront_u | Used to facilitate updating customer account information. |
| Cart | Used in connection with shopping cart. |
| cart | Necessary for the shopping cart functionality on the website. |
| cart_currency | The cookie is necessary for the secure checkout and payment function on the website. This function is provided by shopify.com. |
| cart_sig | Shopify analytics. |
| cart_ts | Used in connection with checkout. |
| cart_ver | Used in connection with shopping cart. |
| checkout | Used in connection with checkout. |
| checkout_token | Used in connection with checkout. |
| cookietest | Used to check for cookie support. |
| keep_alive | Used in connection with buyer localisation. |
| master_device_id | Used in connection with merchant login. |
| previous_checkout_token | Used in connection with checkout. |
| previous_step | Used in connection with checkout. |
| remember_me | Used in connection with checkout. |
| Secret | Used in connection with checkout. |
| Secure_customer_sig | Used in connection with customer login. |
| shopify_pay_redirect | The cookie is necessary for the secure checkout and payment function on the website. This function is provided by shopify.com. |
| storefront_digest | Used in connection with customer login. |
| tracked_start_checkout | Used in connection with checkout. |
Analytics and targeting cookies
| Name | Function |
| __kla_id | Klaviyo analytics relating to marketing & referrals. |
| _fbc | Facebook analytics. |
| _fbp | Facebook analytics. |
| _gcl_au | Google Tag Manager relating to marketing & referrals. |
| _landing_page | Track landing pages. |
| _orig_referrer | Track landing pages. |
| _s | Shopify analytics. |
| _shopify_d | Shopify analytics. |
| _shopify_fs | Shopify analytics. |
| _shopify_s | Shopify analytics. |
| _shopify_sa_p | Shopify analytics relating to marketing & referrals. |
| _shopify_sa_t | Shopify analytics relating to marketing & referrals. |
| _shopify_y | Shopify analytics. |
| _tracking_consent | Tracking preferences. |
| _y | Shopify analytics. |
Performance cookies
| Name | Function |
| _ga | Google Analytics cookie used to distinguish users. |
| _gat | Google Analytics cookie used to throttle request rate. |
| _gid | Google Analytics cookie used to distinguish users. |
| _hjAbsoluteSessionInProgress | This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie. |
| _hjid | Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. |
| _hjIncludedInPageviewSample | This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's pageview limit. |
| _hjIncludedInSessionSample | This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's daily session limit. |
| _hjSession | A cookie that holds the current session data. This ensues that subsequent requests within the session window will be attributed to the same Hotjar session. |
| _hjSessionUser | Hotjar cookie that is set when a user first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
| _hjTLDTest | When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). |
Functionality cookies
| Name | Function |
| secure_customer_sig | Used in connection with customer login. |
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.
Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.
Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section below.
Do Not Track
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
2. Legal bases for storing and processing data
We ask you to provide your email address, name, addresses, telephone number, and contact lens prescription information. This information is processed principally to allow us and our logistics partners to fulfil your orders. The legal basis for this processing is therefore contractual.
We also process your email address and your password to allow you to sign in to your account. The legal basis for processing this data is our legitimate interest in maintaining the security of your account.
We may also process your email address to send information about: the progress of an order, product safety information or to inform you of changes to our Privacy Policy. It is our legitimate interest that you receive this information.
If you opt-in and consent to receiving marketing information (surveys, newsletters and competitions) we will occasionally process your email address for the purpose of sending these marketing materials. Our legal ground for processing your email address is your consent. You may withdraw your consent at any time by changing preferences in your account or through the unsubscribe link at the foot of our marketing emails.
We also process your personal information to identify your account when you are in contact with our Customer Care team. The legal ground for this processing is our legitimate interest in providing a high standard of customer care.
Address details (Post codes) may be processed to gauge response to advertising campaigns. We may also process your information to create an anonymised profile of our customers. It is our legitimate interest to use this anonymised information, to ensure that advertising campaigns are effective. The legal ground for this processing is our legitimate interest in providing a high standard of customer care.
Contact lenses are medical devices and we are therefore subject to additional obligations. We may retain and process your information to ensure compliance with EU (and UK) laws and regulations, including the Medical Devices Regulations 2002, the Medical Devices Directive 93/42/EEC and as amended.
Using personal information
We use your personal Information to provide our services to you, which includes offering products for sale, processing payments, shipping and fulfilment of your order, and keeping you up to date on new products, services, and offers.
Lawful basis
Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:
- Your consent.
- The performance of the contract between you and the Site.
- Compliance with our legal obligations.
- To protect your vital interests.
- For our legitimate interests, which do not override your fundamental rights and freedoms.
When you visit or place an order through the Site, we will retain your Personal Information for our records unless you ask us to erase this information. The information will be retained as defined in our ‘Retention Period’ section below. For more information on your right of erasure, please see the ‘Your rights’ section below.
Automatic decision-making
If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.
We do engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
- Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
- Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.
3. What information do we share?
Daysoft will not sell, rent or lease your personal information to others.
We reserve the right to disclose customer’s personal data with any holding company, subsidiary, affiliated business or strategic partners but we only share customer information which relates to our dealings with those businesses and to continue to provide a quality service to our customers.
Sharing personal information
We share your Personal Information with service providers to help us provide our services and fulfil our contracts with you, as described above. For example:
- We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
- We use PayPal to enable us to take PayPal payments. You can read more about how PayPal uses your Personal Information here: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
- We use ReCharge to power our online subscription service. You can read more about how ReCharge uses your Personal Information here: https://rechargepayments.com/privacy-policy/
- We use Gorgias to power our online customer communication. You can read more about how Gorgias uses your Personal Information here: https://www.gorgias.com/privacy
- We use Klaviyo as our email sending service. You can read more about how Klaviyo uses your Personal Information here: https://www.klaviyo.com/legal/privacy-policy
- We use Yotpo to power our reviews and referrals service. You can read more about how Yotpo uses your Personal Information here: https://www.yotpo.com/privacy-policy/
Suppliers and service providers are required to keep the information received on behalf of Daysoft confidential and may not use it for any other purpose other than to carry out the service they have agreed with Daysoft. These service providers may change from time to time or we may work with additional service providers to better accommodate our customers.
We will not share personal information with any other third party without your permission unless to:
- Respond to duly authorised information requests of governmental authorities,
- Comply with any law, regulation or court order,
- Help prevent fraud or to enforce or protect the rights and properties of Daysoft,
- Protect the personal safety of Daysoft employees and third parties on Daysoft property,
- Transfer personal data on the acquisition or transfer of a business/part of a business.
Behavioural advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
- We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
- FACEBOOK - https://www.facebook.com/settings/?tab=ads
- GOOGLE - https://www.google.com/settings/ads/anonymous
- BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
4. Keeping your information secure
Daysoft is committed to protecting the data it collects (from customers / employees / all sources). Daysoft has and maintains policies, procedures, physical and software-based security measures to prevent unauthorised access or disclosure, to maintain data accuracy, and to ensure the appropriate use of data we collect.
Our website www.daysoft.com ensures all data in transit is encrypted using SSL (Secure Socket Layer) SSL encryption ensures that information sent between Daysoft and its customers cannot be seen by anyone else. Customers can ensure that SSL is in place when visiting www.daysoft.com by checking there is an unbroken padlock symbol displayed on the browser.
Daysoft does not store or process or have access to customer credit card payment data, we partner with Shopify and PayPal to carry out these functions on our behalf.
5. Where data is stored
Your data is collected and stored in the E.U., however on occasion it is necessary to transfer data outside the EU. For example, where we use third party service providers. When doing so, data is transferred to these technology partners which make use of Standard Contractual Clauses to comply with the GDPR.
The data may also be processed or analysed by Daysoft or its partners. By submitting your personal data, you agree to this transfer, storing and processing of data. We will take all steps necessary to ensure your data is secure and kept in accordance with this Privacy Policy.
We have taken reasonable steps to protect your personal data, although we cannot guarantee the security of your data once transmitted to our website. We will strive to prevent unauthorised access to your data using strict procedures and security features.
6. Retention period
Personal information will be held by us for as long as is reasonably necessary to provide products and services, including aftercare services, and to maintain records as required to satisfy tax and other legal or regulatory requirements, as well as to protect and defend against claims.
Daysoft will regularly review the length of time that we hold personal data with consideration to the original purpose for collecting that data. We will securely delete or dispose of information that is no longer needed or will either update or safely archive information that is out of date.
7. Your rights over your personal information
7.1 GDPR
You have certain rights regarding your personal information, subject to local law. These include rights to:
- Access your personal information.
- Update or correct the information we hold about you.
- Erase your personal information.
- Restrict our use of your personal information.
- Object to our use of your personal information.
- Receive your personal information in a usable electronic format and transmit it to a third party (data portability).
- Lodge a complaint with your data protection authority.
Please contact us to update or correct your information if it changes or if the personal information, we hold about you is inaccurate. Please note that we may require additional information from you in order to meet such requests. If you would like to discuss or exercise such rights, please get in touch using the details outlined below in the Contact Us section. We reserve the right, subject to applicable law, to decline any request which is disproportionate or may jeopardize the privacy of others. We may retain an archived copy of your records as required by law, in particular relating to Medical Devices regulations, or for so long as is necessary in support of the purposes for which the data was collected or processed.
Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.
We are committed to finding a fair resolution to any complaint or issue regarding your privacy. If, you feel that we have not properly assisted with your complaint or issue, you may complain to the Information Commissioner's Office at www.ico.org.uk.
7.2 CCPA
If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.
If you would like to designate an authorised agent to submit these requests on your behalf, please contact us at the address below.
8. Children's data
Children merit specific protection with regard to their personal data as they may be less aware of the risks, consequences and safeguards concerned and their rights in relation to the processing of personal data. A parent or guardian or individual with parental responsibility, may order contact lenses on the Daysoft website on behalf of a child under 16.
We do not knowingly collect personal information from children under 16. If a parent or guardian finds that a child has provided us with personal information without their consent, he or she should contact us. If we discover that a child under 16 has provided us with personal information, we will delete this information.
9. Changes to our Privacy Policy
Any information that we collect is subject to the privacy policy in effect at the time that information is collected. However, we may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them clearly on our website or by sending you an email or other notification, and we’ll indicate when such changes will become effective.
10. Contact us
If you have any questions about this Privacy Policy, please let us know by contacting the appropriate office below:
Channel Islands customers
Daysoft Limited
5 Livingstone Boulevard
Blantyre
Glasgow
G72 0BP
Scotland
All other customers
Daysoft Logistics Limited
2nd Floor, Gaspé House
66-72 Esplanade
St Helier
Jersey
JE1 1GH
The Channel Islands, British Isles
If you have contacted us about a privacy or data use concern and feel that we have not addressed it satisfactorily, you may contact the Information Commissioner's Office.
Daysoft Logistics Limited is registered under and abides by the Data Protection (Jersey) Law 2005 (Registration number 17035).
Last updated: 01/02/2022
