WASHINGTON CONSUMER HEALTH DATA NOTICE

Last Updated: May 19, 2024

Optimax Investment Ltd. (together with its subsidiaries, affiliates, or related companies, the “Company”, “Optimax”, “our”, “we” or “us”) operating under the brand name GlassesUSA, provides its customers with e- commerce websites, such as: www.glassesusa.com and m.glassesusa.com , landing pages, and other digital assets and services for the purchase and reservation of eyeglasses, contact lenses including such mobile application and other related products and services (collectively, “Services”).

This Consumer Health Data Notice (“Notice”) supplements our general Privacy Policy (“Privacy Policy”), and is designated to provide residents of Washington interacting with our Services (in this Notice “you” or “your”) with information regarding our collection, use, processing, securing and sharing of your Consumer Health Data as defined under the Washington State My Health My Data Act (“MHMDA”). Terms not defined herein shall have the meaning ascribed to such terms under the MHMDA or the Privacy Policy.

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE ACCESSING AND USING OUR PROPERTIES OR SERVICES. BY ACCESSING OR USING OUR PROPERTIES OR SERVICES YOU ARE ACCEPTING THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY. IF YOU DISAGREE TO ANY TERM PROVIDED HEREIN, YOU MAY NOT ACCESS OR USE THE SERVICES.

CONSUMER HEALTH DATA WE COLLECT
As described under the Privacy Policy, the Personal data we collect depends on various factors including the context of your interactions with us, the Services you use, permissions you provide, and applicable law. As Consumer Health Data is defined very broadly under the MHMDA, a few categories and types of data we collect may be considered as such:

  • Health-related Information: Information related to your vision and eye health gathered through direct communications, placing an order, or any other relevant interaction with our Services.
  • Prescription Information: Specifics of your eye prescription such as sphere, cylinder, axis, and PD measurements, collected when you place an order for a prescription eyewear.
  • Biometric Data: Including facial measurements and eye characteristics captured through our virtual try-on tool (“VTO Tool”), necessary for fitting and recommending eyewear.
  • Inferred Health-related Data: When you use our Services, we may make inferences to create a consumer profile to make product recommendations and provide services.

To view the complete list of Personal Data we process please see Section 1 of our Privacy Policy. Please note that for the Personal Data we collect to be considered consumer health data it must alone or with other data, identify you and allow an inference about your health. Therefore, consumer health data does not include information that has been anonymized or aggregated; provided that, such information can no longer be used to identify a specific natural person.

Furthermore, it is important to understand that some types of Consumer Health Data may be classified as Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act ("HIPAA"), and as such, are not covered by the MHMDA. For detailed information about our practices regarding PHI and our compliance with HIPAA, please refer to our designated HIPAA Privacy Policy available here. Additionally, if you purchase any services from us or engage with us via your healthcare provider or insurer, we recommend reviewing the independent privacy notices of these third parties to understand how they manage your data.

WHY WE COLLECT AND USE CONSUMER HEALTH DATA
As further described under the Privacy Policy, we collect your Consumer Health Data directly from You, through your interactions with the Services, through information and prescription uploaded by you when you place an order, when you input data into forms, use the VTP Tool, or communicate with our customer services.

WHY WE COLLECT AND USE CONSUMER HEALTH DATA

We collect and utilize consumer health data primarily to ensure that we can fulfill the requests you make and provide you with the products and Services you purchased. This includes:

  • Delivering and Operating Products: Using your health data to customize and dispatch the eyewear you order, ensuring that the features, such as prescription accuracy and frame fit, meet your needs, etc.
  • Services Personalization: Tailoring product features to enhance your experience, such as recommending eyewear styles through the VTO Tool based on the biometric data you provide, per your request.
  • Ensuring Security and Reliability: Managing the secure and reliable operation of our Services, which involves using data to safeguard against fraud, troubleshoot problems, and facilitate effective system support.
  • Services Improvement: nalyzing how the Services are used and performed, which helps us to troubleshoot, enhance existing features, and develop new functionalities.

Beyond these primary purposes, we may also use Consumer Health Data for additional objectives, where your choice and consent are appropriately sought and obtained as required by the MHMDA. Please note that currently, we do not process nor use any of your identified Consumer Health Data for targeted advertising and marketing purposes.

OUR SHARING OF CONSUMER HEALTH DATA
This section details how we share your consumer health data, further governed by section 5 of the Privacy Policy. We share Consumer Health Data with various parties, as required per applicable law and for the operation and fulfillment of your interaction with us, including:
  • Service Providers:We engage various service providers who perform critical functions on our behalf. These include payment processing, order fulfillment, and logistics. Each provider is contractually bound to protect your data and use it solely to deliver the services you have requested, ensuring they adhere to our strict privacy and security standards.
  • Insurers and Health Care Providers: in certain cases, we may share your Consumer Health Data with insurers and health care providers, for example, for reimbursement purposes under your health plan and per your request. However, note that such Consumer Health Data will be governed under HIPAA, therefore excluded from the scope of this Notice per applicable law as elaborated above.
  • Business Partners: We collaborate with select business partners and our group of companies to jointly market or develop products that we believe will enhance your experience. When we share Consumer Health Data with these partners, it is done under the protection of strict confidentiality agreements that require the data to be used only for the agreed-upon purposes per your request, as permitted under the MHMDA.
  • Legal Compliance and Rights Protection:There are circumstances where we might disclose your Consumer Health Data to comply with legal obligations, such as responding to a lawful subpoena or regulation. Additionally, we may share data when it is necessary to protect our rights, pursue available remedies, enforce our terms and conditions, or defend against legal claims, subject to our obligations under the MHMDA.

Any sharing of data is conducted transparently and with the intent of providing you with better services while protecting your privacy rights.

YOUR PRIVACY RIGHTS
The general rights granted to you with respect to your Personal Data are further detailed under section 6 of our Privacy Polic. Under the MHMDA, you possess certain rights concerning your Consumer Health Hata:

  • Confirm whether we are collecting, using, sharing, or selling your Consumer Health Hata;
  • Access your Consumer Health Hata, which includes receiving a comprehensive list of all third parties and affiliates with whom your data has been shared or sold, along with contact methods for these parties;
  • Withdraw Consent for our ongoing collection and sharing of your Consumer Health Hata;
  • Delete your consumer health data from our records.

To exercise any of these rights, please submit a request via our interactive webform or contact us directly at privacy@glassesusa.com. Please note that those rights are not necessarily absolute and are case dependent. We are committed to responding to your requests in compliance with the required legal standards once your identity has been verified.

If your request to exercise a right under the MHMDA is denied, you may appeal that decision by contacting us using the same contact methods. If your appeal is unsuccessful, you can raise a concern or lodge a complaint with the Washington State Attorney General at www.atg.wa.gov/file-complaint .