Information collected on this site does not include sensitive information and is not secured. This policy governs our business website www.centralamericaneyeclinics.org.
We take precautions to protect your information. Should we request sensitive information in the future via the website, your information will be protected both online and offline.
a. If we were to collect sensitive information, that information would be encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page.
b. We also protect your information offline. Only employees who need the information to perform a specific job (for example, technicians, billing or patient service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, Date of Birth or other details to help you with your experience.
When do we collect information?
We collect information from you when you enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
i. To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested.
ii. To allow us to better service you in responding to your customer service requests or marketing campaigns.
iii. To send periodic emails regarding your order or other products and services.
How do we protect visitor information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
a. We use regular Malware Scanning.
b. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
c. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
d. All transactions are processed through a gateway provider and are not stored or processed on our servers.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
a. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third party links
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google, Cookies and Remarketing
This website uses Google Analytics to help analyze how users use the site. The tool uses “cookies”, which are text files placed on your computer, to collect standard Internet log information and visitor behavior information in an anonymous form. The information generated by the cookie about your use of the website (including IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of the website and to compile statistical reports on website activity.
a. We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any Personally Identifiable Information (PII) of visitors to our site. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. We will not associate any data gathered from this site with any Personally Identifiable Information from any source, unless you explicitly submit that information via a fill-in form on our website.
b. Information to opt out of Google Analytics
What is Remarketing?
This website uses Google remarketing to advertise online using text or image ads on the Google Display Network. Remarketing is a feature that lets us reach people who have previously visited our site, and show them relevant ads when they visit other sites on the Google Display Network.
a. For websites using remarketing, a third-party Google AdWords or DoubleClick cookie is used to enable remarketing for products like AdWords on the Google Display Network. When someone visits our website, a few lines of code will drop an anonymous browser cookie. This cookie is a small file that stores information. The cookie will store the site visit, but does not store any sensitive information, such as visitor name, address or any other piece of information that might personally identify the visitor. The cookie will be enabled for a set period of time, such as 30 or 60 days, at which time, the cookie expires.
What is the Google Display Network?
A group of more than a million websites, videos, and apps where ads can appear. Sites in this network have partnered with Google to show relevant AdWords ads.
Our website will never:
i. run remarketing ads that collect Personally Identifiable Information (PII)
ii. create a remarketing list or ad text that specifically targets users in ways that are outlined as “prohibited” by Google
Opting out of Remarketing
a. The Google Analytics features we’ve implemented are based on Display Advertising (e.g., Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager integration, or Google Analytics Demographics and Interest Reporting). Visitors can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using Ads Settings.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
Users can visit our site anonymously
iv. Users are able to change their personal information:
1. By emailing our Privacy Officer listed at the bottom of this policy
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
a. We do not specifically market to children under 13.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via in site notification within 7 business days.
i. We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions.
i. Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CAN-SPAM we agree to the following:
NOT use false, or misleading subjects or email addresses
i. Identify the message as an advertisement in some reasonable way
ii. Include the physical address of our business or site headquarters
iii. Monitor third party email marketing services for compliance, if one is used.
iv. Honor opt-out/unsubscribe requests quickly
v. Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can:
Follow the instructions at the bottom of each email and we will promptly remove you from all correspondence, or those that you indicate on the opt-out form (should such choices be presented to you).