Skip to main content

Last edited: January 1st, 2020

Privacy Policy

This Privacy Policy is to inform you of what personal information we, Coastal, collect from you when you visit our website or use our services. This document will further explain why we collect it, and what we do with it.

Please take the time to read this Privacy Policy carefully. It is very important that you fully understand how we are processing your personal information, and how we are protecting your privacy. If you have any questions regarding our use of your personal information, please contact us at either of the email addresses listed below:

General privacy and compliance: Privacy@Coastal.com

Data Protection Officer, Tim Desmond: Tim.Desmond@Coastal.com

What Personal Information Do We Collect?

Information we may collect when you visit our website

When you access our website, we may collect and store information in our server logs and in cookies to enhance your customer experience.

This information does not allow us to directly identify you, but contains Internet or similar network activity on our website, including the pages you access; referral URL; the date and time of your request; your search history within our site; and information about the device you used such as its hardware model, operation system, unique device identifier, IP address, hardware settings, browser type, and browser language.

You are not required to provide your information if you only want to visit our website. You may configure your browser to refuse cookies, or limit the information automatically shared by your device. However, such configurations may disrupt your navigation on our website or may prevent you from accessing certain features, pages or services.

Information we may collect when you sign up or when you order products

Some of the services offered on our website require you to register and/or sign up with us. If you want to use these services, we will ask you to provide us with complete and accurate personal information, and inform us if, or when, your information needs to be updated. If you do not provide us with complete and accurate information, or if you do not inform us that your information needs to be updated, we may not be able to provide you with the products or services you have requested.

We collect the following categories of your personal information:

  • Identifiers including your real name, alias, e-mail address, postal address, unique customer number, and similar information.
  • Personal information including your telephone number, credit card number, debit card number, medical information in the form of your vision correction prescription, health insurance information, and similar information.
  • Commercial information including records of the products or services you have purchased, obtained, or considered purchasing from us.
  • Internet or other similar network activity on our website including the pages you access; referral URL; the date and time of your request; your search history within our site; and information about the device you used, such as its hardware model, operating system, unique device identifier, IP address, hardware settings, browser type, and browser language.

How Do We Collect Personal Information?

We may obtain the categories of personal information listed above from the following sources:

  • Directly from you or your agent;
  • Indirectly from you or your agent (for example, through information we collect in the course of providing services);
  • Directly and indirectly from activity on our website (for example, through the creation of an account).

How Do We Use the Personal Information We Collect?

We only use your personal information within the limits authorized by current laws and regulations. Sometimes, we shall use your personal information because laws and regulations actively require us to do so. In any case, we do not make any automated decisions based solely on automatic processing which may produce legal effects concerning you, or similarly significantly affect you.

We may use or disclose your personal information for one or more of the following business or commercial purposes:

  • To fulfill an order;
  • To provide you with information, products or services that you request from us;
  • To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you;
  • To improve our website and present its contents to you;
  • For testing, research, analytics and development;
  • To respond to law enforcement requests and as required by applicable law, court order, or government regulations;
  • As described to you when collecting your personal information
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

What Personal Data Do We Share?

We inform you that in the past 12 months, we have disclosed, and continue to disclose, personal information to third parties for a business purpose, as authorized under applicable law. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We disclose personal information for the following purposes:

  • To process transactions
    We may share your billing information with payment service providers we partner with for processing payment. Information shared for this purpose is not retained, shared, or stored for any secondary purposes.
  • To send you updates about your order
    The email address (or mobile phone number, when you opt-in for SMS notifications) that you provide to us when purchasing a product or service will be used to send you information and updates pertaining to your order. In some cases, this may require us to share these contact details with a third-party service.
  • To administer a promotion, survey, or other site feature
    In some cases, this may require us to share contact details, such as your email address with a third-party service.
  • To send promotional email when you subscribe
    The email address you use to opt-in to promotional email will be used to send periodic offers and promotions related to our products or services. In some cases, this may require us to share contact detail, such as your email address with a third-party service.
    If at any time you would like to unsubscribe from future marketing emails, detailed unsubscribe instructions are included at the bottom of each email message.
  • To track analytics attributes
    The Internet or similar network activity information we collect is used to continually improve our website offerings, and to continue to provide a more efficient service. In some cases, this may require us to share analytics attributes with a third-party service.

How Long Do We Keep the Personal Information We Collect?

We retain personal information as defined below:

  • Identifiers including your real name, alias, email address, postal address, or unique customer number are retained for a period not exceeding seven years;
  • Personal information including your telephone number, medical information in the form of your vision correction prescription, and health insurance information are retained for a period not exceeding seven years;
  • Internet or other similar network activity on our website including the pages you access; referral URL; the date and time of your request; your search history within our site; and information about the device you used, such as its hardware model, operating system, unique device identifier, IP address, hardware settings, browser type, and browser language is retained for a period not exceeding seven years.
  • Financial information, including your credit card details, are not stored by us except the last four digits and expiration date. When placing an order, you are redirected to a third-party service provider who handles the payment process.

How Do We Protect Personal Information?

We have measures in place to protect your personal information against unauthorized access, use, or disclosure, including without limitation:

  • We implement and maintain sophisticated technical measures to ensure that your personal information is recorded and processed in complete confidentiality and security.
  • We implement and maintain appropriate restrictions on access to your personal information, and monitoring of the access, use, and transfer of personal information.
  • All employees who have access to your personal information are required to enter into nondisclosure or similar agreements, which impose obligations for them to comply with our data privacy and confidentiality requirements.
  • We require any business partners and third-party service providers with whom we may share your personal information to comply with any applicable data privacy and confidentiality requirements.
  • We provide data privacy training on a regular basis to our employees and third parties who have access to personal information.

What Rights Do You Have?

Under applicable data protection laws and regulations, you have the following rights:

  • Of access to, rectification of, and/or erasure of your personal information;
  • To restrict or object to its processing;
  • To tell us that you do not wish to receive marketing information;
  • In some circumstances, to require your personal information be transferred to you or a third party; and
  • To the extent our processing of your personal information is based upon your consent, to withdraw your consent, without affecting the lawfulness of our processing based on your consent before its withdrawal.

We are committed to enabling you full exercise of your rights: to do so, you can contact us using the contact details indicated at the beginning of this Privacy Policy. Please provide us with the following information so that we can take your request with all due consideration:

  • Your name and surname, and the email addresses you have used to opt-in, or to purchase products and services from us;
  • Your specific petition (in other words, what rights you want to exercise);
  • The date of the application and your signature (if you send your application by postal mail).

If you do not feel satisfied following this interaction, you may also lodge a complaint about our processing of your personal information with a data protection authority.

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Our Communications to You

Service-Related Announcements

We will send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we may send you an email. Generally, you may not opt out of these communications, particularly as they are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account.

Newsletters and Marketing Email

If you choose to subscribe to our email newsletters or marketing emails, you (i) allow us to share your data strictly with companies within Coastal and (ii) give your express, specific and informed consent to receive emails of promotional materials concerning optical products and glasses from these companies. If at any time you would like to unsubscribe from future marketing emails, detailed unsubscribe instructions are included at the bottom of each email message.

Changes to This Privacy Notice

We regularly review our compliance with our Privacy Policy and apply updates to make it compliant with new laws and regulations regarding data protection. But, even if this Privacy Policy may change from time to time, we will not reduce your rights under this Privacy Policy without your explicit consent.

California Consumer Privacy Rights

This privacy policy applies to California consumers who are entitled to certain rights and protections with respect to their personal information under the California Consumer Privacy Act of 2018 (the “CCPA”).

If you are a California resident, you can make certain requests regarding your personal information and we will fulfill each of these requests to the extent required by law:

  • You can ask what personal information we have about you, including a list of categories of your personal information that we have sold (if applicable) and a list of categories of your personal information that we have shared with another company for a business purpose.
  • You can ask us to delete your personal information we collect or maintain.
  • You can ask that we stop selling your personal information.

Right to Know About Personal Information Collected, Disclosed, or Sold and Right to Request Deletion of Personal Information

Right to Know about Personal Information Collected, Disclosed, or Sold

You have the right to request that we disclose what Personal Information about you we have collected, disclosed or sold over the past twelve (12) months. This right includes the right to request any or all of the following:

  • Specific pieces of personal information that we have collected about you;
  • Categories of personal information we have collected about you;
  • Categories of sources from which the personal information was collected;
  • Categories of personal information that we sold (if applicable) or disclosed for a business purpose;
  • Categories of third parties to whom the personal information was sold (if applicable) or disclosed for a business purpose; and
  • The business or commercial purpose for collecting or, if applicable, selling personal information.

Right to Request Deletion of Personal Information

You also have the right to request that we delete certain personal information we have collected from you. Once we receive and confirm your verifiable consumer request to delete, we will delete your personal information (to the extent provided by law) we hold about you as of the date of your request from our records.

However, a business is not required to comply with a request to delete if it is necessary for the business to maintain the personal information in order to, for example, complete a transaction, detect security incidents, comply with a legal obligation, or otherwise use the personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

How to Submit

You may submit a request to know or request to delete, through our interactive webform available below or by calling a toll-free number at (866) 218-2139.

Please note that if you submit a request to delete online, you will be asked to confirm separately that you want your personal information deleted.

Our Process for Verifying a Request

To verify your identity, we require you provide your name and email and you confirm identity through a confirmation email message.

Once submitted, you will receive an email within 10 days that we will use to verify your identity and provide confirmation of your request. We will respond to your request to know or request to delete within 45 days from the day we receive the request. If necessary, we may extend the time period to a maximum total of 90 days from the day we receive the request. In such case, you will receive an email notifying you of the extension and explaining the reason for the extension.

Right to Opt-Out of Sale of Personal Information

Right to Opt-Out

The CCPA defines "sell" to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s personal information to another business or a third party for monetary or other valuable consideration.

If you are 16 years of age or older, you have the right to opt-out from a sale of your personal information.

We do not sell the personal information of consumers we actually know who are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from (i) the consumer who is between 13 and less than 16 years of age (ii) or the parent or guardian of the consumer less than 13 years of age.

How to Submit a Request to Opt-Out

You may submit a request to opt-out of the sale of your personal information through our interactive webform available below.

How We Process a Request to Opt-Out

We will act upon your request to opt-out within 15 days from the date that you submit the request. The CCPA does not require that we verify the identity of individuals who submit requests to opt-out of sales. However, we may deny the request if we have a good-faith, reasonable, and documented belief that the request is fraudulent. If we deny the request on this basis, we will notify the requesting party and provide an explanation why we believe the request is fraudulent.

Collection of Personal Information

Categories of Personal Information Collected

The following table presents the categories of personal information that we have collected within the last twelve (12) months:

Category of Personal Information Collected Examples of Information Coastal May Collect in These Categories Collected
A. Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) A name, address, telephone number, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Yes
C. Protected classification characteristics under California or federal law Not Applicable No
D. Commercial information Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
E. Biometric information Not Applicable No
F. Internet or other similar network activity Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. Yes
G. Geolocation data Not Applicable No
H. Sensory data Not Applicable No
I. Professional or employment-related information Not Applicable No
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) Not Applicable No
K. Inferences drawn from other personal information Not Applicable No

We may obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you or your agent;
  • Indirectly from you or your agent (for example, through information we collect in the course of providing services;
  • Directly and indirectly from activity on our website (for example, through the creation of an account).

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following business or commercial purposes:

  • To fulfill an order;
  • To provide you with information, products or services that you request from us;
  • To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you;
  • To improve our website and present its contents to you;
  • For testing, research, analytics and development;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA;
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

Sharing of Personal Information

In the past 12 months, we have disclosed and/or sold personal information to third parties for a commercial or business purpose, as authorized under applicable law. When we disclose or sell personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the past 12 months, we have disclosed and sold the following categories of personal information for a business purpose:

  • Category A: Identifiers
  • Category B: California Customer Records personal information categories
  • Category D: Commercial information
  • Category F: Internet or other similar network activity

We have shared personal information with the following categories of third parties:

  • Our business partners
  • Our service providers

Non-Discrimination for the Exercise of a California Resident’s Privacy Rights

We will not discriminate against you for exercising your rights. As such, we will not deny you goods or services, charge different prices or rates, including through the use of discounts or other benefits or imposing penalties; provide a different level of service or quality of goods, or suggest that you might receive a different price or rate for goods or services or a different level or quality of goods or services.

Authorized Agents

California residents may use an authorized agent to submit a request to know, delete, or opt-out of sales on your behalf.

If you use an authorized agent to submit a request to know or request to delete, we may require that (1) the authorized agent provide proof of your written permission and (2) you verify your identity directly with us. These requirements do not apply if you have provided the authorized agent with a power of attorney pursuant to California Probate Code sections 4000 to 4465.

If you use an authorized agent to submit a request to opt-out of sales, you will need to provide that authorized agent with written permission to do so and submit written proof to us that the agent has been authorized to act on your behalf.

How to Contact Us

If you have any questions or which to contact us for questions or concerns about our privacy policies or practices, please direct inquiries to:

Coastal.com
1499 Odell Street
Blaine, WA 98230

privacy@coastal.com

CHANGES TO THIS PRIVACY NOTICE

We regularly review our compliance with our Privacy Policy and apply updates to make it compliant with new laws and regulations regarding data protection. But, even if this Privacy Policy may change from time to time, we will not reduce your rights under this Privacy Policy without your explicit consent.

Sign up for email to subscribe

Please enter a valid email address