
At Warby Parker, we’re all about helping you see things a little more clearly. This Privacy Policy (“Policy”) describes how we collect, use, disclose, and otherwise process personal information when you interact with Warby Parker Inc. (“Warby Parker,” “we,” “us,” or “our”), and any of our affiliates, including Eye Doctors and their practices, such as Walnut Vision Care, to which we may provide certain administrative or management services (“Affiliates”). This Policy applies to the processing of personal information obtained through our retail locations; websites that link to this Policy, including warbyparker.com (each, a “Site”); and mobile applications (each, an “App”) (collectively, the “Services”).
This Policy does not apply to your Protected Health Information (“PHI”) that is governed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) or other applicable PHI Laws. For information on our use and disclosure of PHI, our legal duties with respect to your PHI, and your rights with respect to your PHI and how to exercise them, please refer to our Notice of Privacy Practices.
For additional details about the personal information we collect and the rights afforded to residents of certain U.S. States, including California, please scroll to the Additional State Privacy Law Disclosures section below.
Some of the licensed optometrists and ophthalmologists (“Eye Doctors”) who perform medical services at our locations are independent (“Independent Practices”). This Policy does not apply to Independent Practices or to websites or mobile applications they operate. Please review the Independent Practices’ privacy notices for information on how they process customer information.
This Policy also does not apply to our AI powered products. Please review our Supplemental Privacy Policy for more information on how we process personal information through our AI powered products.
From time to time, we may clarify, revise, or update this Policy, which may include making changes to the way we process personal information. If we make any changes to this Policy, we will revise the date at the top of the Policy. Changes to this Policy will become effective once they are posted.
We collect personal information for our business purposes from various sources, including personal information that you provide to us through the Services and other communications; from entities you have requested or authorized in connection with our Services; that we receive from third parties, including your Eye Doctor, in order for us to provide Services or complete your purchase; that we collect automatically when you access our Services from your mobile device(s); and from other third parties.
We collect the following types of personal information, as further described in the Personal Information Use section below:
The categories above include personal information that is considered sensitive under certain data privacy laws, including health information, precise geolocation data, and personal information of a child.
We use and process the above categories of personal information for the following purposes.
We may combine personal information collected from other parties with other information we collect about you.
We disclose personal information to the following entities for the purposes set out above.
We, and vendors acting on our behalf, may use cookies, software development kits (SDKs), pixels, and other types of online tracking technologies (collectively “Cookies”) on our Services to collect and analyze information about interactions with the Services. We may use Cookies for several purposes, including storing information to support functionality; helping you access and navigate the Services more efficiently; recognizing your login information and preferences, so that you do not need to enter the information each time you visit the Services; analyzing your use of the Services, including by collecting information about which pages on our Services you viewed or links you clicked and how you interacted with our content during your visit or over multiple visits; customizing your browsing experience by showing you information more likely to be relevant to you; delivering and customizing advertisements; and tracking advertising campaigns.
We may use technology vendors in connection with your activity on certain pages of our Sites. The tools these vendors provide help us control how user personal information is collected by Cookies. These tools also allow us to limit how certain types of website user data, such as details about your activity on our Sites, may be transmitted to other parties.
We may engage third-party web analytics services, such as Google Analytics, to help us understand and analyze how visitors interact with our Services, support our administration of the Services, improve the quality of our Services, and serve ads on our behalf across the internet. We also use this information to implement Google advertising features such as interest-based advertising, audience targeting, and impression reporting.
We, or our vendors, may collect personal information about your online activities over time and across different devices and online websites when you visit the Site. We, and our vendors, may link the information collected by Cookies to other information collected about you.
We may engage vendors to provide certain interactive features on the Services. Your use of these interactive features is voluntary, and we may retain the information that you submit through the features. For example, we may offer an interactive chat feature on our Services to respond to your questions and for other customer service purposes. When you participate in the interactive chat, either with a virtual or live agent, the contents of the chat may be captured and kept as a transcript. By using these features, you understand that our vendors may process the information obtained through the feature to provide the service on our behalf.
Our Services offer certain functionalities that permit you to initiate interactions between the Services and external services, including social networks such as Facebook, Twitter, Pinterest, Instagram, Snapchat, and Google+, that we do not own or control, even if you access them through our Services. These social features may enable you to “like” or “share” our content or otherwise connect the Services to a Third-Party Account (e.g., to pull or push information to or from the Services). If you use such social features, information you post or provide access to may be publicly displayed by the third-party service you use and both Warby Parker and the third party may have access to certain information about you and your use of the Services and the third-party service. We encourage you to carefully review the privacy policies of any third-party services you access so that you know how they will collect, use, and disclose your personal information.
We may disclose your personal information to our Affiliates, business partners, service providers, and other third parties, as further described in the Personal Information Disclosure section above. To the extent we provide these parties access to your personal information obtained through our Apps, we require that they provide the same level of personal information protection as required by this Privacy Policy.
We will retain your personal information only for as long as we reasonably consider it necessary for achieving the purposes set out in this Privacy Policy, or for as long as we are legally required to retain it. If you no longer wish to provide your personal information through our App, you may uninstall our App from your device. Note that this action will not delete your user account or any information we previously collected via the App, nor does it affect our personal information collection through our other Services.
Our vendors may also collect information about your mobile device from other tracking technologies while you are near or in our stores to help us better understand our customers and how they use our Services. These services may include Google Analytics and Adjust Technology.
Access and Correction of Personal Information. Through your account settings, you can access, view, and edit certain types of personal information, including name, password, mailing address, billing address, email address, and phone number. The information you can view and edit may change as our Services change.
Deletion of Personal Information/Account. You can request deletion of your personal information/account (e.g., name, password, mailing address, billing address, email address, and phone number) by filling out the request form located here. You can also request deletion of your personal information/account within our Apps by clicking on “Delete Account” in your App account settings and following the instructions to complete your request. After completing the steps to request deletion of your account, we will contact you within 45 days to ask that you confirm your decision to delete your personal information/account. Once your personal information/account is deleted, you will no longer be able to access your account.
We may retain certain of your personal information, like order history and prescriptions in our systems for certain legal, security, and business records.
Right to withdraw your consent. You can withdraw your consent to the collection, use and disclosure of personal information in accordance with this Policy at any time upon reasonable notice to Warby Parker in writing, subject to legal or contractual restrictions. The withdrawal of your consent may affect our ability to answer your inquiry. In certain situations, we may be entitled to retain your personal information in order to comply with applicable legal requirements, to establish, exercise or defend our rights or legal claims, and for other legitimate business purposes described in this Policy.
Marketing Communication Opt Outs. If you decide you don’t want to receive marketing emails from us, you can opt out in your account settings or click the “Unsubscribe” link in our emails. Opting out or unsubscribing will not prevent you from receiving emails about orders or other transactions you make through our Services or emails in response to a specific request from you, such as password recovery. If you have previously opted in to receive text messages and decide that you no longer want to receive text messages from us, you can opt out in your account settings.
App Opt Outs. If you would like to opt out of the use of your mobile app activity for targeted advertising purposes, you may do so by visiting your device privacy settings. If you wish not to share information with us from your mobile device, such as geolocation and your unique device identifier, you may turn off location tracking at any time in your app settings or disable Bluetooth on your device. If you wish to stop receiving push notifications from us on your mobile device, you can update your device settings.
Social Features Opt Outs. If you wish to limit the information available to us through your Third Party Accounts, such as Google or social media, you should visit the privacy settings of your Third Party Accounts to learn about your options.
Cookie Opt Outs. You can opt out of certain disclosures of personal information through Site Cookies by visiting www.warbyparker.com/cpra and selecting “Opt out of the sale or sharing of personal information with third parties.”
You can learn about how to opt out of receiving personalized website advertisements from our advertising partners who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising by visiting the opt-out sections on the websites of each of those organizations. Links to those sites are below. Note that because your election to opt out is managed through cookies, if you delete these cookies or use a different browser, you will have to make the same selection again.
You may be able to set your web browser to reject Cookies entirely or require that your browser request permission from you before accepting each new Cookie. You can also delete Cookies from your web browser once you leave the Site.
Some of the vendors we work with offer tools that you can use to limit or opt out of their Cookies, such as:
We do not control these third parties' collection or use of your information to serve interest-based advertising.
Your web browser may have settings that allow you to transmit a “Do Not Track” signal when you visit various websites or use online services. Like many websites, we do not respond to Do Not Track signals received from browsers. To learn more about “Do Not Track” signals, visit allaboutdnt.com. You may set your browser to notify you of or decline the receipt of Cookies; however, certain features of the Site may not function properly or be available if your browser is configured to disable Cookies. We are not responsible for opt-out processes provided by external parties.
If you choose to limit collection of your information in these ways, certain Service features may not function properly, or at all, and certain Services may not be available to you.
You may still see “contextual” ads even if you opt out of interest-based ads. These ads, however, are based on the context of what you are looking at on the websites and pages you visit. Even if you opt out of interest-based ads you will still receive these non-personalized, contextual ads.
The Services may contain links to external websites. Please be aware that we cannot control and are not responsible for the information collection practices of such websites, which may differ from our privacy practices. We encourage you to review and understand the privacy policies of these websites before providing any information to them. The inclusion of a link to another website or online service does not imply our endorsement.
We implement reasonable technical, organizational, and administrative measures to help safeguard your information against unauthorized or unlawful processing and against accidental loss, destruction, or damage. Unfortunately, we cannot guarantee complete security of any information.
The Services are not directed to children under the age of majority in the jurisdiction in which you reside and we do not knowingly collect personal information from individuals under the age of majority in the jurisdiction in which you reside through the Services. If we become aware that we have received personal information from children under the age of majority in the jurisdiction in which you reside, we will delete it in accordance with applicable law. If you are a parent or legal guardian of a minor, you may use our Services on behalf of such minor child.
This section provides additional disclosures for Canadian residents.
Consent
We process your personal information with your consent. In some cases, at the time of collection of your personal information, we may provide you with additional information regarding the processing of your personal information. We may also, in certain circumstances, obtain your specific consent for the use or sharing of your personal information, including where required by law.
Cross-Border Transfer of Personal Information
Some of our service providers may access, process or store your personal information outside of the country where we are located and where you reside, including in the Canada, United States, Philippines, Mexico and the Dominican Republic. As a result, when your personal information is used or stored in a jurisdiction other than where you are residing, it may be subject to the law of this foreign jurisdiction, including any law permitting or requiring disclosure of the information to the government, government agencies, courts and law enforcement in that jurisdiction.
Security
We maintain appropriate policies and practices aimed at safeguarding your personal information. Depending on the volume and sensitivity of the information, the purposes for which it is used and the format in which it is stored, we implement a combination of measures to protect your personal information, including:
Our goal is to prevent unauthorized access, loss, misuse, sharing or alteration of personal information in our possession. We also use these safeguards when we dispose of or destroy your personal information.
Personal Information Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, as detailed in the Personal Information Use section above and except as otherwise necessary to comply with legal requirements. Once your personal information is no longer necessary, we will delete or anonymize your personal information.
This section provides additional disclosures for residents of certain U.S. states (“Applicable State Privacy Laws”), including disclosures to California residents under the California Consumer Privacy Act (“CCPA”).
Categories of Personal Information We Collect, Use, and Disclose for Business Purposes. We collect the following categories of personal information, as described in greater detail in the Personal Information Collection (section 2) and Personal Information Use (section 3) sections above:
We disclose Personal Information to our vendors and partners to facilitate cross-contextual behavioral advertising, targeted advertising, and other advertising and marketing (collectively, “Targeted Advertising”). While we do not knowingly sell personal information for monetary value, we may “sell” personal information for valuable consideration or share personal information for Targeted Advertising under Applicable State Privacy Laws. In this context, the categories of personal information we sell and/or share for Targeted Advertising are: Identifiers, Personal Records, Internet or Other Electronic Network Activity Information, and Geolocation Data.
We sell and share personal information for Targeted Advertising to our Marketing, Analytics, and Advertising Partners and our Social Media providers for marketing, analytics, and advertising purposes, as further described in this Privacy Policy. Please note that we do not sell, share, or otherwise disclose personal information obtained for text message program consent purposes (opt-in consent data) to any third parties for those third parties’ own marketing purposes.
Residents of states with Applicable State Privacy Laws have certain rights related to their personal information.
Right to Access and Data Portability. You may have the right to confirm whether we are processing your personal information, to access your personal information, and to obtain a copy of personal information you provided to us in a portable format. Residents of some states may also request certain information about third parties to which we have disclosed consumer personal information.
Right to Delete. You may have the right to request that we delete personal information about you, subject to certain exceptions.
Right to Correct. You may have the right to request that we correct any incorrect personal information that we collect or retain about you, subject to certain exceptions.
Right to Opt Out of Targeted Advertising and Sales of Personal Information. You may have the right to opt out of the sale of your personal information and to request that we do not share your personal information for Targeted Advertising.
Rights related to Profiling and Automated Decision Making. You may have the right to opt out of the use of your personal information for profiling and automated decision making in furtherance of decisions that produce legal or similarly significant effects. We do not offer an opportunity to exercise this right because we do not use personal information for profiling in furtherance of decisions that produce legal or similarly significant effects.
Exercising Your Rights. To exercise your privacy rights:
Verification. In order to exercise these rights, you will need to verify your identity to protect your security and personal information, which may include providing certain information.
Authorized Agent. Under certain Applicable State Privacy Laws, you may elect to have an agent exercise your rights for you. Even if you choose to use an agent, we may, as permitted by law, require you to confirm your identity directly with us or confirm that the agent has permission to submit the request.
Appeal. We may deny your privacy rights request in certain circumstances, including if we are unable to process the request or the personal information is subject to an exception. If you are a resident of certain states whose privacy rights request has been denied by us and you believe we denied it in error, you may email us at [email protected] for reconsideration.
Non-Discrimination. We will not discriminate against you because of your exercise of any of your privacy rights.
The CCPA requires additional disclosures for California consumers. The disclosures in this Privacy Policy that describe how and why we collect, use, and disclose Personal Information also describe how we have collected, used, and disclosed Personal Information in the preceding twelve (12) months.
The Right to Know. California residents have the right to request that we disclose the following information under the CCPA:
How Long We Keep Your Information. We will retain your personal information only for as long as we reasonably consider it necessary for achieving the purposes set out in this Policy, or for as long as we are legally required to retain it, including where retention of personal information is reasonably necessary to:
Where personal information is used for more than one purpose, we will retain it until the purpose with the latest period expires.
Sale and Sharing of Personal Information. We do not have actual knowledge that we sell or share the personal information of California Consumers under the age of 16 years.
Sensitive Personal Information. We do not use sensitive personal information for purposes of inferring characteristics about a consumer. Accordingly, we do not offer the opportunity to limit the use or disclosure of sensitive personal information under the CCPA.
Shine the Light. If you’re a resident of California, you can request a notice identifying the categories of personal information, as defined by California Civil Code Section 1798.83, we share with our Affiliates and/or third parties for their direct marketing purposes and the contact information for such Affiliates and/or third parties. Please submit a written request to [email protected].
If you have any questions about viewing or updating your information, this Privacy Policy, or our privacy practices, please contact us at [email protected].