Effective Date: June 5, 2025

1. Introduction

EyeOTmonitor, Inc. (“EyeOTmonitor,” “we,” “us,” or “our”) operates the website https://www.eyeotmonitor.com and related services (collectively, the “Site” or “Services”). Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and protect information we gather when you visit or interact with the Site or any of our Services. By accessing or using the Site, you agree to the practices described in this Policy. If you do not agree with any part of this Policy, please do not use the Site or Services.

2. Scope and Applicability

  1. Who Is Covered? This Policy applies to (a) visitors to our Site; (b) individuals or entities that register for, purchase, or use any EyeOTmonitor Service; and (c) other persons whose data we collect in providing or improving our Services.
  2. Third-Party Services. This Policy does not govern how third parties collect or use information. When you click through to, or otherwise interact with, third‐party websites (e.g., payment processors, analytics providers), their privacy policies will apply.
  3. Changes. We may modify this Policy at any time in our sole discretion. We will post any revised version on this page and update the “Effective Date” above. Material changes will be announced via email or Site notice. Your continued use of the Site or Services after the effective date constitutes acceptance of the updated Policy.

3. Information We Collect

We collect two broad categories of information: (A) information you provide directly (“Personal Data”), and (B) information we obtain automatically or from third parties (“Non-Personal Data”).

3.1 Personal Data

Personal Data is information that identifies you as an individual, including, but not limited to:

We collect Personal Data when you voluntarily:

3.2 Non-Personal Data

Non-Personal Data is information that does not identify you personally. It includes, but is not limited to:

We collect Non-Personal Data:

4. How We Use Your Information

4.1 Purposes of Use

We use the information we collect for the following purposes:

4.2 Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (“EEA”) or United Kingdom, our legal bases for processing your Personal Data may include:

5. Cookies and Tracking Technologies

5.1 Cookies

We use “cookies”—small text files stored on your device—to collect Non-Personal Data that helps us improve the Site and Services. Cookies may be “session” (deleted when you close your browser) or “persistent” (remain until they expire or you delete them). Cookies we use include:

  1. Strictly Necessary Cookies: Required to enable core Site functionality (e.g., authentication, load balancing).
  2. Performance and Analytics Cookies: Collect aggregated, anonymous data about Site usage (e.g., page visits, time on page). We use providers such as Google Analytics.
  3. Functional Cookies: Enable enhanced functionality (e.g., remembering language or location preferences).
  4. Advertising and Targeting Cookies: Used by third parties to deliver relevant ads and track campaign performance.

5.2 Web Beacons and Similar Technologies

We and our service providers may use web beacons, pixel tags, device identifiers, and SDKs in emails and on the Site to measure online activity, count site visits, and track usage patterns.

5.3 Your Choices

6. Third-Party Disclosure and Sharing

6.1 Service Providers

We share Personal Data with third-party vendors, contractors, and service providers that perform services on our behalf, including:

These service providers are contractually bound to maintain the confidentiality and security of Personal Data and to use it only as necessary to perform services for EyeOTmonitor.

6.2 Affiliates and Subsidiaries

We may share Personal Data with our affiliates, subsidiaries, or corporate partners for the purposes outlined in Section 4 (How We Use Your Information). Any such transfer is subject to this Privacy Policy.

6.3 Business Transfers

In the event of a merger, acquisition, financing, or sale of assets (e.g., by EyeOTmonitor, its affiliates, or its assets), Personal Data may be transferred to a third party as part of the transaction. We will notify you via email and/or a prominent notice on our Site before your Personal Data is transferred and becomes subject to a different privacy policy.

6.4 Legal and Compliance

We may disclose your Personal Data if required by law, regulation, legal process, or governmental request, or to (a) enforce our Terms of Service or Acceptable Use Policy; (b) prevent or investigate potential wrongdoing in connection with the Site or Services; or (c) protect the rights, property, or safety of EyeOTmonitor, our users, or others.

7. Data Retention and Deletion

7.1 Retention Periods

7.2 Deletion Requests

You may request deletion of your Personal Data by contacting us at support@eyeotmonitor.com. We will comply unless retention is necessary for (a) legal compliance, (b) dispute resolution, (c) enforcement of our agreements, or (d) legitimate business interests (e.g., fraud prevention, security). Certain categories of data (e.g., transactional, tax-related) may be retained longer if required by law.

8. Data Security

8.1 Security Measures

We implement technical, organizational, and administrative safeguards to protect Personal Data, including:

8.2 Employee Training and Confidentiality

All employees and contractors with access to Personal Data receive regular privacy and security training. We require confidentiality and non-disclosure agreements to limit access to Personal Data on a need-to-know basis.

8.3 Breach Notification

In the event of a data breach that materially compromises Personal Data, we will:

  1. Investigate and contain the incident promptly.
  2. Notify affected data subjects and, if applicable, regulators within the timeframe required by applicable law (e.g., 72 hours under GDPR).
  3. Provide information about the nature of the breach, categories of Personal Data involved, and measures taken to address it.

9. International Data Transfers

EyeOTmonitor is headquartered in the United States. Personal Data collected from users worldwide may be transferred to, stored in, or processed in the U.S. or other countries where our service providers are located. We take steps to ensure adequate safeguards when transferring data, including:

If you reside in a jurisdiction with stricter data protection requirements (e.g., GDPR), you may request details on the specific safeguards we use by contacting support@eyeotmonitor.com.

10. Your Rights and Choices

10.1 Individual Rights (GDPR, CCPA, and Similar Laws)

If you are a resident of the EEA, UK, or other jurisdictions with applicable data protection laws, you may have the following rights regarding your Personal Data:

Residents of California also have additional rights under the California Consumer Privacy Act (“CCPA”):

10.2 How to Exercise Your Rights

To exercise any of the above rights, please submit a verifiable request using one of the following methods:

We will verify your identity before processing requests. If you authorize an agent to make a request on your behalf, we may require a signed permission form and direct verification from you. We will respond to requests within the timeframes required by applicable law (e.g., 30 days under GDPR, 45 days under CCPA), or notify you if more time is needed.

11. Children’s Privacy

Our Site and Services are not directed to, nor intended to collect Personal Data from, children under the age of 16. We do not knowingly collect Personal Data from minors under 16. If we become aware that we have inadvertently collected Personal Data from a child under 16 without parental consent, we will take steps to delete that information as soon as possible. If you believe that we might have collected personal data from a child under 16, please contact us at support@eyeotmonitor.com.

12. Third-Party Links and Services

The Site may contain links to third-party websites, apps, or services that are not operated or controlled by EyeOTmonitor. If you click on a third-party link, you will be directed to that third party’s site or app. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third party. We encourage you to read the privacy policy of every site you visit.

13. Do Not Track Signals

Some browsers and devices support “Do Not Track” (“DNT”) signals. Our Site does not currently respond to browser DNT signals. To opt out of tracking, please see Section 5.3 (Your Choices) to manage cookies and other tracking technologies.

14. California Privacy Disclosures (for CCPA Residents)

If you reside in California, the following supplemental disclosures apply:

14.1 Categories of Personal Data Collected

We have collected the following categories of Personal Data from California consumers in the past 12 months:

14.2 Sources of Personal Data

We obtain Personal Data directly from you (e.g., when you register, purchase, or contact us), automatically via cookies and logs, and from third-party service providers (e.g., analytics partners).

14.3 Purpose of Collection and Sharing

We use and share Personal Data to provide the Services, comply with legal obligations, fulfill contracts, analyze usage, maintain security, and send marketing communications (with consent).

14.4 Disclosure of Personal Data for a Business Purpose

We may share your Personal Data with the categories of third parties listed in Section 6 (Third-Party Disclosure and Sharing). We do not “sell” your Personal Data as defined under CCPA.

14.5 Your Rights under CCPA

In addition to the rights listed in Section 10 (Your Rights and Choices), California residents have the right to:

To make a CCPA request, please contact us as described in Section 10.2 (How to Exercise Your Rights).

15. GDPR and UK Data Protection Addendum

If you are subject to the EU General Data Protection Regulation (GDPR), United Kingdom’s Data Protection Act 2018, or other applicable data protection laws, please review our Data Processing Addendum (“DPA”), which is incorporated by reference. The DPA sets forth the terms under which EyeOTmonitor processes personal data on your behalf as a “processor” and you act as the “controller.” The DPA is available at [insert link to DPA].

16. Data Breach Notification

In the event of a confirmed data breach involving your Personal Data, we will:

  1. Contain and Remediate. Promptly investigate, contain, and remediate the breach;
  2. Notify You. Notify you without undue delay and in any event within the timeframe required by applicable law (e.g., 72 hours under GDPR), providing details about the breach’s nature, affected data categories, and our response measures;
  3. Regulatory Notification. If required by law, we will also notify the relevant data protection authorities;
  4. Mitigation. Offer guidance on steps you can take to protect yourself (e.g., password resets, monitoring).

17. Children’s Privacy

Our Site and Services are intended for use by organizations and individuals aged 16 or older. We do not knowingly collect Personal Data from children under 16. If you are under 16, please do not submit any Personal Data. If we learn that we have collected or received Personal Data from a child under 16 without parental consent, we will delete that data as soon as possible. If you believe we might have any data from a child under 16, please contact us at support@eyeotmonitor.com.

18. Security Practices and Controls

EyeOTmonitor maintains administrative, technical, and physical safeguards designed to protect your Personal Data from unauthorized access, disclosure, alteration, or destruction. These measures include:

While we strive to protect your Personal Data, no security measure is perfect or impenetrable. We cannot guarantee the absolute security of your data, and you use the Site and Services at your own risk.

19. International Transfers and Storage

Because EyeOTmonitor is based in the United States and uses global service providers, Personal Data collected via the Site or Services may be transferred to, processed, or stored in countries outside of your jurisdiction. We ensure that all international transfers are conducted in compliance with applicable laws by:

If you have questions about our international data transfer practices or want to obtain a copy of our SCCs, please contact support@eyeotmonitor.com.

20. California Shine the Light Disclosure

California Civil Code Section 1798.83 (the “Shine the Light” law) permits California residents to request certain details about how we share Personal Data with third parties for their direct marketing purposes. To request this information, please contact support@eyeotmonitor.com. We will respond within 30 days of receiving your request.

21. Links to Other Websites

Our Site may contain links to third-party websites not owned or controlled by EyeOTmonitor. We are not responsible for the privacy practices or content of such third-party sites. We encourage you to read the privacy policies of any site you visit.

22. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed under the laws of the State of Colorado, without regard to its conflict of laws principles. Any dispute arising under or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the state or federal courts located in Denver County, Colorado.

23. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Thank you for trusting EyeOTmonitor with your data. We are committed to safeguarding your privacy and providing transparency about how we handle your information.