1. Who we are
Sightyness ("Sightyness", "we", "us", or "our") operates the online vision screening platform at sightyness.com. This policy explains what personal information we collect when you use our website, mobile-friendly web app, or when a clinic or employer arranges a screening for you, and how that information is handled.
This policy is written to align with the federal Personal Information Protection and Electronic Documents Act (PIPEDA), which generally governs how private-sector organizations handle personal information in the course of commercial activity in Ontario and most of Canada.
2. Information we collect
We collect only what we need to provide the screening service and to bill for it. Depending on how you use Sightyness, this may include:
| Category | Examples |
|---|---|
| Identity & contact | Name, email address, date of birth, phone number, country |
| Account & verification | Email one-time passcode (OTP) records, consent confirmations |
| Vision & health-adjacent information | Self-reported vision correction status, last eye exam date, known conditions you choose to share (e.g. myopia, colour blindness), and the results of the screening tests you take |
| Camera-based data | Live video used momentarily for face-liveness verification and for estimating your distance from the screen; if you consent, a short recording of your test session |
| Payment information | Handled by our payment processor (WooCommerce and its connected payment gateways); we do not store full card numbers ourselves |
| Technical information | Device type, approximate screen size, browser type, IP address |
| Clinic-referred patients | If a clinic or employer directs you to Sightyness, we also receive the identifying details they provide so results can be matched to your record with them |
3. How we use your information
- To create and secure your account, and verify it's really you (via email OTP and optional face-liveness check)
- To run the vision screening tests you select and calculate your results
- To size on-screen test material correctly for your viewing distance and device
- To generate and send your results report, by email and/or as a downloadable PDF
- To process payment for paid plans
- Where you were referred by a clinic or corporate client, to send your results and relevant account activity to that clinic so they can incorporate it into your care or records with them
- To respond to support requests and, if you contact us as a business, to respond to your enquiry
- To detect fraud, verify results integrity, and maintain the security of the platform
- To meet legal, accounting, or regulatory obligations
We do not sell your personal information, and we do not use your health-adjacent test results for advertising purposes.
4. Consent and legal basis
Under PIPEDA, we generally rely on your consent to collect, use, and disclose personal information. We ask for explicit consent at specific points, including:
- Before beginning registration ("I confirm these details are accurate" and "I understand this is a screening tool only")
- Before any video recording of a test session ("I consent to being recorded during this test session for verification purposes")
- Before accessing your camera for face verification or distance measurement (via your browser's own camera permission prompt)
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting us using the details in Section 14. Withdrawing consent may mean we can no longer provide some or all of the service to you.
5. Who we share information with
We share personal information only as needed to run the service:
- Hosting provider — our website, database, and any consented video recordings are hosted with Hostinger.
- Email delivery — OTP codes, result reports, and invoices are sent through our transactional email provider over an authenticated SMTP connection.
- Payment processing — paid plans are processed through WooCommerce and its connected payment gateways (e.g. card, PayPal, Apple Pay, Google Pay), which have their own privacy practices.
- Referring clinics or employers — if you accessed Sightyness through a clinic or corporate client's link, your results and relevant account details are shared with that organization. See Section 6.
- Legal disclosures — we may disclose information if required by law, court order, or to protect the rights, safety, or property of Sightyness, our users, or the public.
We do not sell personal information to third parties, and we do not share it with advertisers.
6. If you were referred by a clinic or employer
Some clinics and organizations use Sightyness under a business ("corporate") plan to screen their own patients, employees, or members. If you took a test through a link or embedded screen provided by such an organization:
- Your name, contact details, and test results are shared with that organization, and are also visible in that organization's own Sightyness client portal.
- That organization — not Sightyness — is generally responsible for how it further uses your information within its own records (for example, a clinic's own patient chart).
- Where the referring organization is a health information custodian under Ontario's Personal Health Information Protection Act (PHIPA), Sightyness may be acting as their "agent" for the limited purpose of running the requested screening and returning results, under that organization's own privacy obligations to you. Questions about how that organization uses your results in your care should be directed to them.
7. How long we keep information
| Information | Typical retention |
|---|---|
| Account and test result records | For as long as your account is active, plus a limited period afterward for support and legal purposes |
| Consented video recordings | Automatically deleted after 90 days |
| OTP verification codes | Deleted or expired shortly after use, typically within 24 hours |
| Billing and invoice records | Retained as required by Canadian tax and accounting rules |
8. How we protect your information
We use reasonable administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including encrypted transmission (HTTPS), access-restricted storage for video recordings, authenticated email sending, and hashed password storage for accounts that use passwords. No online service can guarantee absolute security, and we encourage you to use a strong, unique password and to keep your device secure.
9. Where your information is stored
Our hosting infrastructure may store and process information outside of Canada. Where personal information is processed or stored outside Canada, it may be accessible to foreign courts, law enforcement, or national security authorities under the laws of that jurisdiction. By using Sightyness, you acknowledge this possibility, consistent with PIPEDA's approach to cross-border data transfers.
10. Your privacy rights
Subject to limited exceptions, you have the right to:
- Ask what personal information we hold about you, and request a copy of it
- Ask us to correct inaccurate or incomplete information
- Withdraw consent for future collection, use, or disclosure (see Section 4)
- Ask us to delete your account and associated personal information, subject to legal retention requirements
- Ask questions or raise concerns about how we've handled your information
To exercise any of these rights, contact us using the details in Section 14. If you're not satisfied with our response, you may complain to the Office of the Privacy Commissioner of Canada, and, for health-information-specific concerns connected to a referring clinic, the Information and Privacy Commissioner of Ontario.
11. Children's privacy
Sightyness is intended for use by adults, or by minors under the supervision and consent of a parent or legal guardian who completes registration on the minor's behalf. We do not knowingly collect personal information directly from children without such involvement.
12. Cookies and local storage
We use browser local storage to remember your plan, session state, and in-progress test data on your own device, so the screening flow works correctly. We do not currently use third-party advertising cookies.
13. Changes to this policy
We may update this policy from time to time. We'll update the "Draft prepared" date at the top of this page when we do. Material changes affecting how we use previously collected information will be communicated to you directly where required by law.
14. How to contact us
Questions, requests, or complaints about this policy or your personal information can be sent to:
Email: info@sightyness.com