Need help?

Effective Date: 01/01/2026

DirectOD LLC, doing business as DirectVision (“DirectVision,” “DirectOD,” “we,” “us,” or “our”), takes the security of our systems and the information we handle seriously. This Security Statement describes the safeguards we use to help protect personal information and membership-related data processed through our websites, enrollment pages, forms, portals, and related services (collectively, the “Services”).

This Security Statement is provided for general informational purposes and does not create any contractual obligations, warranties, or guarantees regarding the security of the Services.

  1. Security Approach
    We use a layered security approach designed to:

  • Protect the confidentiality and integrity of information transmitted through the Services

  • Reduce the risk of unauthorized access, disclosure, alteration, or destruction of information

  • Detect, prevent, and respond to suspicious activity and security incidents

  • Support reliable operation and availability of the Services

  1. Data Minimization
    We aim to collect and store only the information reasonably necessary to provide membership enrollment, billing administration, account support, and related Services. Where feasible, we use tokenization and limited data storage to reduce exposure of sensitive data.

  2. Technical Safeguards
    We use a combination of technical controls that may include:

  • Encryption in transit using industry-standard TLS (HTTPS)

  • Encryption at rest for certain systems and data stores, where appropriate

  • Access controls based on least-privilege principles

  • Multi-factor authentication for administrative access where feasible

  • Segmentation and role-based permissions to limit access to systems and data

  • Logging and monitoring to help detect abuse, fraud, and suspicious behavior

  • Secure configuration and patch management practices intended to reduce known vulnerabilities

  1. Administrative and Operational Safeguards
    We maintain security practices that may include:

  • Policies and procedures governing access, use, and handling of information

  • Employee and contractor access restrictions and confidentiality commitments

  • Vendor risk review and contractual restrictions for service providers that support the Services

  • Ongoing review of security controls and improvements based on risk, feasibility, and business needs

  • Incident response processes intended to assess, contain, remediate, and document security events

  1. Payment Security and Payment Processing
    Payments for memberships may be processed through a banking and payment processing partner, including Chase. Payment transactions are handled through secure payment processing channels. DirectVision does not store full payment card numbers in its own systems when standard tokenization or processor-hosted payment methods are available. We may store limited payment-related details necessary for membership administration, such as billing status, transaction identifiers, and confirmation records.

Important note: Although we use commercially reasonable safeguards, no payment or data transmission system can be guaranteed to be 100% secure. You are responsible for protecting your payment credentials, devices, and network connections.

  1. Third-Party Platforms and Service Providers
    To operate the Services, we may rely on third-party platforms and service providers for functions such as page hosting, communications (email/SMS), analytics, customer support tools, and payment processing.

We select service providers based on operational and security considerations and use contractual protections intended to limit how they may use information. However, third-party platforms are not controlled by DirectVision, and their security practices may differ. Where feasible, we configure and use such services in a way intended to reduce risk.

  1. Data Access and Internal Controls
    Access to information is restricted to authorized personnel and service providers who need it to operate, support, or secure the Services. We seek to:

  • Limit access using role-based permissions

  • Remove or disable access when it is no longer required

  • Review access periodically where appropriate

  1. Your Role in Security
    You play an important role in protecting your information. We encourage you to:

  • Use a secure, private device when enrolling or accessing Services

  • Avoid using public Wi-Fi for sensitive transactions when possible

  • Keep your email account secure, as email may be used for notices or account access

  • Review billing confirmations and report suspected fraud promptly

  • Contact us immediately if you believe your account or enrollment information has been compromised

  1. Security Incidents and Notifications
    If we become aware of a security incident involving information under our control, we will evaluate the scope and impact and take reasonable steps to contain and remediate the issue. Where required by applicable law, we will provide notifications to affected individuals and/or regulators.

  2. No Warranty
    The Services are provided on an “as is” and “as available” basis. While we take reasonable steps intended to protect information, we do not guarantee that the Services will be uninterrupted, error-free, or immune from unauthorized access.

  3. Contact
    If you have questions about this Security Statement or want to report a potential security issue, contact:

DirectVision (DirectOD LLC)
Email: support@directvision.us


2026 DirectVision • PrivacySecurityAccessibilitySupport
DirectOD Vision Membership Plans are NOT insurance. Members pay a monthly or annual fee directly to participating eye care providers in exchange for access to discounted services, benefits, and product savings as outlined in the provider’s custom membership plan. Members are responsible for paying their provider directly for any services or products received beyond the plan’s benefits. Plan features, pricing, and savings may vary by provider and location - please refer to your provider’s specific plan terms for full details. Vision membership plans offered through DirectOD do not qualify as insurance under the Affordable Care Act and do not satisfy minimum essential coverage requirements. DirectOD is not an insurance company, and does not pay or reimburse providers for services rendered.
[bot_catcher]