What is Personal Data?
- “Personal Data” is any information—as electronically or otherwise recorded—that can be used to identify a person or that we can link directly to an individual, such as name, address, email address, telephone number, or credit card number, as applicable, and subject to applicable laws. Personal Data in some jurisdictions can include information that indirectly identifies a person, such as a unique number assigned to a patient by a Healthcare Provider or a clinical trial participant, even absent other identifying information.
- In limited circumstances, Personal Data may include information considered sensitive in some jurisdictions, such as biometric information, genetic information, medical and health information, financial account information, geolocation, ethnic or racial origin, information concerning your sex life or your sexual orientation, and other information. Please note that, for patients, as described below, we may receive information about you from your Healthcare Provider or others, when legally permitted.
- We will process any Personal Data we collect in accordance with applicable law and as described in this Notice (unless, as explained above, a separate policy or notice governs). In some circumstances, if you do not provide us with your Personal Data, certain offerings may be unavailable to you.
Below is a high-level summary of the types of Personal Data we may collect from you. Following that high-level summary is additional detail and information on how we collect, process, and use Personal Data and the potential recipients of your Personal Data, and how we have done so in the preceding 12 months. Some jurisdictions require us to state the legal bases for processing your Personal Data, which are included below, but please note that not all jurisdictions may recognize all legal bases.
| Identity and contact information | Other personal information | Visual and audio information | Technical Information | Information regarding your treatment | Commercial and financial information | Professional and educational information | Anonymized / de‑identified data |
| This may include name, email, phone number, etc. | This may include age, gender, date of birth, etc. | This may include still images, video, call recordings, etc. | This may include Internet Protocol (IP) address, browser, device type, etc. | This may include blood and tissue samples, treatment date, etc. | This may include request documentation, financial transaction history, etc. | This may include job title or position, employer, etc. | Data for which your individual personal characteristics have been removed |
Users of Online Services, Visitors to Our Websites and Physical Locations, and Senders of Inquiries | X | X | X | X | | | | X |
Current, Former or Prospective Employees | X | X |
| X | | | X | X |
Business Partners and their Employees, Agents, and Contractors | X | X |
| X | | X | | X |
Patients and Users of Medical Products | X | X | X | X | X | X | | X |
Clinical Study Participants and Candidates | X | X |
| X | X | | | X |
Healthcare Providers | X | X |
| X | | X | X | X |
Clinical Investigators and Members of Investigator Teams | X | X |
| X | | X | X | X |
Attendees and Participants at Events | X | X | X | X | | | X | X |
Users of Online Services, Visitors to Our Websites and Physical Locations, and Senders of Inquiries |
We may process your Personal Data when you: (1) visit our websites and our physical locations; (2) submit inquiries to us both online (e.g., via email) or offline (e.g., by written letters); (3) sign up for our newsletters or other informational or marketing materials; and/or (4) register for, visit, or use our online Products and Services. |
Examples of the types of data we may process |
Identity and contact information, such as: | - first and last name
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | |
Visual and audio information, such as: | - still images
- video (including via CCTV)
- recordings of your calls with our customer service representatives
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies
- geolocation information
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under applicable data protection laws
|
Where do we get the data? |
- you directly
- your devices
- our security systems (including CCTV)
- third parties
|
Why we process the data? |
- to provide you with our Products and Services
- to communicate with you (about your inquiry)
- to administer our relationship with your organization
- to send you updates
- to identify and authenticate you
- to customize content for you
- to detect security incidents
- to protect against malicious or illegal activity
- to ensure the appropriate use of our Products and Services
- to improve our Products and Services
- for short-term, transient use
- for administrative purposes
- for marketing, internal research, and development
- for quality assurance and to assist in training and development of our representatives
|
The legal bases for processing: |
- for the purposes of our legitimate interests
- in preparation for or to perform a contract with you
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law
|
Who receives the data? |
- • Company, our affiliates, subsidiaries, and related companies
- • partners that assist us in providing the Products or Services or help us improve our marketing or administration
|
Current, Former or Prospective Employees |
We may process your Personal Data when you apply or are a candidate for employment or apprenticeship at Company. |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- company/employer
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | - age
- gender
- marital status
- disability
- date of birth
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies
- geolocation information
|
Professional and educational information, such as: | - job title or position
- employer
- work skills
- employment history
- graduate degrees
- certifications
- specialized training
- responses to surveys and questionnaires
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under applicable data protection laws
|
Where do we get the data? |
- you directly
- your employer or principal
- your devices
- our business partners and other third parties
|
Why we process the data? |
- to communicate with you
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- for short-term, transient use
- for administrative purposes
- for marketing, internal research, and development
|
The legal bases for processing: |
- for the purposes of our legitimate interests
- in preparation for or to perform a contract
- to comply with a legal obligation
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- partners that assist us in providing the Products or Services or help us improve our marketing or administration
|
Business Partners and their Employees, Agents, and Contractors |
We may process your Personal Data if you are an employee, agent, or contractor of a third party with whom Company does business, hires as a service provider, or otherwise partners with. |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- company/employer
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | - age
- gender
- disability
- date of birth
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies
- geolocation information
|
Commercial and financial information, such as: | - Products and Services purchased, obtained, or considered
- request documentation
- customer service records
- financial transaction history
- financial account number
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under applicable data protection laws
|
Where do we get the data? |
- you directly
- our business partners and other third parties
- your employer or principal
- your devices
|
Why we process the data? |
- to communicate with you (about your inquiry)
- to administer our relationship with your organization
- to send you updates
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- for short-term, transient use
- for administrative purposes
- for marketing, internal research, and development
- to provide you with our Products and Services
- to communicate with you
- to identify and authenticate you
|
The legal bases for processing: |
- for the purposes of our legitimate interests
- for medical diagnosis and the provision of healthcare and treatment
- in the public interest
- to comply with a legal obligation
- in preparation for or to perform a contract
- to protect vital interests
- to ensure high standards of quality and safety of healthcare and medical devices
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- our customers
- partners that assist us in providing the Products or Services or help us improve our marketing or administration
|
Patients and Users of Medical Products |
We may process your Personal Data when you are the existing or prospective patient of a Healthcare Provider who is a Company customer and/or when you receive or use Company medical products (including, where applicable, mobile apps). |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | - age
- gender
- marital status
- disability
- date of birth
|
Visual and audio information, such as: | - pictures and videos of treatment activities
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies***
- geolocation information
|
Information regarding your treatment, such as: | - date of birth
- sex/gender
- genetic information
- blood and tissue samples
- identification of pathologies/diseases
- areas of interest in medical research
- treatment dates
- medical history and treatment information
- patient-reported outcome measures (e.g., responses to questionnaires and surveys)
- X-rays, magnetic resonance imaging, and medical scans
- user activity
- therapy completion and use details
- communications with your Healthcare Provider, including audio and/or video from telehealth sessions
|
Commercial and financial information, such as: | - Products and Services purchased, obtained, or considered
- request documentation
- customer service records
- financial transaction history
- financial account number
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under data protection laws
|
Where do we get the data? |
- you directly
- your Healthcare Provider
- your devices
- our business partners and other third parties
|
Why we process the data? |
- to provide you with our Products and Services
- to communicate with you (about your inquiry)
- to administer our relationship with you
- to send you updates
- to communicate with you
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- to ensure the appropriate use of our Products and Services
- to improve our Products and Services
- for short-term, transient use
- for administrative purposes
- for quality assurance
|
The legal bases for processing: |
- for the purposes of our legitimate interests
- for medical diagnosis and the provision of healthcare and treatment
- in the public interest
- to comply with a legal obligation
- in preparation for or to perform a contract
- to protect vital interests
- to ensure high standards of quality and safety of healthcare and medical devices
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law*
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- Healthcare Providers
- partners that assist us in providing the Products or Services or help us improve our marketing or administration**+
|
Clinical Study Participants & Candidates |
Clinical Study Participants: We may process your Personal Data when you participate in a clinical study sponsored by us or conducted by us on behalf of a third party. If you are a participant in a clinical study, clinical trial, or other health-related research, you should receive a separate privacy notice regarding the Personal Data we process for those purposes. That privacy notice—and not this Notice— governs our used of such Personal Data. |
Clinical Study Candidates: we may process your Personal Data when you have been identified as a potential candidate for clinical studies sponsored by us or conducted by us on behalf of a third party. If you are a participant in a clinical study, clinical trial, or other health-related research, you should receive a separate privacy notice regarding the Personal Data we process for those purposes. That privacy notice—and not this Notice— governs our used of such Personal Data. |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- email address
- postal address
- phone number
|
Other personal information, such as: | - age
- gender
- marital status
- disability
- date of birth
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies***
- geolocation information
|
Information regarding your treatment, such as: | - date of birth
- sex/gender
- genetic information
- identification of pathologies/diseases
- areas of interest in medical research
- treatment dates
- medical history and treatment information
- X-rays, magnetic resonance imaging, and medical scans
- user activity
- therapy completion and use details
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under data protection laws
|
Where do we get the data? |
- you directly
- your Healthcare Provider
- your devices
- our business partners and other third parties
- your friends or family
|
Why we process the data? |
- to communicate with you (about your inquiry)
- to administer our relationship with you
- to send you updates
- to determine your eligibility in one or more clinical studies
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- to ensure the appropriate use of our Products and Services
- to improve our Products and Services
- for short-term, transient use
- for administrative purposes
- for quality assurance
|
The legal bases for processing: |
- for the purposes of our legitimate interests
- in the public interest
- to comply with a legal obligation
- in preparation for or to perform a contract
- to protect vital interests
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law*
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- our customers
- Healthcare Providers
- clinical investigators and/or members of investigator teams
- partners that assist us in providing the Products or Services or help us improve our marketing or administration**+
|
Healthcare Providers |
We may process your Personal Data when you are a Healthcare Provider who is a current or prospective Company customer, uses Company Products and Services, or treats patients with Company Products and Services, including use of Company’s online portals. |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- company/employer
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | - age
- gender
- marital status
- disability
- date of birth
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies***
- geolocation information
|
Commercial and financial information, such as: | - Products and Services purchased, obtained, or considered
- request documentation
- customer service records
- financial transaction history
- financial account number
|
Professional and educational information, such as: | - job title or position
- employer
- National Provider Identifier number
- state medical license number
- work skills
- employment history
- graduate degrees
- certifications
- specialized training
- responses to surveys and questionnaires
- enrolment history for our education and training events
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under data protection laws
|
Where do we get the data? |
- you directly
- your devices
- our business partners and other third parties
- your employer or principal
- your patients
- other Healthcare Providers
|
Why we process the data? |
- to provide you with our Products and Services
- to communicate with you (about your inquiry)
- to administer our relationship with your organization
- to send you updates
- to communicate with you
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- to ensure the appropriate use of our Products and Services
- to improve our Products and Services
- for short-term, transient use
- for administrative purposes
- for quality assurance
- for marketing, internal research, and development
- for quality assurance
- to customize content for you
|
The legal bases for processing: |
- for the purposes of medical diagnosis and the provision of healthcare and treatment
- for scientific or historical research or statistical purposes
- to ensure high standards of quality and safety of healthcare and medical devices
- for the purposes of our legitimate interests
- to comply with a legal obligation
- in preparation for or to perform a contract
- to protect vital interests
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law*
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- other Healthcare Providers
- your patients
- partners that assist us in providing the Products or Services or help us improve our marketing or administration**+
|
Clinical Investigators and Members of Investigator Teams |
We may process your Personal Data if you are an existing or prospective clinical investigator or a member of an investigation team for a clinical study that Company manages on behalf of a customer. |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- company/employer
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | - age
- gender
- marital status
- disability
- date of birth
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies***
- geolocation information
|
Professional and educational information, such as: | - job title or position
- employer
- National Provider Identifier number
- state medical license number
- work skills
- employment history
- graduate degrees
- certifications
- specialized training
- responses to surveys and questionnaires
- enrolment history for our education and
|
Commercial and financial information, such as: | - Products and Services purchased, obtained, or considered
- request documentation
- customer service records
- financial transaction history
- financial account number
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under data protection laws
|
Where do we get the data? |
- you directly
- your devices
- our business partners and other third parties
- our customers
- your employer or principal
|
Why we process the data? |
- to provide you with our Products and Services
- to communicate with you (about your inquiry)
- to administer our relationship with your organization
- to send you updates
- to communicate with you
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- to ensure the appropriate use of our Products and Services
- to improve our Products and Services
- for short-term, transient use
- for administrative purposes
- for quality assurance
- for marketing, internal research, and development
- for quality assurance
- to customize content for you
|
The legal bases for processing: |
- for the purposes of medical diagnosis and the provision of healthcare and treatment
- for scientific or historical research or statistical purposes
- to ensure high standards of quality and safety of healthcare and medical devices
- for the purposes of our legitimate interests
- to comply with a legal obligation
- in preparation for or to perform a contract
- to protect vital interests
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law*
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- our customers
- other clinical investigators and/or members of investigator teams
- partners that assist us in providing the Products or Services or help us improve our marketing or administration**+
|
Attendees and Participants at Events |
We may process your Personal Data when you attend or participate in professional and educational events we sponsor or hold. |
Examples of the types of data we process |
Identity and contact information, such as: | - first and last name
- company/employer
- email address
- postal address
- phone number
- username and password
|
Other personal information, such as: | - age
- gender
- marital status
- disability
- date of birth
|
Visual and audio information, such as: | - still images
- video (including via CCTV)
|
Technical Information, such as: | - Internet Protocol (IP) addresses (which may identify your general geographic location or company)
- browser type and browser language
- device type
- advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
- date and time you use our Products and Services
- Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
- activity on our Products and Services and referring websites or applications
- data collected from cookies or other similar technologies***
- geolocation information
|
Professional and educational information, such as: | - job title or position
- employer
- work skills
- employment history
- graduate degrees
- certifications
- specialized training
- responses to surveys and questionnaires
|
Anonymized / De‑identified Data: | - Anonymized data is data for which your individual personal characteristics have been removed such that you are not identified and the information is no longer considered Personal Data under data protection laws
|
Where do we get the data? |
- you directly
- your employer or principal
- your devices
- our business partners
|
Why we process the data? |
- to communicate with you (about your inquiry)
- to communicate with you (about your inquiry)
- to administer our relationship with your organization
- to send you update
- to communicate with you
- to identify and authenticate you
- to detect security incidents
- to protect against malicious or illegal activity
- for short-term, transient use
- for administrative purposes
- for marketing, internal research, and development
|
The legal bases for processing: |
- for the purposes of our legitimate interests
- in preparation for or to perform a contract
- to comply with a legal obligation
- in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law*
|
Who receives the data? |
- Company, our affiliates, subsidiaries, and related companies
- other event attendees and participants
- partners that assist us in providing the Products or Services or help us improve our marketing or administration**+
|
Children |
Company does not knowingly collect, maintain, disclose, or otherwise process Personal Data from minors below the age of 16 without the permission of such minor’s parents or legal guardians. |
*The legal bases relied upon by Company include those enumerated in Articles 6 and 9 of the European Union’s General Data Protection Regulation (“GDPR”), depending on the type of Personal Data.
**In limited circumstances, recipients may include, (1) in the event of a sale, assignment, or transfer, to the buyer, assignee, or transferee; and, (2) government or regulatory officials, law enforcement, courts, public authorities, or others when permitted by this Notice or required by law.
***Please see our Notice on Cookies for more information on how we use cookies and similar technologies.
+Company may jointly use your Personal Data to provide you with the Products and Services requested. This could include disclosure of your Personal Data to Company affiliates, as well as third parties who assist or partner with us to provide you with Products and Services. For a list of affiliates and the entities who may receive your Personal Data or who will be responsible for your Personal Data, please see here and here. For the specific affiliates or third parties who may jointly use your Personal Data, please contact us as indicated below.