In this Statement of Privacy Principles, we describe how Medtronic processes personal information. Preservation of, and respect for, our customers', business colleagues and vendors', and patients' trust is critical to our continued success. We will always process personal information:
- Confidentiality and fairly
- Appropriately, according to the statements we make
- Lawfully, in accordance with applicable data protection laws, directives, regulations and principles
Version: May 2018
PLEASE READ THIS PRIVACY STATEMENT CAREFULLY.
This Privacy Statement tells you how we use information that we collect about you through this Medtronic website, as well as mobile sites, applications ("apps"), widgets, conferences, events, face-to-face customer interactions, electronic newsletters communications or other services (collectively the “Services”) that link to this Privacy Statement, operated by Medtronic Limited based in the United Kingdom.
We intend to deal with your information in a manner that is fair and in line with your expectations and encourage you to read and consider the information provided in this Privacy Statement to confirm that is the case.
What information do we collect about you?
The information we receive, and how we use it, depends on what you do when visiting our website or using our Services. We collect and use non-personal information (information that does not identify you personally) differently to your personal information.
YOUR PERSONAL INFORMATION
Personal information is information that can specifically identify you, such as your:
- first and last name
- address, telephone number, e-mail address or other contact information
- medical device serial number
- personal health information
- date of birth or age
- social media username or profile
- interests and qualifications
- IP (Internet Protocol) address when such address is associated with a specific user
We collect personal information about our users in two ways:
- when you enter personal information on certain pages of the website. For example, you may fill out a registration form for a particular service, participate in a survey, or complete a contact form.
- using automated means, specifically through cookies. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website. For more information about cookies, please click here.
HOW DOES MEDTRONIC USE PERSONAL INFORMATION?
We may use the information that you have shared with us through this website and relevant Services (other than sensitive information, which is discussed separately below) for the following purposes:
- to respond to your requests
- to provide the services or information you request
- to allow you to register certain products or services, or enhance their functionality
- to resolve and track the status of any consumer and/or product or service issues
- to manage our relationship with you and facilitate any necessary follow up (e.g. by storing relevant information and preferences for a reasonable amount of time)
- to enter into, or perform a contract with you (e.g. in case you wish to order products or services from us)
- to enable you to participate in our online communities, including social media and blogs
- to contact you with information that might be of interest to you – see further the Marketing and Education section below
- In other ways to which you consent
Medtronic may also use your personal information to the extent necessary to achieve the following legitimate interests, so long as compatible with your rights and expectations of privacy:
- for analytical purposes in order to research, develop and improve programs, products, services and content
- to anonymize your information by removing any personal identifiers (your name, e-mail address, social security number, etc.) so that it may be used for other purposes. In this case, the anonymized information would no longer identify you and may be treated like other non-personal information. For more details please see the relevant section below.
- to enforce this Privacy Statement and other rules about your use of this website
- to protect our rights or property
Medtronic also has legal grounds to use your personal information:
- as necessary to protect someone's health, safety or welfare; and
- in order to comply with a law or regulation, court order or other legal process
Where required by law, we will ask you to "opt-in" or affirmatively consent to the processing of your personal data for a particular purpose. For example, where the law so requires, we will only send you newsletters if you have subscribed to them.
Medtronic may also identify and compile available information regarding current and prospective customers in order to assess the feasibility of any future contracting opportunities (this may include healthcare professional qualifications, specialities, publications and previous engagements). In order to manage our interactions, engagements and support services, Medtronic may also create and maintain commercial, professional or interest-based profiles based on identified, inferred or derived characteristics, interests or key skills of current or prospective customers.
WHAT IS SENSITIVE INFORMATION?
Some types of personal information are sensitive information. Sensitive information is personal information revealing or relating to your health (such as your device serial number, or the date of an implant), genetic or biometric data, your racial or ethnic origin, religious or philosophical beliefs, sex life or sexual orientation, political opinions or trade union membership.
WILL MEDTRONIC TREAT SENSITIVE INFORMATION DIFFERENTLY TO OTHER PERSONAL INFORMATION?
Medtronic will only collect and process your sensitive information:
- in ways for which you have given your explicit consent
- to protect the vital interests of you or another person, in cases where your explicit consent cannot be given or reasonably requested
- according to applicable laws which include suitable and specific measures to safeguard your fundamental rights and interests
- where the processing is necessary for medical purposes and we are, under the circumstances, under a duty of confidentiality equivalent to the duty of confidentiality of a health professional
- to establish, exercise, or defend a legal claim
- We may collect sensitive information directly from you, when you voluntarily provide it to us for a particular purpose (e.g. when you contact us with a question or suggestion about our products and services);
- We may also collect sensitive information about patients through healthcare professionals who we work with to provide therapy or technical support for our products or services to you;
- We may collect sensitive information as required by European, and other governmental authorities in order to assure safe and effective use of our products and services;
- We may collect sensitive information about participants who have explicitly consented to participate in clinical trials, studies, and other research initiatives.
Non-personal information is information that cannot identify you or be tied to you in any way. Therefore the non-personal information that we collect through this website does not identify you as an individual person, and will not be linked to you. It may include information such as the following:
- the type of web browser software you use (for example, Internet Explorer)
- the name of the domain from which you access the Internet
- the Internet address of the website from which you linked directly to our website
- the date and time you access our website
- which pages you have visited on our website
- he search terms you use
- the links on which you click
WHAT DOES MEDTRONIC DO WITH NON-PERSONAL INFORMATION?
We are always looking for ways to better serve you and improve our products, services and website experience. We will use non-personal information from you to make this website more useful to visitors. We may also use non-personal information for other business purposes. For example, we may use non-personal information or aggregate non-personal information to:
- create reports for internal use to develop programs, products, services or content
- adapt or improve the information or services provided
- share or sell information to third parties
- provide information on how our site is used, such as "traffic statistics" and "response rates" to third parties
Direct marketing and educational materials
We will ask you to "opt-in" or affirmatively consent to the use of your personal information for the purposes of such communications, in accordance with applicable laws.
If at any time you decide not to receive any educational, commercial or promotional information related to our products and services or regarding the products or services of our affiliates or service providers, please email us at the contact details listed below and mention “OPT-OUT” in the subject of your email. Alternatively, you may use the opt-out procedure provided in any relevant message you receive from us.
Please note that if you opt not to receive promotional messages from us, we may still continue to send you relevant information for other lawful purposes, such as to administer any account you may have with us, to respond to your requests, to execute agreements with you, or to provide you with information that Medtronic is required by law to provide, e.g. regarding product recalls.
Does Medtronic ever share personal information with third parties?
Medtronic will not share your personal information collected from this website with a third-party except as described in this Privacy Statement.
In the ordinary course of business, we may share some personal information with Medtronic affiliates or third party companies that we hire to perform services or functions on our behalf.
For example, we may:
- use different vendors or suppliers to ship you products that you order on our website. In these cases, we provide the vendor with information to process your order such as your name and mailing address.
- use a service provider to administer certain newsletter or informational mailings that you have signed up for, and provide access to your email address for this purpose.
- use a third-party application or platform to allow us to manage and keep track of our communications with you.
- use our company affiliates to provide services relating to your personal information e.g. we may store your information on a secure server based at our affiliate’s site in Europe or the United States. For more information on the circumstances in which we may transfer your information to other countries, please see the relevant section below.
In all cases we will not share more information than is necessary, and we will not authorize any third parties to keep, disclose or use your information except to provide the requested services in line with the purposes set out above.
Please note that subject to applicable laws, we may disclose your personal information if we believe we are required to do so to comply with any law, regulation, court order, legal or government request. In the unlikely event that all or part of our business is acquired by a third party, your information may be transferred to the new corporate owner insofar as relevant to the business in question and subject to appropriate safeguards being in place.
In addition, we may use and disclose your personal information to third parties if necessary to:
- enforce this Privacy Statement and the other rules about your use of this website
- protect our rights or property
- protect someone's health, safety or welfare
- comply with a law or regulation, court order or other legal process
- investigate or take action in cases of suspected fraud or illegal activities
In addition, please keep in mind that certain areas of our website may be interactive in nature, and allow you to post information that other users can see. If you do not wish to have information viewed publicly, please do not use those sections of the website.
Do we transfer personal information to other countries?
In certain cases Medtronic may transmit personal information collected on this website to our affiliates or third party service providers in other countries, but only in furtherance of the purposes set out in this Privacy Statement. In cases where personal information is transmitted from Europe to other countries we will ensure that safeguards equivalent to those provided by European data protection laws are in place. For more information on the safeguards implemented by Medtronic please Contact Us.
How long will we keep your personal information for?
We will only keep your personal information for so long as necessary to fulfill the purposes for which we are allowed to use them, as set out in this Privacy Statement. For example, if you tell us that you no longer wish to receive a newsletter from us, we will immediately delete your email address from our mailing list. In case you participate in a program via our website we will delete the personal information provided as part of that program within a reasonable time after its completion (e.g. six months after completion will normally be considered reasonable unless we have lawful grounds to retain some of the information for longer (e.g. if necessary for validation or to comply with recordkeeping obligations).
What happens if the privacy statement changes?
This Privacy Statement was last revised on May 15, 2018. We may change this Privacy Statement at any time and for any reason. If we decide to make a significant change to our Privacy Statement, we will post a notice on the homepage of our website for a period of time after the change is made. We encourage you to review this Privacy Statement each time you visit the website.
What about privacy on other websites?
This website may contain links to other websites. Some of those websites may be operated by Medtronic affiliates, and some may be operated by third parties. This Privacy Statement does not apply to other websites, even other Medtronic websites. Therefore whenever you leave this website we recommend that you review the privacy practices that apply to information you provide on other websites. We provide the links for your convenience, but we do not review, control, or monitor the privacy practices of websites operated by others. Neither are we are responsible for websites operated by third parties or your business dealings with them.
Are there special rules about children's privacy?
We care about protecting the online privacy of children. We will not intentionally collect any personal information (such as a child's name or e-mail address) from children under the age of 16 without the consent of someone holding parental responsibility. If you think that we have otherwise collected personal information from someone under the age of 16, please Contact Us.
What about website security?
Security is very important to us. We also understand that security is important to you. We use industry standard measures to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However no website or email transmission is 100% secure and we encourage you to therefore take special care in deciding what information you send or request via email, and take appropriate precautions such as keeping any usernames and passwords you use confidential.
At any time, you may exercise your right to access, rectify and, as the case may be, erase, any personal information relating to you, or restrict the processing of your personal information, in compliance with applicable laws.
You also have the right at any time to object, based on your particular situation, to any use or processing of your personal information which we have based on our legitimate interests.
In case we are processing your personal information in an automated manner as part of a service to you or based on your consent then you also have the right to request a copy of your information in a structured, commonly used and machine-readable format (known as the right to “data portability”).
Such requests can be sent to firstname.lastname@example.org or in writing to Attn: Data Protection Officer, Building 9, Croxley Park, Watford, Herts, WD18 8WW, UK. Please note that we may ask you to provide proof of identity (such as a copy of your ID card or passport) before we can comply with your request.
If we have based our collection or use of your personal information on your consent then you also have the right to withdraw your consent at any time in the same way as it was given, or by sending a request in the above manner.
You may also at any time, free of charge and without having to provide any justification, opt-out of any direct marketing campaigns and request to no longer receive any promotional material as described above.
In case you are not satisfied with our handling of your request you may contact the applicable Data Protection Authority. See further: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
How to contact Medtronic
If you have questions or comments about this Privacy Statement, please Contact Us through our website or via the contact details listed in the Your Rights section above.