Privacy Policy
Privacy Notice
Last updated [31 August 2021]
Your trust is important to us.
We want to make sure you understand what personal information we may collect about you when you interact with Signifier Medical Technologies Ltd (“Signifier Medical Technologies”, “we,” “us” or “our”), how we store, use and disclose your personal information, and how we keep it safe.
Data Controller
Signifier Medical Technologies Ltd is the controller of your personal information.
This Privacy Notice explains:
- what personal information we collect about you;
- how we use your personal information;
- on what basis we use your personal information;
- how long we keep your personal information;
- who we share your personal information with and international transfers;
- how we protect your personal information;
- your rights regarding your personal information;
- what to do if you don’t want to provide us with your personal information; and
- how we use cookies and where to find further information.
We may change this Privacy Notice from time to time. We encourage you to review this Privacy Notice periodically.
If you have any questions, please get in touch via one of the methods set out in the Contact us section.
What personal information do we process and how do we use it?
Personal information is information about an identifiable individual, such as name, address, telephone number, e-mail address and healthcare information. The table below explains, in relation to your personal information:
- what personal information we collect;
- how we use it;
- the lawful basis or conditions, upon which we process it; and
- from where we get it.
We may generate de-identified, aggregated or anonymized information using personal information. Such information does not reveal your identity. We may use de-identified, aggregated or anonymized information for purposes including conducting research, compiling aggregate data sets to perform analytics, and for product and service development and improvement activities.
Where we process special category personal data, we do so in line with the applicable data protection laws. This includes keeping an internal record of the relevant legal condition upon which we consider we are permitted to carry out the processing. In relation to marketing, you can opt-out at any time by getting in touch with us as set out in the ‘Contact us’ section below or by unsubscribing in accordance with applicable law.
Please note that where we have relied on your consent for any collection, storage, use and disclosure of personal information, you can withdraw that consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. Please see the ‘Your rights regarding your personal information’ section below.
Where we have relied on legitimate interests, you may contact us for further information including in relation to the assessment of our legitimate interests as balanced with your interests, at the Contact us section. below.
We may also collect and use your personal information, including personal health information, to:
| What we use your personal information for | Lawful bases or conditions | Types of information | Source of information |
|---|---|---|---|
| Providing products and services to you | To perform our contract with you or to take steps at your request before entering into a contract | Name, email, phone number, and other contact information. | Collected directly from you OR collected from healthcare provider (“HCP”) |
| Managing our relationship with you which includes contacting and interacting with you, including to: provide important notices and updates, such as changes to our terms and policies, security alerts and administrative messages | To perform our contract with you in communicating with you on any changes you need to be made aware of and any notices on device performance. For legitimate interests to provide you with relevant information. | Name, email, phone number and other contact information. | Collected directly from you OR collected from prescribing HCP/distributor |
| Administering this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | For legitimate interests: to make your experience of our products and services efficient and effective and to operate and improve our business and minimise any disruption to the services that we may offer youConsent: when deploying non-essential cookies. | Website usage data | Collected directly from you OR collected from cookies |
| Activities necessary to comply with legal and regulatory obligations that apply to our business | To comply with our legal and regulatory obligations | Name, email, phone number, other contact information, and device usage data | Collected directly from you |
| Respond to reports you make of a possible side effect associated with one of our products and to monitor the safety of our products | To perform our contract with you or to take steps at your request before entering into a contract To comply with our legal and regulatory obligationsFor the provision of health or social care or treatment, or the management of health or social care systems and services (relevant for personal health information related data). | Gender, date of birth and health information including sleep health and associated co-morbidities. Information from any reported product defect. | Collected directly from you |
| For the purpose of evaluating the performance of the device and our services to you | Explicit consent | Customer surveys, and other contact information. | Collected directly from you |
| To provide feedback towards your progress with the therapy | Explicit consent | Device usage data Sleep quality assessment Therapy level Completed therapy sessionSnoring data | Collected directly from you |
| To comply with demands or requests made by regulators, governments, courts and law enforcement authorities | To comply with our legal and regulatory obligations Where necessary for reasons of public interest | Name, email, phone number, other contact information, and device usage data | Collected directly from you |
| For the purposes of website security | For legitimate interests to ensure the security of the website and transactions Consent: when deploying non-essential cookies | Transaction details | Collected directly from you OR collected from cookies |
| Operational reasons such as improving products/services, efficiency, training and quality control | For legitimate interests: to make your experience of our products and services efficient and effective and to operate and improve our business and minimise any disruption to the services that we may offer you Explicit consent Consent: when deploying non-essential cookies. | Name, email, phone number, other contact information, and device usage data | Collected directly from you OR collected from cookies |
| Production of aggregated data for statistical analysis for commercial/financial purposes and scientific research for technological development | For legitimate interests: to make your experience of our products and services efficient and effective and to operate and improve our business and devices and minimise any disruption to the services that we may offer you. For scientific research purposes or statistical purposes.Explicit consentConsent: when deploying non-essential cookies. | Device usage data | Collected directly from you OR collected from cookies |
| Using data analytics to improve this website, our products/services, marketing, customer relationships and experiences | For legitimate interests: to make our communications with you more relevant and personalised to you, and to make your experience of our products and services efficient and effective. Consent: when deploying non-essential cookies. | • activity data, such as when you completed a form on this website;• information from your visits to this website, including the type of browser and operating system you use, access times, pages viewed, URLs clicked on, your IP address and the pages you visited before and after navigating to this website;• social media tracking pixels that allow platforms such as Facebook and Twitter to interact with this website and give feedback on your actions; and• device information, including the unique device identifier, hardware model, operating system and version and mobile network information. | Collected directly from you OR collected from cookies |
| Marketing our company, services and products including providing you with information such as: our press releases;job postings;financial results; andtips and helpful information and marketing communications about our products and services. We will always obtain consent for marketing where required by law. | Consent (in relation to promotion of our products and services only) legitimate interests where you have previously bought a similar device or service from us or have actively expressed an interest in buying a similar product or service from us) | Name, email, phone number and other contact information. | Collected directly from you |
| To maintain an ordinary course commercial business with you, examples:issuance of POs, invoices | For legitimate interest in order to conduct our business activities with you. | Name, email, phone number, job title and other contact information. | Collected directly from you |
| Obtaining professional advice from lawyers, accounts or tax advisors | For legitimate interest to obtain relevant advice, for the establishment, exercise or defence of legal claims. | Name, email, phone number and device usage data | Collected directly from you |
| For purposes of recruitment | For legitimate interests to conduct a recruitment process. For the purposes of complying with employment law. | Name, email, phone number, other contact information and career information | Collected directly from you or recruiting agency |
How long will we keep your personal information?
We will always keep your personal information for the period required by law and where we need to do so in connection with legal action or an investigation involving Signifier Medical Technologies. Otherwise, we keep your personal information:
- for as long as needed to provide you with access to services you have requested;
- where you have contacted us with a question or request, for as long as necessary to allow us to respond to your question or request; or
- the amount of time otherwise needed to fulfil the purposes for which it was collected.
Personal information is collected and used for the reasons set out above, and shall not be stored for longer than necessary for those purposes. Different retention periods may apply for different types of personal information. Once we no longer need to hold your personal information, we will ensure that it is securely deleted or made anonymous.
Who do we share your personal information with?
We sometimes share your personal information with others. Specifically, we may share your personal information with:
- members of Signifier Medical Technologies group, including its affiliates and partners; and
- the following trusted third parties:
- our agents, representatives, third-party service providers and suppliers, including those who provide us with technology services such as data analytics, hosting and technical support;
- our professional advisors, auditors and business partners;
- regulators, governments and law enforcement authorities; and
- other third parties in connection with the sale or reorganisation of all or any part of our business.
Storing and Transferring your personal information out of Canada
Your personal information may be collected, stored, used, transferred and processed by Signifier Medical Technologies, its affiliated companies and Signifier Medical Technologies’ trusted third party suppliers outside of your home country, including in [the European Union, the United States and the United Kingdom].
We will implement appropriate measures to ensure that your personal information remains protected and secure when it is transferred outside of your home country, in accordance with applicable personal information protection laws.
Your personal information will be subject to the local laws of the country where it is transferred and in certain circumstances, other foreign governments, courts, law enforcement agencies or regulatory agencies may be entitled to access your personal information. Personal information protection laws in the countries to which your personal information is transferred may not be equivalent to, or as protective as, the laws in your home country.
For further information on international transfers, please get in touch with us as set out in the Contact us section. below.
Protecting your personal information
We use a variety of physical, organizational, technological and contractual safeguards, security measures and technologies to help protect your personal information from unauthorised access, use, disclosure, alteration, copying or destruction in line with applicable personal information protection laws. For example, when we share your personal information with external suppliers, we may put in place a written agreement that commits the suppliers to keep your information confidential and to put in place appropriate security measures to keep your information secure.
The transmission to us of information via the internet or a mobile phone network connection may not be completely secure and any transmission is at your own risk.
Your rights regarding your personal information
In certain circumstances, you have rights under personal information protection laws in relation your personal information and may be entitled to:
- access to the personal information Signifier Medical Technologies holds about you;
- the correction and/or deletion of your personal information;
- the restriction of the processing of your personal information;
- object to processing including at any time for personal information that is being processed for direct marketing and in certain other situations (including where we are processing your personal information based on our legitimate interests);
- withdraw your consent to the processing of your personal information (where Signifier Medical Technologies is processing your personal information based on your consent). However, this will not affect the lawfulness of any processing carried out before you withdraw your consent;
- request for the receipt or the transfer to another organisation, in a machine-readable form, of the personal information that you have provided to Signifier Medical Technologies;
- not to be subject to automated decision making.
If you would like to exercise your rights, please let us know by getting in touch with us as set out in the Contact us section below.
What if you do not want to provide us with your personal information?
When you use the website or otherwise submit personal information to us, you agree that you have read the terms of this Privacy Notice. If you do not agree with this Privacy Notice, please do not use our website, sign up for our services or provide us with your personal information.
Where you are given the option to share your personal information with us, you can always choose not to do so.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. This could mean that we may not be able to perform the actions necessary to achieve the purposes as set out in the section ‘How do we use your personal information?’ above or that you are unable to make use of the full services and products offered by us.
Cookies and other technologies
This website uses technology called “cookies” which allow this website to recognise and respond to you as an individual. We use cookies and/or similar technologies to analyse customer behaviour, administer the website, track users’ movements, [and to collect information about users which may be relevant to offering our services to you]. This is done in order to personalise and enhance your experience with us.
To see further details, including on the use of third party cookies, and to learn how you can manage your cookie preferences, please refer to our Cookie Policy.
We rely on the lawful basis of consent to process your personal information using non-essential cookies or other similar technologies. We rely on the lawful basis of legitimate business interests for processing your personal information using essential cookies. We may also utilise tracking technology on the web properties, for analytics, marketing or performance tracking. We use this to improve and enhance our communication with you or the products/services we offer.
Please see further details in our Cookie Policy on how you can manage your cookie preferences and how you can set your browser to not accept cookies. If you do choose to decline cookies or otherwise change your settings, not all elements of this website may function as intended, so your website experience may be affected.
Websites that we do not own or control
From time to time we may provide links to websites or mobile applications that are not owned or controlled by us. This Privacy Notice does not apply to those websites and we are not responsible for the privacy practices, business practices or content of any of such websites to which we link. If you choose to use those websites, please check the legal and privacy statements posted on each website or mobile application you access to understand their privacy practices.
Children’s Privacy
We do not knowingly collect, use or share personal information directly from children. Our website and online resources are not directed at children. For any minor to access our programs, products and services, the parent or guardian of such child must contact us on their behalf.
How to complain
Please contact us if you have any queries or concerns about our use of your personal information by getting in touch with us as set out in the Contact us section below.
You also have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada. The Office of the Privacy Commissioner of Canada may be contacted at https://www.priv.gc.ca/en/contact-the-opc/ or telephone: 1-800-282-1376.
You also have the right to lodge a complaint with any other relevant data protection authority. The United Kingdom data protection authority may be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113.
Contact us
If you have questions or requests regarding this Privacy Notice, or if you would like to exercise your rights, please contact eXciteOSA, [email protected]
Our privacy officer can be contacted at [email protected]
