Last updated 23/06/2021
Your trust is important to us.
We want to make sure you understand what personal information we may collect about you when you interact with Signifier Medical Technologies Ltd (“Signifier Medical Technologies”, “we,” “us” or “our”), how we use your personal information, and how we keep it safe.
Signifier Medical Technologies Ltd is the controller of your personal information.
This Privacy Notice explains:
- what personal information we collect about you;
- how we use your personal information;
- on what basis we use your personal information;
- how long we keep your personal information;
- who we share your personal information with and international transfers;
- how we protect your personal information;
- your rights regarding your personal information;
- what to do if you don’t want to provide us with your personal information; and
We may change this Privacy Notice from time to time. We encourage you to review this Privacy Notice periodically.
If you have any questions, please get in touch via one of the methods set out in the ‘Contact us’ section.
What personal information do we process and how do we use it?
- The table below explains, in relation to your personal information:
- what personal information we collect;
- how we use it;
- the lawful basis or conditions, upon which we process it; and
- from where we get it.
What we use your personal information for Lawful bases or conditions Types of information Source of information Providing products and services to you To perform our contract with you or to take steps at your request before entering into a contract Name, email, phone number Collected directly from you OR collected from healthcare provider Managing our relationship with you which includes contacting and interacting with you, including to: • provide important notices and updates, such as changes to our terms and policies, security alerts and administrative messages To perform our contract with you in communicating with you on any changes you need to be made aware of and any notices on device performance. For legitimate interests to provide you with relevant information. Name, email, phone number Collected directly from you OR collected from prescribing HCP/distributor Administering this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) For legitimate interests: to make your experience of our products and services efficient and effective and to operate and improve our business and minimise any disruption to the services that we may offer you Consent: when deploying non-essential cookies. Website usage data Collected directly from you OR collected from cookies Activities necessary to comply with legal and regulatory obligations that apply to our business To comply with our legal and regulatory obligations Name, email, phone number, device usage data Collected directly from you Respond to reports you make of a possible side effect associated with one of our products and to monitor the safety of our products To perform our contract with you or to take steps at your request before entering into a contract To comply with our legal and regulatory obligations For the provision of health or social care or treatment, or the management of health or social care systems and services (relevant for health related data). Gender, date of birth and health information including sleep health and associated co-morbidities. Information from any reported product defect. Collected directly from you For the purpose of evaluating the performance of the device and our services to you Explicit consent Customer surveys Collected directly from you To provide feedback towards your progress with the therapy Explicit consent Device usage data Sleep quality assessment Therapy level Completed therapy session Snoring data Collected directly from you To comply with demands or requests made by regulators, governments, courts and law enforcement authorities To comply with our legal and regulatory obligations Where necessary for reasons of public interest Name, email, phone number, device usage data Collected directly from you For the purposes of website security For legitimate interests to ensure the security of the website and transactions Consent: when deploying non-essential cookies. Transaction details Collected directly from you OR collected from cookies Operational reasons such as improving products/services, efficiency, training and quality control For legitimate interests: to make your experience of our products and services efficient and effective and to operate and improve our business and minimise any disruption to the services that we may offer you Explicit consent Consent: when deploying non-essential cookies. Name, email, phone number, device usage data Collected directly from you OR collected from cookies Production of aggregated data for statistical analysis for commercial/financial purposes and scientific research for technological development For legitimate interests: to make your experience of our products and services efficient and effective and to operate and improve our business and devices and minimise any disruption to the services that we may offer you. For scientific research purposes or statistical purposes. Explicit consent Consent: when deploying non-essential cookies. Device usage data Collected directly from you OR collected from cookies Using data analytics to improve this website, our products/services, marketing, customer relationships and experiences For legitimate interests: to make our communications with you more relevant and personalised to you, and to make your experience of our products and services efficient and effective. Consent: when deploying non-essential cookies. • activity data, such as when you completed a form on this website; • information from your visits to this website, including the type of browser and operating system you use, access times, pages viewed, URLs clicked on, your IP address and the pages you visited before and after navigating to this website; • social media tracking pixels that allow platforms such as Facebook and Twitter to interact with this website and give feedback on your actions; and • device information, including the unique device identifier, hardware model, operating system and version and mobile network information. Collected directly from you OR collected from cookies Marketing our company, services and products including providing you with information such as: • our press releases; • job postings; • financial results; and • tips and helpful information and marketing communications about our products and services. We will always obtain consent for marketing where required by law. Consentor (in relation to promotion of our products and services only) legitimate interests where you have previously bought a similar device or service from us or have actively expressed an interest in buying a similar product or service from us) Name, email, phone number Collected directly from you To maintain an ordinary course commercial business with you, examples: · issuance of POs, invoices For legitimate interest in order to conduct our business activities with you. Name, email, phone number, job title Collected directly from you Obtaining professional advice from lawyers, accounts or tax advisors For legitimate interest to obtain relevant advice, for the establishment, exercise or defence of legal claims. Name, email, phone number and device usage data Collected directly from you For purposes of recruitment For legitimate interests to conduct a recruitment process. For the purposes of complying with employment law. Name, email, phone number and career information Collected directly from you or recruiting agency
Where we process special category personal data, we do so in line with the applicable data protection laws. This includes keeping an internal record of the relevant legal condition upon which we consider we are permitted to carry out the processing. In relation to marketing, you can opt-out at any time by getting in touch with us as set out in the ‘Contact us’ section below.
Please note that where we have relied on your consent for any processing, you can withdraw that consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. Please see the ‘Your rights regarding your personal information’ section below.
Where we have relied on legitimate interests, you may contact us for further information including in relation to the assessment of our legitimate interests as balanced with your interests, at the ‘Contact us’ section below.
How long will we keep your personal information?
- We will always keep your personal information for the period required by law and where we need to do so in connection with legal action or an investigation involving Signifier Medical Technologies. Otherwise, we keep your personal information:
- for as long as needed to provide you with access to services you have requested;
- where you have contacted us with a question or request, for as long as necessary to allow us to respond your question or
Personal information is collected and used for the reasons set out above, and shall not be stored for longer than necessary for those purposes. Different retention periods apply for different types of personal information. Once we no longer need to hold your personal information, we will ensure that it is securely deleted.
Who do we share your personal information with?
- We sometimes share your personal information with others. Specifically, we may share your personal information with:
- members of Signifier Medical Technologies group; and
- the following trusted third parties:
- our agents and suppliers, including those who provide us with technology services such as data analytics, hosting and technical support;
- our professional advisors, auditors and business partners;
- regulators, governments and law enforcement authorities; and
- other third parties in connection with the sale or reorganisation of all or any part of our business.
Transferring your personal information out of the UK and EEA
- Your personal information may be processed by Signifier Medical Technologies, its affiliated companies and Signifier Medical Technologies’ trusted third party suppliers outside of your home country. Data protection laws in the countries to which your personal information is transferred may not be equivalent to, or as protective as, the laws in your home country.We will implement appropriate measures to ensure that your personal information remains protected and secure when it is transferred outside of your home country, in accordance with applicable data protection laws. These measures include ensuring that one of the following safeguards is implemented:
- the UK government or, where the EU GDPR applies, the European Commission has decided the particular country or international organisation ensures an adequate level of protection of personal information (known as an ‘adequacy decision’);
- there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or
- a specific exception applies under applicable data protection laws.
Transferring personal data between UK and USA in accordance with standard contractual clauses.
For further information on international transfers, please get in touch with us as set out in the ‘Contact us’ section below.
Protecting your personal information
- We use a variety of security measures and technologies to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction in line with applicable data protection laws. For example, when we share your personal information with external suppliers, we may put in place a written agreement which commits the suppliers to keep your information confidential, and to put in place appropriate security measures to keep your information secure.The transmission to us of information via the internet or a mobile phone network connection may not be completely secure and any transmission is at your own risk.
Your rights regarding your personal information
- In certain circumstances, you have rights under data protection laws in relation your personal information and may be entitled to:
- access to the personal information Signifier Medical Technologies holds about you;
- the correction and/or deletion of your personal information;
- the restriction of the processing of your personal information;
- object to processing including at any time for personal information that is being processed for direct marketing and in certain other situations (including where we are processing your personal information based on our legitimate interests);
- withdraw your consent to the processing of your personal information (where Signifier Medical Technologies is processing your personal information based on your consent). However, this will not affect the lawfulness of any processing carried out before you withdraw your consent;
- request for the receipt or the transfer to another organisation, in a machine-readable form, of the personal information that you have provided to Signifier Medical Technologies;
- not to be subject to automated decision making.
If you would like to exercise your rights, please let us know by getting in touch with us as set out in the ‘Contact us’ section below.
What if you do not want to provide us with your personal information?
- Where you are given the option to share your personal information with us, you can always choose not to do so.If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. This could mean that we may not be able to perform the actions necessary to achieve the purposes as set out in the section ‘How do we use your personal information?’ above or that you are unable to make use of the full services and products offered by us.
Cookies and other technologies
Websites that we do not own or control
- From time to time we may provide links to websites or mobile applications that are not owned or controlled by us. This Privacy Notice does not apply to those websites. If you choose to use those websites, please check the legal and privacy statements posted on each website or mobile application you access to understand their privacy practices.
How to complain
- Please contact us if you have any query or concern about our use of your personal information by getting in touch with us as set out in the ‘Contact us’ section below.You also have the right to lodge a complaint with the UK Information Commissioner or any relevant European data protection supervisory authority. The UK Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113.
- If you have questions or requests regarding this Privacy Notice, or if you would like to exercise your rights, please contact Signifier Medical Technologies, [email protected]Our data protection officer can be contacted at [email protected] Medical Technologies’ EU representative is Advena Ltd, with a registered office at:
Tower Business Centre 2nd Flr.
Tower Street Swatar, BKR 4013 Malta
Registered in Malta, No. C 76865 VAT# MT23649432