MicroPort Privacy & Cookies Statement
We may collect and process the following information about you:
information (such as your name, email address, postal address and telephone number) that you provide by completing forms on the App, including if you register as a user of the App, upload or submit any material via the App, or request any information;
information in connection with an account sign-in facility, such as your login and password details;
health information about your surgery or treatment, including pre- and post-intervention care information;
other optional information relating to you, your surgery, and how your recovery is progressing, including date of birth, activity data, pain scores, and exercise data;
communications you send to us, for example to report a problem or to submit queries, concerns or comments regarding the App or its content; information from videos you have watched or surveys that we may, from time to time, run on the App for research purposes, if you choose to respond to, or participate in, them. If you install the App on to an Android or Apple device which has the respective Google Fit or HealthKit features enabled, Future Health Works Ltd will request access to details of your exercise and fitness level available through your device. You will be prompted by your device to allow access the first time this content is requested by us and, even if you grant Future Health Works Ltd access, you can stop this access at any later point by changing the settings on your device. You are under no obligation to provide this information. However, if you should choose to withhold requested information, we may not be able to provide you with certain services, e.g. if insufficient activity data is uploaded to the App we cannot provide you or your surgeon with activity-related outputs and analytics. When you access or use the App, we may, by means of cookies and/or other similar technologies, automatically collect additional information about you – such as the type of mobile device you use, and/or the operating system of your mobile device. See the Cookies & other technologies section for more information.
Your mobile device enables us to show you content that is local to you and to help authenticate the use of the services. We may approximate your location from your device using a combination of your IP address or through the GPS, Bluetooth or WiFi connection information used by your device. We do not collect fine-grained location data – we collect data in 30 minute intervals to an estimated 1 kilometer radius. Where we collect location data, we will prompt you about sharing your location and you can disable location sharing at any time through the settings of your device – although this may affect the services we can provide you e.g. monitoring and reporting on your activity levels or visits to your surgeon or healthcare professional.
Uses made of your information
The purposes for which we use your personal data and the legal grounds on which we do so are as follows:
We use your personal information which we collect to enable us to provide you with the services and information offered through the App and which you request, subject to our EULA and Terms of Service with you;
With your explicit consent, provide your surgeon or other health professional with information about the progress of your treatment, for example, survey scores or symptom surveys;
Where you have provided your explicit consent, we will use your personal information (always having removed personal identifiers, such as your name, address and contact details) to improve our healthcare products and services, and our artificial intelligence system, so that we can deliver better healthcare to you and other users, and further research into musculoskeletal care and disease progression. This does not involve making any decisions about you – it is only about improving our products, services and software so that we can deliver a better experience to you and other users, and help achieve our aim of making healthcare affordable and accessible to everyone. Strict confidentiality and data security provisions apply at all times. Administer your account with us, as set out in our Terms of Service; and In accordance with our legitimate interest in managing and planning our business, we may use your personal information which we collect to: audit the downloading of the App and data from the App;
improve the layout and/or content of the pages of the App and customise them for users;
conduct analysis and carry out research to further and improve orthopaedic care;
analyse aggregated and anonymised outcome data to provide recommendations on patients journeys and develop technology to automate guidance;
forecast demand of service and to understand other trends in use, including which features users use the most and find the most helpful, and what features users require from us. This does not involve making any decisions about you – it is only about improving our App so that we can deliver better services to you and other users. Strict confidentiality and data security provisions will apply at all times;
troubleshoot bugs within the App; and troubleshoot and help you with any questions/ enquiries. To help the surgeon or other healthcare professionals involved in your care to better track your progress post-operation, we may contact you via email, requesting you to fill out a survey or answer questions about your treatment and recovery progress. These emails will be sent to you even if you uninstall the App. Please note, we will only use your email address to provide you information related to your operation and recovery journey and use of the App. We will not, without your permission, use it to send you general marketing emails.
We may share your information, including information that you insert in to the App, with:
your nominated surgeon or healthcare professional responsible for your care for the purposes explained above so they can understand and evaluate your condition and recovery progress. In accordance with the terms of our contractual arrangements with surgeons and healthcare professionals, your surgeon/healthcare professional will be legally required only to share this information to the extent necessary to provide your treatment to you. And our commercial partners. Aggregated and anonymised data that does not personally identify you, but which shows general trends, for example the average age or average recovery after certain operations. We will never share your personal information with commercial partners without your explicit consent, which we would obtain separately. You will be informed clearly and in a transparent manner, what type of personal data will be shared;
registry providers, for tracking post-surgery progress for specific implants in cases where individual users have separately consented to this; and if required or authorised by law or a legal process, such as to law enforcement bodies to assist in their functions and courts of law.
In the event that we undergo re-organisation or are sold to a third party, you agree that any personal information we hold about you may be transferred to that re-organised entity or third party. We may disclose your personal information if required to do so by law or if we believe that such action is necessary to prevent fraud or cyber crime or to protect the App or the rights, property or personal safety of any person. We may disclose aggregate statistics about users of the App in order to describe our services to prospective partners, sponsors and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifiable information.
The App may, from time to time, contain links to external sites. We are not responsible for the privacy policies or the content of such sites.
We place great importance on the security of all personal information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorized personnel have access to personal information. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it. You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via the App whilst it is in transit over the internet and any such submission is at your own risk.
Data Storage, Security and Transfers
We store all your personal health data on secure servers. Where you have chosen a password that enables you to access certain parts of our App, you are responsible for keeping this password confidential. We ask you not to share the password with anyone. Your personal information which we collect is transferred to and stored on secure third party servers located in the UK or EU. Such storage is necessary in order to process the information.
We retain personal data for as long as necessary to provide our products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, and enforcing our agreements. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly. The general rule we apply for data retention is that we will store your personal data for eight years from the last time you use the App. We will always inform you if the applicable data retention period deviates from the general rule. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.
The information we provide in this section is a brief summary of your rights under the GDPR and you should still read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights. Wherever we process data based on your consent, you can withdraw that consent at any time by emailing firstname.lastname@example.org; Understand and request a copy of information we hold about you. Recordings of your appointments with us and other medical notes can be accessed via the App. For other information, you can make a request by email;
Ask us to rectify or erase information we hold about you, subject to limitations relating to our obligation to store medical records for prescribed periods of time;
Ask us to restrict our processing of your personal data or object to our processing;
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal; If you have given additional consent for your data to be shared to a third party, including academic institutions, medical device companies and pharmaceutical companies, you have the right to withdraw this consent at anytime;
Ask for your data to be provided on a portable basis; and
Prevent the use of your personal information for direct marketing purposes. You may also contact the Information Commissioner’s Office (the data protection regulator in the UK): Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, telephone: 0303 123 1113 (local rate).
This Privacy & Cookies Statement describes how MicroPort Orthopedics Inc. 5677 Airline Road Arlington TN 38002 (“MicroPort Orthopedics“) collects, uses, shares, and otherwise processes individually identifiable data about visitors to this Site (defined below) as well as contact persons for our customers, distributors, end users, and suppliers (“Personal Data“). This Privacy Statement applies to Personal Data that we collect through our public websites, mobile applications, and other online properties (each, a “Site“), as well as through trade shows and offline means. This Statement is intended to provide notice to individuals regarding Personal Data in an effort to be compliant with the data privacy laws and regulations of the jurisdictions in which MicroPort Orthopedics operates as well as compliance with its own Data Privacy Compliance Manual. To the extent MicroPort collects information from healthcare professionals, patients or otherwise directly from individuals outside of this website, it will provide individuals with a separate data protection notice where required by applicable law.
Summary of Key Points
|As a business to business (“B2B“) organization, we collect name, contact details, and other Personal Data related to our commercial relationships. Click here to learn more.
|We use Personal Data to perform transactions, provide product training, and respond to inquiries, to manage accounts and maintain business operations, to provide relevant marketing, and to fulfil other business and compliance purposes. Click here to learn more.
|We share Personal Data as necessary to perform transactions and respond to requests, and to fulfil other business and compliance purposes. Click here to learn more.
|You have control on how we use Personal Data for marketing. Click here to learn more.
|Data subject rights
|You have certain rights to request access, rectification, deletion, or other actions regarding your Personal Data where required by applicable law. Click here to learn more.
|We maintain technical and organizational measures to protect Personal Data from loss, misuse, alteration, or unintentional destruction of Personal Data. Click here to learn more.
|Cross-border data transfers
|We provide appropriate protections for cross-border transfers where specified by law. Click here to learn more.
|We provide other information in this Privacy & Cookies Statement about: (i) the legal basis for our collection and processing of Personal Data, (ii) the consequences for not providing Personal Data, (iii) automated decision-making, (iv) do-not-track (DNT) signals, (v) data retention, (vi) links to third party websites, (vii) employee and contractor issues; (viii) that we do not collect personal data of minors; and (ix) changes to this Privacy & Cookies Statement. Click here to learn more.
|Please contact us as detailed below with any questions. Click here to learn more.
Collection of Personal Data
We collect the following categories of Personal Data:
|Basic Data: Name, title, company, job responsibilities, phone number, mailing address, email address, and contact details.
|Compliance Data: Government identifiers, passports, beneficial ownership data, and due diligence data.
|Registration Data: Product information requests, product training information or registration, subscriptions, downloads, and username/passwords.
|Applicant Data: Data provided by job applicants or others on our Sites or offline means in connection with employment and/or clinical study opportunities.
|Transaction and Training Data: Transaction history, course, meeting and event attendance details, payment details, and performance data.
|Adverse Event Data: Data, including health/medical data, submitted to MicroPort Orthopedics by healthcare professionals, our partners, and/or end-users of our products in the context of adverse event reporting for our products.
|Marketing Data: Data about individual participation in trade shows and conferences, credentials, associations, product interests, and preferences.
|Device Data: Computer Internet Protocol (IP) address, unique device identifier (UDID), cookies and other data linked to a device, and data about usage of our Sites (Usage Data). Note, however, we do not consider Device Data to
be Personal Data except where we link it to you as individual or where applicable law provides otherwise.
Use of Personal Data
MicroPort Orthopedics’ website is intended to be used by MicroPort Orthopedics customers, commercial visitors, business associates, investors, and other interested parties for business purposes. Personal Data collected by MicroPort Orthopedics through its website or by other means is used in support of our relationship with customers, commercial visitors, business associates, investors, and other interested parties for business purposes. In particular, we use the following categories of Personal Data for the following purposes:
|Purpose of Use
|Categories of Personal Data
|Perform transactions, provide training, courses and events, improve our products, and respond to inquiries
|Basic Data, Registration Data, Transaction and Training Data, Compliance Data, Adverse Event Data, and Device Data
|Manage accounts and maintain business operations
|Basic Data, Registration Data, Transaction and Training Data, Compliance Data, Adverse Event Data, and Device Data
|Make our Sites more intuitive and easy to use
|Protect the security and effective functioning of our Sites and information technology systems
|Basic Data, Registration Data, Transaction and Training Data, and Device Data
|Provide relevant marketing and conduct surveys
|Basic Data, Registration Data, Transaction and Training Data, Device Data, and Marketing Data
|Address compliance and legal obligations
|Basic Data, Registration Data, Transaction and Training Data, Compliance Data, Adverse Event Data, and Device Data
|Consider individuals for employment and contractor opportunities and manage on-boarding procedures
|Job Applicant Data
We share Personal Data with the following categories of recipients:
- Affiliates: We share Personal Data with our affiliates as necessary for the purposes identified above.
- Distributors and third party sales representatives: We share Personal Data with distributors and sales representatives in order to: perform transactions, improve our products and respond to inquiries; manage accounts and maintain our business operations; provide relevant marketing; and address compliance and legal obligations.
- Suppliers and service providers: We share Personal Data with suppliers and service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above. We require such parties by contract to provide reasonable security for Personal Data and to use and process such Personal Data on our behalf only.
- Auditors, advisors, and financial institutions: We share Personal Data with auditors for the performance of audit functions, with advisors for the provision of legal and other advice, and with financial institutions in connection with payment and other transactions.
- Corporate purchasers: We share Personal Data with any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of company assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Data would be transferred as an asset of MicroPort Orthopedics.
- Mandatory disclosures and legal claims: We share Personal Data in order to comply with any subpoena, court order or other legal process, or other governmental request. We also share Personal Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.
If you have questions about the parties with which we share Personal Data, please contact us as specified below.
You have control regarding our use of Personal Data for directing marketing. If you no longer wish to receive any marketing communications, remain on a mailing list to which you previously subscribed, or receive any other marketing communication, you can choose to not receive such communications at any time. Please follow the unsubscribe link in the relevant communication or contact us as per below.
What are cookies? Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a website. More information about cookies and how they work is available at www.allaboutcookies.org.
- Strictly Necessary Cookies: These are required for the operation of our Sites. They include, for example, cookies that enable you to log into secure areas. These cookies are session cookies that are erased when you close your browser.
- Functional Cookies: These improve the functional performance of our Sites and make it easier for you to use. For example, cookies are used to remember that you have previously visited the Sites and asked to remain logged into it. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Sites. You can delete these cookies via your browser settings.
- Targeting Cookies: These record your visit to our Sites, the pages you have visited and the links you have followed to recognize you as a previous visitor and to track your activity on the Sites and other websites you visit. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Sites. You can delete these cookies via your browser settings. See below for further details on how you can control third party targeting cookies.
Data Subject Rights
Where required by applicable law, you have the right to obtain confirmation of the existence of certain Personal Data relating to you, to verify its content, origin, and accuracy, as well as the right to access, review, port, delete, or to block or withdraw consent to the processing of certain Personal Data (without affecting the lawfulness of processing based on consent before its withdrawal), by contacting us as detailed below. In particular, you have the right to object to our use of Personal Data for direct marketing and in certain other situations at any time. Contact us below for more details. Please note that we need to retain certain Personal Data as required or permitted by applicable law.
We maintain technical and organizational measures to protect Personal Data from loss, misuse, alteration, or unintentional destruction. However, no security measure can guarantee against compromise. You also have an important role in protecting Personal Data. You should not share your username and password with anyone, and you should not re-use passwords across more than one Sites. If you have any reason to believe that your username or password has been compromised, please contact us as detailed below.
Cross-Border Data Transfers
We transfer Personal Data to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers. With respect to transfers originating from the European Economic Area (“EEA“), we implement standard contractual clauses approved by the European Commission, and other appropriate solutions to address cross-border transfers as required by applicable law. Where required by such laws, you may request a copy of the suitable mechanisms we have in place by contacting us as detailed below.
(i) What is the legal basis of processing? Some jurisdictions require an explanation of the legal basis for the collection and processing of Personal Data. We have several different legal grounds on which we collect and process Personal Data, including: (a) as necessary to perform a transaction (such as when we respond to your requests); (b) as necessary to comply with a legal obligation (such as when we use Personal Data for record keeping to substantiate tax liability); (c) consent (where you have provided consent as appropriate under applicable law); and (d) necessary for legitimate interests (such as when we act to maintain our business generally). With respect to legitimate interests, given that we are a B2B company, we typically collect and process limited Personal Data about customer contacts and other individuals acting in their business capacities, as part of our overall effort to reduce the privacy impact on individuals.
(ii) What are the consequences of not providing Personal Data? You are not required to provide all Personal Data identified in this Privacy & Cookies Statement to use our Sites or to interact with us offline, but certain functionality will not be available if you do not provide Personal Data. If you do not provide Personal Data, we may not be able to respond to your request, perform a transaction with you, or provide you with marketing that we believe you would find valuable.
(iii) Do we engage in automated decision-making without human intervention? We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
(iv) Does the Sites honor do not track (“DNT”) signals sent via browsers? Given the divergent practices of organizations that offer browsers and the lack of a standard in the marketplace, we generally do not respond to DNT signals at this time.
(v) How long do we retain Personal Data? We typically retain Personal Data related to marketing activities for as long as you accept marketing communications from us, and we will securely delete such data in accordance with applicable law upon request. For Personal Data that we collect and process for other purposes, we typically retain such Personal Data for no longer than for the period necessary to fulfil the purposes outlined in this Privacy & Cookies Statement and as otherwise needed to address tax, corporate, compliance, litigation, and other legal rights and obligations.
(vi) Are third party websites governed by this Privacy & Cookies Statement? This Sites contains links and references to other websites administered by unaffiliated third parties. This Privacy & Cookies Statement does not apply to such third party Sites. When you click a link to visit a third party websites, you will be subject to that websites’ privacy practices. We encourage you to familiarize yourself with the privacy and security practices of the linked third party websites before providing any Personal Data on that websites.
(vii) How does MicroPort Orthopedics handle employee and contractor privacy issues? Personal Data about our employees and contractors are addressed through internal company policies and procedures, and are outside the scope of this Privacy & Cookies Statement.
(viii) Do we collect Personal Data about minors? No, this website is not intended for children under the age of 18. We do not target our products, services or this website to children under 18. We do not knowingly collect personally identifiable information from children under the age of 18.
(ix) How will we handle any changes to this Privacy & Cookies Statement? We may update this Privacy & Cookies Statement from time to time as our services and privacy practices change, or as required by law. The effective date of our Privacy & Cookies Statement is posted below, and we encourage you to visit our Sites periodically to stay informed about our privacy practices. We will post the updated version of the Privacy & Cookies Statement on our Sites, and ask for your consent to the changes if legally required.
If you have questions or comments regarding this Privacy & Cookies Statement or our privacy practices, please contact us at email@example.com. You may also have a right to lodge a complaint with a supervisory authority.