Last updated November 17, 2023

Thank you for choosing to be part of our community at Spinal Technology, LLC. (“we”, “us”, or “our”). We take your privacy very seriously. In this privacy policy, we seek to explain how we handle your personal information, and what rights you have in relation to it.

This privacy policy applies to all personal information collected through our website (the “Site”), the applications we own and operate ("Apps"), and/or any related services, products, sales, marketing or events (together with the Site and the Apps, the "Services").

This privacy policy does not apply to personal information we process on behalf of our customers (such as patient data provided to us by healthcare practitioners), in connection with our customers’ use of our Services. Those processing activities are subject to the privacy policies of our customers. If your healthcare practitioner uses our Services to process your personal information, please contact them directly with questions about how they collect and use your personal information.

1. WHAT INFORMATION DO WE COLLECT?

2. HOW DO WE USE PERSONAL INFORMATION

3. WILL YOUR INFORMATION BE DISCLOSED TO ANYONE?

4. HOW LONG DO WE KEEP YOUR INFORMATION?

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

6. DO WE COLLECT INFORMATION FROM MINORS?

7. WHAT ARE YOUR PRIVACY RIGHTS?

8. THIRD PARTY SITES

9. INTERNATIONAL DATA TRANSFERS

10. DO WE MAKE UPDATES TO THIS POLICY?

11. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

1.WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short:We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us through the Services or otherwise, including:

· Account and contact information, such as your first and last name, name of company, temporary password, email and mailing addresses, phone number, and details of trade references or other contacts at your company that you may provide when you create an account with us to use our Services or when you place an order.

· Scoliosis and brace information, such as your scoliosis journey, experience with braces or other information you may provide when you choose to become a Spinal Technology Ambassador.

· Communications that we exchange with you, including when you contact us or send us testimonials via email, through the Site or App, by contacting our customer service team, through our social media pages, or otherwise with questions, feedback, or other communications.

· Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with them.

Information we automatically collect

In Short:Some information — such as IP address and/or browser and device characteristics — is collected automatically when you visit our Site or Apps.

We collect personal information about you automatically when you use our Site. This information does not directly identify you (like your name or contact information), but may include the following information:

· Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G).

· Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Site, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.

Like many businesses, we collect this information through cookies and similar technologies. Please read our Cookie Policy for more information.

2.HOW DO WE USE PERSONAL INFORMATION

In Short:We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.

We use the personal information we collect or receive via our Services for the following purposes:

• To provide our Services. We use personal information to operate, maintain, and provide you with our Services. In particular, we use personal information to enter into a contract with you or to perform our contractual obligations under our terms and conditions.

• To send you marketing and promotional communications. We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes. You can opt-out of our marketing emails at any time (see the "WHAT ARE YOUR PRIVACY RIGHTS" below). Except where consent is required, we undertake such marketing and advertising on the basis of our legitimate business interests. Where we seek your consent, you may withdraw your consent at any time.

• For interest-based advertising. We use cookies and similar technologies to engage in interest-based advertising. Please review our Cookie Policy for more information. Where required by applicable law, we will engage in interest-based advertising only with your consent.

• To send administrative information to you. Where it is in our legitimate business interests, or to perform our contract with you, we may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, or policies.

• To fulfill and manage your orders. We may use your information to fulfill and manage your orders, payments, returns, and exchanges made through the Services, to enter into or perform our contract with you.

• To share your story or testimonial. If you have chosen to share your scoliosis journey, experience with braces or other information with us, for example as a Spinal Technology Ambassador, we may use or publish this information when it is in our legitimate interests or, if legally required, with your consent, to encourage and help others with their scoliosis journey and to advertise our Services.

• To protect our Services. Where it is in our legitimate business interest, we may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).

• For compliance and legal reasons. We may use personal information to comply with legal obligations, and it is in our legitimate business interests to use your personal information to defend us against legal claims or disputes, including to:

  • protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
  • audit our internal processes for compliance with legal and contractual requirements and internal policies;
  • enforce the terms and conditions that govern the Services;
  • comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

• To respond to user inquiries or offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services. We do so to perform our contract with you or where it is in our legitimate business interest.

• For other business purposes. We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and evaluating and improving our Services, our marketing and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual users and does not include personal information.

3.WILL YOUR INFORMATION BE DISCLOSED TO ANYONE?

In Short:We only disclose personal information to third parties for the purposes described below.

We do not sell personal information. We may disclose personal information to the following parties:

• Service providers. We may disclose personal information to third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: data analysis, email delivery, hosting services, technical support, customer service and marketing efforts.

• Site visitors and App users. We may disclose personal information on our Site and Apps when you choose to share your scoliosis journey with us, for example as a Spinal Technology Ambassador, or when you submit a testimonial.

• Advertising partners. We may allow third parties to use tracking technology on the Sites, which will enable them to collect data about how you interact with the Sites over time and provide you with interest-based advertising. This information may be used to, among other things, analyze and track data, determine the popularity of certain content, better understand online activity, and provide you with advertisements that may be of interest to you.

• Professional advisors. We may share your personal information with professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

• Authorities and others. We may share your personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

• Business Transfers. We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

• Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this privacy policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.

4.HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law.

We will only keep personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we use personal information, whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.

5.HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect personal information from unauthorized access, use, disclosure, alteration and destruction through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect any personal information we process. However, please remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services or Apps is at your own risk. You should only access the services within a secure environment.

6.DO WE COLLECT INFORMATION FROM MINORS?

In Short:We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to any children under 18 years of age. We may collect personal information of children under 18 years of age from their parents or guardian, for example where they choose to share their children’s scoliosis journey as a Spinal Technology Ambassador. Where required, we will always obtain parental consent. If we learn that we have collected personal information directly from children less than 18 years of age without the consent of the child’s parent or guardian as required by law, we will remove such information from our systems. If you become aware of any data we have collected from children under age 18 without the required consent of the child’s parent or guardian, please contact us at privacy@spinaltech.com.

7.WHAT ARE YOUR PRIVACY RIGHTS?

In Short: You have rights and choices about how we handle your personal information.

Opt out of marketing communications. You may opt out of marketing-related communications by following the opt-out or unsubscribe instructions contained in the marketing communication we send you or by contacting us as provided in the “HOW CAN YOU CONTACT US ABOUT THIS POLICY” section below. You may continue to receive service-related communications and other non-marketing emails.

Opt out of online tracking. You can opt out of third-party cookies as described in our Cookie Policy.

Personal information requests. We also offer you choices that affect how we handle your personal information. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to personal information:

  • Information about how we have collected and used personal information. We have made this information available to you without having to request it by including it in this privacy policy.
  • Access to a copy of the personal information that we have collected about you. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
  • Correction of personal information that is inaccurate or out of date.
  • Deletion of personal information that we no longer need to provide the Services or for other lawful purposes.
  • Opt out of sharing personal information for targeted advertising. We may share personal information with advertising partners that display targeted advertisements to users around the web. You can limit online tracking as described in our Cookie Policy or by clicking on the “Your Privacy Choices[FJR3] ” link on our website footer.
  • Additional rights, such as to object to and request that we restrict our use of personal information.

To make a request, please email us or write to us as provided in the “HOW CAN YOU CONTACT US ABOUT THIS POLICY” section below. We may ask for specific information from you to help us confirm your identity. Depending on where you reside, you may be entitled to empower an “authorized agent” to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.

Limits on your privacy rights and choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the “HOW CAN YOU CONTACT US ABOUT THIS POLICY” section below.

Right to complain. Depending on where you reside you may have the right to complain to your local data protection regulator.

8.THIRD PARTY SITES

In Short:The Site might contain links to other websites, and other websites may reference or link to our Site.

The Services may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.

9.INTERNATIONAL DATA TRANSFERS

In Short: We mainly use and store personal information in the U.S. If we transfer your personal information to third countries which may not have the same protections as the laws in your country, we take steps to ensure your personal information is adequately protected and we comply with applicable data protection laws.

The personal information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the U.S. The storage location(s) are chosen to operate efficiently and improve performance.

If we transfer personal information across borders such that we are required to apply appropriate safeguards to personal information under applicable data protection laws, such as an EU Commission or UK government adequacy decision or on contractual protections, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.

10.DO WE MAKE UPDATES TO THIS POLICY?

In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you. We encourage you to review this privacy policy frequently to stay informed of how we are handling your information.

11.HOW CAN YOU CONTACT US ABOUT THIS POLICY?

Spinal Technology, LLC is the entity responsible for the processing of personal information under this privacy policy (as a controller, where provided under applicable law).

If you have questions or comments about this policy, you may contact our IT Security Officer, Adam Toledo, by email at privacy@spinaltech.com, or by mail to:

Spinal Technology, LLC.
Adam Toledo, IT Security Officer
191 Mid Tech Drive
West Yarmouth, MA 02673
United States of America

EEA Representative Contact Information. For users in the European Economic Area, we have appointed OVALIE DEVELOPPMENT 3, at 13 rue du Général Lionel de Marmier 31300 Toulouse, France as our EEA data representative. You can contact our EEA representative at the address above or by email at nbaracetti@eqwalgroup.com.

© 2023 Spinal Technology, LLC. All rights reserved.