Last updated November 17, 2023
1. WHAT INFORMATION DO WE COLLECT?
2. HOW DO WE USE PERSONAL INFORMATION
3. WILL YOUR INFORMATION BE DISCLOSED TO ANYONE?
4. HOW LONG DO WE KEEP YOUR INFORMATION?
5. HOW DO WE KEEP YOUR INFORMATION SAFE?
6. DO WE COLLECT INFORMATION FROM MINORS?
7. WHAT ARE YOUR PRIVACY RIGHTS?
8. THIRD PARTY SITES
9. INTERNATIONAL DATA TRANSFERS
10. DO WE MAKE UPDATES TO THIS POLICY?
11. HOW CAN YOU CONTACT US ABOUT THIS POLICY?
1.WHAT INFORMATION DO WE COLLECT?
Personal information you disclose to us
In Short:We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us through the Services or otherwise, including:
· Account and contact information, such as your first and last name, name of company, temporary password, email and mailing addresses, phone number, and details of trade references or other contacts at your company that you may provide when you create an account with us to use our Services or when you place an order.
· Scoliosis and brace information, such as your scoliosis journey, experience with braces or other information you may provide when you choose to become a Spinal Technology Ambassador.
· Communications that we exchange with you, including when you contact us or send us testimonials via email, through the Site or App, by contacting our customer service team, through our social media pages, or otherwise with questions, feedback, or other communications.
· Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with them.
Information we automatically collect
In Short:Some information — such as IP address and/or browser and device characteristics — is collected automatically when you visit our Site or Apps.
We collect personal information about you automatically when you use our Site. This information does not directly identify you (like your name or contact information), but may include the following information:
· Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G).
· Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Site, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.
2.HOW DO WE USE PERSONAL INFORMATION
In Short:We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.
We use the personal information we collect or receive via our Services for the following purposes:
• To provide our Services. We use personal information to operate, maintain, and provide you with our Services. In particular, we use personal information to enter into a contract with you or to perform our contractual obligations under our terms and conditions.
• To send you marketing and promotional communications. We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes. You can opt-out of our marketing emails at any time (see the "WHAT ARE YOUR PRIVACY RIGHTS" below). Except where consent is required, we undertake such marketing and advertising on the basis of our legitimate business interests. Where we seek your consent, you may withdraw your consent at any time.
• To send administrative information to you. Where it is in our legitimate business interests, or to perform our contract with you, we may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, or policies.
• To fulfill and manage your orders. We may use your information to fulfill and manage your orders, payments, returns, and exchanges made through the Services, to enter into or perform our contract with you.
• To share your story or testimonial. If you have chosen to share your scoliosis journey, experience with braces or other information with us, for example as a Spinal Technology Ambassador, we may use or publish this information when it is in our legitimate interests or, if legally required, with your consent, to encourage and help others with their scoliosis journey and to advertise our Services.
• To protect our Services. Where it is in our legitimate business interest, we may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
• For compliance and legal reasons. We may use personal information to comply with legal obligations, and it is in our legitimate business interests to use your personal information to defend us against legal claims or disputes, including to:
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- audit our internal processes for compliance with legal and contractual requirements and internal policies;
- enforce the terms and conditions that govern the Services;
- comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
• To respond to user inquiries or offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services. We do so to perform our contract with you or where it is in our legitimate business interest.
• For other business purposes. We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and evaluating and improving our Services, our marketing and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual users and does not include personal information.
3.WILL YOUR INFORMATION BE DISCLOSED TO ANYONE?
In Short:We only disclose personal information to third parties for the purposes described below.
We do not sell personal information. We may disclose personal information to the following parties:
• Service providers. We may disclose personal information to third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: data analysis, email delivery, hosting services, technical support, customer service and marketing efforts.
• Site visitors and App users. We may disclose personal information on our Site and Apps when you choose to share your scoliosis journey with us, for example as a Spinal Technology Ambassador, or when you submit a testimonial.
• Advertising partners. We may allow third parties to use tracking technology on the Sites, which will enable them to collect data about how you interact with the Sites over time and provide you with interest-based advertising. This information may be used to, among other things, analyze and track data, determine the popularity of certain content, better understand online activity, and provide you with advertisements that may be of interest to you.
• Professional advisors. We may share your personal information with professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
• Authorities and others. We may share your personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
• Business Transfers. We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
4.HOW LONG DO WE KEEP YOUR INFORMATION?
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we use personal information, whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.
5.HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We aim to protect personal information from unauthorized access, use, disclosure, alteration and destruction through a system of organizational and technical security measures.
We have implemented appropriate technical and organizational security measures designed to protect any personal information we process. However, please remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services or Apps is at your own risk. You should only access the services within a secure environment.
6.DO WE COLLECT INFORMATION FROM MINORS?
In Short:We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to any children under 18 years of age. We may collect personal information of children under 18 years of age from their parents or guardian, for example where they choose to share their children’s scoliosis journey as a Spinal Technology Ambassador. Where required, we will always obtain parental consent. If we learn that we have collected personal information directly from children less than 18 years of age without the consent of the child’s parent or guardian as required by law, we will remove such information from our systems. If you become aware of any data we have collected from children under age 18 without the required consent of the child’s parent or guardian, please contact us at firstname.lastname@example.org.
7.WHAT ARE YOUR PRIVACY RIGHTS?
In Short: You have rights and choices about how we handle your personal information.
Opt out of marketing communications. You may opt out of marketing-related communications by following the opt-out or unsubscribe instructions contained in the marketing communication we send you or by contacting us as provided in the “HOW CAN YOU CONTACT US ABOUT THIS POLICY” section below. You may continue to receive service-related communications and other non-marketing emails.
Personal information requests. We also offer you choices that affect how we handle your personal information. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to personal information:
- Access to a copy of the personal information that we have collected about you. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
- Correction of personal information that is inaccurate or out of date.
- Deletion of personal information that we no longer need to provide the Services or for other lawful purposes.
- Additional rights, such as to object to and request that we restrict our use of personal information.
To make a request, please email us or write to us as provided in the “HOW CAN YOU CONTACT US ABOUT THIS POLICY” section below. We may ask for specific information from you to help us confirm your identity. Depending on where you reside, you may be entitled to empower an “authorized agent” to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.
Limits on your privacy rights and choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the “HOW CAN YOU CONTACT US ABOUT THIS POLICY” section below.
Right to complain. Depending on where you reside you may have the right to complain to your local data protection regulator.
8.THIRD PARTY SITES
In Short:The Site might contain links to other websites, and other websites may reference or link to our Site.
The Services may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.
9.INTERNATIONAL DATA TRANSFERS
In Short: We mainly use and store personal information in the U.S. If we transfer your personal information to third countries which may not have the same protections as the laws in your country, we take steps to ensure your personal information is adequately protected and we comply with applicable data protection laws.
The personal information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the U.S. The storage location(s) are chosen to operate efficiently and improve performance.
If we transfer personal information across borders such that we are required to apply appropriate safeguards to personal information under applicable data protection laws, such as an EU Commission or UK government adequacy decision or on contractual protections, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.
10.DO WE MAKE UPDATES TO THIS POLICY?
In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.
11.HOW CAN YOU CONTACT US ABOUT THIS POLICY?
If you have questions or comments about this policy, you may contact our IT Security Officer, Adam Toledo, by email at email@example.com, or by mail to:
Spinal Technology, LLC.
Adam Toledo, IT Security Officer
191 Mid Tech Drive
West Yarmouth, MA 02673
United States of America
EEA Representative Contact Information. For users in the European Economic Area, we have appointed OVALIE DEVELOPPMENT 3, at 13 rue du Général Lionel de Marmier 31300 Toulouse, France as our EEA data representative. You can contact our EEA representative at the address above or by email at firstname.lastname@example.org.
© 2023 Spinal Technology, LLC. All rights reserved.