Privacy Policy
PLEASE READ THIS PRIVACY POLICY CAREFULLY
General Information About the Processing of Personal Data
Last updated on July 21, 2023
Privacy is very important to Abiomed. We also understand that privacy is very important to you. This Privacy Policy outlines the categories of personal data we collect about you through the Abiomed websites, including Abiomed.com, Abiomed.de, Abiomed.jp, Abiomed.eu, HeartRecovery.com, HeartRecovery.de, HeartRecovery.eu and HeartRecovery.jp (the “Websites”). This Privacy Policy also outlines how we may use the personal data we collect about you, and, in some circumstances, disclose that information.
Please read this policy carefully to understand Abiomed’s policies and practices regarding your information and how we will treat it. We may change this Privacy Policy from time to time. We encourage you to review this Privacy Policy each time you visit our Websites.
Controller Details
The Controller regarding the data processing on the Websites are as follows:
|
All Websites |
Abiomed.de, Abiomed.eu, Herzerholung.de, HeartRecovery.de, HeartRecovery.eu (Joint Controller according to Art. 26 GDPR) |
|
Abiomed, Inc. |
Abiomed Europe GmbH |
LOCATION OF WEBSITES
The Websites are hosted at:
Acquia, Inc.
53 State Street
Boston, MA 02109
United States
Phone: +1 888-922-7842
E-Mail: [email protected]
Website: https://www.acquia.com/about-us/contact
WHAT INFORMATION DO WE COLLECT & HOW DO WE USE IT
Joint Controllers determine jointly the purpose of the data processing and are responsible in the event where data subjects exercise their rights (see detailed explanation on EU citizens below). Insofar as we carry out further processing under joint responsibility with companies outside the Abiomed Group, we will provide information about this at the appropriate points in these Privacy notice.
Abiomed Europe GmbH nominated a Data Protection Officer. You can reach her under: VUV Beratungs- und Service GmbH, Theaterstr. 55, 52062 Aachen, Germany. Tel.: +49 241 474 33 21 .
If you have questions, suggestions or concerns, contact us or the Abiomed Europe GmbH's Data Protection Officer via the Abiomed's Data Protection Webform (Abiomed’s Privacy Webform). You can reach the Data Protection Officer individually also under: [email protected].
In general, we collect and use personal data from our users only to the extent necessary to provide a functional website and our content and services. Firstly, your data is collected when you share it with us. This may be data that you provide us with when you contact us.
Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of site access.)
DURATION OF DATA STORAGE
Data processed by us will be deleted in accordance with the statutory provisions as soon as it is no longer required for the purposes for which it was collected or as soon as any consent granted is revoked, unless we are obliged or entitled to retain the data beyond this period based on statutory obligations (e.g. retention periods under commercial or tax law) or in order to pursue legal claims or other legitimate interests. In this case, processing is limited to these purposes (as opposed to deletion) in the form that the data is blocked and not processed for other purposes. For more information on the deletion of personal data, please refer to the individual explanations in this data protection notice.
SECURITY
We secure our Websites and other systems through technical and organization measures against the loss, destruction, access, amendment or distribution of your data by unauthorized persons. In particular, your data is transmitted in encrypted form. We use the encryption system SSL (Secure Socket Layer) or TLS (Transport Layer Security). You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock in your browser line. No internet transmission is ever fully secure or error-free. E-mail sent to or from our Websites may not be secure. Therefore, take special care in deciding what information you send to us via e-mail.
Data Subject Rights
Please use Abiomed’s Privacy Webform to request access to, correct, or delete any personal information that you have provided to us. We may not accommodate a request to access, change or delete information if we believe that doing so would violate any law or legal requirement, cause the information to be incorrect, or if we are not legally obligated to do so.
If you are a European Union resident or otherwise a data subjected covered by the European Union’s General Data Protection Regulation (GDPR), please consult our Additional Privacy Notices for Users in the European Union below for additional information about your rights as a data subject.
If you wish to delete your User Contributions from the Websites please e-mail us at [email protected], but please be aware that copies of your User Contributions may remain viewable in cached and archived pages or might have been copied or stored by other website users.
ADDITIONAL PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
The California Consumer Privacy Act (CCPA) and California Civil Code § 1798.83 provide residents of the U.S. State of California with specific rights regarding their personal information. For more information about what Abiomed is doing to protect your rights, you may go to our Additional Privacy Notice for California Residents.
ADDITIONAL PRIVACY NOTICE FOR NEVADA RESIDENTS
Section 603A of the Nevada Revised Statutes permits Nevada residents who are our "consumers" to at any time, submit a request to an "operator" of a website or online service in Nevada directing the operator not to make any sale of any "covered information" the operator has collected or will collect about the consumer. We do not currently "sell" or plan to sell covered information as defined in the Nevada law. If you are a Nevada resident, you may submit a verified request by contacting us by sending an email to [email protected] or contacting us through our privacy webform at https://www.abiomed.eu/privacy-policy/webform to opt out of sales and we will record your instructions and incorporate them in the future if our policy changes. We will respond within the time required by law.
ADDITIONAL U.S. STATE PRIVACY LAWS
Some additional state laws may provide residents specific rights, subject to some limitations, exclusions and the verification of your identity. These rights may include, but not be limited to: (1) the right to know whether we are processing your personal data; (2) the right to access the personal data that we process; (3) the right to correct inaccuracies in your personal data that we process; (4) the right to delete your personal data; (5) the right to obtain a copy of your personal data; (6) the right to opt-out of the processing of your personal data for targeted advertising, profiling activity and the sale of personal data; (7) the right to not be discriminated against for exercising your rights; and (8) the right to appeal a decision with regard to a request you make. To exercise your state privacy rights (as applicable), please contact us as described in the "Contact" section below, emailing [email protected] or contacting us through our privacy web form.
We are committed to compliance with state privacy laws and continues to monitor developments.
ADDITIONAL PRIVACY NOTICE FOR USERS IN THE EUROPEAN UNION
In addition to the terms provided in this Privacy Policy, if you are a European Union resident or are otherwise a data subject covered by the European Union’s General Data Protection Regulation (GDPR) or similar national laws, you may have certain rights in relation to your personal information. For more information about what Abiomed is doing to protect your rights, you may go to our Additional Privacy Notice for Users in the European Union.
CALIFORNIA AND DELAWARE “DO NOT TRACK” DISCLOSURES
California and Delaware law require Abiomed to indicate whether it honors “Do Not Track” settings in your browser concerning targeted advertising. Abiomed adheres to the standards set out in this Privacy Policy and does not monitor or respond to Do Not Track browser requests.
Please note that data you enter on our websites in the European Union may be processed outside the EU.
By the judgment of the European Court of Justice C-311/18 ("Schrems II"), the EU-U.S. Privacy Shield Framework has been declared invalid. According to this judgment, based on the intelligence activities of the U.S. authorities, there is no level of protection in the U.S. for EU data subjects that corresponds to the level of protection required under the GDPR.
Since the Schrems II ruling, Abiomed has adapted contracts with service providers and partners with regard to the transfer of data to third countries - in particular by concluding so-called standard contractual clauses ("SCCs") in accordance with Art. 46 para. 2(d) of the GDPR - and where necessary is still in an ongoing exchange about necessary amendments with regard to the SCCs.
Against this background, we would like - until the final clarification of the legal situation and the completion of our adjustments - to process personal data, as far as possible, only with your explicit consent pursuant to Art. 49 (1)(a) GDPR.
We therefore draw your attention to the fact that the USA is not a safe third country within the meaning of the European Court of Justice for the transfer of personal data of EU data subjects. US companies, in particular telecommunication service providers, are obliged to hand over personal data to law enforcement agencies and intelligence services without giving you as a data subject a meaningful opportunity to object to such transfer. Abiomed itself does not belong to the direct group of addressees of these regulations, but regarding itself and the service providers used, it cannot currently completely exclude the possibility that US intelligence services and national security authorities process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing operations. If you give us permission to transfer data, e.g. via the cookie settings, you can revoke your consent at any time by changing the settings. However, this has no influence on the data already transmitted.
If you wish to prevent such processing, especially when using third-party applications/cookies, please click on the "Use only necessary cookies" button.
The transmission of information in the case of technically necessary cookies (see section Data processing when making the websites available) to our web host located in the United States cannot be suppressed."
SUBJECT RIGHTS
DATA PROCESSED FOR THE PROVISION OF THE WEBSITE AND THE CREATION OF THE LOG FILES
Whenever the content of our website is accessed, our system (i.e. the web server) automatically records information from the system of the calling computer or terminal device of the user, which may allow identification. The following data is collected and temporarily stored:
- Date and time of access
- IP address of the user
- Host name (Internet server provider) of the accessing computer
- Website from which the website was accessed (so-called referrer URL)
- Websites accessed via the website
- Visited page on our website
- Message whether the retrieval was successful
- Amount of data transmitted
- Information about the browser type and version used
- Operating system of the user's terminal device
Temporary storage of data is necessary for the course of a website visit to enable delivery of the website. For this purpose, the user's IP address must necessarily remain stored for the duration of the session. Further storage in log files is carried out to ensure the functionality of the website and the security of the information technology systems (e.g. for attack detection). These purposes also constitute our legitimate interest in data processing.
An evaluation of the data for marketing purposes does not take place in this context. Data collected for marketing purposes is discussed below.
What is the legal basis on which these data are processed?
The data is processed in order to safeguard our legitimate interests as the responsible website operator.
Are there other recipients of the personal data besides the person responsible?
The website is hosted at Acquia, Inc. The host receives the above data as a processor on behalf of the customer.
CONTACT VIA THE WEBSITES
Our Websites contain information that provides a means of e-mail contact to our company as well as other means of directly communicating with us. If you contact us by e-mail or other electronic means, the personal data you transmit is stored automatically. We will process this data to communicate with you regarding your inquiry. If you use the contact form on our Websites for your inquiry, you will be asked to give your prior consent to the storage and usage of your personal data. This personal data will not be passed on to third parties.
HOW LONG DO YOU KEEP MY DATA?
We delete personal data as soon as they are no longer necessary for the purpose for which they were collected. For personal data transmitted to us when you contact us, we retain the data until the purpose of your inquiry has been resolved. A requirement may exist if the data is still needed to be able to fulfill contractual obligations, to check warranty claims and, if applicable, guarantee claims and to grant or defend them. In the case of statutory retention obligations, deletion is only considered after the expiration of the respective retention period. In the case of the provision of the website, this is the case when the respective session has ended.
The log files are stored up to seven days and are only accessible by the administrators of the Websites. After that, they are only available indirectly through the reconstruction of backup tapes which are deleted permanently after 30 days. Storage of log files beyond 30 days is possible, but in this case the IP address of the user will be deleted or rendered permanently inaccessible to us, so that the IP address of the calling client cannot be determined and does not contain any personal references.
WHAT ABOUT PRIVACY ON OTHER WEB SITES?
The Websites may contain links to other websites. Some of those websites may be operated by Abiomed, and some may be operated by third parties. We provide the links for your convenience, but we do not review, control, or monitor the privacy practices of websites operated by others. This Privacy Policy does not apply to any other website, even the other Abiomed websites that are not detailed above. We are not responsible for the performance of websites operated by third parties or for your business dealings with them. Therefore, whenever you leave the Websites, we recommend that you review each website’s privacy practices and make your own conclusions regarding the adequacy of these practices.
REGISTRATION AND LOGIN AREA
What Data is Processed?
In certain areas of our websites, we offer the users of our website the opportunity to register on our website to obtain special information and functions for registered users on our website, by providing personal data.
To register, the user enters her personal data, which is transmitted to us and stored by us. This data will not be passed on to third parties. The following data is collected during the registration process:
- Username;
- Password;
- E-mail address;
- Name;
- Address; and
- Organization.
This data will not be passed on to third parties.
The following data is collected during the login process:
- Username; and
- Password
At the time of login, the following data is also stored:
- IP address of the user; and
- Date and time of login.
A registered user may cancel her registration at any time. If you wish to change or delete your registration, please contact us using Abiomed’s Privacy Webform.
Legal Basis for Processing Website Data
When you provide registration and login information, we process your data to implement pre-contractual measures. The legal basis for data processing in the context of registration is the necessity of implementing pre-contractual measures or the fulfilment of a contract.
Duration of Storage of Website Data
Registration and login data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. This is the case for the data collected during the registration process when we collect and store data for the fulfilment of a contract or for the implementation of pre-contractual measures. However, even after the conclusion of a contract, it may still be necessary to store personal data of the contractual partner to comply with contractual or legal obligations (e.g. tax retention obligations).
The log files for login are saved for seven days for later support requests and for security reasons and are deleted afterwards. Storage beyond this period is possible, but in this case the data is made so anonymous that it is no longer possible to trace the data back to you.
Patient Questionnaire
In certain areas of our websites, we offer the users of our website the opportunity to determine whether they may be a candidate for the use of our devices by providing personal data which the user enters, is transmitted to us and stored by us.
This data may be passed on to third parties that are under contract to perform services for or on behalf of Abiomed (including follow-up by healthcare professionals, performing marking activities when allowed by law, or conduct surveys). For example, personal data, include heath information, that you give Abiomed through our Websites may be used to communicate with your possible suitability for treatment with Impella.
If you do not want us to have this information, you can choose not to provide it to us, but then you might not be able to take advantage of many of Abiomed’s services or features on our Websites. Choosing not to provide this information to us will not affect your access to treatment that includes Abiomed products or services.
CHILDREN
Abiomed cares about protecting the online privacy of children. We will not intentionally collect any personal information (such as a child’s name or e-mail address) from children under the age of 13. If you think that we have collected personal information from a child under the age of 13, please contact us using Abiomed’s Privacy Webform or at [email protected].
JOB APPLICANTS
Through our career page, you can currently view open vacancies at our locations worldwide and apply for these vacancies via the application portal. For more information on your privacy rights, please go to our Additional Privacy Notice for Job Applicants.
WEBSITE DATA
What Data is Processed?
In certain areas of our websites, we offer the users of our website the opportunity to register on our website by providing personal data.
To register, the user enters her personal data, which is transmitted to us and stored by us. This data will not be passed on to third parties. The following data is collected during the registration process:
- Username;
- Password;
- E-mail address;
- Name;
- Address; and
- Organization.
The following data is collected during the login process:
- Username; and
- Password
At the time of login, the following data is also stored:
- IP address of the user; and
- Date and time of login.
A registered user may cancel her registration at any time. If you wish to change or delete your registration, please contact us using Abiomed’s Privacy Webform.
MARKETING COMMUNICATIONS
Abiomed collects certain personal information on our Websites to communicate with you through newsletters and other mailings. To learn more about your privacy rights, please go to our Additional Marketing Communications Disclosures.
COOKIES AND OTHER TRACKING TECHNOLOGIES
To improve the experience for users visiting our Websites and to enable certain functions (including the display of suitable products and market research), we use cookies on various pages of our Websites. Cookies are small pieces of data (text files) that are automatically stored on your end device. Some of the cookies we use are deleted again after the end of the browser session (session cookies). Other cookies remain on your device and enable us to recognize your browser the next time you visit our Websites (persistent cookies). You can see the duration of storage in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. If cookies are not accepted, the functionality of our website may be limited.
What Data is Processed?
The details of what data is process and for what purposes depends on what cookie is being used. You can find detailed information about how the cookie functions and what data is processed in the privacy policies or cookie guidelines of the respective cookie providers.
Generally, the following personal data may be affected by cookies:
- IP address (usually anonymous);
- the Websites accessed;
- the website from which the user navigated to our Websites;
- the Websites subpages accessed by the user;
- time and duration of the visit to the Websites; and
- frequency of the Websites visits.
Legal Basis for Processing
The use of strictly necessary cookies (i.e., those without which our website would not function properly) serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a functional and optimized presentation of Websites, including its security and stability.
To the extent we use cookies that are not strictly necessary for the operation of this website, we require your prior consent to use these cookies.
We obtain this consent via a cookie banner when you visit our site for the first time. Here you have the possibility to allow us to use the cookies listed below or to forbid them. You may not be able to use all the functions of our website if you do not give your cookie consent for all cookies that are not necessary. The presentation of the website may also suffer from this.
You can view the cookies used on the Websites and opt-out of each cookie category (except strictly necessary cookies) by clicking on the “cookie settings” button at the bottom of the page or in the Cookie Notice for the Websites. You can also request to opt-out by using Abiomed’s Privacy Webform.
Cookie Data Provided to Third Parties
If third-party IT services or tools are used, the cookies used are usually stored and processed by the respective third party, whereby these third parties may in turn use service providers who support them in providing their services and who may also receive the data collected by the cookie in this context.
Duration of Cookie Data Storage
The cookie data processed by us will be deleted in accordance with the legal requirements as soon as it is no longer required for the purpose of its collection or as soon as a granted consent is revoked, unless we are obliged or entitled to store the data beyond this period due to legal obligations (e.g., commercial or tax law retention periods) or in order to pursue legal claims or other legitimate interests. In this case, the processing will be limited to these purposes (contrary to deletion) in the form that the data will be blocked and not processed for other purposes.
Further information on the deletion of personal data can be found in the individual explanations in this data protection notice.
OTHER SERVICES USED
Microsoft Teams®
We use Microsoft Teams to hold online meetings (conference calls, online presentations, webinars) via the Websites. For more information on how Abiomed processes your personal data when you use Microsoft Teams, you may go to our Additional Privacy Notice for Abiomed Microsoft Teams.
The Websites use web services provided by Google. To learn more about what services we use and how it affects your data privacy rights, please go to our Additional Privacy Notice for Google Services.
Social Media Providers
On the Websites, we integrate functional and content elements that are obtained from the servers of their respective providers, including social media (hereinafter referred to as "social media providers"). These can be, for example, social media buttons and contributions or graphics or videos (hereinafter referred to uniformly as "content"). This content optimizes our online presence and makes the Websites more user-friendly. The content also enables us to align our Websites offers with user behavior in relation to interests and to provide the user with a diverse and wide-ranging online experience. To learn more about what social media providers we use and your data rights, please go to our Additional Privacy Notice for Social Media Providers.
CHANGES TO OUR PRIVACY POLICY
It is Abiomed’s policy to post any changes it makes to its Privacy Policy on this page with a notice that the Privacy Policy has been updated on the Websites’ home pages. If we make material changes to how we treat our users’ personal information, we will notify you by e-mail to the primary e-mail address specified in your account and/or through a notice on the Websites’ home pages. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring that we have an up-to-date, active, and deliverable e-mail address for you, and for periodically visiting the Websites and this Privacy Policy to check for any changes.
CONTACT US
If you have questions, requests or concerns regarding your privacy rights, please contact us using Abiomed’s Privacy Webform.
NPS-098