BioVentrix is committed to protecting and respecting the privacy of individuals. We collect, use, disclose and otherwise process personal information in accordance with applicable privacy/data protection laws in force in the jurisdictions in which we operate.
This policy sets out how and why we collect, use and disclose personal information, whether in oral, electronic or written form, of individuals who interact with BioVentrix. It also explains how we safeguard the information you provide to us directly or indirectly.
What is personal information?
Personal information means information that identifies you individually, such as your name, address, email address, affiliated organization or company name, birth date, medical device serial number, phone number, profession or specialty, diagnosis, treatment or condition, or other specific types of personal information.
Personal information we collect and how it is collected.
We collect personal information in a variety of ways, including through personal contact, via our websites and the internet, over the telephone, through correspondence and from other sources, through our employees and their attendance at industry events and, where necessary to identify patients, through third parties who have your authority to disclose such personal information to us or where we are required to do so by law.
We collect, keep and use information submitted to us to register and track patients who have BioVentrix devices implanted. We are required to track these devices in accordance with the US Federal Food, Drug and Cosmetic Act and various US Federal Drug Administration regulations. In the United States, no patient consent or authorization is required to disclose information to medical device manufacturers for tracking purposes, in accordance with the Health Insurance Portability and Accountability Act (HIPAA). We will also use such information if you are outside the United States and have provided your explicit consent for us to use that information as outlined in this policy or if we are under a legal obligation to do so.
Generally, where we request personal information from you, we will explain the purpose of its collection and use and to whom it maybe disclosed at the time we collect it. If you decide to withhold particular information, it may limit our ability to provide you with the services or products you requested. If you believe that a third party has disclosed your personal information to us without your consent to do so, please contact that third party. If they do not adequately respond to your inquiries, please let us know. The personal information collected by us shall be limited to those details necessary for the purposes identified to you.
Why we collect personal information.
We use and disclose personal information only for the purposes that we have disclosed to you, except as otherwise permitted by law. If for any reason your information is used or disclosed for a materially different purpose, we will obtain your consent before we proceed.
In general, we collect, use and disclose personal information to meet the needs of our customers and for the following business purposes:
- Recording and reporting on our products and related medical conditions, including reporting to regulatory and medical authorities and recording and responding to product enquiries, feedback and complaints.
- To understand our customers and their needs.
- To learn about our markets and improve our products and services.
- To ship product information or provide services to our customers.
- Complying with our regulatory, legal and ethical obligations, including recording and reporting on any adverse events.
- Ensuring and protecting health and safety.
- Contacting you (including by way of email), including:
- In response to your enquiries and to respond to your questions and comments and to safeguard your interests.
- Providing you with information about our products and services, or those of others that we consider that you may be interested in.
- To meet legal requirements.
- In the case of health care professionals (HCPs):
- In connection with research and clinical trials that the HCP is involved with or which we consider that the HCP may be interested in being involved with.
- Providing education, training, evaluation and/or demonstration of products.
- Providing samples.
- In connection with conferences, symposia, expert panels or other events with which we are involved or with which we consider that a HCP may wish to be involved.
- For complying with our corporate policies for expense reimbursement that require us to record the names and affiliations of attendees.
- In the case of patients:
- In connection with our patient programs, research and clinical trials.
- To register and track patients who have been implanted with our devices, where required by law or where we have obtained your explicit consent.
- To communicate with the hospital, medical practitioner or the health insurer of the patient in relation to the patient’s care.
- In the case of our contractors, distributors or commissioned agents, to our related entities in the United States and worldwide in connection with our Business Purposes. This may involve those entities providing that information to their third party suppliers subject to obligations of confidentiality:
- To protect our rights and property.
- To our external service providers that we engage to assist us in the conduct of our business (these service providers will only be permitted to use that information for the purpose of assisting us), including but not limited to service providers assisting us with expense reports of employees.
How we use and disclose your personal information.
We are responsible for personal information in our possession or custody, including personal information that we may transfer to third parties for processing, including storage.
In the event we disclose personal information to our service providers, we require our service providers to agree to contractual requirements that are consistent with our privacy and security policies. We require that our service providers be prohibited from using personal information except for the specific purpose for which we supply it to them, and otherwise comply with legal requirements applicable to the personal information in question. We may also use and disclose personal information as authorized by you when you provide that information to us.
We may, as may our affiliates, share personal information to comply with legal requirements, like law, regulation, warrant, subpoena, court order, or with a regulator or law enforcement agency or personnel, as well as in respect of criminal investigations or to meet government tax reporting requirements. In some instances, such as a legal proceeding or court order, we may also be required to disclose certain information to government authorities. Only the information specifically requested is disclosed and we take precautions to satisfy ourselves that the authorities that are making the request have legitimate grounds to do so. We also may release certain personal information when we believe that such release is reasonably necessary to protect the rights, property, and safety of others and ourselves.
There are some situations where we are legally permitted to disclose personal information such as employing reasonable and legal methods to enforce our rights or to investigate suspicion of illegal activities.
Except as set forth herein, BioVentrix does not disclose sell and/or trade customer lists to third party companies or organizations.
This site is not targeted to children under the age of 18 and BioVentrix does not intentionally collect personal information from such children. If we discover that a child has provided us with personal information online through this website, we will take reasonable steps to delete this information. If you believe we may have accidentally received personal information from a child under the age of 18, please immediately contact us at email@example.com.
Opting out of marketing mailings.
We may from time to time send you marketing material that we consider will be of interest to you. You have the right to ask us not to process your personal information for marketing purposes. We will usually inform you (before collecting your information) if we intend to use it for such purposes or if we intend to disclose your information to any third party for such purposes. If you no longer wish to receive information from us, please use the ‘opt-out’ or ‘unsubscribe’ link on the email to remove yourself from the mailing list. You may also elect not to receive such materials by:
Please note that we may be required to send certain information to you under a legal, regulatory or ethical requirement.
Where we store your personal information.
It is important to note that some or all of your personal information provided to third party service providers may be held by them in countries other than your own, including in particular the United States. You acknowledge and understand that your personal information will be subject to the applicable laws of each such jurisdiction, which may not provide for the same protection as your country of residence. For example, government entities in the United States, amongst other countries, may have certain legislative rights to access your personal information. If you would like access to written information about our policies and practices with respect to service providers outside your jurisdiction, you may contact our Privacy Officer, by email at firstname.lastname@example.org, who will address your questions about the collection, use, disclosure or storage of personal information by our service providers worldwide.
Security of your personal information.
We take reasonable steps and utilize no less than industry standard security safeguards, including maintaining physical, electronic, and procedural safeguards in compliance with industry standards and applicable laws to protect personal information from loss and unauthorized access, modification, disclosure, inappropriate alteration or misuse.
Electronic customer files are kept in a highly secure environment with restricted access. Paper-based files are stored in locking filing cabinets. Access is restricted to authorized employees who have a legitimate business purpose and reason for accessing your personal information.
We manage our server environment appropriately and our firewall infrastructure is strictly adhered to. Our security practices are reviewed on a regular basis and we routinely employ current technologies to ensure that the confidentiality and privacy of your information is not compromised.
For those areas of our website collecting sensitive information, our website uses Secure Socket Layer (SSL) and 128 bit encryption technologies to enhance security when you visit the secured areas of these Websites. SSL is the industry standard tool for protecting and maintaining the security of message transmissions over the Internet. When you access your accounts or send information from secured sites, encryption will scramble your data into an unreadable format to protect it from interception by others.
To safeguard against unauthorized access to your accounts, you are required to “sign-on” using a user id and a password to certain secured areas of the BioVentrix website. Both user id and password are encrypted when sent over the Internet. If you are unable to provide the correct password, you will not be able to access these sections. You are required to keep your password and user id secure and not provide that information to third parties. If you suspect that someone is using your user id or password, please report it immediately to our Privacy Office by sending an email to email@example.com. You have an active role in protecting your own information. Please safeguard your environment and use reasonable steps to ensure that others do not access your information through your computer. Always logout to keep your information secure. BioVentrix will not be liable for disclosures of your personal information due to errors in transmission or unauthorized acts of third parties.
When you call one of our customer service centers for patient and product questions, you will be required to verify your identity by providing personal information. We will only use this information in order to identify you.
While we take reasonable steps to protect personal information as outlined in this policy, we cannot ensure or warrant our ability to do so because no internet transmission is 100% secure. Please consider this when sending information to us by email.
Access and accuracy.
Where allowed by law, you may request access to personal information we hold about you by sending an email to firstname.lastname@example.org. We will process that request in line with any local laws and our policies and procedures in place for dealing with such requests.
There may be circumstances where we are unable to provide access to your personal information. We may deny, or restrict access for legally permissible reasons, such as situations where the information contains references to other individuals and is not reasonably severable, or where it cannot be disclosed for legal, security, or commercial proprietary reasons. We will advise you of any reason for denying or restricting an access request.
We shall make every reasonable effort to ensure your personal information is maintained in an accurate, complete and up-to-date form. If you believe that we have inaccurate, incomplete or out-of-date personal information about you, you may ask us at any time to correct that information. When an individual successfully demonstrates the inaccuracy or incompleteness of personal information held by us, we will correct or update the information as required.
Please note that before we are able to provide you with any information or correct any inaccuracies we may ask you to verify your identity and to provide other details to help us to respond to your request. We will only use this information in order to verify your identity. Where appropriate, we will communicate these changes to other parties who may have received incorrect information from us.
In the course of daily operations, access to personal information is restricted to authorized employees who have a legitimate business purpose and reason for accessing it. For example, when you contact us, our designated employees will access your information to verify who you are and to assist you in fulfilling your requests.
As a condition of their employment, all employees of BioVentrix are required to abide by the privacy standards we have established. Employees are trained about the importance of privacy including prohibiting the disclosure of any customer information to unauthorized individuals or parties.
Unauthorized access to and/or disclosure of personal information by an employee of BioVentrix are strictly prohibited. All employees are expected to maintain the confidentiality of personal information at all times and failure to do so will result in appropriate disciplinary measures being taken, which may include dismissal.
Subject to any applicable business, legal, or regulatory requirements, we securely destroy, erase or de-identify personal information when it is no longer required to fulfill our services and commitments to you or to enforce our rights or meet our obligations.
Links to other websites.
Links to other sites are provided for information only and do not constitute endorsements of those other sites. BioVentrix is not responsible for the content of links or third-party sites and does not make any representation regarding their content or accuracy. Your use of third-party websites is at your own risk. Additionally, we are not responsible for the privacy practices employed by other third-party websites. Therefore, we suggest that you examine the privacy polies of those websites to learn how your information may be collected, used, shared and disclosed by the third party in question.
Updates to this policy.
This policy will be published on our corporate website. BioVentrix may amend this policy from time to time. The revisions will take effect on the date of publication of the amended policy, as stated.
Through a notice on our website, we will notify you of any material changes to the policy, and draw your attention to the changes made. In the event that the changes we make to the policy are substantial and/or affect the personal information we have already collected in accordance with this policy, you will be entitled to withdraw your consent to such personal information handling practices provided such consent is not necessary for us to provide to you the services or products you have requested. You may notify us of your desire to withdraw consent by contacting our Privacy Officer as noted above.
Interference with privacy and contact information.
12647 Alcosta Boulevard, Suite 400
San Ramon, CA 94583
We will respond in a timely manner.
You also may contact the Secretary of the Department of Health and Human Services at:
The U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free: 1-877-696-6775
Please provide as much information as possible so that the complaint can be properly investigated. BioVentrix will not retaliate against a person who files a complaint with us or with the Secretary of the Department of Health and Human Services.
Links to 3rd Party Privacy Policies