Privacy Policy - Geneo

Privacy Policy

This website (the “Website”) is operated by Lumenis Ltd. (Lumenis Ltd. and its subsidiaries shall be hereinafter referred to as “Lumenis”), with its registered office at 6 Ha’Kidma Street, P.O.B 240, Yokneam Industrial Park, Yokneam 2069204, Israel.

Lumenis respects the privacy of visitors to this Website and other persons with whom we interact (“you” or “Data Subjects”).
Lumenis developed this Privacy Statement to provide information about our practices regarding the collection, use, and disclosure of information about Data Subjects, globally. We note that in certain countries or with respect to personal data collected in certain contexts, the EU General Data Protection Regulation (GDPR) and/or the California Consumer Privacy Act (CCPA) may apply, and we have chosen to also specifically include certain information required by these statutes in this statement.

This Privacy Statement applies to information collected on this Website or otherwise in connection with the provision of our products and services (“Lumenis Services”). The type of data collected and the purposes and use thereof may vary according to the context in which the data is collected and your dealings with Lumenis.

For example:

(A) if you are only browsing through this Website, do not submit your details or use any interactive feature (if applicable), and do not have other dealings with Lumenis, the data and uses pertaining to you will be as described in “Collection of Certain Data through the Website” and in “Use of Cookies” below, and related information;

(B) if you submitted your details through this Website or other web form referring to this Privacy Statement, or if you otherwise provided your details to Lumenis and were notified that your details may be used by Lumenis in accordance with this Privacy Statement, then the data provided by you may be used for sending updates, offers and marketing contents to you and for other related purposes described herein;

(C) if you are negotiating or have made a transaction with Lumenis, the data provided by or generated on you may be used in order to determine your credit terms, to carry out the transaction, providing services for any products you purchased from Lumenis, sending updates, offers and marketing contents to you and for other related purposes described herein; and

(D) if you are a patient, your details and queries may be used to refer you to the appropriate professional, respond to your queries, contact you with updates, offers and marketing contents and for other related purposes described herein.

Other general purposes such as compliance with legal or regulatory obligations, protection of Lumenis rights and conducting legal proceedings may also be applicable. We have tried our best to make it clear to you which data is used and how we use it in the relevant context of your interaction with us, but in case there is any doubt or if you need any clarification, please contact us as per the instructions in this statement below. Please take the time to read and understand this Privacy Statement. By using this Website or otherwise proceeding with your interaction with Lumenis after having been referred to this Privacy Statement, you acknowledge that you understand and agree (where such agreement is requested or required under the applicable law) to the terms of this Privacy Statement.

Lumenis will occasionally update this Privacy Statement to reflect company and Data Subjects’ feedback as well as any legal or regulatory requirements. You are bound by any such revisions and should therefore periodically review this Privacy Statement to be informed of how your information is being handled.

* JOB APPLICANTS:

If you are a job applicant for a position in the European Economic Area, through our “Career” page or otherwise, please also refer to our Job Applicant Statement.

 * ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS:

If you are a California Resident, please also refer to our [Important Additional Information for California Residents] section.

COLLECTION OF YOUR PERSONAL INFORMATION

Information that you provide to Lumenis:

These data may include name, surname, contacts (email address and telephone number), delivery address and invoice address (for customers), occupation and professional field (e.g. for prospective customers), health conditions and concerns (for patients), interests (e.g. for potential customers, customers and patients) or any other data supplied by you in relation to the Lumenis Services, or upon the access to certain pages of the Website (for instance, the page “Contact us” or “Request an estimate”, “Get a Quote”, comments, chat rooms, chat services, message boards, public discussions, questionnaires, tests or any other existing or future features open to you), or posting a response to our publications in or registering for Lumenis Services through a social media platform.

You may choose not to voluntarily supply any data but, in such a case, you might not be able to use the Lumenis Services.

If you are interacting or have a relationship with Lumenis, whether through the use of the Website or otherwise, including offline or through other websites, networks or systems operated or used by Lumenis, and you choose to share information with us through forms, correspondence, conversations, meetings, business cards, contracts, purchase orders, attendance in tradeshows or other events, our social media pages etc., any personal information that you choose to share or disclose, may be collected and used by Lumenis. Also, certain Lumenis products may, pursuant to their specification, collect and transmit to Lumenis certain system performance and usage data, including users’ (i.e. person performing the treatment) personal data, if available.

If you have an actual or prospective business relationship with Lumenis, including if you are an actual or prospective customer, vendor, supplier or service provider, you may be required to provide us with additional personal information such as I.D. number and card copy, passport number and copy, bank account details and other financial data that is necessary for Lumenis to have a business relationship with you.

Information that we collect or generate about you:

This includes (by way of a non-exhaustive list):

Information about Lumenis Services (including the goods/materials purchasable through the use of the Lumenis Services) which you have reviewed, were interested in, requested a quote for or purchased, and our interactions with you;
When you visit the Website, cookies are used to collect technical information about the services that you use, and how you use them.  For more information on the cookies used by Lumenis, please see the section “Use of Cookies” below;
If you fill in a questionnaire, participate in a course or training and/or take a test, we collect data on your participation/answers/scores in order to assess your performance and/or for statistical/analytical purposes, for the purpose of improving our products, services, personnel and other purposes as set forth below, as applicable.
Where applicable, we may receive or collect the above and/or other information from third parties such as our web and analytical services providers; If you have been contacted by us without having provided your contact information to us, we may have lawfully obtained the above and/or other information from other third parties such as “yellow pages” or other publicly available registries, referrals, data suppliers, or our distributors or business partners that may identify you as a potential customer or business partner; and
If you are a prospective buyer or business partner, we may receive credit information about you from credit information providers (e.g. “Creditsafe”), in order to evaluate risks and determine your payment and credit terms.

Collection of certain data through the Website:

Lumenis collects, via the Website, demographic information, such as your ZIP code, age, gender, preferences, interests and favorites and other respective data. There is also information about your computer hardware and software that is automatically collected by the Website. This information can include amongst others: your IP address, browser type, domain names, access times and referring Website addresses. This information is used by Lumenis for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Website.

This Website may use Google’s “reCAPTCHA” as login/registration security tool, which involves the automatic collection of certain data of yours (e.g. IP number). The collection and use of such data by Google is subject to Google’s privacy statement.

Third-party websites:

The Website contains links to other websites that may offer useful information. In addition, our “Careers” page contains a link to a third-party service provider website that contains our open positions and the application forms for such positions. Lumenis encourages you to review the privacy statements of websites you choose to link to from the Website so that you can understand how those websites collect, use and share your information. Lumenis is not responsible for the privacy statements or other content on websites outside of the Website and Websites’ family of websites. The foregoing includes the case where third-party websites may provide information concerning the collection and use by Lumenis of personal data. In such case, the provisions of this Privacy Statement prevail and supersede any such information.

Sensitive personal data:

Certain forms of “sensitive personal data” are subject to specific protection or restriction by law in certain territories, including the EU. For these purposes, “sensitive personal data” is data relating to: racial or ethnic origin; political opinions; religious philosophical beliefs; trade union membership; genetic data; biometric data; data concerning health or sex life or sexual orientation. In addition data on criminal activity or proceedings is treated in a similar way.

We do not, as a rule, collect sensitive personal data unless provided directly by you or otherwise specifically disclosed to you prior to collection. Collection of sensitive personal data may occur, for example, if you voluntarily provide us with data, such as on your medical or health condition or concerns, when contacting us. In cases that we do collect health, medical or other data which is not directly provided by you and would otherwise be considered “sensitive personal data”, such as through treatments, such data is not personally identifiable and therefore is not considered to be “personal data”, unless otherwise specifically disclosed to you prior to collection.

Update of information and Opt-Out:

You may contact us to update or correct much of your personal information that you provide to us through the Website or other means other than the limited information described below under the Regulatory Requirements and Law Enforcement Section, or to opt-out from our mailings and other services and communications that you may have signed up for. To do so, please contact us at privacy@lumenis.com.

USE OF YOUR PERSONAL INFORMATION

Lumenis uses personal information, among other things, as follows (as applicable in the context of your interaction with Lumenis – see examples in the second paragraph of this Privacy Statement):

  • to deliver the services you have requested, to interact with you and provide or procure responses for comments, questions and requests if posted by you on the Website or otherwise made;
  • to operate the Website;
  • to protect our materials and content, and the security of our networks and systems;
  • to efficiently market and sell our products and services, including by categorizing and classifying Data Subjects in order to personalize our services and advertising to, and interaction with, such persons;
  • to inform you of, and offer to you, products or services available from Lumenis, including through e-mail messages;
  • we may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered;
  • to ensure that the we can facilitate efficient transactions with, and perform our obligations and exercise our rights under contracts with you, if relevant;
  • to improve, calibrate and customize our products and services;
  • to efficiently manage our business correspondents;
  • in general, to efficiently, effectively and securely manage and protect our business, assets and facilities;
  • to otherwise fulfill legitimate business purposes (e.g. in relation to a sale of all or part of our business);
  • to comply with any legal or regulatory obligations to which we are subject (including compliance with any request from regulatory authorities or other relevant public authorities (see “Regulatory Requirements and Law Enforcement” below);
  • to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
  • for the prevention and detection of crime or acts of dishonesty, malpractice or other improper or unauthorized conduct; and
  • we may use non-sensitive personal data for any other purpose for which we may use sensitive personal data, as detailed below.

We note that, where possible, we rely on a lawful basis other than your consent, for the processing by us of your personal data (e.g. under GDPR Article 6). We also note that, where your consent has been granted to the processing by us of your personal data, we may choose not to rely on such consent where such other lawful basis applies and such consent is not otherwise lawfully required.

Use of sensitive personal data:

We will only process your “sensitive personal data” if permitted by law and only if one of the following conditions is met:

  • you have given explicit consent in writing to the processing of the data (and, for that purpose, if such data is provided by you through the Website, then your submission of the respective form, comment or post in the Website will constitute “explicit consent” in writing);
  • the processing is necessary to protect your health, safety or other vital interests in an emergency (or that of another person) where you are physically or legally incapable of giving consent;
  • the data in question has been made public by you;
  • the processing is necessary for the purpose of, or in connection with, any actual or prospective legal proceedings, for the purpose of obtaining legal advice or otherwise for the purposes of establishing, exercising or defending legal rights subject to applicable local legislation or where courts are acting in their judicial capacity;
  • the processing is necessary for reasons of substantial public interest on the basis of local law which is proportionate to the aim pursued and which contains appropriate safeguarding measures;
  • the processing is necessary for preventative or occupational medicine;
  • the processing is necessary for prevention or detection of crime or acts of dishonesty, malpractice or other improper or unauthorized conduct;
  • the processing is necessary for archiving purposes in the public interest or scientific and historical research purposes or statistical purposes; or
  • the processing is otherwise permitted by law.

In each case, we will meet any legal requirements and enforce any applicable duties of confidentiality vigorously, for example in relation to access to health records.

Disclosure of Personal Information to Third Parties:

Lumenis does not sell, rent or lease personal data to third parties. We may share your personal information among the corporate affiliates within the Lumenis group of companies for the purposes described above.  Lumenis will take steps to ensure that the personal information is accessed only by employees of such companies that have a need to do so for the purposes described in this Statement.

In addition, Lumenis may share data with trusted suppliers and service provides outside Lumenis corporate group for some or all of the purposes described above, including without limitation to help us advertise and market our products and services, perform statistical analysis, surveys, campaigns, send email or postal mail, provide customer support, host databases, provide contact platforms, provide project management tools, process payments, supply goods or services that you can purchase through the use of the Lumenis Services, or arrange for deliveries and provide financial and legal advice and services.

In addition, Lumenis may refer questions posted in our Website to third parties such as local distributors or such suppliers or service providers, for response. We will endeavor that such third parties be contractually prohibited from using your personal information except to provide these services to Lumenis, and required to maintain the confidentiality of your information. We note that such third parties may independently collect personal data as part of and/or in order to perform their services.

We may also share data with business partners and independent distributors of Lumenis’ products in the relevant territories, to be controlled and used by them in connection with their own business as far as it pertains to the Lumenis Services, including for marketing purposes (electronically or otherwise), it being clarified that, once lawfully transferred to them, they will be responsible for the lawful processing of such data, and the processing of such data by them shall be subject to their own privacy notices and policies.

We may also share personal information with third parties for the following purposes:

  • if we sell any of our business or assets, in which case we may disclose your personal data to the prospective buyer for due diligence purposes;
  • if we are acquired by a third party, in which case personal data held by us about you may be disclosed to the third party buyer;
  • if required by competent authorities for legal, tax and financial reasons; and
    to the extent required by law, for example, if we are under a duty to disclose your personal data in order to comply with any legal obligation, establish, exercise or defend our legal rights.

TRANSFERS OF PERSONAL INFORMATION OUTSIDE THE EUROPEAN ECONOMIC AREA OR YOUR COUNTRY OF RESIDENCE

The personal information that we collect from you may be transferred to and stored at, a destination outside the country in which you reside. It may also be processed by staff operating outside of that country who work for Lumenis, professional advisors or banks.

Where we transfer your personal information to another country, we will ensure that any transfer of your personal information is compliant with data protection law.

You can obtain more details of the protection given to your personal information when it is subject to an ex-EEA Transfer or outside your country of residence (including a copy of the standard data protection clauses which we have entered or will enter into with recipients of your personal information if required) by contacting us in accordance with the “Contacting us” section below.

USE AND DISCLOSURE OF NON-PERSONAL INFORMATION

Lumenis will not treat as confidential any information that you provide that is not personally identifiable, such as questions, comments, ideas, or suggestions. You should be aware that Lumenis will be free to disclose through any means and use for any purpose such information in its sole discretion. By providing such information to Lumenis, you understand and agree that no relationship has been created between Lumenis and yourself, and Lumenis has no obligation to you whatsoever regarding such information. Where such communications are personally identifiable, they will be treated in accordance with Section 2 above.

USE OF COOKIES

General

The Website uses “cookies”. A cookie is a small piece of data sent from a website and stored on the user’s computer or device by the user’s
web browser, while the user is browsing. It is used to enable websites to function or to provide information to the owners of a website, or other third parties which receive data obtained from that website. When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.

The cookie will remain in the cookies file of your browser after the closing of the browser and will be reactivated when the Website is reopened unless removed. You may delete the cookie at any time.

Purposes

One of the primary purposes of cookies is to help you personalize your online experience and provide a convenience feature to save you time. The purpose of a cookie is to tell the webserver that you have returned to a specific page. For example, if you personalize the Website pages, or register with Website services or sites, a cookie helps the Website to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the Website, the information you previously provided can be retrieved, so you can easily use the Website’s features that you customized.

Other primary purposes of cookies include:

  • The tracking of Website usage and collecting and recording information about visitors and their use of the Website.  This helps us improve the way our Websites work, identify what our users are interested in, and assess the effectiveness of our content by providing statistics and data relating to website use.
  • Marketing: Marketing cookies allow us (or third parties) to monitor the behavior of users of our Websites, so as to effectively target relevant content delivery, including advertisements, to users, based on their specific interests on our Websites and of third-party sites. This information also enables us to monitor the effectiveness of our digital marketing campaigns and to understand how useful our advertisements are.

Please note that third parties may use cookies. The kind of cookies and the consequent data processing carried out by such third parties are regulated by their privacy policy. Please see below.

Controlling Cookies

You have the ability to accept or decline cookies. The instructions for removing cookies from your computer or mobile device depend on the operating system and web browser you use. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Website’s services. For more information about cookies, including how to set your internet browser to reject cookies, please go to www.allaboutcookies.org.

Third-Party Cookies

We use the following third-party systems that rely on the use of cookies data:

  •  Google Analytics – This Website uses Google Analytics to analyze the use of this Website. Google Analytics uses cookies, to collect standard Internet log information and visitor behavior information in an anonymous form. The information generated by the cookie about your use of the Website (including IP address) is transmitted to Google. This information is then used to evaluate visitors’ us of the Website and to compile statistical reports on Website activity. Google’s privacy policy is available at: https://www.google.com/privacypolicy.html.You can opt-out from Google Analytics using the currently available method available at https://tools.google.com/dlpage/gaoptout/.
  • Hotjar web analytics – This Website uses Hotjar web analytics service. Hotjar may record mouse clicks, mouse movements and scrolling activity where we use this information to improve user experience. Hotjar collects information regarding pages visited, actions which are taken, country, device used, operating system, and browser used. Hotjar does not collect personal information that you do not voluntarily enter in this Website. Hotjar does not track your browsing habits across websites that do not use Hotjar services. For more information about cookies used by Hotjar you may visit: https://www.hotjar.com/legal/policies/cookie-information. If you do not want to be tracked by Hotjar on websites, you can turn it off with a “do not track” header or visit: https://www.hotjar.com/legal/compliance/opt-out.
  • Display advertising (remarketing) – This Website uses Google Display Advertising to reflect your interests across the web (remarketing). To determine your interests, Google will track your behavior across the web using cookies. You can view, delete or add interest categories associated with your browser using Google’s Ads Preference Manager, available at: https://www.google.com/ads/preferences/. However, this opt-out mechanism uses a cookie, and if you clear the cookies from your browser your opt-out will not be maintained. To ensure that an opt-out is maintained in respect of a particular browser, you should use the Google browser plug-in available at: https://www.google.com/ads/preferences/plugin.
  • Hubspot – This Website uses Hubspot cookies for certain functional purposes as well as for tracking visitors’ identity, sessions and activity on the Website and authentication. For information on Hubspot cookies you may visit: https://knowledge.hubspot.com/articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser. We use some but not all of the cookies listed in the above link. Note that we do not use the Hubspot feature that gives users the choice to opt-out of cookies. We also note that we manually place the social media websites’ pixel codes on our pages (see below), and not through the use of Hubspot’s ads tool, and therefore Hubspot will not be able to control the placement of social media sites’ cookies on your browsers.
  • Social Media – When we perform advertising campaigns on Facebook, Linked In, Twitter, Instagram and Pinterest, we use cookies provided by such websites for some or all of the purposes described above. In addition, such social media platforms may use your data for their own or purposes or for third-party subscribers of their services, as set forth in their respective privacy statements, which you are encouraged to review.For additional information relating to social media cookies, you may visit:

SECURITY OF YOUR PERSONAL INFORMATION

Lumenis makes reasonable efforts to secure your personal information from unauthorized access, use or disclosure. Lumenis secures the personal information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. However, Lumenis cannot guarantee that it is completely secure from people who might attempt to evade our security measures or intercept transmissions over the Internet.

Where personal information is recorded in hard copy, we take organizational measures to secure such information, such as storing paper records containing personal data in locked cabinets.

REGULATORY REQUIREMENTS AND LAW ENFORCEMENT

Lumenis may be required, by court order or as otherwise required by law, to divulge personal information to law enforcement authorities, the courts, or regulatory authorities. Lumenis will cooperate in responding to such requests, in accordance with the regulatory or legal process, and will take appropriate measures to ensure that the requester understands the sensitive nature of any health-related personal information they receive.

If you contact us regarding your experience with using any of our products, we may use the information you provide in submitting reports to the U.S. FDA and/or similar regulatory bodies in other jurisdictions, and as otherwise required of us by law or governmental audit. We may also use the information to contact your healthcare professional to follow up regarding an unexpected event involving the use of any one of our products. You understand that in order to comply with the law, Lumenis may not be permitted to comply with your request to amend or remove personal information that was provided to Lumenis by a healthcare professional or a consumer regarding an adverse event or reaction involving medicine, medical products or medical devices.

ONLINE PRIVACY FOR CHILDREN

Lumenis is committed to protecting the privacy of children. We do not intend to collect personal information from children under 18 years old, however, Lumenis is dependent on the Website’s users to identify themselves as children under 18 years old and therefore Lumenis will assume no liability thereon if the user’s age was not stated properly or at all. If a child has provided us with personal information, the parent or guardian of that child may contact us at privacy@lumenis.com.

RETENTION OF PERSONAL INFORMATION

How long we hold your personal information will vary. The retention period will be determined by various criteria including:

  • the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
  • legal obligations – laws or regulations may set a minimum period for which we have to keep your personal information.
  • the advisability of retention taking into account our legal considerations (such as statutes of limitations, litigation or regulatory investigations).

YOUR RIGHTS

You have a number of legal rights in relation to the personal information that we hold about you. These rights include:

  • the right to obtain information regarding the processing of your personal information and access to the personal information which we hold about you;
  • the right to withdraw your consent to our processing of your personal information at any time. Please note, however, that we may still be entitled to process your personal information if we have another legitimate reason (other than consent) for doing so;
  • in some circumstances, the right to receive some personal information in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided to us;
  • the right to request that we rectify your personal information if it is inaccurate or incomplete;
  • the right to request that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information but we are legally entitled to retain it;
  • the right to request that we restrict our processing of your personal information in certain circumstances. Again, there may be circumstances where you ask us to restrict our processing of your personal information but we are legally entitled to refuse that request; and
  • the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.

You can exercise your rights by contacting us using the details set out in the “Contact Information” section below.

You can find out more information about your rights by contacting the data protection regulator in your jurisdiction, or by searching their website. A list of National Data Protection Authorities in Europe can be found at
https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. If you are unsure about which is the correct regulator, please feel free to contact us as provided above for assistance.

IMPORTANT ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS

In this section, we provide information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how to handle their personal information, whether collected online or offline.

Under the CCPA, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. It does not include publicly available data as defined by the CCPA.

Personal Information Not Covered by this California Section

This section does not address or apply to our handling of publicly available information made lawfully available by state or federal governments or other personal information that is subject to an exemption under Section 1798.145(c) – (f) of the CCPA.

This section also does not apply to personal information we collect about California job applicants, independent contractors, or current or former full-time, part-time and temporary employees and staff, officers, directors or owners of Lumenis, and used solely in that context.  Employees can see the employee privacy policy on the intranet for more information.

Categories of Personal Information that We Collect and Disclose

The table below sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, use, and disclose to others for a business purpose.  We collect these categories of personal information from the sources as explained in the Collection of your Personal Information section above, and for the purposes explained in the Use of your Personal Information section above.  Our collection, use and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident.

We do not and will not sell your personal information, but a third-party cookie (as described in the ‘Use of Cookies’ section, above) may be deployed if an individual consents.  The personal information referenced in the chart below does not include similar information we may collect from our CA-based employees or business contacts of our enterprise customers.