Privacy Policy
Effective as of April 1, 2023
This Privacy Policy describes how BlueWind Medical, Ltd., BlueWind Medical, Inc., and our subsidiaries and affiliates (collectively “BlueWind Medical,” “we”, “us” or “our”) handle personal information that we collect though our websites and other digital properties that link to this Privacy Policy (collectively, the “Service”), through social media, in connection with our marketing activities, business activities, and through other activities described in this Privacy Policy.
BlueWind Medical may offer certain products, programs or services that have unique or additional terms, privacy notices and consent agreements. Please reference the respective terms, notices and agreements for more details on those products, programs and services
Table of Contents
Personal information we collect
How we use your personal information
How we share your personal information
Changes to this Privacy Policy
Information regarding the European Economic Area and United Kingdom
Personal information we collect
Information you provide to us. Personal information you may provide to us through the Service or otherwise, includes:
- Contact data, such as your first and last name, email, phone number and mailing address.
- Professional or employment-related data about healthcare professionals and business partners, such as professional title, company or institution name, work address, professional experience and areas of specialization, and license information.
- Communications that we exchange, including when you contact us with questions, feedback, or otherwise.
- Marketing preference data, such as your preferences for receiving our marketing and other communications as well as details about how you engage with our communications.
- Health information, such as symptoms, conditions, diagnoses, treatments, and feedback about your experience with BlueWind Medical’s product or services that you provide as part of research recruitment, marketing testimonials, general support and outreach, or otherwise.
- Research data that you may provide when you agree to participate in our surveys, polls, focus groups, and other market research activities, including demographic information and survey responses.
- Other information that we may collect which is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
Third party sources. We may combine personal information we receive from you with personal information we obtain from other sources. The sources may include:
- Data providers, such as information services and data licensors.
- Public sources, such as social media platforms and government and professional websites.
- Research partners, such as companies or organizations with whom we partner on market research initiatives.
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your activity over time on our sites and other sites and online services, such as:
- Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.
Cookies. Some of our automatic data collection is facilitated by cookies and similar technologies. For more information, see our Cookie Policy.
How we use your personal information
We use your personal information for the following purposes or as otherwise described at the time we collect it:
Service delivery. We use your personal information to:
- provide, operate and improve the Service and our business;
- enable security features of the Service;
- communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages; and
- provide support for the Service, and respond to your requests, questions and feedback.
Business transactions. During certain business interactions, we may use your personal information to manage business transactions with you or the company or organization you work(ed) for. This may include making or responding to requests related to the transaction, or obtaining or making payments.
Research and development. We may use your personal information to offer opportunities to participate in market research surveys or other research and development activities. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect.
We make personal information into anonymous data by removing information that makes the data personally identifiable to you.
Marketing and advertising. We and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:
- Direct marketing. We may send you BlueWind Medical-related or other direct marketing communications as permitted by law, including by email. You may opt-out of our marketing communications as described in the Opt-out of marketing communications section below.
- Interest-based advertising. We may contract with third-party advertising partners to display ads on our Service and other online services. These partners may use cookies and other technologies to collect information about you (including the device data and online activity data described above) over time across our Service and other online services, as well as your interaction with our emails. They use that data and other information they collect to try to help advertisers reach their desired audience on the Service and/or tailor the ads you see on the Service and other online services to your interests. You can learn more about your choices for limiting interest-based advertising, in the Your choices section below.
Treatment and/or quality control. We may use your personal information to carry out your treatment, including treatment prescribed by a physician, and to provide you with general information about your treatment. We may also use your personal information to ensure high standards of quality and safety related to health care and medical devices.
Compliance and protection. We may use your personal information to:
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- manage adverse event reporting, product safety, and other reporting obligations;
- audit our internal processes for compliance with legal and contractual requirements and internal policies;
- enforce the terms and conditions that govern the Service; and
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
Retention. We retain personal information where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested; to comply with applicable legal, tax or accounting requirements; to establish or defend legal claims; or for fraud prevention). Whether the retention period is sufficient to fulfill such purposes is the primary criteria for determining the duration of the retention period. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will store your personal information and isolate it from any further processing until deletion is possible.
How we share your personal information
We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:
Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
Service providers. Companies and individuals that provide services on our behalf or help us operate the Service or our business (such as information technology, customer relationship management and support, email delivery, advertising, marketing, and website analytics).
Advertising partners. Third party advertising partners that collect information about your activity on the Service and other online services to help us advertise our services, and/or use contact lists that we share with them to deliver ads on their platforms to those individuals and similar patients and customers.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, crisis lines and private parties, as we believe in good faith to be necessary or appropriate for the purposes described above in the Compliance and protection section.
Business transferees. Acquiring and other relevant parties (and their advisors) to business transactions (or potential transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, BlueWind Medical or our affiliates (including, in connection with a bankruptcy or similar proceedings).
Your choices
You have the following choices with respect to your personal information.
Opt-out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by emailing us at compliance@bluewindmedical.com. You may continue to receive service-related and other non- marketing emails.
Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until
you change your settings. If you do not accept cookies, however, you may not be able to access all features of the Service or they may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org. Please refer to our Cookie Policy to learn more about your cookie choices.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals except where we expressly indicate otherwise. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services.
Other sites and services
The Service may contain links to websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or other online services that are not associated with us. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions.
Security
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
International data transfer
We operate primarily in the United States and Israel. We may use service providers that operate in other countries. Your personal information may be transferred to the United States, Israel or other locations where privacy laws may not be as protective as those in your state, province or country.
Residents of the European Economic Area and United Kingdom should read the important information provided below about transfer of personal information outside of the European Economic Area and United Kingdom.
Children
The Service is not intended for use by children under 16 years of age. If we learn that we have collected personal information through the Service from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.
How to contact us
If you have any questions about this Privacy Policy, please feel free to contact us at compliance@bluewindmedical.com.
Information regarding the European Economic Area and United Kingdom
This section applies only to individuals in the United Kingdom and the European Economic Area.
Personal information: References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.
Controller: BlueWind Medical is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation. We have appointed a Data Protection Officer, who can be reached at compliance@bluewindmedical.com
Legal bases for processing: The legal bases of our processing of your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it. However, the table below sets out the legal bases on which we typically rely when we process personal information other than medical information or other special categories of data. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent, or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us at compliance@bluewindmedical.com.
| Processing Purpose | Legal Basis |
|---|---|
| Service delivery and business transactions | Processing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service. Where we cannot process your personal data as required to operate the Service on the grounds of contractual necessity, we process your personal information for this purpose based on our legitimate interest in providing you with the Service you access and request. |
| Marketing and advertising | Where consent is not required by applicable law, we process your personal information for these purposes based on our legitimate interests in promoting our business. |
| Research and development | These activities are based on legitimate interests, if consent is not the basis of processing. |
| Treatment and/or quality control | Where processing is not on the grounds of contractual necessity or consent, processing may be necessary for the vital interests of a patient and/or to comply with our legal obligations. |
| Compliance and protection | Processing is necessary to comply with our legal obligations. |
| Actions we take with your consent | Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the Service. |
Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Sensitive personal information. We always ask for your explicit consent before processing sensitive personal information like your medical conditions, gender, ethnicity, or other special categories, when collected through the Service (e.g., when signing up to participate in clinical studies, completing surveys or participating in marketing testimonials).
We ask that you not provide us with any sensitive personal information through the Service or otherwise that is unnecessary. If you do not consent to our processing and use of such sensitive personal information, you must not provide it to us.
Your rights. European data protection laws give you certain rights regarding your personal information. If you are located within the United Kingdom or European Economic Area, you may ask us to take the following actions in relation to your personal information that we hold:
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by sending them to our email: compliance@bluewindmedical.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Cross-Border data transfers. If we transfer your personal information from the United Kingdom or European Economic Area to another country such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.