Össur Design Studio Privacy Notice

Updated 1st of April 2020

Introduction

Össur is a global leader in non-invasive orthopedics; innovating, producing, and providing advanced technological solutions within prosthetics and bracing & supports.

Design Studio is an application that allows for computer aided design to be used for modifications of scans for the purpose of efficiently creating custom manufactured products.

We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Notice describes Össur´ policies and practices regarding its collection and use of your personal data and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.

This privacy notice applies solely to the collection and processing of information through the software and services offered by Össur through the website www.ossurdesignstudio.com collectively, together with the site and the apps, “Design Studio”.

Processing includes the collection, use, storage and disclosure of information by Össur.

The content of this page was last updated on 15th of March 2020

Data Protection Officer

Össur is headquartered in Reykjavík, Iceland. Össur has appointed an internal data protection officer for you to contact if you have any questions or concerns about the Össur’s personal data policies or practices. The Össur´s data protection officer’s contact information are as follows:

[email protected]
Össur hf.
Grjótháls 5
110 Reykjavík, Iceland

Össur is made up of different legal entities. This privacy policy is issued on behalf of the Össur Group so when we mention “Össur”,"we", "us" or "our" in this privacy policy, we are referring to the relevant company in the Össur Group responsible for processing your data. 

How we collect and use (process) your personal information

Össur collects personal information about the users of the services Design Studio provides in the following ways:

·        Data you provide to us: When you provide us with personal information when you register for an account, use the service, post user content, make a purchase, interact with other users of Design Studio through communication or messaging features, or send us customer service-related requests.

·        Cookie Information: When you use Design Studio, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your device. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to Design Studio. Please review your web browser “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete, or choose not to accept, cookies from Design Studio, you may not be able to utilize the features of Design Studio to their fullest potential.

·        Automatically Collected Information: When you use Design Studio, we may automatically record certain information from your device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use Design Studio, the pages or other content you view or otherwise interact with on Design Studio, and the dates and times that you visit, access, or use Design Studio. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message. This information is gathered from all users.

·        Third Party Web Beacons: We may also implement third-party content or advertising on Design Studio that may use clear gifs or other forms of web beacons, which allow the third-party content provider to read and write cookies to your browser in connection with your viewing of the third party content on Design Studio. Information collected through web beacons is collected directly by these third parties, and Össur does not participate in that data transmission. Information collected by a third party in this manner is subject to that third party’s own data collection, use, and disclosure policies.

·        Integrated Services: You may be given the option to access or register for Design Studio through the use of your user name and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your online banking credentials, or otherwise have the option to authorize an Integrated Service to provide personal information or other information to us. By authorizing us to connect with an Integrated Service, you authorize us to access and store your name, email address(es), date of birth, gender, current city, account numbers and any other information that the Integrated Service makes available to us, and to use and disclose it in accordance with this Privacy Policy. You should check your privacy settings on each Integrated Service to understand and change the information sent to us through each Integrated Service. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to Design Studio.

·        Location Information. Össur may offer certain features as part of Design Studio in whole or in part based on your location, such as to locate the mobile device on which you have installed or downloaded an App. You will be given the opportunity to opt-in to location-based services, normally through an opt-in screen on the App. If you choose to enable location-based services, we may collect your location based on information provided by you or the mobile device, including, if available, GPS, IP address or cell tower information. If you do not opt-in to or choose to disable location-based services, you may not be able to utilize certain features of the Service.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: 

·        Where we need to perform a contract we are about to enter into or have entered into with you. 

·        Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. 

·        Where we need to comply with a legal obligation. 

·        Where we´ve received your consent. 

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. 

Promotional offers from us

We may use Data you Provide to us, Cookie Information and Automatically Collected Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). 

You will receive marketing communications from us if you have requested information from us or purchased from us and you have not opted out of receiving that marketing.

Opting out

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. 

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

Disclosures of your personal data

We may share your personal data with the parties set out below for the purposes mentioned above. 

·        Service providers who provide IT and system administration services in connection with our contract with you. 

·        Entities within the Össur Group

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Data subject rights (EU Citizens)

The European Union’s General Data Protection Regulation 2016/679 (GDPR) and other countries’ privacy laws provide certain rights for data subjects. A good explanation of them (in English) is available on the website of the United Kingdom’s Information Commissioner’s Office.

This Privacy Notice is intended to provide you with information about what personal data Össur collects about you and how it is used. If you have any questions, please contact us at [email protected]

If you wish to confirm that Össur is processing your personal data, or to have access to the personal data Össur may have about you, please contact us at [email protected]

You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Össur might have received the data from Össur; what the source of the information was (if you didn’t provide it directly to Össur); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Össur if it is inaccurate. You may request that Össur erases that data or ceases processing it, subject to certain exceptions. You may also request that Össur ceases using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Össur processes your personal data. When technically feasible, Össur will—at your request—provide your personal data to you or transmit it directly to another controller.

Reasonable access to your personal data will be provided at no cost upon request made to Össur at [email protected]. If access cannot be provided within a reasonable time frame, Össur will provide you with a date when the information will be provided. If for some reason access is denied, Össur will provide an explanation as to why access has been denied.

Security of your information

To help protect the privacy of data and personally identifiable information you transmit through use of the application Design Studio, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you.

Data storage and retention

Design Studio uses Amazon Web Services (AWS) in the United States as a hosting service.  The data protection and privacy laws of the United States may not be as comprehensive as the laws in your country.  For example, personal data transferred to the United States may be subject to lawful access requests by federal and state authorities in the United States.  AWS participates in the EU-U.S. Privacy Shield principles and the Swiss-U.S. Privacy Shield principles regarding the collection, use, sharing and retention of personal data from the European Economic Area and Switzerland, as described in the EU-U.S. Privacy Shield certifications and Swiss-U.S. Privacy Shield certifications of AWS. Click here for more information concerning such certifications of AWS. 

 

Third Party Information

Third party information is handled in the same way as personal information described above. Please refrain from entering third party personally identifiable data into Design Studio.

If you enter information about another person (for example - if you are a health care professional) into the Design Studio you are the data controller, as defined within the GDPR. As a data controller you have multiple obligations regarding the processing of personal information and as such all third-party information’s is your responsibility. It is your obligation to assure that the third-party information collected, stored and processed within the application is collected in a legitimate way and that you have fulfilled your duties.

For example:

  • Ensuring that the data is collected lawfully
  • Ensuring that the individuals the information concern are informed of your activities or have clear options to become informed
  • Ensuring that the data is accurate and up-to-date
  • Ensuring that the data is only processed within the purpose originally stated
  • Ensuring you are able to demonstrate compliance to the applicable Data Protection legislation
  • Ensuring that the information is handled with integrity and confidentiality
  • Ensuring that parental consent is provided if the information concerns children under 16 years old

Changes and updates to the Privacy Notice

As our organization, our products and this app changes this Privacy Notice is expected to change as well. We reserve the right to amend the Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice within this app. We may e-mail periodic reminders of our notices and terms and conditions and will e-mail Össur Design Studio users of material changes thereto, but you should then refer to the application to see the current Privacy Notice that is in effect and check for application updates frequently to see changes that may have been made to it.