Siirry sisältöön

Privacy Policy

Privacy policy

Last modified 08.05.2018

We at LAERDALLaerdal Medical AS, Tanke Svilandsgate, Stavanger, Norway 4002collectively referred to as “LAERDAL”, “we”, “us”, “our”) take your privacy seriously. This Privacy Statement describes how we collect, store, use and disclose information that identifies you as an individual when you interact with us or use any of the following:

  • Any website maintained by LAERDAL (referred to as “Website” or “Websites”) or
  • Any LAERDAL product, service, application or programme including any trial (collectively referred to as “Services”)

This Privacy Statement is issued on behalf of the Laerdal group of companies so when we mention LAERDAL we are referring to the relevant company in the LAERDAL group of companies responsible for processing your data.  LAERDAL MEDICAL AS is the controller responsible for this Website.

It is important that you read this Privacy Statement together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we use your data. This Privacy Statement supplements the other notices and is not intended to override them. 

* This Website is not intended for children (i.e. persons under 16 years of age) and we do not knowingly collect data relating to children through this Website.

WHEN WE COLLECT PERSONAL INFORMATION

We collect information about you if you:

  • use this Website;
  • enquire about or purchase our Services (either in your own capacity, or as a representative for your employer); or
  • use one of our Services (either for your own professional purposes (e.g. as a private doctor), or during the course of your employment for an organisation (such as a hospital or other service provider or other organisation) which utilises our Services, or where you participate in a training programme or receive medical treatment from a provider using our Serivces).

TYPES OF INFORMATION COLLECTED

The personal information we collect depends on the context of your interaction with LAERDAL and can include:-

  • Identity data including first and last name, user name, title
  • Contact data including email address, postal address (billing or delivery), employer or organisation details, phone number and other similar contact data
  • Profile data including user name and credentials such as passwords, password hints and other similar information for authentication and account access, purchases or orders made by you, feedback and survey responses
  • Usage data including information about how you use our Websites or Services
  • Demographic data such as location, country and preferred language
  • Payment data necessary to process your payment if you make purchases such as your credit card or other bank card number
  • Transaction data such as details about payments to and from you and other details of products or services you have bought from us
  • Technical Data including internet protocol (IP) addresses, login data, browser type and version, time zone and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Websites or Services
  • Marketing and communication data including your preferences in receiving marketing from us and our third parties and your communication preferences
  • (if relevant) employer’s name, hire date, department and job title; details of any training or performance records and levels of competence obtained through your use of the Services and details of your access to and use of the Services.

We may aggregate or otherwise de-identify your personal information, so that we can use it for our own statistical, analytical or benchmarking purposes.  We do this in order to better understand how users interact with our website, or to understand and evaluate how our products are used, so that we can make evidence based improvements to them. The de-identified information that we use for these purposes will not directly or indirectly reveal your identity.

Information you give us:

When you use the Websites or contact us in any way: You may give us information about yourself by filling in forms on our Websites or by corresponding with us by phone, email or otherwise. This includes information you provide when you submit documentation to us, register to use our Websites, enquire about or purchase our Services, subscribe to our Services, interact with our personnel, report a problem on our Websites or when you provide feedback. If you contact us through the Websites, we will keep a record of our correspondence.

When you use the Services: We receive and store information that you directly provide to us through your use of Services including any personal information that you provide to us when you register for the first time as a user of our Services. 

IMPORTANT NOTE: Many Services are intended for use by our customer organisations and are in those cases, administered to you by your organisation. We collect and process our customers’ information on their instructions and in accordance with our agreements with them. Your use of the Services may be subject to your organisation’s policies, if any. If you use any Services under direction from an organisation you have a connection with (such as an employer or a school), that organisation will (1) control and administer your use of the Services and (2) access and process your personal information. If your organisation administers your use of the Services, please direct your privacy enquiries to your organisation. Your organisation is the data controller of your personal information for such purposes, and we are the data processor. LAERDAL is not responsible for the privacy or security practices of its customers and these may differ from those set out in this Privacy Statement.

Information we automatically collect about you:

When you use the Websites or the Services: We may automatically collect technical information including the Internet Protocol (IP) address used to connect your computer to the internet and your login information, browser type and version, time zone setting as well as information about your visit including pages visited. We will also collect information about your visit including the full Uniform Resource Locators (URL), clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information and any phone number used to call our customer service number.

COOKIES: You understand and agree that, when you visit certain pages of our Website or use our Services, our servers may send "cookies". Cookies are small pieces of text sent to your computer's hard drive through your web browser.  Such electronic personal information is sent to us automatically.  If you not wish to accept cookies in respect of your use of the Services, you should stop using the Services, or turn off your cookies using your Internet browser settings, but please be aware that some of the functionality of the Websites or Services and associated services may not work if your browser does not accept cookies. For Information about the cookies we use, please see COOKIE POLICY.

Information we receive from third parties. We also obtain personal information from third parties according to the practices described in this Statement together with any additional restrictions imposed by the source of the data. These third-party sources include:

  • Customer organisations (please refer to the IMPORTANT NOTE above).
  • Service providers that help us to determine a location based on your IP address or assist us with technical, payment and delivery services
  • Partners with which we offer co-branded Services or engage in joint marketing activities such as the American Heart Association, British Heart Foundation and others.

HOW YOUR PERSONAL INFORMATION IS USED

We will use the information we collect via our Websites and Services to:

Purpose

Type of Personal Information

Legal Basis

To register you as a new customer

(a) Identity

 

(b) Contact

Performance of a contract with you

To process and deliver your order including:

(a) Manage payments, fees and charges

 

(b) Collect and recover money owed to us

(a) Identity

(b) Contact

(c) Financial

(d) Transaction

 

(e) Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:

 

(a) Notifying you about changes to our terms or Privacy Statement

 

(b) Asking you to leave a review or take a survey

(a) Identity

(b) Contact

(c) Profile

 

(d) Marketing and communications

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our Websites or Services)

To enable you to complete a survey

(a) Identity

(b) Contact

(c) Profile

(d) Usage

 

(e) Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity

(b) Contact

 

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity

 

(b) Contact

(c) Profile

(d) Usage

(e) Marketing and Communications

 

(f) Technical

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our Website or Services, marketing, customer relationships and experiences.  As stated above, we take steps to de-identify this information prior to processing, but to the extent that it technically contains any personal data for the purposes of data protection law, we have established the appropriate legal basis set out here.

(a) Technical

 

(b) Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about Services that may be of interest to you

(a) Identity

(b) Contact

(c) Technical

(d) Usage

 

(e) Profile

Necessary for our legitimate interests (to develop our products/services and grow our business)

To provide you and/or (where applicable) your employer with help associated with the Services including training, competence records and certificates

(a) Identity

 

(b) Contact

 

(c) Technical

 

(d) Usage

 

(e) Performance records

 

 

Necessary to perform our contract with your employer or with you

Provide you and/or (where applicable) your employer with user support and customer support to diagnose and resolve Service problems and other customer care and support activities.

(a) Identity

 

(b) Contact

 

(c) Technical

 

(d) Usage

 

(e) Performance records

 

Necessary to perform our contract with your employer or with you

Administer your account and/or (where applicable) the Services we provide your employer

(a) Identity

 

(b) Contact

 

(c) Technical

 

(d) Usage

 

(e) Performance records

 

Necessary to perform our contract with your employer or with you

 

Generally we do not rely on consent as a legal basis for processing your personal information.  In some circumstances, we may rely upon consent as a basis to send direct marketing communications to you via email or text message, where we are required to do so by law.  However, in other cases we will lawfully rely on our legitimate interest in being able to inform you about relevant Services, in a way which is not overly intrusive.  Regardless of our legal basis for marketing, you have the right to prevent marketing at any time by contacting us at privacy@laerdal.com or by using the unsubscribe links contained in our emails. If you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent.  Separately, your employer may collect consents from you for their own purposes as a data controller (see the following box).

Where you use the Services at the request of your employer, and we provide Services to your employer, we collect, use and share your personal information for the above purposes at the request of, and in accordance with the directions of your employer. Your employer is the data controller of your personal information for such purposes, and we are the data processor. Your employer has personal information protection policies and processes that may differ from the privacy notice you are currently reading and we recommend that you read such policies before accessing or using the Services.

If you have yourself individually subscribed to the Services, we collect, use and share your personal information for the above purposes for and on your behalf and we are the data processor of your personal information for such purposes.

We will not sell your personal information or share it with third parties for use in advertising or marketing of their products or services.

HOW WE SHARE YOUR INFORMATION

Where you use the Services at the request of your employer, and we provide services to your employer, we share your personal information with your employer for certain purposes as data processor of your employer - see "HOW YOUR PERSONAL INFORMATION IS USED" above.

We use third-party service providers (for example, Microsoft Azure) to store and process your personal information. Where our Service is one that is being provided in conjunction with one of our partners, such as the American Heart Association, we will share personal information with that partner for the purpose of issuing certificates of competence endorsed by that partner. Our partners are required by us to provide substantially the same level of security and protection to your personal information as we ourselves are obliged to under this Privacy Statement.

We may share your personal information with our payment processing service providers in connection with the payment processing services that they perform for us in connection with processing your purchase of the Services. They are not authorized by us to use the information for their benefit.

Our service providers have to follow our express instructions when processing personal information you provide and they must comply with appropriate retention and security measures to protect such personal information and we do not allow them to use this information for their own purposes.

We may also share your personal information in response to a request by government or regulatory authorities, law enforcement or an order of the courts; to a potential acquirer of our business; and as permitted by applicable laws and regulations.

Links to other websites. The Websites contain links and interactive features with various social media platforms, such as Facebook and Twitter. If you already use these platforms, their cookies may be set on your device when using our Websites and they may already have certain information about you which they may combine with information collected on our Websites. These features may enable integration and/or access to your social media accounts. We do not control those social media services, your profiles on those services, modify your privacy settings on those services or establish rules about how your information on those services will be used. You and the social media service providers are in control of those issues. You are encouraged to read all policies and information on the applicable social media services to learn more about how they handle your information before using any such features made available to you on the Websites. We are not responsible for any acts or omissions by any social media service provider or your use of features that come from their features or platform.

INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION

LAERDALhas operations around the world, and we also have partners and service providers who operate in a variety of countries.  As such, your personal information may be moved to and stored by us in countries other than your own country, where the data protection and privacy laws may be different to those in your country. One way in which this may occur is where your personal information is stored in a controlled access repository in the cloud. “In the cloud” refers to servers in a data center that are managed by a third party and accessible through the Internet, and that data center may be in a country other than your own. You acknowledge and agree to this transfer, storing and/or processing outside of your country. 

RETENTION OF YOUR PERSONAL INFORMATION

In the limited circumstances where we are the data controller of your personal information (see "How Your Personal Information Is Used" above for further details), we maintain your personal information only for as long as is it is necessary.  In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting  requirements. In specific circumstances we may also store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings

Where your employer or another organisation is the data controller of your personal information, please refer to their personal information protection policies and processes for information about the relevant retention period(s).

DATA INTEGRITY AND SECURITY

We are committed to the privacy and confidentiality of the personal information in our control or possession (as the case may be). We are obliged to have appropriate physical, electronic and managerial protection measures in place to prevent unauthorized access, erasure, loss, use, processing or disclosure of your personal information, and we take reasonable steps to do so. We will continue to review and update our security measures where appropriate, as new technology becomes available.

Unfortunately, transmission of information via the Internet is not completely secure. Although we use reasonable measures to protect your personal information, we cannot guarantee the security of your personal information.

YOUR RIGHTS

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information:

  • To access personal information
  • To rectify / erase personal information
  • To restrict the processing of your personal information
  • To transfer your personal information
  • To object to the processing of personal information
  • To object to how we use your personal information for direct marketing purposes
  • To obtain a copy of personal information safeguards used for transfers outside your jurisdiction
  • To lodge a complaint with your local supervisory authority

Exercise Your Rights here

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

Importantly, in situations where we act as a data processor (for example, where we collect personal information from you through the use of our Services, as more fully described throughout this Privacy Statement) you should exercise your rights against the relevant data controller (for example, your employer, where your employer is the customer organisation which has purchased our Services).

We have appointed a data protection manager who is responsible for overseeing questions in relation to this Privacy Statement. If you have any questions about this Privacy Statement including any requests to access, correct or delete the personal information we hold about you or to complain about our handling of your personal information, please contact the data protection manager using the details set out below:

LAERDAL MEDICAL AS

FOR THE ATTENTION OF THE DATA PROTECTION MANAGER

Email: Privacy@laerdal.com

Postal: Tanke Svilandsgate 30, 4002 Stavanger Norway

 

Your request may be accepted or denied on the basis of any applicable laws and where your employer is the data controller of personal information requested we may redirect your request to your employer.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.   We will update this Privacy Statement when necessary. All updates will be posted on the Websites. When we post such updates, we will revise the “last updated” date at the top of the statement. We encourage you to periodically review this Privacy Statement to learn how LAERDAL is protecting your information.