true

Surgi-Pal mobile application privacy notice

Effective Date: May 26, 2021

policies_landing1.jpg
Overview

This Privacy Notice describes the privacy practices of Becton, Dickinson and Company and its subsidiaries (collectively " BD”) in connection with the Surgi-Pal mobile application (the “App”). This Privacy Notice describes the personal information that BD collects and processes, how BD may use and share the information, and the choices that are available to you with respect to BD’s handling of the information. Please note that some functionality described in this Privacy Notice may not be available at this time, or to all individuals. This Privacy Notice does not apply to information that BD or third parties collect in connection with other websites, other mobile applications, or other services. These other websites, mobile apps and services are governed by their own privacy policies, which we encourage you to read before using them.

By clicking the “I Agree”, you agree: that BD may collect the information below and share it with third parties pursuant to this Privacy Notice; and that I accept and will be bound by the terms of the End User License Agreement (“EULA”)

Account Creation and Operations

By agreeing to allow us to collect, use and disclose your information for the below purposes, you will be able to create a unique user account on the App. Once you have an account, you will be able to use the features of the App, including:

  • tracking progress toward optimization goals provided by your surgeon;
  • accessing educational materials relating to your optimization goals and surgery; and
  • accessing a preparation checklist for your procedure once you have met your optimization goals and scheduled your procedure with your surgeon.

 

If you do not agree to our information collection for Account Creation & Operations, we cannot operate the App for you and you will not be able use it.

BD regularly reviews its policies and procedures, and as a result we may change or update this Privacy Notice from time to time. The current version of this Privacy Notice will be available under the Surgi-Pal Privacy Notice. When we do update this Privacy Notice, we will ask for your consent.

Note about children

This App is not intended or designed for use by children under 18. We do not knowingly allow children to order our products, to communicate with us, or to use any of our online services. If you are a parent and become aware that your child has provided us with information, please contact us using one of the methods specified below, and we will work with you to address this issue.

What information do we collect?

Information that you give us

BD collects the information you provide to us in connection with your use of this App when you: (i) register and create a user account; (ii) make changes and update your user profile; (iii) create and update optimization goals; and (iv) send email messages, queries, or other information to us including user feedback.

When you register and create a user account, we will collect at a minimum your email address, hospital/clinic name, physician name, optimization goals, including related parameters and values. You can also enter optional Personal Information in your user account such as your date of birth, zip code, and gender. When you create or update your account and optimization goals, we may collect the date, time, pain rating, hernia type and location, and any feedback that you submit in relation to your usage of this App.

While using this App, you may be able to enter other information that we will collect, such as:

  • Images and photos (which may include your photograph) that you may choose to upload
  • Physical, medical or health information that you choose to provide to us or authorize others to provide to us on your behalf, including information about your height and weight, biometric information, diagnosis, medical care, medications you may take, physical activity and exercise, diet and nutrition.

Information from other sources

This App may include information about you that you authorized or directed third parties to share with us, such as information from your doctor and health system. This could include physical, medical or health information, including information about your height and weight, biometric information, diagnosis, medical care, medications you may take, physical activity and exercise, diet and nutrition.

Aggregated data

We may also aggregate and/or de-identify any Personal Information that we collect in connection with the App, such that the information is no longer personally identifiable or attributable to you. We may use such aggregated and/or de-identified information for our own legitimate business purposes and share such information with our business partners (such as your doctor or health system) without restriction.

Device information

Like many other mobile applications, certain information may be passively collected using various technologies. For example, when you access the App we may automatically collect your Internet Protocol (IP) address, your device ID and device type.

Automatic data collection tools

BD and our third-party providers may collect certain information about the use of the App by automated means to understand how the App is used (“User Data”). Information collected may include the App pages visited, the External Web Links viewed, the dates and times of use, the features that are used, the content that is viewed, the way users navigate between App screen, and the search terms entered within the App.

What are your choices?

Withdrawing your consent

If you consent to the collection, use and disclosure of your Personal Information as outlined in this Privacy Notice, you will be able to sign up for an account and to access and use this App. You can withdraw your consent at any time. However, if you choose to do so, you may not be able to access the App and we may not be able to effectively provide you with information about your optimization goals or information about related services that we offer through the App.

Accessing, updating and correcting your information

It is important that the information you provide to us be accurate and up to date. For example, if you wish to export any of your log data to your email, the App will only be able to send to the email you have entered to be associated with your account, so it is important that this is the correct email address. You can access, update, and make changes to your Personal Information on the App directly through the various account settings options or you can contact us so that we can make any necessary changes. You may contact us with access and correction requests using the information provided in the “How to Contact Us” section below.

How do we use your Personal Information?

Your Personal Information will be available to us for use in connection with the reason(s) for which it was provided or for a consistent purpose. Below is more information on how BD uses this information.

Emails and other communication

We may use your email address or other methods to send: newsletters; messages about new App features or changes; promotional announcements; consumer surveys; and other correspondence and marketing concerning our service. If you no longer want to receive certain communications from us via email, simply click the "unsubscribe" link at the bottom of the email. Please note that you cannot unsubscribe from certain correspondence from us, such as messages relating to your user account.

Digital analytics and improvement

Your Personal Information and User Data helps BD improve the content and functionality of the App, to better understand usage and trends so we can improve our products and services.

Do we share the information that we receive?

We may disclose your information to third parties with whom you ask or authorize us to share your Personal Information. For example, we may provide functionality that allows you to request that we send your Personal Information (whether on a one-time or recurring basis) to a healthcare provider or a company that maintains your health records or information. These third parties may use or share Personal Information in accordance with their own privacy policies. We strongly suggest you review the third parties’ privacy policies before asking or authorizing us to share your Personal Information with them.

We do not sell or rent any of your information to third parties. We may share the information we collect from you with our BD affiliate and subsidiary companies for the purposes described in this Privacy Notice.

BD uses certain contracted third-party providers to process and/or store the information collected in the App and otherwise operate the App. Those vendors will not be granted any right to access or use or transfer your Personal Information for any reason except to perform contracted obligations to BD.

Under certain circumstances, BD will disclose your information:

  • when we are required or authorized by law to do so, for example if a court issues a subpoena;
  • when you have consented to the disclosure; or
  • when we believe we need to disclose information to protect our rights or property, or the rights or property of others, or to enforce this Privacy Notice or the App's EULA.
  • when BD business undergoes a fundamental change such as, for example, a sale or financing, merger, transfer of all or a portion of our business or assets ("Business Change

How do we protect your information?

BD takes and expects its contracted third-party providers to take all commercially reasonable precautions to ensure your Personal Information is kept safe from loss, unauthorized access, modification or disclosure. Among the steps taken to protect your information are: (i) premises security; (ii) restricted file access; (iii) technological safeguards such as security software, encryption and firewalls to prevent hacking or other unauthorized computer access; and (iv) internal password and security policies.

While we will take such steps to protect your information, we cannot ensure or warrant the security of any information you transmit to us or you transmit to yourself from the App, and you do so at your own risk. As a user of the App, you are responsible for maintaining the secrecy of your password and other account information.

BD keeps your Personal Information as long as reasonably necessary for us to fulfill the purposes for which it was collected as described under this Privacy Notice, or as may be required by law, whichever is longer.

Supplemental Privacy Notice to California Residents

If you reside in California, we are required to provide additional information to you about how we use and disclose your information, and you may have additional rights with regard to how we use your information. We have included this California-specific information for this App below. For more details on BD’s privacy policy under California law, please refer to the BD Privacy Policy.

California Personal Information

Consistent with the "What Information Do We Collect?" section above, we collect certain categories and specific pieces of information about California consumers or households that are considered "Personal Information" in California ("CA Personal Information"). For example, and specific to this App and CA Personal Information, BD may have collected the following categories of information about you:

  • Identifiers - such as: name, postal address, unique personal identifier, Internet Protocol address, email address, account name
  • Personal information under the California Customer Records statute – such as: name address, physical characteristics or description, medical information
  • Protected classifications under California or federal law – such as: sex, age, physical or mental disability
  • Biometric information - such as: sleep, health, or exercise data. Physiological, behavioral, and biological characteristics
  • Internet or other similar network activity – such as: information regarding a consumer’s interaction with a website or application
  • Sensitive information - Personal information collected and analyzed concerning a consumer’s health

CA Personal Information does NOT include certain information, such as: Publicly available from government records; De-identified or aggregated consumer information; Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.

Sources

We may collect certain categories of CA Personal Information from you and other third parties as described in the "What Information Do We Collect?" section above.

Purposes

Consistent with the "How Do We Use Your Personal Information?" section above, we may share and/or disclose your CA Personal Information (in “California Personal Information”) for business or commercial purposes, as follows:

Sharing your CA Personal Information for business purposes

As described in the "Do we share the information that we receive?" section above, in the past twelve months for this App, we may have used or disclosed (shared) the above listed categories of your CA Personal Information with affiliates, third party providers, public or government authorities and future business partners for one or more of our operational or business purposes:

  • To process and/or store the information collected in the App
  • To operate the App, including responding to App user requests
  • To improve and personalize the user experience on this App
  • For analytical purposes to improve or further develop products or services
  • To monitor the safe and effective use of our products (or services)
  • For any activity described to a consumer that engages with BD digitally and provides personal information or as otherwise permitted under the CCPA
  • To conduct troubleshooting, audits, or other quality control activities related to the Site or other micro-sites, products, or services
  • To detect and protect against security incidents and potential deceptive, malicious, or fraudulent activity
  • To maintain and repair any BD Services
  • As described above, examples of business purposes include business-related functions, internal operations, prevention of fraud and other harm, and legal or regulatory compliance.

Sharing your CA Personal Information as a “sale” under California law

As noted above, we do not sell or rent any of your information to third parties. We may share the information we collect from you with our BD affiliate and subsidiary companies for the purposes described in this Privacy Notice.

California Consumer Rights

If you are a California resident and wish to exercise any of these rights, you may submit a verifiable request to us as follows : (a) contact us via e-mail: CCPA@bd.com as described in the “How to Contact BD” section below with the specific nature of your request, referencing “Your California Privacy Rights”; or (b) call the following toll-free number: (800) 490-2177. We are not responsible for requests that are not labelled or sent properly, or do not have complete information. We will verify your identity prior to providing any information in response to a consumer rights request. Please note that you are limited by law in the number of requests you may submit per year. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf (Authorized Agent), may attempt to make a consumer request for you. We cannot respond to a request if we are unable to verify your identity or confirm your Authorized Agent.

Follow these steps if you wish to submit a request to exercise your rights under California law:

  1. Give us enough information to reasonably verify you are a California resident and entitled to rights under California law;
  2. Describe your request with enough detail to allow us to understand and respond to your request; and
  3. Tell us how you prefer to receive a written response – by USPS mail or e-mail. Note that if you do not specify your preference, BD will respond to a verified request by e-mail.

We will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon you exercising your rights to your CA Personal Information. Finally, making a verifiable consumer request does not require you to create an account with BD.

Exercising California consumer rights

Subject to certain exceptions, as a California resident, you may have the following rights to your CA Personal Information: (i) Access. Request access to your CA Personal Information that we collect, use, disclose, or sell (if applicable); (ii) Deletion. Request deletion of your CA Personal Information, although BD may deny the request for a number of reasons authorized under California or other applicable law; and (iii) CA Personal Information Sold or Disclosed for Business Purposes. Request information about the CA Personal Information we have "sold" (as defined under CCPA) or disclosed for business purposes within the preceding 12 months. As noted above, BD does not sell consumers’ personal information. To the extent permitted by applicable law, we may be required to retain some of your CA Personal Information and certain CA Personal Information is strictly necessary in order for us to fulfil the purposes described in this Privacy Statement.

Contact Us

If you have any questions about this Privacy Notice, our privacy practices and policies, please contact our Privacy Officer at:

Becton, Dickinson and Company
1 Becton Drive
Franklin Lakes, New Jersey 07417-1880
Attention: Privacy Officer
BD_Privacy_Dept@bd.com

If you choose to communicate with us via email, please be aware that email is not a 100% secure medium for sending any personal or confidential information to us.