1. GENERAL INFROMATION

 

1.1 This Privacy Notice (hereinafter the „Notice“) is intended to provide You with information on how Sivantos, (hereinafter "Sivantos", "we", "us", "our") collects and for which purposes we process Your personal data when You use our mobile Apps (hereinafter the „App“). We will only process Your personal data in accordance with this Privacy Notice and the General Data Protection Regulation (EU 2016/679) (hereinafter "GDPR").

1.2 Sivantos is data controller in relation to Your personal data. You can contact us by using the contact information in Section 7.

1.3 Depending on the App and the country/region You are in, it may have different features, which are:

1.3.1 It can be used to change certain settings and parameters of Your hearing aids (hereinafter „Remote Feature“).

1.3.2 You can also choose to enable Telecare, where Your hearing aids can be remotely adjusted and fitted to Your specific hearing loss by       Your Hearing Care Professional.

1.3.3 It also has a feature called the DIGITAL Assistant (hereinafter „Assistant“) where You can find answers to questions You might have about Your hearing aids.
 

2. HOW IS MY DATA COLLECTED?

We will collect Your personal data from You, the App, Your Hearing Care Professional and Your hearing aids.

 

3. PURPOSE AND LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA?

 

PERSONAL DATA PROCESSED DURING A REMOTE FITTING SESSION

 

3.1 When You use the App and its Telecare feature as described in Section 1.3.2, we will process certain personal data about You for the purpose of transmitting such personal data to Your Hearing Care Professional (hereinafter „HCP“) and to allow the HCP to perform remote tuning and/or fitting of Your hearing aids. The categories of personal data we process are:

3.1.1 Your audiogram as well as each hearing aid’s model, serial number, hearing aid configuration and answers given to the satisfaction and hearing lessons questions. We will also process and facilitate, but never record, the audio/video streaming, including images and sound, between Your Hearing Care Professional and You, if You choose to use this feature.

3.1.2 The processing of this information is necessary to enable the remote fitting session between You and Your Hearing Care Professional. The legal basis for our processing is the consent You have provided when first using the Telecare feature (Art. 6 (1)(a) and 9(2)(a) GDPR). 
You should contact Your Hearing Care Professional directly if You have any questions about how they use information that they receive using Telecare as such use by the HCP is explicitly not covered by this Notice. This is a consent to share data with Your Hearing Care Professional.

 

DATA USED FOR THE ASSISTANT

 

3.2 With Your consent, we will process personal data about You, to enable the use of the Assistant feature. The categories of personal data we process are:

3.2.1 The data that we share with Your HCP includes the sound environment during the usage of the Assistant feature together with the current configuration of Your hearing instruments. You have full control and decide whether such data is shared with Your HCP or not. This information will allow the HCP to further improve Your individual configuration of the hearing instruments and their service to You. Your personal data is associated with a random Client ID.
The legal basis for our processing is Your consent (Art. 6 (1)(a) GDPR) that You have provided before first using the Assistant.

 

TECHNICAL DATA COLLECTED BY THE APP

 

3.3 When You use the Remote Feature and Assistant, we will collect technical data about Your device such as device ID, operating system, as well as how the App is used, e.g. how often You use a specific feature or function. This information is pseudonymized and cannot be used to identify You.

3.3.1 The processing of this information is necessary to pursue our legitimate interest in maintaining, troubleshooting and improving the App and services offered by us (Art. 6 (1)(f) GDPR).

 

4. SHARING OF YOUR PERSONAL DATA

 

4.1 In addition to the transmission of Your personal data to Your Hearing Care Professional during a remote tuning and/or fitting session, Your personal data is shared in pseudonymized form within WS Audiology Group (which Sivantos is part of) for purposes outlined in Sections 3.2. and 3.3 above.

4.2 We may also share Your personal data with our third-party service providers to perform business operations on our behalf. We provide our third-party service providers only with the information they need to perform the business operations we request, and we require that they protect this information and they are obligated not to disclose or use it for any other purpose. Among other services we use Microsoft Azure (for basic cloud services), Xirsys (for the video/audio calls), which are all located within the EU

4.3 Your personal data may also be shared with other third parties outside the EU, if required by law,

4.3.1 for example, to comply with a subpoena or similar legal process. To the extent we are legally permitted to do so, we will take commercially reasonable steps to notify You if we are required to provide Your personal information to 3rd parties as part of a legal process; or

4.3.2 as required in response to lawful requests by public authorities, including requests from national security or law enforcement authorities.

 

Please note, that these third parties as mentioned in this Section 4.3, may be located outside Your country of domicile, including the United States of America, whose data protection laws may differ from those in the country in which You are located. In such cases, we will ensure that appropriate safeguards are in place to protect Your Personal Data by implementing appropriate legal mechanisms, such as EU Standard Contractual Clauses.

 

5. YOUR RIGHTS WHEN LOCATED IN THE EU


5.1 If You are located within the EU, You have, subject to certain conditions, the following rights:

5.1.1 You have the right to request access to Your personal data that we hold and processed in this App. This enables You to receive a copy of the personal data we hold about You and to check that we are lawfully processing it (Art. 15 GDPR).

To exercise Your right please contact dpo@wsa.com.

5.1.2 You have the right to request correction of Your personal data that we hold about You. This enables You to have any incomplete or inaccurate information we hold about You corrected (Art. 16 GDPR).

To exercise Your right please contact Your HCP.

5.1.3 You may have the right to request erasure of Your personal data. This enables You to ask us to delete or remove personal data where there is no good reason for us continuing to process it. To the extent that continued processing of Your personal data is necessary, for example in order for us to comply with our legal obligations or for legal requirements to be established, enforced or defended, we are not required to delete Your personal data (Art. 17 GDPR).

To exercise You right either stop using Telecare and/or the Assistant Feature or delete the App from Your phone.

5.1.4 You have the right to object to our processing of Your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about Your particular situation which makes You want to object to processing on this ground (Art. 21 GDPR).

To exercise You right either stop using Telecare and/or the Assistant Feature or delete the App from Your phone.

5.1.5 You may have the right to request the restriction of processing of Your personal data. This enables You to ask us to suspend the processing of personal data about You, for example if You want us to establish its accuracy or the reason for processing it (art. 18 in the GDPR).

To exercise You right either stop using Telecare and/or the Assistant Feature or delete the App from Your phone.

5.1.6 You may have the right to request the transfer of Your personal data to another party (also known as data portability) (art. 20 in the GDPR).

5.1.7 You are entitled to withdraw Your consent at any time.

To exercise You right either stop using Telecare and/or the Assistant Feature or delete the App from Your phone.

5.1.8 We take our privacy obligations seriously. If You lodge a complaint with us about a concern that we have breached an applicable law, we will respond to You as soon as possible and in any case within 30 days.

 

5.1.9 If You have unresolved concerns, You also have the right to lodge a complaint with a Supervisory Authority (Art. 77 GDPR).

To exercise Your right You can find the contact details for all EU National Data Protection Authorities here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
 

6. DATA RETENTION AND SECURITY

 

6.1 We will retain Your personal data for the duration of Your relationship with us as necessary to fulfil the purposes detailed in this Privacy Notice. Following the fulfilment of the purposes Your personal information will be deleted when You choose to delete the App, unless a longer or shorter retention period is required or permitted by law.

 

6.2 To help protect the privacy of Your data and personally information through Your use of the Service, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. In addition, we have limited access to Your personal data to employees who have a relevant and reasonably required need to access Your personal data to perform their work and have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.  In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of Your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities

 

7. CONTACT INFORMATION

 

7.1 Sivantos is data controller for the personal data, which we process about You.

 

7.2 If You have any questions regarding this Privacy Notice or request to exercise Your rights, please use the contact information set out below.

Sivantos GmbH
Henri-Dunant-Str. 100
91058 Erlangen, Germany
Email: dpo@wsa.com
 
8. CALIFORNIA, FRANCE AND CHILDREN INFORMATION


8.1 If You are a California resident, You may request information about our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact us using the information in the „Contact Information“ section above. You must put the statement „Your California Privacy Rights“ in the subject field. We are not responsible for notices that are not labelled or sent properly, or do not have complete information.

 

This App does not support Do Not Track requests.

 

8.2 French Residents are at any time entitled to issue directives relating to the fate of Your Personal Data after death.

 

8.3 The App is meant for configuration of hearing aids of individuals with a hearing loss above the age of 18 (eighteen). Consequently, Sivantos does not knowingly collect personal data from individuals below the age of 18 (eighteen). 

 

9. LINKS TO WEBSITES

The App contains links to WS Audiology websites, which are subject to separate privacy notices.  Please see the applicable website privacy notice for more information.

 

10. CHANGES TO THIS PRIVACY NOTICES

We may change this Privacy Notice from time to time. You are advised to review the updated Privacy Notice. Changes to this Privacy Notice are effective when they are posted on this page or in the App. This Privacy Notice was last updated April 5th 2020.