Vapotherm, Inc. (herein referred to as “Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting it through our compliance with this policy.
This policy applies to all items of personal information/data we collect or that is supplied to us through various mediums, including:
- In email, text and other electronic messages between you and the Website;
- Through mobile and desktop applications you download from the Website that provide dedicated non-browser-based interaction between you and the Website; and
- Any interactions with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.
Information We Collect
When you use the Website, we may collect and use personally identifiable information about you, as well as other usage information. “Personally identifiable information” includes name, postal address, email address, telephone number, social security number, or similar information that can be used to identify you and is defined as personal or personally identifiable information under applicable law. We may also collect usage information, which is information generated automatically as you navigate through the Website. More specifically, when you use the Website, we may collect the following information:
- Information that you provide directly to us by filling in forms on our Site, including your name, email address, street address, telephone number, or other information; and
- Information provided to us when you communicate with us for any reason, including information you provide in emails you send us, responses to surveys, search queries on the Website, and details of any transactions.
We collect this information:
- Directly from you when you provide it to us;
- Automatically as you navigate through the site; and
- From third parties (for example, our business partners).
How We Use Tracking Technologies
A cookie is a small file placed on the hard drive of your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You may refuse to accept cookies by activating the appropriate setting on your browser. However, if you select this setting you may then be unable to access certain parts of the Website.
For additional information about cookies, please reference our Cookies Information page.
Certain pages of the Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited these pages or opened the email and provide other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
How We Use Your Information
We use the information we collect from you primarily to enable us to provide our services in the best possible manner. In addition, your information may be used for the following purposes:
- To present the Website and its contents to you;
- To improve our medical device technology and related services;
- To provide you with information, products or services that you request from us;
- To fulfill any other purpose for which you provide the information;
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- To notify you about changes to the Website or any products or services we offer or provide through it;
- To deliver interest-based content and advertising to you that is targeted to the interests we identify through your online activities;
- To administer the Website, including monitoring and analyzing the Website’s traffic and usage patterns; or
- For any other purpose with your consent.
When you provide us with personal information we also may use and share your personal information to contact you, including via email, to thank you for providing your request, to conduct satisfaction surveys, or for other administrative purposes related to your request.
Disclosure of Your Information
We may disclose aggregated information about our users and information that does not identify any individual without restriction.
- To our subsidiaries and affiliates;
- To our trusted contractors, service providers and other third parties we use to support our business;
- To a buyer or successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Vapotherm’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by Vapotherm about the Website users is among the assets transferred;
- To third parties to market their products or services to you if you have consented to/not opted out of these disclosures;
- To fulfil the purposes for which you provide it;
- For any other purpose disclosed by us when you provide the information; or
- With your consent.
Third parties that have access to your personal information are not allowed to use it for any other purpose besides as needed to perform their functions. We do not sell or rent personal information collected through the Website to anyone.
We may also disclose your personal information if we have a good faith belief that disclosure is necessary to:
- Comply with any court order, law or legal process, including to respond to any government or regulatory requirement; or
- Protect the rights, property, or safety of Vapotherm, our customers, or others. This includes exchanges of information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
We strive to provide you with choices regarding the personal information you provide to us. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes or if you do not want us to use the information that we collect to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by sending us an email stating your request to [email protected].
Accessing and Correcting Your Information
You may send us an email at [email protected] to request access to correct or delete any personal information that you have provided to us. We may choose not to accommodate a request to change information if we believe the change will violate any law or legal requirement or cause the information to be incorrect.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our servers behind firewalls.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Website. Any transmission of personal information is at your own risk. We are not responsible for any circumvention of any privacy settings or security measures contained on the Website.
International Visitors and Privacy Shield
The Website is hosted and operated in the U.S. and elsewhere in the world. By using the Website, you are consenting to the transfer of your personal information to the U.S. If you are accessing the Website from outside the U.S., please be advised that U.S. law may not offer the same privacy protections as the law of your jurisdiction.
California Privacy Rights
California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes. We do not share any California consumer personal information with third parties for marketing purposes without consent.
California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices may contact us at [email protected].
Users Only of Legal Age of Majority
The Website is designed and intended for those who are at least 18 years old. By using the Website, you affirm that you are at least 18 years of age or older. We are not liable for any damages that may result from a user’s misrepresentation of age. No one under age 13 is authorized to submit any information, including personally identifying information, on the Website. Under no circumstances may anyone under age 13 use our Site. Parents or legal guardians of children under 13 cannot agree to these terms on their behalf.
Vapotherm is a trans-national business headquartered in the United States. Our management structure and business processes cross borders. This means that our customer and employee data is transferred across borders.
Vapotherm may from time to time handle personal information collected from individuals located within European Union member countries. Vapotherm has certified that it adheres to the EU-US and Swiss-US Privacy Shield Principles of:
- Accountability for onward transfer
- Data integrity and purposes limitation
- Recourse, enforcement and liability
Vapotherm is under the jurisdiction as well as the investigatory and enforcement powers of the US Federal Trade Commission for the purposes of the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework.
This Policy applies to all information collected by Vapotherm from which an individual can be identified (“Personal Information”). The Personal Information we collect includes the Employee Information described below as well as certain information including names, email addresses, mailing and billing addresses and telephone and fax numbers collected from customers, potential customers and end users of our products and services for sales, marketing, order fulfilment and order delivery purposes. Additionally, in our section on Online Information we also discuss how we gather and use all information gathered online even if it is not Personal Information. Vapotherm will not deviate from this Policy even if applicable national laws are less stringent than this Policy.
Excluding our Employee Information which is discussed below, we collect, process and use your Personal Information only as a part of our business relationship with you and your company, including contract and billing administration; product and service delivery; fulfilling our business obligations to our customers and resellers; communicating with customers and potential customers about marketing and technical information concerning our products and services; notifying our customers and potential customers regarding product launches and important events related to Vapotherm; and other related business activities of which you are informed at the time your Personal Information is collected or as soon thereafter as practicable. Vapotherm only collects personally identifiable information about individuals when such individuals specifically provide such information to us on a voluntary basis or while requesting information on our products or services. We may disclose Personal Information to our agents, resellers and business partners or to protect and defend the rights or property of Vapotherm. Vapotherm must reply to lawful requests from public authorities, including to meet national security or law enforcement requirements, for disclosure of Personal Information.
Vapotherm does not sell, lease, or rent Personal Information to third parties.
In general, you may visit our Websites without providing any Personal Information. However, you may choose to provide us with Personal Information by completing online forms. At the point of collection we will inform you of how your Personal Information will be used; apart from these uses, Vapotherm will only use your Personal Information in accordance with the terms of this Policy.
Cookies are small files that a site transfers to your computer’s hard drive through your web browser (if you allow) that enables it to recognize your browser and capture and remember certain information. A cookie cannot read data off your hard drive or read cookie files created by other sites. Cookies may do things like allow you to navigate faster through the site, remember your preferences and passwords and generally improve the user experience. You can turn off the ability to receive cookies by adjusting your bowser settings – please note that if you do so, this may affect the functionality of the website and the information you can access through it.
We collect Employee Information from prospective and present Employees only for legitimate business purposes, including
- the management and operations of our company, its functions and activities,
- Employee communications, including Employee surveys,
- maintaining a global directory,
- carrying out obligations under employment contracts and employment, tax and benefits laws, and in connection with other working relationships or arrangements,
- development and training programs,
- recruiting and hiring job applicants,
- assessing qualifications and performance,
- performing background checks and verifying references where applicable,
- managing Employee performance,
- determining Employee compensation or payment,
- managing the Employee termination process, and
- other general human resources purposes.
Our European Union Employees at the time of their employment are notified in detail how their Personal Information will be used. Employee information on health, performance evaluations and disciplinary actions and other sensitive Employee matters, whether it is stored manually or electronically, is accessible by other Vapotherm Employees only if necessary with respect to legitimate human resource functions or issues. Vapotherm will obtain affirmative consent from an Employee before using such Employee’s Personal Information for any purpose other than described above. Employees may decline to provide this consent, and Employees may withdraw their consent at any time.
For legitimate human resources purposes, Employees may choose to voluntarily disclose Personal Information about family members. If our Employees choose to do this, their family member’s Personal Information shall be treated, for the purposes of this Policy, the same as an Employee’s Personal Information. Employee Personal Information is never sold, leased or rented to any third party. Employee Personal Information will never be disclosed to third parties except as follows:
- to those retained by Vapotherm as agents for the purposes set forth in the paragraph above,
- where required pursuant to an applicable law, government or judicial order, law or regulation, or to protect the rights or property of Vapotherm
- where authorised in writing by the Employee, and
- where the Employee voluntarily provides Personal Information and the context makes it clear such information will be provided to a third party.
Where personal data is transferred from the EU to the US in the context of the employment relationship, we will cooperate in investigations by and to comply with the advice of the competent EU Authorities.
We will always give you an opportunity to choose opt-out before your Personal Information is (1) disclosed to a third party (other than a Vapotherm agent doing work at our direction), or (2) to be used for a purpose that is materially different than that for which it was originally collected or subsequently authorised by you. Although we do not ever anticipate providing sensitive Personal Information, such as Employee health information, to a non-agent third party or using it for a purpose other than that for which it was collected, we will never do so without first allowing the individual involved to affirmatively and expressly consent (opt-in) to such transfer or use. The only exception to this choice for both sensitive and non-sensitive Personal Information would be where we are required to disclose your Personal Information pursuant to government or judicial order, law or regulation to meet national security or law enforcement requirements.
At a minimum, you will always be able to opt-out from receiving marketing materials from Vapotherm If we determine that applicable national law requires that more stringent requirements (opt-in) be applied before you receive marketing material or other communications from us, we will implement the same.
Accountability for Onward Transfer
We will not transfer Personal Information originating in the EU or Switzerland to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your Personal Information as required by the Principles of the EU-US and Swiss-US Privacy Shield Frameworks. We will only transfer data to our agents, resellers or third party service providers (such as accountants, attorneys, consultants and other service providers) who need the information in order to provide services or to perform activities on behalf of Vapotherm, including in connection with the delivery of services or products, Vapotherm’s management, or legal responsibilities. We acknowledge our liability for such data transfers to third parties.
To protect Personal Information collected and stored by Vapotherm, we have in place reasonable and appropriate technical and operational security measures to prevent Personal Information from loss, misuse, unauthorised access, disclosure, alteration and destruction.
Data Integrity and Purpose Limitation
We will only collect and retain Personal Information which is relevant to the purposes for which the information is collected, and we will not use it in a way that is incompatible with such purposes unless such use has been subsequently authorised by you. We will take reasonable steps to ensure that Personal Information is reliable for its intended use, accurate, complete and current. We may occasionally contact you to determine that your data is still accurate and current.
You have the right to access personal data relating to you. If you wish to access, amend, or confirm that Vapotherm has personal data relating to you, or if you wish to correct or delete your Personal Information if it is inaccurate, please notify us at [email protected] or at (603) 658-0411. We will respond to your request within a reasonable time.
Employees may review their personal files and any Personal Information concerning them upon by emailing [email protected]
Recourse, Enforcement and Liability
Since we are committed to protecting your privacy as set forth in this Policy, if you think we are not in compliance with our Policy, or if you have any question or if you wish to take any other action concerning this Policy or your Personal Information, we encourage you to contact us at [email protected] or call us at (603) 658-0411. We will investigate your complaint, take appropriate action and report back to you within 45 days.
If the Personal Information in question was transferred from the EU or Switzerland to the United States, and you are not satisfied with our response, Vapotherm has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities (DPAs) and Swiss FDPIC to resolve disputes pursuant to the EU-US Privacy Shield Principles. A resident of the European Union (EU) or Switzerland whose enquiry has not been satisfactorily addressed may contact the EU DPAs panel or individual EU DPAs using the information provided at http://ec.europa.eu/justice/data-protection/bodies/authorities/third-countries/index_en.htm to resolve disputes pursuant to the EU-US and Swiss-US Privacy Shield Principles.
Vapotherm commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources and non-human resources data transferred from the EU and Switzerland in the context of the employment relationship.
Finally, as a last resort and in limited situations, EU and Swiss individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
The services of the EU DPAs panel are provided at no cost to you.
Limitation on Application of Principles
Adherence by Vapotherm to these EU-US and Swiss-US Privacy Shield Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; (c) to the extent expressly permitted by an applicable law, rule or regulation; and (d) to the extent that Vapotherm has limited or no control over the actions of the individuals who have provided information.
Questions or comments regarding this Policy should be submitted to Vapotherm by email to: [email protected] or by mail to: Vapotherm, 100 Domain Drive, Exeter, New Hampshire 03833.