Privacy Policy2018-07-18T02:48:28+00:00

Privacy Policy

Vapotherm, Inc. / US Data Privacy Policy

Vapotherm, Inc. (herein referred to as “Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the website www.vtherm.com (the “Website”) and our practices for collecting, using, maintaining, protecting and disclosing that information. This privacy policy is intended for a U.S. audience. If you are not located in the U.S., please see our other privacy policies.

This policy applies to all items of personal information/data we collect or that is supplied to us through various mediums, including:

  • In email, text and other electronic messages between you and the Website;
  • Through mobile and desktop applications you download from the Website that provide dedicated non-browser-based interaction between you and the Website; and
  • Any interactions with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, you should not use our Website. By accessing or using the Website, you accept and agree to this privacy policy and all of its terms.

Information We Collect

When you use the Website, we may collect and use personally identifiable information about you, as well as other usage information. “Personally identifiable information” includes name, postal address, email address, telephone number, social security number, or similar information that can be used to identify you and is defined as personal or personally identifiable information under applicable law. We may also collect usage information, which is information generated automatically as you navigate through the Website. More specifically, when you use the Website, we may collect the following information:

  • Details of your visits to the Website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data, including your IP address, browser type, the date and time you accessed or left the Site, and which pages you viewed. Some parts of our Site use cookies, pixel tags (also known as “web beacons”), and other technologies to collect this information about your general internet usage. See the section below called “How We Use Tracking Technologies” to learn more;
  • Information that you provide directly to us by filling in forms on our Site, including your name, email address, street address, telephone number, or other information; and
  • Information provided to us when you communicate with us for any reason, including information you provide in emails you send us, responses to surveys, search queries on the Website, and details of any transactions.

We collect this information:

  • Directly from you when you provide it to us;
  • Automatically as you navigate through the site; and
  • From third parties (for example, our business partners).

How We Use Tracking Technologies

Cookies

A cookie is a small file placed on the hard drive of your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You may refuse to accept cookies by activating the appropriate setting on your browser. However, if you select this setting you may then be unable to access certain parts of the Website.

Flash Cookies

Certain features of the Website may use locally stored objects (or “flash cookies”) to collect and store information about your preferences and when you navigate to, from and on the Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. To learn how you can manage your flash cookie settings, visit the flash player settings page on Adobe’s website. If you disable or refuse flash cookies, please note that some parts of the Website may then be inaccessible or not function properly.

Web Beacons

Certain pages of the Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited these pages or opened the email and provide other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

How We Use Your Information

We use the information we collect from you primarily to enable us to provide our services in the best possible manner. In addition, your information may be used for the following purposes:

  • To present the Website and its contents to you;
  • To improve our medical device technology and related services;
  • To provide you with information, products or services that you request from us;
  • To fulfill any other purpose for which you provide the information;
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
  • To notify you about changes to the Website or any products or services we offer or provide through it;
  • To deliver interest-based content and advertising to you that is targeted to the interests we identify through your online activities;
  • To administer the Website, including monitoring and analyzing the Website’s traffic and usage patterns; or
  • For any other purpose with your consent.

When you provide us with personal information we also may use and share your personal information to contact you, including via email, to thank you for providing your request, to conduct satisfaction surveys, or for other administrative purposes related to your request.

Disclosure of Your Information

We may disclose aggregated information about our users and information that does not identify any individual without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates;
  • To our trusted contractors, service providers and other third parties we use to support our business;
  • To a buyer or successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Vapotherm’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by Vapotherm about the Website users is among the assets transferred;
  • To third parties to market their products or services to you if you have consented to/not opted out of these disclosures;
  • To fulfil the purposes for which you provide it;
  • For any other purpose disclosed by us when you provide the information; or
  • With your consent.

Third parties that have access to your personal information are not allowed to use it for any other purpose besides as needed to perform their functions. We do not sell or rent personal information collected through the Website to anyone.

We may also disclose your personal information if we have a good faith belief that disclosure is necessary to:

  • Comply with any court order, law or legal process, including to respond to any government or regulatory requirement; or
  • Protect the rights, property, or safety of Vapotherm, our customers, or others. This includes exchanges of information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Third-Party Websites

Some of the content or applications – including advertisements – on the Website are served by third parties, including advertisers, ad networks and servers, content providers and application providers. While we seek to link only to sites that share our high standards and respect for privacy, we are not responsible for the privacy practices used by other websites. By accessing other third-party websites or applications through the Website, you are consenting to the terms and privacy policies of those websites. It is possible that other parties may collect personally identifiable information or use cookies to collect information about your online activities over time and across different websites.

Your Choices

We strive to provide you with choices regarding the personal information you provide to us. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes or if you do not want us to use the information that we collect to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by sending us an email stating your request to [email protected].

Accessing and Correcting Your Information

You may send us an email at [email protected] to request access to correct or delete any personal information that you have provided to us. We may choose not to accommodate a request to change information if we believe the change will violate any law or legal requirement or cause the information to be incorrect.

If your information has been shared with a third party, as described elsewhere in this privacy policy, then that third party has received its own copy of your data. If you have been contacted by one of these third parties and wish to correct or delete your information, please contact them directly.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our servers behind firewalls.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Website. Any transmission of personal information is at your own risk. We are not responsible for any circumvention of any privacy settings or security measures contained on the Website.

International Visitors and Privacy Shield

As stated above, this privacy policy is intended for a U.S. audience only. If you are accessing the Website from outside of the U.S., please review our other privacy policies to learn how we handle the information from other countries.

The Website is hosted and operated in the U.S. and elsewhere in the world. By using the Website, you are consenting to the transfer of your personal information to the U.S. If you are accessing the Website from outside the U.S., please be advised that U.S. law may not offer the same privacy protections as the law of your jurisdiction.

California Privacy Rights

California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes. We do not share any California consumer personal information with third parties for marketing purposes without consent.

California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices may contact us at [email protected].

Users Only of Legal Age of Majority

The Website is designed and intended for those who are at least 18 years old. By using the Website, you affirm that you are at least 18 years of age or older. We are not liable for any damages that may result from a user’s misrepresentation of age. No one under age 13 is authorized to submit any information, including personally identifying information, on the Website. Under no circumstances may anyone under age 13 use our Site. Parents or legal guardians of children under 13 cannot agree to these terms on their behalf.

Changes to our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page (with a notice that the privacy policy has been updated on the Website Home page). You are responsible for periodically visiting the Website and this privacy policy to check for any changes. Your continued use of the Website will be deemed your agreement that your information may be used in accordance with the new policy. If you do not agree with the changes, then you should stop using the Website and notify us that you do not want your information used in accordance with the changes.

Contacting Us

We welcome any questions, comments, or complaints you may have regarding this Privacy Policy. Please do not hesitate to contact us by email at [email protected].

Vapotherm, Inc. / EU-US and Swiss-US Privacy Shield Policy

Vapotherm, Inc. is committed to protecting your privacy. We publish our Privacy Policy so that you can understand our privacy practices and how they help protect your privacy.

Vapotherm, Inc. is a trans-national business headquartered in the United States. Our management structure and business processes cross borders. This means that our customer and employee data is transferred across borders.

Vapotherm, Inc. may from time to time handle personal information collected from individuals located within European Union member countries. Vapotherm, Inc. has certified that it adheres to the EU-US and Swiss-US Privacy Shield Principles of:

  • Notice
  • Choice
  • Accountability for onward transfer
  • Security
  • Data integrity and purposes limitation
  • Access
  • Recourse, enforcement and liability

Vapotherm, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Vapotherm, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Vapotherm, Inc. is under the jurisdiction as well as the investigatory and enforcement powers of the US Federal Trade Commission for the purposes of the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework.

Scope

This Policy applies to all information collected by Vapotherm, Inc. from which an individual can be identified (“Personal Information”). The Personal Information we collect includes the Employee Information described below as well as certain information including names, email addresses, mailing and billing addresses and telephone and fax numbers collected from customers, potential customers and end users of our products and services for sales, marketing, order fulfilment and order delivery purposes. Additionally, in our section on Online Information we also discuss how we gather and use all information gathered online even if it is not Personal Information. Vapotherm, Inc. will not deviate from this Policy even if applicable national laws are less stringent than this Policy.

Notice

Excluding our Employee Information which is discussed below, we collect, process and use your Personal Information only as a part of our business relationship with you and your company, including contract and billing administration; product and service delivery; fulfilling our business obligations to our customers and resellers; communicating with customers and potential customers about marketing and technical information concerning our products and services; notifying our customers and potential customers regarding product launches and important events related to Vapotherm, Inc.; and other related business activities of which you are informed at the time your Personal Information is collected or as soon thereafter as practicable. Vapotherm, Inc. only collects personally identifiable information about individuals when such individuals specifically provide such information to us on a voluntary basis or while requesting information on our products or services. We may disclose Personal Information to our agents, resellers and business partners or to protect and defend the rights or property of Vapotherm, Inc.. Vapotherm, Inc. must reply to lawful requests from public authorities, including to meet national security or law enforcement requirements, for disclosure of Personal Information.

Vapotherm, Inc. does not sell, lease, or rent Personal Information to third parties.

Online Information

In general, you may visit our Websites without providing any Personal Information. However, you may choose to provide us with Personal Information by completing online forms. At the point of collection we will inform you of how your Personal Information will be used; apart from these uses, Vapotherm, Inc. will only use your Personal Information in accordance with the terms of this Policy.

Use of Cookies

Cookies are small files that a site transfers to your computer’s hard drive through your web browser (if you allow) that enables it to recognize your browser and capture and remember certain information. A cookie cannot read data off your hard drive or read cookie files created by other sites. Cookies may do things like allow you to navigate faster through the site, remember your preferences and passwords and generally improve the user experience. You can turn off the ability to receive cookies by adjusting your bowser settings – please note that if you do so, this may affect the functionality of the website and the information you can access through it.

Vapotherm, Inc. uses cookies to compile aggregate data about website traffic and interaction so that we can offer better site experience and content in the future. We use third-party companies such as Google-Analytics to assist us in understanding our website visitors.

Employee Information

We collect Employee Information from prospective and present Employees only for legitimate business purposes, including

  • the management and operations of our company, its functions and activities,
  • Employee communications, including Employee surveys,
  • maintaining a global directory,
  • carrying out obligations under employment contracts and employment, tax and benefits laws, and in connection with other working relationships or arrangements,
  • development and training programs,
  • recruiting and hiring job applicants,
  • assessing qualifications and performance,
  • performing background checks and verifying references where applicable,
  • managing Employee performance,
  • determining Employee compensation or payment,
  • managing the Employee termination process, and
  • other general human resources purposes.

Our European Union Employees at the time of their employment are notified in detail how their Personal Information will be used. Employee information on health, performance evaluations and disciplinary actions and other sensitive Employee matters, whether it is stored manually or electronically, is accessible by other Vapotherm, Inc. Employees only if necessary with respect to legitimate human resource functions or issues. Vapotherm, Inc. will obtain affirmative consent from an Employee before using such Employee’s Personal Information for any purpose other than described above. Employees may decline to provide this consent, and Employees may withdraw their consent at any time.

For legitimate human resources purposes, Employees may choose to voluntarily disclose Personal Information about family members. If our Employees choose to do this, their family member’s Personal Information shall be treated, for the purposes of this Policy, the same as an Employee’s Personal Information. Employee Personal Information is never sold, leased or rented to any third party. Employee Personal Information will never be disclosed to third parties except as follows:

  • to those retained by Vapotherm, Inc. as agents for the purposes set forth in the paragraph above,
  • where required pursuant to an applicable law, government or judicial order, law or regulation, or to protect the rights or property of Vapotherm, Inc.
  • where authorised in writing by the Employee, and
  • where the Employee voluntarily provides Personal Information and the context makes it clear such information will be provided to a third party.

Where personal data is transferred from the EU to the US in the context of the employment relationship, we will cooperate in investigations by and to comply with the advice of the competent EU Authorities.

Choice

We will always give you an opportunity to choose opt-out before your Personal Information is (1) disclosed to a third party (other than a Vapotherm, Inc. agent doing work at our direction), or (2) to be used for a purpose that is materially different than that for which it was originally collected or subsequently authorised by you. Although we do not ever anticipate providing sensitive Personal Information, such as Employee health information, to a non-agent third party or using it for a purpose other than that for which it was collected, we will never do so without first allowing the individual involved to affirmatively and expressly consent (opt-in) to such transfer or use. The only exception to this choice for both sensitive and non-sensitive Personal Information would be where we are required to disclose your Personal Information pursuant to government or judicial order, law or regulation to meet national security or law enforcement requirements.

At a minimum, you will always be able to opt-out from receiving marketing materials from Vapotherm, Inc. If we determine that applicable national law requires that more stringent requirements (opt-in) be applied before you receive marketing material or other communications from us, we will implement the same.

Accountability for Onward Transfer

We will not transfer Personal Information originating in the EU or Switzerland to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your Personal Information as required by the Principles of the EU-US and Swiss-US Privacy Shield Frameworks. We will only transfer data to our agents, resellers or third party service providers (such as accountants, attorneys, consultants and other service providers) who need the information in order to provide services or to perform activities on behalf of Vapotherm, Inc., including in connection with the delivery of services or products, Vapotherm’s management, or legal responsibilities. We acknowledge our liability for such data transfers to third parties.

To protect Personal Information collected and stored by Vapotherm, Inc., we have in place reasonable and appropriate technical and operational security measures to prevent Personal Information from loss, misuse, unauthorised access, disclosure, alteration and destruction.

Data Integrity and Purpose Limitation

We will only collect and retain Personal Information which is relevant to the purposes for which the information is collected, and we will not use it in a way that is incompatible with such purposes unless such use has been subsequently authorised by you. We will take reasonable steps to ensure that Personal Information is reliable for its intended use, accurate, complete and current. We may occasionally contact you to determine that your data is still accurate and current.

Access

You have the right to access personal data relating to you. If you wish to access, amend, or confirm that Vapotherm, Inc. has personal data relating to you, or if you wish to correct or delete your Personal Information if it is inaccurate, please notify us at [email protected] or at (603) 658-0411. We will respond to your request within a reasonable time.

Employees may review their personal files and any Personal Information concerning them upon by emailing [email protected].

Recourse, Enforcement and Liability

Since we are committed to protecting your privacy as set forth in this Policy, if you think we are not in compliance with our Policy, or if you have any question or if you wish to take any other action concerning this Policy or your Personal Information, we encourage you to contact us at [email protected] or call us at (603) 658-0411. We will investigate your complaint, take appropriate action and report back to you within 45 days.

If the Personal Information in question was transferred from the EU or Switzerland to the United States, and you are not satisfied with our response, Vapotherm, Inc. has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities (DPAs) and Swiss FDPIC to resolve disputes pursuant to the EU-US Privacy Shield Principles. A resident of the European Union (EU) or Switzerland whose enquiry has not been satisfactorily addressed may contact the EU DPAs panel or individual EU DPAs using the information provided at http://ec.europa.eu/justice/data-protection/bodies/authorities/third-countries/index_en.htm to resolve disputes pursuant to the EU-US and Swiss-US Privacy Shield Principles.

Vapotherm, Inc. commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources and non-human resources data transferred from the EU and Switzerland in the context of the employment relationship.

Finally, as a last resort and in limited situations, EU and Swiss individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.

The services of the EU DPAs panel are provided at no cost to you.

Limitation on Application of Principles

Adherence by Vapotherm, Inc. to these EU-US and Swiss-US Privacy Shield Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; (c) to the extent expressly permitted by an applicable law, rule or regulation; and (d) to the extent that Vapotherm, Inc. has limited or no control over the actions of the individuals who have provided information.

Contact Information

Questions or comments regarding this Policy should be submitted to Vapotherm, Inc. by email to: [email protected] or by mail to: Vapotherm, Inc., 100 Domain Drive, Exeter, New Hampshire 03833.

Changes to this EU-US and Swiss-US Privacy Shield Privacy Policy

This Policy may be amended from time to time, consistent with the requirements of the EU-US and Swiss-US Privacy Shield Principles. A notice will be posted on the Vapotherm, Inc. website (www.vapotherm.com) for 60 days whenever this EU-US and Swiss-US Privacy Shield Privacy Policy is changed in a material way.

Effective Date: May 1, 2018

Vapotherm, Inc. Global Privacy Policy

Vapotherm, Inc. is committed to protecting and respecting your privacy. This website Privacy Statement (“Privacy Statement”) is intended to let you know what information we may collect about you whether through email or fax communications or other means and how we use that information, and includes details regarding appropriate cross-border and data transfer mechanisms, including the EU-US and Swiss-US Privacy Shield. Please read the following carefully to understand our practices regarding your Personal Information and how it will be handled.

Scope of the Website Privacy Statement

This Privacy Statement applies to the website of Vapotherm, Inc. and its affiliate companies as well as to any mobile applications or other digital services that link to or post this Privacy Statement.

What is Personal Information?

Personal Information means any information relating to an identified or identifiable person. Examples of Personal Information include your name, an identification number, location data, an online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.

What Personal Information We Collect

We may collect your Personal Information as follows:

  • Contact Information – this may include your name, home or other physical address, email, telephone number, fax number, organisation name and/or job title when you submit any information for any purpose.
  • Information collected through your usage of the Vapotherm Site – this may include unique identifiers and preference information such as your username, password, marketing preferences, internet protocol (“IP”) address or cookies which may contain information that may be considered Personal Information, as well as information that does not directly identify you but which corresponds to your device, browser type, operating system, computer or mobile device, your navigation and clickstream behaviour from actions that you take on our website.

How We Use Your Personal Information

Depending on how you choose to interact with us on our Vapotherm site, we may use your Personal Information for the following purposes:

We use the contact information that you choose to provide to us so that we can communicate with you to respond to your queries, which includes providing you with our service updates. We may also use your contact information or the information you provide to us on any feedback requests to provide you with information about Vapotherm services or other marketing or advertising communications, or to enable you to participate in surveys or questionnaires.

In addition we may use the contact information in order to:

  • Contact you to solicit further information as appropriate and/or necessary;
  • Facilitate internal market research;
  • Assist in relation to any competition entry;
  • Seek to improve the quality of our website content and user experience, and
  • Any other such purposes as may be appropriate and/or necessary in the circumstances.

Some of this information we collect and use with your consent and some of this information we collect and use for our legitimate business purposes of communicating with you and providing you with information about our business.

Providing us your Personal Information is voluntary. You may always refuse to provide your Personal Information to us. If you choose not to provide us with your Personal Information then we will not be able to communicate with you and provide you with certain information. If we have collected your information with your consent, you can always withdraw your consent by following the instructions provided for doing so when you provide consent, or by contacting us using the contact information provided at the end of this Privacy Statement.

We use the information we collect through your use of the Vapotherm website for our legitimate interests to manage, operate, maintain and secure our website, network systems and other assets and to provide you with the features and various functionalities of the Vapotherm site. We may also aggregate the Personal Information we collect through your use of the Vapotherm site to help us to understand our visitors’ interests and to improve the content and performance of our Vapotherm site.

We may also use Personal Information to comply with our legal and regulatory obligations including to comply with applicable retention obligations, and as follows:

  • To respond to lawful requests by public authorities, including meeting national security or law enforcement requirements, e.g. to investigate fraud or to respond to a government request.
  • To investigate potential breaches or to protect the rights, property or safety of us, or the users of our Vapotherm website or others.
  • Where permitted by law, we may also enhance or combine information about you including your Personal Information with other information about you that we may obtain from third parties for the same purposes as described above.

In the event that we use your Personal Information for other purposes not specified above, we will inform you about the specific purpose for processing your Personal Information, and, when required, our basis for doing so at the time we collect the Personal Information from you to the extent required by law.

How We Share Personal Information We Collect

Sharing with Vapotherm Affiliates and Subsidiaries

Vapotherm is a global company and it shares Personal Information with its affiliates and subsidiaries for the purposes described in this Privacy Statement. For more information about Vapotherm’s affiliates and subsidiaries, please contact us at [email protected].

We share your Personal Information with third parties that provide services to help us with our business activities and functionalities related to the Vapotherm site such as hosting or the provision of IT administration and user support services or offering customer service. These third parties are restricted from using your Personal Information in any way other than to provide services for us and we require them to provide an adequate level of protection for your Personal Information. For more information about Vapotherm’s service providers, please contact us at [email protected]

Sharing for Other Purposes

We may also share your Personal Information to comply with our legal or regulatory obligations including but not limited to responding to lawful requests by public authorities, including meeting national security or law enforcement requirements (for example, to investigate fraud or to respond to a government request). We may also disclose your Personal Information to third parties as necessary to investigate potential data incidents or to protect the rights, property or safety of us, the users of our website or others.

Vapotherm might be involved in a merger, acquisition or sale of a portion or of all of its assets (a “Transaction”) that includes your Personal Information. If Vapotherm is involved in a Transaction, you will be notified via email and/or a notice on our Vapotherm website of any change in ownership, uses of your Personal Information and choices you may have regarding your Personal Information. Vapotherm does not sell your Personal Information to third parties.

Links

Our Vapotherm website may contain links to other websites whose information practices may be different from ours. You should also consult those other websites’ privacy notices, as we have no control over information that you submitted to or which was collected by those third parties, and our Privacy Statement does not cover activities occurring at other websites.

International Transfers of your Personal Information

Vapotherm is a global company, and therefore uses global vendors and subcontractors as well as global IT systems and applications. As a result, the Personal Information that we collect about you may be transferred to and stored at a destination outside of your country, and which may have less strict data protection laws when compared to those in your country.

If you are located in the European Union/European Economic Area (“the EU/EEA”), the following terms apply to your Personal Information. Your Personal Information may be transferred to our global affiliates and to our employees and contractors who work for us and are located outside the EU/EEA for the purposes described in this Privacy Statement. If this is the case, we will take legally required steps under the General Data Protection Regulation (“GDPR”) to ensure that adequate safeguards are in place (for example, through the use of standard contractual clauses or Privacy Shield certification) to protect your Personal Information in accordance with this Privacy Statement. You may contact us at [email protected] or at the other contact details below for information about the safeguards which we have put in place to protect your Personal Information and privacy rights when your Personal Information is transferred outside the EU/EEA.

EU-US Privacy Shield and Swiss-US Privacy Shield

Vapotherm, Inc. participates in and has certified to compliance with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework (collectively “the Privacy Shield Frameworks”). Vapotherm, Inc. is committed to processing all Personal Information it receives in the US from EU member countries and Switzerland in reliance on the Privacy Shield Frameworks and in accordance with the Frameworks’ applicable principles. To learn more about the Privacy Shield Frameworks and to view the Vapotherm certification including Vapotherm’s Privacy Shield Privacy Policy, please visit the US Department of Commerce’s Privacy Shield List https://www.privacyshield.gov/participant?id=a2zt00000008RyyAAE&status=Active

Your Rights

In certain circumstances, local data protection laws and certain other local laws (including the GDPR) give you rights with respect to your Personal Information. These rights may differ by country/region. The rights may include the following:

  • If we are using or sharing your Personal Information based on your consent, you may withdraw your consent at any time. Note that withdrawal of your consent will not affect the lawfulness of our uses or sharing of that Information before you withdraw that consent.
  • You can request access to or copies of your Personal Information, including requesting to know whether or not we hold Personal Information about you, and if so, what kind and for what purposes. You can also request information about who has received your Personal Information.
  • You can request that we correct your Personal Information if you think it is inaccurate or incomplete or request in certain circumstances that we erase or delete your Personal Information unless we have a legal obligation to continue to hold it or otherwise are permitted by applicable law to retain it.
  • You can request us to restructure the processing of your Personal Information and not delete it.
  • You can request that we provide you with your Personal Information that we obtained from you based on your consent or other contractual/legitimate use provision so that you can store and re-use it for your personal use and you can ask us to provide it to another entity.

You can exercise your rights by sending an email to [email protected] or by contacting the Customer Information Management Officer using the contact details provided at the end of this Privacy Statement.

You can object at any time to the processing of your Personal Information for direct marketing purposes and you can do so by “opting-out” of marketing or promotional communications in accordance with the instructions included in the specific communication. If you have questions about how we determine whether the processing is for our legitimate interests, or if you want to object to our processing on that basis, please contact us at [email protected] or by using the contact details set out below. If you believe we are using, disclosing or otherwise processing your Personal Information in a way that is not in accordance with the law, you can lodge a complaint with a data protection authority in your country.

We will handle any request by you to exercise your rights in accordance with applicable law. Please note that depending on the circumstances, some of the above rights may not necessarily be applicable.

Data Retention

Your Personal Information will only be kept for as long as we reasonably consider necessary for achieving the purposes set out above or for as long as we are legally required to keep it.

Minors

Vapotherm websites are not directed to children under the age of 13 (or under the age of 18 in EU member states/the EEA), and we do not knowingly collect Personal Information from such children. If you think we have collected Personal Information from a child under the age of 13 (or under the age of 18 in an EU member country/the EEA) please contact us at [email protected] . As required by law, if we do for valid reason collect the Personal Information of such minors, we will always require parental consent.

Tracking Technologies

The Vapotherm website utilizes various technologies in order to provide you with certain services as follows:

Cookies

Like many websites, Vapotherm may use “cookies”. A cookie is a small file that is transferred to your computer’s hard drive to help us improve content. For example, it helps us determine which parts of the website are popular and which are less popular so we may improve these areas in the future. The use of cookies also helps us to customize our web content for our visitors. We will not combine cookie information with your Personal Information you have submitted to us. You may if you wish set your browser settings to reject cookies and to let you know when a cookie is being placed on your computer.

In common with most websites, we gather certain information automatically. This information may include Internet Protocol (“IP”) addresses, browser type, Internet Service Provider (“ISP”) information, and data relating to the operating system, date/time stamp and/or clickstream data to analyse trends in the aggregate and to assist in the administration of the website. IP addresses and other data we may gather automatically may be considered to be Personal Information in certain countries.

Generally, we use cookies for the following purposes:

  • To provide you with a specific service: For instance, if you are logging into an access-controlled section of our website we set a temporary session cookie to establish that you have been authenticated.
  • To facilitate website use: If a cookie is used, our website will be able to remember information about your preferences and movement.
  • To understand our visitors: When you visit our website, our computers may automatically collect statistics in aggregate about visitor behaviour. We may monitor statistics and other data such as how many people visit our site, the users’ IP address, which pages people visit, which domains our visitors come from, which browsers people use and how they move about our website.
  • Google Analytics: By using cookies, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the Vapotherm website, the IP address and the type of operating system deployed in the devices used to access the Vapotherm website.

Security

We have reasonable and appropriate security measures in place to protect against the loss, misuse and alteration of any Personal Information we receive about you through the Vapotherm website. We maintain reasonable security standards to protect the Personal Information that we maintain. If you have any questions about the security of your Personal Information you can contact us at [email protected] or by using the contact details provided below.

How to submit a complaint

Privacy questions or complaints may be submitted to Vapotherm by email, telephone or postal mail using the contact details provided at the end of this Privacy Statement.

Contact information

If you have questions or concerns about this Privacy Statement or any matter referred to please contact us by email to: [email protected] or by mail to: Customer Information Management Officer, Vapotherm Inc., 100 Domain Drive, Exeter, New Hampshire 03833 USA.

Please note that the Customer Information Management Officer is based in the US and accordingly if contacting her from within the EU there may sometimes be a slight time delay before any communication can be reviewed and acted upon.