Masimo Health Privacy Notice
We provide this Privacy Notice to explain how Masimo processes your personal data when you use the Masimo Health App (“MH App”) and the rights you may have under applicable privacy laws.
If you are in the United States or Canada, “Masimo” refers to Masimo Americas, Inc., 52 Discovery, Irvine CA 92618, USA. If you are in the European Economic Area (EEA), Switzerland or the United Kingdom (UK) (collectively, the “EEA”), “Masimo” refers to Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Wien, Austria.
If you are a California resident, please refer to our California Privacy Policy https://www.masimo.com/company/masimo/privacy/ccpa/. If you reside in the EEA, please review the EEA Supplement section below.
For more information about Masimo’s general privacy practices, please see Masimo’s General Privacy Notice https://www.masimo.com/company/masimo/privacy/.
A. What Personal Data Do We Collect?
We collect the following types of Personal Data:
1. Registration Information: Information used to download and activate the MH App. This may include your name, phone number, email address, age, date of birth and gender.
2. Data Sharing Contact Information: Depending on the settings that you choose and the connected device, you may be able to share your health data with your family, friends, or other persons with whom you choose to share your health data. This may include the designated person’s name and contact information (e.g., phone number, email address).
3. Device or Internet Activity Information: When you use the MH App, we may collect information related to your mobile device. Such information may include standard log data, IP address or unique device identifier, login credentials (we do not have access to your login username or password), WiFi configuration, and operating system and version.
4. Usage Information: When your device is connected to a network and the device syncs with your MH App, usage data is transferred to a cloud server. Usage data is information about how you use your device, such as the duration of time you wear your device, the functionalities most used on the device, and your general location data.
5. Health Information: Physiological information such as your oxygen level, pulse rate, pulse rate variability, heart rate, heart rate variability, breaths per minute, pleth variability index, number of steps taken, and perfusion index.
You are under no obligation to provide us with the data we ask you for. However, if you do not provide your personal data, you will not be able to use the MH App.
We refer to the above groups of personal information by their respective sub-heading (e.g., Registration Information) throughout this Privacy Notice.
B. From Whom Do We Collect Personal Data?
We may collect your Personal Data from the devices that you connect with the MH App (e.g., Masimo W1™).
C. For What Purposes Do We Use Personal Data?
We use the personal data we collect to:
· Provide you with MH App services;
· Provide customer and support services, and respond to your comments and inquiries;
· Provide technical and security services, safeguard the security of data, troubleshoot issues, fix errors, and send you notices about necessary upgrades, security alerts and other support or administrative communications;
· Review, evaluate and analyze the performance of the MH App and the related devices that connect to the App, and to enhance and improve our products and services;
· To develop new products and services;
· Communicate with you about new products, services, offers, promotions, events and information;
· Comply with applicable laws including data privacy and protection laws and consumer laws; and
· Exercise our legal rights, including to defend against claims and to advance our legal interests, protect against fraudulent, harmful and illegal activities.
D. What are the Legal Basis of Processing?
We will process your Personal Data on the basis of: (1) your express consent; (2) where processing is necessary for the performance of a contract to which we are a party; (3) where processing is necessary for Masimo’s legitimate interest or the interest of a third party unless those interests are overridden by your interests or to protect your fundamental rights and freedoms; or (4) where processing is necessary for us to comply with any applicable laws or legal obligations.
You have the right to withdraw your consent at any time. Such withdrawal does not affect the lawfulness of processing based on your consent before your withdrawal. However, after such withdrawal the MH App will not be updated with any new features or data and therefore will not function as it is intended to be.
E. With Whom Do We Share Your Personal Data?
When you use the MH App, your Personal Data may be shared with:
1. Your family, friends, and other individuals with whom you chose to share your Personal Data. Please Note: If you designate a contact to receive your Personal Data, we may disclose your Personal Data with that contact until you remove them from the MH App or deactivate/delete your MH App account.
2. Masimo’s processors/service providers that develop, operate and support the MH App. Masimo relies on processors/service providers in the EEA and the United States to process your Personal Data.
3. With Masimo’s parent, affiliates, or subsidiaries, or in connection with any mergers or acquisitions.
F. How Long Do We Store Personal Data?
We store your Personal Data for as long as it is necessary for the purposes listed above. We may retain your Personal Data for legitimate business purposes or as required by law.
G. How Do We Protect Your Personal Data?
Masimo has implemented reasonable data security safeguards, policies, and procedures to protect the confidentiality, integrity, and accessibility of your Personal Data. To protect your Personal Data from loss, misuse, and unauthorized access, we encrypt your Personal Data in transit and at rest. We also require that our processors/service providers comply with all applicable data privacy and security laws.
Please note that while we have endeavored to create a secure and reliable experience for users, the confidentiality or accuracy of any communication or material transmitted to or from us over the Internet cannot be guaranteed. It is your responsibility to safeguard the username and password that you use to access MH App, and to notify us immediately at the contact information below if you ever suspect that your username or password has been compromised.
H. Children
You must be at least 18 years of age to use MH App. Children may only use Masimo’s hardware products on the instructions, under the supervision, and with the consent, of their parent or legal guardian.
I. Cross-Border Data Transfers
Masimo may transfer your Personal Data to jurisdictions that may not provide the same level of protection as your home jurisdiction. In such cases, we will take steps to comply with all applicable data protection laws to ensure that your Personal Data receives an adequate level of protection including, among other things, using approved transfer mechanisms such as by Standard Contractual Clauses, and/or entering into data transfer agreements where appropriate. We will notify you and obtain your consent where consent is required by law.
J. Effect of this Privacy Notice; Changes
This Privacy Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your Personal Data by us. We may revise this Privacy Notice from time to time by making the revised document available through the MH App and updating the “last updated” date above. We will also obtain consent from you where required by applicable law before processing or transferring your Personal Data for any purpose incompatible with the purposes set forth in prior versions of this Privacy Notice.
Contact Us
If you have any privacy-related inquiries or concerns, please contact our privacy department at privacy@masimo.com.
EEA Supplement
This EEA Supplement Privacy Notice is provided to users of the MH App located in the EEA, Switzerland and UK. For purposes of this section, references to the “GDPR” mean the General Data Protection Regulation, the “UK GDPR” and provisions of the Swiss Federal Data Protection Act (the “FDPA”) as they apply to you.
A. Who is the Data Controller?
Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Wien, Austria. Its UK GDPR representative is Masimo Europe Limited, Matrix House, Basing View, Basingstoke - Hampshire RG21 4DZ.
B. Your Rights
In the EEA, you have the following rights, subject to the conditions under the GDPR and/or local data protection law:
1) to object, on grounds relating to your particular situation, to the processing of your Personal Data by us;
2) to obtain from us confirmation as to whether your Personal Data is being processed, and, where that is the case, to request access to details about how we process your Personal Data and copies of the Personal Data;
3) to obtain from us the rectification of inaccurate Personal Data concerning you;
4) to ask us to erase your Personal Data to the extent it is not required for legally required purposes;
5) to request restriction of processing of your Personal Data , in which case, it would be marked and processed by us only for certain purposes;
6) to receive your Personal Data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal data to another entity without hindrance from us; and
7) to lodge a complaint with a supervisory authority, where applicable.
You can exercise your rights by contacting the Data Protection Officer, Dr. Sebastian Kraska, IITR Datenschutz GmbH, Marienplatz 2, 80331 Munchen, email@iitr.de You may also contact our Privacy Office via email at privacy@masimo.com or by mail at Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Vienna, Austria.
You may view a list of supervisory authorities in the EU and their respective contact information here: https://edpb.europa.eu/about-edpb/board/members_en. You may view the UK supervisory authority's contact information here: https://ico.org.uk/global/contact-us/. You may view the Swiss Federal Data Protection and Information Commissioner's contact information here: https://www.edoeb.admin.ch/edoeb/en/home.html. In some jurisdictions such as France and Portugal, you also have the right to provide Masimo with guidelines as to the processing of your Personal Data after your death.