CARTONET US PRIVACY POLICY
Biosense Webster, Inc. (“BW”) is concerned about privacy issues and wants you to be familiar with how we collect, use, and disclose information through CARTONET™, our cloud-based Software as a Service offering, its related Websites or Web property (including, for example, a mobile Web site or application) operated and controlled by us, or our CARTO® 3 System (collectively the “Services”), through which you may collect, review, analyze, share and otherwise use certain case data and related procedure data, along with video and image files, obtained during procedures performed using the CARTO® 3 System. This Privacy Policy describes our practices in connection with information (“Information”) that we or our service providers collect through the Services from which you are accessing this Privacy Policy. By providing Personal Information to us or by using and accessing the Services, you agree to the terms and conditions of this Privacy Policy.To provide the Services, we leverage the Siemens Healthineers teamplay platform (“Siemens”), which operates on the Microsoft Azure Cloud. Please review the privacy policy for the Siemens teamplay platform https://www.siemens-healthineers.com/support-documentation/cybersecurity;https://www.siemens-healthineers.com/infrastructure-it/digital-ecosystem/teamplay#Home and for the Microsoft Azure Cloud https://docs.microsoft.com/en-us/azure/security-center/security-center-data-security.

Eligibility Requirements

The Services are only intended for use by health care professionals or other users in the United States (each, a “User”) who have registered and have an account with Siemens and are employees or contractors of the health care organization (the “Health Care Organization”) that has agreed to and accepted Siemens’ terms and conditions as the “Institution” through the following link: https://teamplay.siemens.com/legal, pursuant to a Subscription Agreement between the Health Care Organization and us. Any other person is not allowed to register with or use the Services. Please refer to our Terms and Conditions at https://www.biosensewebster.com/products/cartonet/cloud-services-terms-and-conditions.aspx for additional information about User eligibility.

Types of Information Stored and Processed in the Cloud

To provide the Services, certain information about you and your patients will be stored and processed in the cloud, including:

  • “User Personal Information,” which includes identifying information about you, such as your name and e-mail address.
  • “Patient Information,” which includes individually identifiable health information of patients being treated by the User and/or Health Care Organization, including “Protected Health Information” or “PHI,” as such term is defined under the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”). Patient Information and “User Personal Information” shall collectively be referred to as “Personal Information.”
  • “Passive Information,” which means information that does not directly or indirectly identify and cannot reasonably be used to identify an individual. If Passive Information is subsequently directly or indirectly associated with Personal Information, we then treat it as Personal Information.

Note, BW will only have access to anonymized data in the cloud as more fully described in the How We Use and Disclose Information section.

How We Collect Information

  • We collect Information when you: register with us; perform procedures using the CARTO® 3 System, input information into CARTONET™ or the CARTO® 3 System; create User generated content; request products, services or information from us; participate in public forums or other activities through the Services; respond to customer surveys; or otherwise interact with us or the Services.
  • As you navigate through and use the Services, certain information can be passively collected (that is, gathered without your actively providing the information), using various technologies. We and our third party service providers passively collect and use information in a variety of ways, including:

    • Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system version, and Internet browser type and version. We may collect similar information, such as your device type and identifier, if you access the Services through a mobile device. Using cookies: Cookies are pieces of information stored directly on the computer you are using. Cookies allow us to collect information such as browser type, time spent using the Services, pages visited, and language preferences. We and our service providers use the information for security purposes, to facilitate navigation, display information more effectively, and to personalize your experience while using the Services. We also use cookies to recognize your computer or device, which makes your use of the Services easier. In addition, we use cookies to gather statistical information about the Services usage in order to continually improve its design and functionality, understand how individuals use it, and to assist us with resolving questions regarding it.

      You can refuse to accept these cookies by following your browser’s instructions; however, if you do not accept them, you may experience some inconvenience in your use of the Services. .To learn more about cookies, please visit http://www.allaboutcookies.org.
    • Using Flash cookies: Our use of Adobe Flash technology (including Flash Local Stored Objects (“Flash LSOs”)) allows us to, among other things, serve you with more tailored information, facilitate your ongoing access to and use of the Services, and collect and store information about your use of the Services. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also control Flash LSOs by going to the Global Storage Settings Panel and following the instructions (which may include instructions that explain, for example, how to delete existing Flash LSOs (referred to as “information” on the Macromedia site), how to prevent Flash LSOs from being placed on your computer without your being asked, and (for Flash Player 8 and later) how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with the Services or our online content.
    • Using pixel tags, web beacons, clear GIFs, or other similar technologies: These may be used in connection with some Services pages and HTML-formatted e-mail messages to, among other things, track the actions of the Services users and e-mail recipients, measure the success of our marketing campaigns, and compile statistics about the Services usage and response rates.
    • IP Address: Your IP Address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP Address is identified and logged automatically in our server log files whenever a user uses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the Internet and is done automatically by many web sites. We use IP Addresses for purposes such as calculating Services usage levels, helping diagnose server problems, and administering the Services.
    • Device Information: We may collect information about your mobile device, such as a unique device identifier.

How We Use and Disclose Information

The ways in which we may use and disclose Information include the following:

  • to provide you with the Services and other products and services you or your Health Care Organization may request;
  • to respond to your or your Health Care Organization’s inquiries and fulfill your or your Health Care Organization’s requests, such as to send you or your Health Care Organization documents you or your Health Care Organization request or e-mail or text message alerts;
  • to send you or your Health Care Organization important information regarding our relationship with you, your Health Care Organization or regarding the Services, changes to our terms, conditions, and policies and/or other administrative information;
  • to create anonymized and aggregated data sets that may be used for a variety of functions, including research, internal analysis, analytics and other functions.
  • to ensure consistency with applicable laws and choices and controls that may be available to you;
  • to personalize content and experiences;
  • to optimize or improve the content, products, services and features of the Services; and
  • for our business purposes, such as data analysis, audits, developing new products, enhancing and improving our Services, identifying Services usage trends, personalizing your experience while using the Services by presenting and offering Services tailored to you, and determining the effectiveness of our promotional campaigns.

We also disclose Information collected through the Services:

  • to our affiliates for the purposes described in this Privacy Policy. A list of such affiliates can be provided upon request. BWI is the party responsible for the management of the jointly-used Personal Information;
  • to our third party partners with whom we offer a co-branded or co-marketed promotion;
  • to our third party service providers who provide services such as website hosting and moderating, mobile application hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer service, e-mail and direct mail delivery services, credit card processing, auditing services, and other services, in order to enable them to provide services, including without limitation, Siemens and the Microsoft Azure Cloud; and
  • to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). In addition, we use and disclose information collected through the Services as we believe to be necessary or appropriate: (a) as permitted by applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain. We may also use and disclose information collected through the Services in other ways, with your consent.

We also use and disclose Information we collect passively as described above, and for any other purpose, except where we are required to do otherwise under applicable law (for example, if we are required to treat such Information as Personal Information). In addition, we may use and disclose Information that is not in personally identifiable form for any purpose. If we combine Information that is not in personally identifiable form with Information that is (such as combining your name with your geographical location), we will treat the combined information as Personal Information as long as it is combined.

Third Party Sites And Services

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any site or web property (including, without limitation, those of Siemens and the Microsoft Azure Cloud and any other applications) that is available through the Services or to which the Services contain a link. The availability of, or inclusion of a link to, any such site or property as provided through the Services does not imply endorsement of it by us or by our affiliates.

Security

We use reasonable organizational, technical, and administrative measures to protect Personal Information under our control. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contacting Us” section below.

How You Can ACCESS, CHANGE, Or DELETE Your Personal Information

If you would like to review, correct, update, or delete the User Personal Information please contact the designated CARTONET™ administrator in your facility.

Retention Period

We retain your User Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or allowed by law or to otherwise fulfill a legal obligation.

Use Of The Services By Minors

The Services are not directed to individuals under the age of 18, and we request that these individuals not provide Personal Information through the Services.

Cross-Border Transfer

Your Personal Information may be stored and processed in any country where we have facilities or service providers, and by using the Services or by providing consent to us (where required by law), you agree to the transfer of information to countries outside of your country of residence, including to the United States, which may provide for different data protection rules than in your country.

Sensitive Information

Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive User Personal Information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Services or otherwise to us. In those cases where we may request or invite you to provide sensitive information, we will do so with your express consent.

Updates To This Privacy Policy

We may change this Privacy Policy at any time. Please take a look at the “Last Updated” legend at the top of this page to see when this Privacy Policy was last revised. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on this website. Your use or access of the Services following any changes means that you accept the revised Privacy Policy.

Contacting Us

If you have any questions about this Privacy Policy, please contact us:

Biosense Webster, Inc.
31 Technology Drive, Suite 200
Irvine, CA 92618
Tel: +1 (866) 473 7823
Fax: +1 (909) 468 2786
www.biosensewebster.com