Privacy notice
Last updated: 09/2024
This Privacy Notice may be updated any time. Each Privacy Notice mentions the date of its last update. We will inform you if we make substantial changes to this Privacy Notice.
This Privacy Notice applies to https://me.resmed.com/. If you use other ResMed products and services, your relationship with us will be governed by separate privacy notices for each of them.
For the purposes of this Notice, “you” and “your” refer to the Person who uses https://me.resmed.com/, “we” and “our” refer to ResMed.
ResMed must ensure that it is compliant with the requirements laid down with local data protection laws. Your personal data must be processed and protected in accordance with these laws. The country that you based are in will dictate the laws that apply to the processing of your data.
This Notice provides information on your rights and our practices in relation to privacy. Said rights and practices govern how we process your personal data.
This is the information which ResMed wishes to share with you, along with the personal data collected by ResMed and the purposes of such collection
When you browse the https://me.resmed.com/ website, ResMed collects some of your personal data via cookies or like technologies. If you wish to learn more on the use of said data collected via cookies or like technologies, please consult our Cookie policy.
When you create your account on https://me.resmed.com/ as a healthcare professional and you then log on to said account to access our documentation, ResMed collects the following personal data:
- Identification data: First name and last name, country/regions;
- Professional data: email address, name of your company;
- Connection data: password.
The use of said personal data is necessary to create, maintain and manage your account on me.resmed.com/ and thus to allow you to access our documentation. It is therefore needed for the performance of the contract to which you are a party insofar as you accept the general terms and service on the registration page of your https://me.resmed.com/ account.
When you create your account, ResMed collects your email address which you will use as an access identifier on https://me.resmed.com/.
The use of your professional email address in this framework is justified by ResMed’s legitimate interest in maintaining its commercial relations with its customers and in being able to inform them of products and services which might be of interest to them.
When you subscribe to our newsletter, ResMed collects the following personal data:
- Identification data: Email address.
The use of said personal data is necessary to be able to send you the regular tips related to sleep apnoea and/or respiratory disease therapy designed to enhance your therapy experience and simplify your life. It is justified by the consent you are giving to ResMed by clicking on the tick boxes on the contact form.
When you fill out the form to contact ResMed customer service, ResMed collects the following personal data:
If you are a healthcare professional or a professional prospect:
- Identification data: first name, last name;
- Professional data: email address, job title;
- Information you may share in the “message” field of your request: identification data, professional information, private information, etc.
The use of said personal data is necessary to be able to answer your questions. It is therefore legitimate for ResMed to respond to healthcare professionals who are interested in asking further questions of ResMed. When filling out the contact form, ResMed collects your email address in order to answer your question via your email address. However, ResMed may also send you further information on its products and services, via your professional email. The use of your professional email address in this framework is justified by the consent you gave to ResMed to send you its newsletter.
If you are a patient or a prospect:
- Identification data: first name, last name, email address.
- Information you may share in the “message” field of your request: identification data, health data, private information, etc.
The use of this personal data is necessary to be able to answer your request. As you may share health data – sensitive data – in the “message” field of the contact form, it is necessary for ResMed to collect your consent before answering your request. That is why you are informed above the “send” button that “by clicking on “send”, you also consent to the processing of your health data by ResMed in order to answer your request.
When filling out the contact form, ResMed collects your email address in order to answer your question via your email address. However, ResMed may also send you further information on sleep apnoea therapy and/or respiratory disease therapy directly to your email box. However, the use of your email address in this framework is justified by the consent you are giving to ResMed by clicking on the tick boxes on the contact form.
When clicking on the “I am not a robot” ReCaptcha, some of your personal data is collected and shared with Google. Indeed, in order to adequately secure ResMed’s website forms against misuse and spam, ResMed has decided to use the Google service ReCaptcha. It checks that the data entered in ResMed’s forms has actually been entered by a human being and not by an automated program. To achieve this, ReCaptcha analyzes your behavior by processing your personal data namely your IP address, the duration of your presence on the website, your mouse movements, etc.
To validate and verify the domain of your email address you have provided to us, ResMed shares it with Zoom Info.
In order to provide users personalised ads through social networks and display targeted advertisements about our services to a relevant audience, we share e-mail addresses of users who have consented to marketing communications with our advertising partners in order to reach to similar audiences. You can opt out from this by writing to the addresses specified below.
Those responsible for the collection and use of your personal data at ResMed
The ResMed entity responsible for your personal data is generally called the “Data controller”. The naming convention for this entity can vary based on your local legal requirement. Each ResMed entity has appointed a data protection officer (DPO) who advises and supports the data controller to ensure it protects your personal data appropriately. The Data controller of your personal data is the ResMed entity based in your country.
Contact details for our DPO:
Our DPO can be contacted via privacy@resmed.eu.
The retention period of your personal data
ResMed stores your personal data (apart from data collected via cookies or like technologies) depending on the purpose of the collection:
– Contact requests: ResMed will keep your personal data for as long as necessary for the Permitted Purposes in a special folder of the ResMed’s Customer service email box before deletion;
– Claims: if the request coming from the contact form is identified as a claim, it will be then stored in our Quality Management System for 15 years in order to track how we have answered it;
– Emailing: ResMed will keep your personal data for a delay of 3 years’ from our last contact.
Data collected via cookies or like technologies will be stored in accordance with the periods provided for in our Cookies policy.
The sharing of your personal data with third parties
We do not sell or lease your personal data. We share it only as stated in this Privacy Notice, to the extent permitted under the applicable law.
We may share your personal data:
– With any ResMed entity or branch and any company held or controlled by the latter;
– If all or some of ResMed’s activity is transferred to another entity under a merger, an assignment of assets or otherwise;
– In a controlled and secure way, with third parties, our emailing tool (Dot Digital), our hosting provider (AWS), our Quality Management System (Trackwise), our Customer Relationship Management (Salesforce), our email verification and validation tool (Zoom Info) and our social media and advertising partners (Meta). Said processors are contractually bound to protect your personal data and to use it only to provide the services that ResMed first asked them to provide;
-If we are bound by law or;
– If it is needed for the purposes in the scope of the legal proceedings or to exercise or defend a right recognized by law.
The transfer of your personal data outside your country/region
ResMed will only transfer your data outside your country/ region when there is a business need, and all local legal requirements are complied with.
As specified in part 4 above, ResMed may share your personal data with some of its entities located out of your country/region for claims management and with its external service providers, Sparta Systems, as it is handles the maintenance of our Quality System Management (Trackwise), Meta and Google LLC as ResMed uses its ReCaptcha service, Zoom Info as an email address domain verification tool.
ResMed highlights that said access is possible only if appropriate safeguards are implemented to ensure that the transfer is compliant with data protection regulations. Thus, we implement all appropriate safeguards (including but not limited to, the standard contractual clauses of the European Commission, or other legal mechanism for protecting data in the event of a transfer) in order to ensure that any transfer of personal data to service providers outside of your country/region is compliant with data protection regulations.
Data security at ResMed
We use various security and privacy measures to protect your data and to comply with current data protection laws.
ResMed has also checked that your personal data collected on me.resmed.com will be hosted in a secure hosting centre in Europe by processors that were chosen with great care and which only act under ResMed’s instructions.
Despite the security measures we take, you must bear in mind that it is impossible to guarantee an absolute level of security for data sent over the Internet. If we receive confirmation that your personal data has been hacked, we will comply with the relevant legal provisions relating to notification of data breaches.
Your rights in light of the use ResMed makes of your personal data
You have rights over your personal data vary depending on the local law that governs our processing of your data.
You may contact privacy@resmed.eu to learn more about your rights.
If applicable:
You may exercise your right of access which includes the right to information in order to understand how ResMed processes your personal data as well as the right to instruct ResMed to provide you with a copy of the personal data that we hold.
You may also instruct us to delete the personal data that we hold in the systems described above under certain conditions; this is the right to erasure of personal data.
You may instruct us to correct your personal data if you see that it is wrong; this is your right to rectify your personal data.
In certain cases, you may instruct us to restrict how we use your personal data; this is the right to restriction of personal data processing.
You may also object to ResMed’s use of your personal data under certain conditions; this is the right to object to the processing.
You may also object to your personal data being used for marketing purposes at any time by following the opt-out instruction in each marketing email we send you.
Lastly, you have the right to instruct ResMed to transfer your personal data to you or to transfer it directly to another service provider. This is the right to portability of personal data.
For the rights which you cannot exercise yourself, please write to the ResMed data protection team at the address privacy@resmed.eu. We will then promptly process your request to exercise rights and we will inform you in any event on any action taken following your request within the requisite time period.
Please note that some legal obligations may limit your request to exercise rights. In this case, we will keep you inform of any such limitations.
If you are not happy with our response or if you notice a violation of specific local data protection laws, you have the right to file a complaint with the relevant national data protection authority of your country of residence, your place of work or of the country where the violation is deemed to have been committed. We would welcome the opportunity to discuss any concerns that you have before you raise a complaint with a national authority.
Depending on your location, you may also have the right to seek compensation for a breach of your rights before your national courts. We would also welcome the opportunity to discuss any concerns that you have before you bring any such action.