Privacy

Policy

26th July 2022

We at Innosonian Inc. collectively referred to as “Innosonian”, “we”, “us”, “our”) take your privacy seriously. This Privacy Statement describes how we collect, store, use and disclose information that identifies you as an individual when you interact with us or use any of the following:

  • Any website maintained by Innosonian (referred to as “Website” or “Websites”) or
  • Any Innosonian product, service, application or programme including any trial (collectively referred to as “Services”)

This Privacy Statement is issued on behalf of the Innosonian group of companies so when we mention Innosonian we are referring to the relevant company in the Innosonian group of companies responsible for processing your data.  Innosonian Europe is the controller responsible for this Website.

It is important that you read this Privacy Statement together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we use your data. This Privacy Statement supplements the other notices and is not intended to override them. 

This Website is not intended for children (i.e. persons under 16 years of age) and we do not knowingly collect data relating to children through this Website.

WHEN WE COLLECT PERSONAL INFORMATION

We collect information about you if you:

  • use this Website;
  • enquire about or purchase our Services (either in your own capacity, or as a representative for your employer); or
  • use one of our Services (either for your own professional purposes (e.g. as a private doctor), or during the course of your employment for an organisation (such as a hospital or other service provider or other organisation) which utilises our Services, or where you participate in a training programme or receive medical treatment from a provider using our Services) or
  • When you apply to us online for a job. (Please note that this Privacy Statement only describes our handling of your information during the recruitment period only and does not apply after you become employed by us (if successful). This Privacy Statement does not apply to Innosonian employees in the context of their employment.

 

TYPES OF INFORMATION COLLECTED

The personal information we collect depends on the context of your interaction with Innosonian and can include:-

  • Identity data including first and last name, user name, title
  • Contact data including email address, postal address (billing or delivery), employer or organisation details, phone number and other similar contact data
  • Profile data including user name and credentials such as passwords, password hints and other similar information for authentication and account access, purchases or orders made by you, feedback and survey responses
  • Usage data including information about how you use our Websites or Services
  • Demographic data such as location, country and preferred language
  • Payment data necessary to process your payment if you make purchases such as your credit card or other bank card number
  • Transaction data such as details about payments to and from you and other details of products or services you have bought from us
  • Technical Data including internet protocol (IP) addresses, login data, browser type and version, time zone and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Websites or Services
  • Marketing and communication data including your preferences in receiving marketing from us and our third parties and your communication preferences
  • (if relevant) employer’s name, hire date, department and job title; details of any training or performance records and levels of competence obtained through your use of the Services and details of your access to and use of the Services.

We may aggregate or otherwise de-identify your personal information, so that we can use it for our own statistical, analytical or benchmarking purposes.  We do this in order to better understand how users interact with our website, or to understand and evaluate how our products are used, so that we can make evidence-based improvements to them. The de-identified information that we use for these purposes will not directly or indirectly reveal your identity.

Information you give us:

When you use the Websites or contact us in any way: You may give us information about yourself by filling in forms on our Websites or by corresponding with us by phone, email or otherwise. This includes information you provide when you submit documentation to us, register to use our Websites, enquire about or purchase our Services, subscribe to our Services, interact with our personnel, report a problem on our Websites or when you provide feedback. If you contact us through the Websites, we will keep a record of our correspondence.

When you use the Services: We receive and store information that you directly provide to us through your use of Services including any personal information that you provide to us when you register for the first time as a user of our Services. 

IMPORTANT NOTE: Many Services are intended for use by our customer organisations and are in those cases, administered to you by your organisation. We collect and process our customers’ information on their instructions and in accordance with our agreements with them. Your use of the Services may be subject to your organisation’s policies, if any. If you use any Services under direction from an organisation you have a connection with (such as an employer or a school), that organisation will (1) control and administer your use of the Services and (2) access and process your personal information. If your organisation administers your use of the Services, please direct your privacy enquiries to your organisation. Your organisation is the data controller of your personal information for such purposes, and we are the data processor. Innosonian is not responsible for the privacy or security practices of its customers and these may differ from those set out in this Privacy Statement.

Information we automatically collect about you:

When you use the Websites or the Services: We may automatically collect technical information including the Internet Protocol (IP) address used to connect your computer to the internet and your login information, browser type and version, time zone setting as well as information about your visit including pages visited. We will also collect information about your visit including the full Uniform Resource Locators (URL), clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information and any phone number used to call our customer service number.

COOKIES: You understand and agree that, when you visit certain pages of our Website or use our Services, our servers may send “cookies”. Cookies are small pieces of text sent to your computer’s hard drive through your web browser.  Such electronic personal information is sent to us automatically.  If you do not wish to accept cookies in respect of your use of the Services, you should stop using the Services, or turn off your cookies using your Internet browser settings, but please be aware that some of the functionality of the Websites or Services and associated services may not work if your browser does not accept cookies. For Information about the cookies we use, please see our cookie policy.

Information we receive from third parties. We also obtain personal information from third parties according to the practices described in this Statement together with any additional restrictions imposed by the source of the data. These third-party sources include:

  • Customer organisations (please refer to the IMPORTANT NOTE above).
  • Service providers that help us to determine a location based on your IP address or assist us with technical, payment and delivery services
  • Partners with which we offer co-branded Services or engage in joint marketing activities such as the American Red Cross and others.

Purpose

Type of Personal Information

Legal Basis

To register you as a new customer

(a) Identity

(b) Contact

Performance of a contract with you

To process and deliver your order including:

(a) Manage payments, fees and charges

 

(b) Collect and recover money owed to us

(a) Identity

(b) Contact

(c) Financial

(d) Transaction 

(e) Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

To enable you to complete a survey

(a) Identity

(b) Contact

(c) Profile

(d) Usage 

(e) Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or Privacy Statement

(b) Asking you to leave a review or take a survey

(a) Identity

(b) Contact

(c) Profile 

(d) Marketing and communications

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our Websites or Services)

To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity

(b) Contact 

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity 

(b) Contact

(c) Profile

(d) Usage

(e) Marketing and Communications 

(f) Technical

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

Purpose

Type of Personal Information

Legal Basis

To use data analytics to improve our Website or Services, marketing, customer relationships and experiences.  As stated above, we take steps to de-identify this information prior to processing, but to the extent that it technically contains any personal data for the purposes of data protection law, we have established the appropriate legal basis set out here.

(a) Technical 

(b) Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about Services that may be of interest to you

(a) Identity

(b) Contact

(c) Technical

(d) Usage 

(e) Profile

Necessary for our legitimate interests (to develop our products/services and grow our business)

To provide you and/or (where applicable) your employer with help associated with the Services including training, competence records and certificates

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Performance records

Necessary to perform our contract with your employer or with you

Provide you and/or (where applicable) your employer with user support and customer support to diagnose and resolve Service problems and other customer care and support activities.

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Performance records

Necessary to perform our contract with your employer or with you

Administer your account and/or (where applicable) the Services we provide your employer

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Performance records

Necessary to perform our contract with your employer or with you

Purpose

Type of Personal Information

Legal Basis

To assess your skills, qualifications and suitability for any job that you may seek with us and to communicate with you during the recruitment process and keep records of our hiring process

(Please note that this Privacy Statement only describes our handling of your information during the recruitment period only and ceases to apply after you become employed by us (if successful). This Privacy Statement does not apply to Innosonian employees in the context of their employment.

(a) Identity

(b) Contact

(c) Academic and professional skills

(d) Employment history

(e) gender, title, date of birth

(f) any other information you choose to provide us in an online job application

Necessary for our legitimate interests in deciding whether to hire you and also necessary for our legitimate interest in contacting you

To analyse your CPR training videos and other manikin CPR performance data gathered by the Brayden Online App

(a) Videos of CPR training collected by the Brayden Online App

(b) CPR training data from manikins gathered by our Brayden Online App

Necessary for our legitimate interests (to improve the functionality of the Brayden Online App for CPR training)

Generally, we do not rely on consent as a legal basis for processing your personal information.  In some circumstances, we may rely upon consent as a basis to send direct marketing communications to you via email or text message, where we are required to do so by law.  However, in other cases we will lawfully rely on our legitimate interest in being able to inform you about relevant Services, in a way which is not overly intrusive.  Regardless of our legal basis for marketing, you have the right to prevent marketing at any time by contacting us at privacy@innosonian.eu or by using the unsubscribe links contained in our emails. If you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent.  Separately, your employer may collect consents from you for their own purposes as a data controller.

Where you use the Services at the request of your employer, and we provide Services to your employer, we collect, use and share your personal information for the above purposes at the request of, and in accordance with the directions of your employer. Your employer is the data controller of your personal information for such purposes, and we are the data processor. Your employer has personal information protection policies and processes that may differ from the privacy notice you are currently reading and we recommend that you read such policies before accessing or using the Services.

If you have yourself individually subscribed to the Services, we collect, use and share your personal information for the above purposes for and on your behalf and we are the data processor of your personal information for such purposes.

We will not sell your personal information or share it with third parties for use in advertising or marketing of their products or services.

HOW WE SHARE YOUR INFORMATION

Where you use the Services at the request of your employer, and we provide services to your employer, we share your personal information with your employer for certain purposes as data processor of your employer – see “HOW YOUR PERSONAL INFORMATION IS USED” above.

We use third-party service providers to store and process your personal information. Where our Service is one that is being provided in conjunction with one of our partners, such as the American Red Cross, we will share personal information with that partner for the purpose of issuing certificates of competence endorsed by that partner. Our partners are required by us to provide substantially the same level of security and protection to your personal information as we ourselves are obliged to under this Privacy Statement.

We may share your personal information with our payment processing service providers in connection with the payment processing services that they perform for us in connection with processing your purchase of the Services. They are not authorized by us to use the information for their benefit.

Our service providers have to follow our express instructions when processing personal information you provide and they must comply with appropriate retention and security measures to protect such personal information and we do not allow them to use this information for their own purposes.

We may also share your personal information in response to a request by government or regulatory authorities, law enforcement or an order of the courts; to a potential acquirer of our business; and as permitted by applicable laws and regulations.

Links to other websites. The Websites contain links and interactive features with various social media platforms, such as Facebook, YouTube and Twitter. If you give information to these platforms then your information will be registered on these platforms and will be available to anyone who uses the platforms. If you already use these platforms, their cookies may be set on your device when using our Websites and they may already have certain information about you which they may combine with information collected on our Websites. These features may enable integration and/or access to your social media accounts. We do not control those social media services, your profiles on those services, modify your privacy settings on those services or establish rules about how your information on those services will be used. You and the social media service providers are in control of those issues. You are encouraged to read all policies and information on the applicable social media services to learn more about how they handle your information before using any such features made available to you on the Websites. We are not responsible for any acts or omissions by any social media service provider or your use of features that come from their features or platform.

INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION

Innosonian has operations around the world, and we also have partners and service providers who operate in a variety of countries.  As such, your personal information may be moved to, disclosed to or stored by us in countries other than your own country, where the data protection and privacy laws may be different to those in your country. One way in which this may occur is where your personal information is stored in a controlled access repository in the cloud. “In the cloud” refers to servers in a data centre that are managed by a third party and accessible through the Internet, and that data centre may be in a country other than your own. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Statement. These include implementing an intra-group agreement based on the European Commission’s Standard Contractual Clauses for transfer of personal information between our group companies as well as supplementary data protection obligations relevant to the country of export in the case of export of personal information from Australia, Canada, Malaysia, Mexico, Poland or Singapore. These also include implementing appropriate data processing agreements with third parties, where relevant.  You acknowledge and agree to this transfer, storing and/or processing outside of your country. 

RETENTION OF YOUR PERSONAL INFORMATION

In the limited circumstances where we are the data controller of your personal information (see “HOW YOUR PERSONAL INFORMATION IS USED” above for further details), we maintain your personal information only for as long as is it is necessary.  In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax and accounting  requirements. In specific circumstances we may also store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings

Where your employer or another organisation is the data controller of your personal information, please refer to their personal information protection policies and processes for information about the relevant retention period(s).

DATA INTEGRITY AND SECURITY

We are committed to the privacy and confidentiality of the personal information in our control or possession (as the case may be). We are obliged to have appropriate physical, electronic and managerial protection measures in place to prevent unauthorized access, erasure, loss, use, processing or disclosure of your personal information, and we take reasonable steps to do so. We will continue to review and update our security measures where appropriate, as new technology becomes available.

Unfortunately, transmission of information via the Internet is not completely secure. Although we use reasonable measures to protect your personal information, we cannot guarantee the security of your personal information.

 

YOUR RIGHTS

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information:

  • To access personal information
  • To correct / erase personal information
  • To restrict the processing of your personal information
  • To transfer your personal information
  • To object to the processing of personal information
  • To object to how we use your personal information for direct marketing purposes
  • To obtain a copy of personal information safeguards used for transfers outside your jurisdiction
  • To lodge a complaint with your local supervisory authority or in the case of Australian residents, the right to complain about our processing of your personal information.

Importantly, in situations where we act as a data processor (for example, where we collect personal information from you through the use of our Services, as more fully described throughout this Privacy Statement) you should exercise your rights against the relevant data controller (for example, your employer, where your employer is the customer organisation which has purchased our Services).

How to contact us:

You may contact us in a number of ways listed below in connection with your personal information.

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

If you wish to opt out of marketing communication we send you at any time you can either do this by clicking on the form above or by clicking on the “unsubscribe” link in the marketing emails that we send to you or by contacting us directly privacy@innosonian.eu

 

  1. You may choose to Exercise Your Rights here

    1. If you have any questions about this Privacy Statement including any requests to access, correct or delete the personal information we hold about you or to complain about our handling of your personal information, you can also contact our data protection manager using the details set out below:

 

Innosonian Europe

FOR THE ATTENTION OF THE DATA PROTECTION MANAGER

Email: privacy@innosonian.eu

Postal: Unit 1 Chancerygate Way, Farnborough, Hampshire, GU14 8FF, United Kingdom

 

Additional information for California residents only:

With regard to personal information of California residents, in addition to the information already provided in the sections above, the following additional section of this Privacy Statement also applies to you.

This Privacy Statement does not address or apply to:

  • Our handling of personal information which is exempt under section 1798.145 of the California Consumer Privacy Act 2018; or
  • Personal information we collect about employees, contractors or job applicants or other individuals who are not California residents; or
  • Personal information we collect about persons acting in their capacity as representatives (B2B contacts) of our customers, prospective customers, suppliers and other businesses we conduct business with to the extent that we use this personal information only in the context of conducting our business relationship with their respective business.

Rights for California residents:

You have the right to:

  • request that we disclose the categories of your personal information that we have collected, used, disclosed and sold (if applicable) in the 12 months prior to your request as well as the categories of sources of such personal information within the last 12 months prior to your request
  • request that we delete your personal information and we will respond to verifiable requests to do so;
  • non-discriminatory treatment for the exercise of any of your data protection rights;
  • access your personal information in a portable and to the extent, technically feasible, readily usable format that allows you to transmit this information to others without hindrance
  • opt-out of the sale of your personal information. We are exempt from providing a notice to opt-out because we do not and will not sell your personal data.

California residents may submit a request to disclose or a request to delete by contacting us in the method described in the How to Contact Us section above.

Additional information for USA and Canada residents

With regard to personal information of USA or Canada residents only, please be aware of the following:

Interest Based Advertising

We may work with third parties to deliver targeted advertising to you when you visit our Websites. We may use Cookies and similar technologies in this process. For example, if you search for information on a particular Innosonian product, we may cause an advertisement for such a product to appear on other websites that you view. This form of advertising (also known as Interest Based Advertising) is based on non-personal information which does not specifically identify you. As a result, third parties may be aware of your interests but cannot personally identify you in connection with the delivery of that specific advertisement. We believe such advertising is helpful because you will see advertisements that are relevant to your interests and activities. However, you can opt out of targeted advertising from certain providers at www.aboutads.info/consumers. This process relies on an opt out cookie so if you delete your cookies or use a different computer you will have to repeat this process. Please note that by opting out, you will continue to see advertising online but it may not be tailored to your specific interests and activities.

We comply with the Self-Regulatory Principles for Online Behavioural Advertising set forth by the Digital Advertising Alliance.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.   We will update this Privacy Statement when necessary. All updates will be posted on the Websites. When we post such updates, we will revise the “last updated” date at the top of the statement. We encourage you to periodically review this Privacy Statement to learn how Innosonian is protecting your information.