Privacy Policy

Last updated: October, 2021

LifeScan is concerned about privacy issues and wants you to be familiar with how we collect, use and disclose information. In this Privacy Policy, we may refer to ourselves as “we”, “us” or “our”, by which we mean LifeScan Global Corporation and its subsidiaries. The controller of your data is the LifeScan company listed next to your country, here (“Controller”) except for healthcare professionals who subscribe to LifeScan Diabetes Institute, in that case, LifeScan Institute LLC is the Controller.

This Privacy Policy describes our practices that we or our service providers collect through the website or mobile application, operated and controlled by LifeScan, through which you are accessing this Privacy Policy (the “Services”) or if you contact our customer care team. If local laws in your country require that we process your Personal Data in a different way, we will comply with those local laws. Please read this entire Privacy Policy before using any of the LifeScan Services.

PERSONAL DATA

 

The term “Personal Data” in this Privacy Policy means any information which could identify you as an individual, either directly (for example, your name) or indirectly (such as an IP address or other unique identifier).

LifeScan may collect and process the following Personal Data when you use the Services:

  • contact details (such as name, address, email address, telephone number);
  • demographic information (such as date of birth, gender);
  • health information (such as diabetes type and method of management, glucose readings, exercise and carbohydrate intake);
  • account-related information (such as the password you select to use the Services or the serial number of any devices associated with the account);
  • payment or commercial information, such as billing details and past transactional behavior;
  • complaint or adverse event information;
  • photographs, videos or voice recordings if, for example, you provide a testimonial; and
  • your preferences (such as communication, language and time zone).

When you are asked to provide your Personal Data you may have an option to choose not to provide it but if you do so, it may inhibit our ability to provide some elements of the Services to you.

If you are providing information of someone other than yourself (for example, if you are a caregiver, parent or guardian or a healthcare professional providing a patient’s information) then you are confirming to us that you have any legally required authorization, consent or other lawful authority to share the other person’s information and for us to use it in accordance with this Privacy Policy.

If you are a healthcare professional, LifeScan may collect:

  • your professional qualifications, educational and professional history, professional and government affiliations, information included on a resume, languages spoken, information about publications with which you have been involved;
  • information about the LifeScan programs, products and activities with which you have engaged;
  • details about our interactions with you, your prescribing of our products and any agreements you have or had with LifeScan, including payment or other financial details;
  • information collected in connection with LifeScan events, training or activities you have attended or with which you have been involved; and
  • public information such as license information and other due diligence related information.

We may combine information you provide with information from other sources, for example social media or from public sources.

 

HOW LIFESCAN COLLECTS PERSONAL DATA

 

LifeScan collects Personal Data in a number of ways, including:

  • directly from you or your authorized representative, for example, when you sign up for an account for one of the Services;
  • when you use one of our Services;
  • when you share your social media profile with LifeScan or use it to contact us;
  • when you respond to LifeScan surveys or promotions, where permitted;
  • when you contact LifeScan for customer service assistance;
  • when you share complaints or adverse event information with LifeScan;
  • when you authorize third parties to provide your information to us;
  • from other products, services or applications that are integrated with our Services (such as, for example, when a third party product, service or application is linked with our Services or vice versa);
  • from public or third party information sources;
  • from third party service providers or our business partners;
  • from social media, for example mentioning a LifeScan product or service in a Tweet. We encourage you to read the Privacy Policies of the social media platforms that you use;
  • if you are a healthcare professional, if you engage with one of our sales representatives, attend an online or live event such as a conference, training or advisory board meeting; and
  • indirectly through tracking technologies, including over time and across third-party websites and online services. You can read more about this here. We may also automatically collect information about you from website interaction, analytics partners, and other parties.

HOW LIFESCAN USES PERSONAL DATA

 

We process your health information when you use the Services on the basis of your explicit consent.

We use your Personal Data for the following purposes where it is necessary for us to perform our contractual obligations to you:

  • manage your account on our Services;
  • provide our products or the Services to you;
  • provide customer service support to you; and
  • send you important information regarding our relationship with you or regarding changes to our terms of use and other policies or administrative information, such as planned maintenance or downtime.

We use your Personal Data for the following purposes where it is necessary in our legitimate interests in order to:

  • operate our business;
  • improve our products and Services;
  • respond to your enquiries and fulfill your requests, such as to send you documents you request or e-mail alerts;
  • invite you to provide feedback on our products and/or services;
  • personalize your experience when you interact with us;
  • undertake market research, analytics or segmentation so that we can better understand your needs and so that we can: improve our products and services; understand the effectiveness of our marketing campaigns and to tailor our communications with you;
  • in connection with our cybersecurity efforts; and
  • to ensure continuity of service to you if we sell, assign or transfer part of our business or enter into a relationship with a distributor.

We use your Personal Data to provide you with information about our products and services or the products and services of selected third-party partners, provided that you have opted-in to receive such communication, where an opt-in is required by law. If you have opted-in to receive such communications, our legal basis for processing your Personal Data for this purpose is your consent.

We use your Personal Data for the following purposes in order to comply with a legal obligation that we are subject to, or where necessary to establish, exercise or defend legal claims:

  • comply with legal or regulatory obligations to which LifeScan is subject, such as reporting complaints or adverse events; anti- corruption; trade compliance or transparency reporting requirements for healthcare professionals; and
  • to defend LifeScan against actual, potential or threatened litigation.

We may also use your Personal Data in other ways, with your consent.

HOW LIFESCAN SHARES PERSONAL DATA

 

We may share your Personal Data:

  • with other LifeScan companies for the purposes described in this Privacy Policy. However, the Controller is the party responsible for the management of your Personal Data.
  • with your authorized health care provider (such as a clinic, pharmacy or healthcare professional), payor or to other third parties that you choose to provide access to your Personal Data. Some of our Services permit you to share all of the information you enter within the particular Service or to share certain information with a relative, friend or caregiver;
  • when you provide your consent for us to do so, for example with third party partners with whom we offer a co-branded or co- marketed promotion;
  • with our third-party service providers who provide services to you or us such as website hosting and moderating, mobile application hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer service, e-mail and direct mail delivery services, credit card processing, auditing services, and other services, in order to enable them to provide services to you or us;
  • with third parties or business partners where you choose to integrate their products or services with the Services;
  • with a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings);
  • with third parties or service providers involved in the provision of advertising and analytics;
  • for our business purposes, such as data analysis, audits, developing new products, enhancing our website, improving our products and services, identifying usage trends, where permitted, personalizing your experience by presenting products and offers tailored to you, and determining the effectiveness of our promotional campaigns;
  • as otherwise described to you at the time of collection;
  • If you are a OneTouch® Solutions user, we will share your Personal Data with:
    • third parties involved in the fulfillment of your orders, such as for example to coordinate with our prescription, shipment, and logistics providers.
    • our business partners, such as, for example, when you link our Services with a partner’s product, application or service (or vice versa).

In addition, we may use and disclose information collected through our Services as we believe to be necessary or appropriate: (a) as permitted by applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence;
(d) to enforce our terms and conditions; (e) to protect the operations of LifeScan group companies; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

OTHER PRODUCTS, SERVICES AND APPS

 

The Services may include functionality that allows for links to or integrations with the products, services or apps of our business partners (“Partner Apps”). In the event that you use Services that include such functionality, our business partners’ privacy policies will govern how they handle your Personal Data in connection with such Partner Apps, while this Privacy Policy will continue to govern how we handle your Personal Data. We are not responsible for our business partners’ privacy practices, and you should review the applicable Partner App privacy policies before using such functionality.

EMAIL COMMUNICATIONS

 

Where you agree, we may send you email messages promoting our Services or with other information about our programs and offers. As further described below under “Your Privacy Rights and Choices,” you may opt out of these messages at any time by contacting us or by using the “My Account” or “Settings” function if applicable.

COOKIES, INTERNET-BASED ADVERTISING AND OTHER TOOLS

 

We use persistent identifiers to authenticate you to the Services to analyze how the Services are used, to link information about how you use the Services with your account, to analyze the effectiveness of our messaging and to help to tailor our products and the Services. We may also use persistent identifiers to identify you across other media or through your use of our other products or the Services to help to tailor our offerings and to provide enhanced personalization and communications.

Cookies: Cookies are pieces of information stored directly on the computer you are using. Cookies allow us to collect information such as browser type, time spent on a website, pages visited, and language preferences. We and our service providers use the information for security purposes, to facilitate navigation, display information more effectively, and to personalize your experience while using a website. We also use cookies to recognize your computer or device, which makes your use of the Services easier, such as to remember what is in your shopping cart. In addition, we use cookies to gather statistical information about usage of our Services in order to continually improve design and functionality, understand how individuals use them and to assist us with resolving questions regarding the Services. Cookies further allow us to select which of our advertisements or offers are most likely to appeal to you and display them while you are using the Services. We may also use cookies in online advertising to track consumer responses to our advertisements. Please read our Cookie Policy for information about the cookies used and how to disable them.

You can refuse to accept these cookies by following your browser’s instructions; however, if you do not accept them, you may experience some inconvenience in your use of the Site. In addition, you may not receive advertising or other offers from us that are relevant to your interests and needs. To learn more about cookies, please visit http://www.allaboutcookies.org.

Using pixel tags, web beacons, clear GIFs, or other similar technologies. These may be used in connection with some web pages and HTML-formatted e-mail messages to, among other things, track the actions of users and e-mail recipients, measure the success of our marketing campaigns, and compile statistics about usage and response rates.

Analytics. We may use certain analytics providers such as Google Analytics and Firebase Analytics, which use cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends. The Services may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to: http://www.google.com/policies/privacy/partners and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

We also use mobile analytics services, such as AppFlyer Inc's mobile attribution and analytics platform, to understand use of the Services. This allows us to understand, assess and adjust our marketing campaigns and their performance. For example, this helps us to understand which campaigns lead people to download the Services. You can learn about AppsFlyer's data processing at: https://www.appsflyer.com/privacy-policy/. If you wish to opt-out please go to: https://www.appsflyer.com/optout.

Retargeting of Advertisements and Opting Out. We try to deliver relevant advertisements by using a common form of online advertising known as “retargeting”. Retargeting provides advertisements on a website based on a user’s activities on a different, unrelated site. To enable this, LifeScan or its advertising service providers may use a device ID, cookie, pixel, web beacon or similar technology placed by LifeScan or its third-party service provider when you visit our Services. The placing of these cookies or other technologies on your device may enable you to be identified across multiple websites.

You can opt-out of having your online activity collected for advertising purposes and receiving behaviorally targeted advertisements by using the links below depending on your region:

Please note that the choices you make are specific to the browser and device on which you implement such controls.

We may use Facebook’s custom audience tools which allows us to provide you with advertising to you when you use Facebook’s platforms which you may find to be more relevant to you. You can learn more about Facebook’s privacy policy here. This is done by converting your email address into a unique number that Facebook uses to match to a unique number that Facebook generates based on the email address that you have provided to Facebook. You can change your advertising preferences within the “Ad Settings” and “Ad Preferences” sections of your Facebook account.

On some pages of our websites, we allow third-party advertising partners to use cookies, web beacons, and similar technologies to collect or receive information regarding your activities on those web pages (e.g., your IP address, page(s) visited, time of day, and cookie identifiers). We may also share such information we have collected with advertising and analytics companies, they may use this information (and combine it with information collected over time and across other websites, apps, or other digital services) to deliver targeted advertisements.

Mobile advertising identifier controls. Apple and Android mobile devices generate an advertising identifier that can be accessed by apps and used by advertisers in a way similar to how cookies are used on websites. Apple and Android operating systems provide options to limit tracking.

Do Not Track. Some browsers have a Do Not Track (“DNT”) feature that allow a user to indicate a preference not to have their online activities tracked. If you limit a website’s ability to set cookies, your user experience may be affected. The DNT function is not available when you are accessing the Services through a mobile application rather than through the relevant website.

YOUR PRIVACY RIGHTS AND CHOICES

 

Depending on the laws in your country, you may have rights to:

  • withdraw your consent to us processing your Personal Data for direct marketing;
  • obtain copies of your Personal Data and additional information about the processing of your data;
  • correct any inaccurate or incomplete information about you which we hold;
  • request deletion of your Personal Data. This right is subject to certain exclusions such as compliance with legal or regulatory obligations;
  • restrict processing of your Personal Data. This right is subject to certain restrictions;
  • object to processing of your Personal Data. This right is subject to certain restrictions;
  • ask us to transfer your Personal Data to another organization, under certain circumstances; and
  • make a complaint to a privacy regulator.

In order to protect your Personal Data, we may require that you provide evidence to confirm your identity before we provide the requested information. We will respond to your request within the relevant time limit under applicable law.

If you wish to opt-out of receiving marketing emails from LifeScan, you may update your preferences by sending an email to your Customer Service email address: [email protected] or, where there is a “My Account” or Settings feature, you can update your marketing preferences there. If you choose to opt-out of receiving such messages, we may still send you service- related announcements such as changes to the Privacy Policy, planned maintenance or downtime.

If you are a healthcare professional and no longer wish to receive communications from the LifeScan Diabetes Institute, you can update your preferences in your member profile at www.lifescandiabetesinstitute.com or by unsubscribing, here.

DE-IDENTIFIED, PERMANENTLY ANONYMIZED, AND AGGREGATED DATA

 

We may de-identify data that we collect about you. We may use or share this data with third parties to perform analytics and research, for product development or improvement, and for other compatible purposes or as otherwise permitted by law. We may also permanently anonymize your Personal Data so that it is no longer personal data under relevant laws. After permanent anonymization, you can never be identified and the data is not traceable to you. We may use or share such anonymized data for statistical analysis, clinical research, demographic analysis or other similar activities. We may export and process permanently anonymized data in any country in which we or one of our service providers or business partners has operations. We may also combine or aggregate this data with other third-party data that we collect about you.

HOW LONG WE RETAIN AND HOW WE SECURE YOUR DATA

 

We retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or allowed by law or is needed in order to fulfil a legal requirement to which LifeScan is subject.

LifeScan uses various technical, organizational and administrative measures to protect your Personal Data against loss, unauthorized use or access. For example, when we transmit your health-related Personal Data, through our Services we use encryption technology. When our Services communicate with our analytics providers, encryption is also used. However, you should be aware that no data storage or method of transmission can be guaranteed to be 100% secure or error-free.

SAFETY AND OTHER REGULATORY REPORTING

 

In order to ensure the safety of medical devices, regulators place a legal obligation on manufacturers to report certain complaints and potential adverse events to them. LifeScan may share this information with other LifeScan companies in other countries, its service providers or business partners who assist in the maintenance and operation of LifeScan’s complaints database.

In some cases, LifeScan may not be the legal manufacturer of devices that we promote or make available, in those circumstances, we are obliged to pass on details of complaints and potential adverse events to the device’s legal manufacturer so that they may report the matter to applicable regional or national regulatory bodies, including those that may have different data protection laws than the laws that apply in your country.

Where relevant, LifeScan enters into European Union standard contractual clauses (or equivalent measures) with the party outside the European Economic Area receiving the personal data. A copy of the relevant standard contractual clauses is available upon request.

LifeScan processes complaint and adverse event data in order to comply with legal requirements to which it or its business partners are subject. Where LifeScan processes health data (which is a special category of data) for these purposes, LifeScan does so for reasons of public interest in ensuring high standards of quality and safety of medical devices. Any data provided for complaint and/or adverse event reporting purposes will not be used for direct marketing.

If you are a healthcare professional, LifeScan may be required, by law or industry codes of practice, to report on or to make public disclosures of certain payments or transfers of value to healthcare professionals (such as consulting fees, travel and other permitted expenses). Where required by local law, we will disclose your identity, your location and the nature and amount of the transfer of value or payment.

LINKS TO OTHER SITES

 

When we provide a link to another website or application that is not owned or controlled by LifeScan, we are not responsible for how such websites or applications handle your Personal Data. We urge you to read the linked website’s privacy policy. The inclusion of a link to a third-party website or application does not mean that LifeScan endorses that website or application.

TRANSFERS TO OTHER COUNTRIES

 

As a global company, we have operations and service providers that may not be located in your country. By using any of our Services or, where required by law, by providing us with your consent, your information may be processed and / or stored outside of your country of residence. Data protection laws in those countries may differ from the laws in your country. Appropriate contractual and other measures are in place to protect Personal Data when it is transferred to LifeScan company or third parties in other countries.

For residents of the European Economic Area (“EEA”): Some countries outside the EEA are recognized by the European Commission as providing an adequate level of data protection (the full list of these countries is available here). For transfers from the EEA to countries not considered adequate by the European Commission, we shall ensure that adequate measures are in place, including by ensuring that the recipient is bound by the European Union’s Standard Contractual Clauses or by another method which has been approved by the European Commission.

If you are using the Services in the Kingdom of Saudi Arabia, you specifically acknowledge and agree that none of the data within the Services constitutes medical records under the laws of the Kingdom of Saudi Arabia.

CHILDREN’S PRIVACY

 

We do not collect knowingly data directly from children under the age of 13. Some of the Services allow the creation of a parent or guardian account which allows for the submission of a child’s Personal Data by a parent or guardian. Please contact us if you believe that a child has provided his or her Personal Data to us directly, without the consent of a parent and we will remove it.

USA: NOTICE FOR CALIFORNIA RESIDENTS

 

California residents are granted certain rights under the California Consumer Privacy Act (“CCPA”). If you are a California resident, you have a right to know what information is collected about you, how it will be used and to whom it will be disclosed. For purposes of this section, the term Personal Data means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. In addition to the rights described elsewhere in the Privacy Policy, California residents have the right to: (i) request access to your Personal Data or to have it deleted; (ii) request additional disclosures about the Personal Data we collect, use and sell; (iii) request that your Personal Data is not sold; and (iv) obtain a copy of your Personal Data. This notice supplements the information above regarding collection, use and disclosure of your Personal Data.

In the previous 12 months, LifeScan has collected and disclosed for its business purposes the following categories of Personal Data. This Personal Data was collected from sources including yourself directly, business partners, and third parties, as further described above under “How LifeScan Collects Personal Data”:

  • Identifiers, such as your name, contact information and online identifiers.
  • Information protected by California Civil Code Section 1798.80, subdivision (e), such as names, contact information, financial information, and health insurance information.
  • Protected classification characteristics under California or federal law, such as age, ancestry, and medical condition.
  • Commercial information, such as records of products or services purchased.
  • Medical, health, and biometric information, where that information is outside the scope of other applicable laws.
  • Internet or other similar network activity, such as information about your interactions with our Services or advertisements.
  • Audio, electronic and visual information, such as testimonials.
  • Professional information and education information, such as information about medical specialty.
  • Inferences we derive from the information that we collect, to create profiles reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Other information that we collect from you or as disclosed to you, as described in the rest of this Privacy Policy.

Sale of Personal Data. LifeScan does not sell Personal Data for money, but in the last 12 months has shared Personal Data such as online identifiers and internet or similar network activity details, with providers of advertising services. This sharing may be considered a sale under the CCPA.

De-identification: We may use or share de-identified data derived from your personal information with third parties to perform analytics and research, for product development or improvement, and for other compatible purposes or as otherwise permitted by law.

Exercising Access, Data Portability, and Deletion Rights: To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either calling our customer service team at: (800) 227-8862 or by email to: [email protected]

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format: We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Data’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

NOTICE FOR EUROPEAN UNION USERS: HOW TO COMPLAIN TO A REGULATOR AND DPO CONTACT DETAILS

 

If you are a European Union citizen or you are accessing any of our Services from within the European Economic Area, you may lodge a complaint with the supervisory authority for your country of residence. Their details can be found here.

You may contact our Data Protection Officer (“DPO”) by sending an email to [email protected]

HOW YOU CAN CONTACT US

 

The company responsible for collection use and disclosure of your Personal Data under this Privacy Policy is:

 

CountryLifeScan company name and address
USA

LifeScan, Inc. 20 Valley Stream Parkway, Malvern, Pennsylvania, 19355

 

For privacy-related enquiries or complaints, please send an email to the relevant customer service email address in the table above. You can also write to our privacy officer at: LifeScan Privacy Office, LifeScan Global Corporation, 20 Valley Stream Parkway, Malvern, Pennsylvania, 19355, United States of America or by sending an email to: [email protected].

UPDATES TO THIS PRIVACY POLICY

 

We may update this Privacy Policy from time to time. To the extent permitted by applicable law, any changes will be effective when we post the revised Privacy Policy on our Services and your continued use of the relevant Service after these changes means that you accept the relevant changes. If the changes are significant, we may provide a more prominent notice to let you know what the changes are. This Privacy Policy was last updated as of the “Last Updated” date shown at the top of this Privacy Policy.

US-POR-1900004