Privacy Statement

    1.  Privacy Statement.  This Website is operated by MicroVention, Inc. (“MicroVention”).  This Privacy Policy sets forth the policies that govern our collection, use, and disclosure of the information that you may provide via our Websites.  Before using or submitting information to this Website, please read this entire Privacy Policy.  This Website is governed solely by applicable Federal and State laws and governmental regulations in the United States of America.  Use of this Website constitutes your consent to application of such laws and regulations and to this Privacy Policy.  Whenever you submit information via this Website, you consent to the collection, use, and disclosure of that information in accordance with this Privacy Policy.

    2. Information We Collect:

    a. Personal Information.  This Website may collect personal information from its visitors both by asking them specific questions and by facilitating direct communications with us via email, feedback forms, etc.  Some of the information that visitors submit may be personally identifiable information (that is, information that can be uniquely identified with an individual, such as full name, address, email address, phone number, and so on).  If you use this Website to submit or request information related to a grant proposal or donation, additional information we may collect includes your hospital affiliation and details of your proposal.  In some cases, we may collect non-personally identifiable information that you elect to provide voluntarily, such as gender or zip code.  This Website may also offer some features and activities (such as newsletter subscriptions, downloads, etc.), which may require you to submit information to receive or benefit from them.  You will be informed at each information collection point what information is required and what information is optional.

    b. Website Usage Information.  Like many other Websites, this Website may or may not also collect some information passively as you navigate through the Website (that is, this information is gathered without your actively providing the information), using various technologies and means, such as navigational data collection.  Navigational data ("log files," "server logs," and "clickstream" data) are used for system management, to improve the content of the Website, market research purposes, and to communicate information to visitors.  One of the ways information may be passively collected is by use of Internet Protocol (IP) addresses.  An IP address is a number assigned to your computer by your Internet service provider so you can access the Internet.  IP addresses are generally considered to be non-personally identifiable information, because most IP addresses are dynamic (they change each time you connect to the Internet), rather than static (unique to any one user’s computer).  We may use your IP address to improve or administer the Website, diagnose server problems, report aggregate information, or to determine the fastest connection route between your computer and our Website.  We may also collect your website usage information by means of "cookies." A cookie is a small data text file, which a website stores on your computer's hard drive (if your Web browser permits) that can later be retrieved to identify you.  "Session cookies" are temporary bits of information that are erased once you exit your Web browser window or otherwise turn your computer off.  Session cookies are used to improve navigation on websites and to collect aggregate statistical information.  This Website may use both cookies and session cookies.  If you do not wish to receive cookies from this or any other website, you can change your computer's settings so that it will no longer accept cookies.  Internet tags (also known as single-pixel GIFs, clear GIFs, invisible GIFs, and 1-by-1 GIFs) are smaller than cookies and tell the Website server information such as the IP address and browser type related to the visitor's computer.  This Website may or may not use Internet tags.

    c. Information Use and Disclosure.  Your name, address, email address, and any other personally identifiable information you provide may be used by MicroVention to provide you with information about MicroVention products, clinical or other health issues, or to develop services concerning neurovascular diseases and related topics.  MicroVention will not sell or rent the personally identifiable information collected via this Website to a third party.  We reserve the right to disclose information to respond to duly authorized information requests of governmental authorities, where required by law, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the Website, or to prevent imminent harm to any person or group of people, and also to share all information submitted without restriction with affiliate and/or related entities and other third parties engaged to provide services to MicroVention.  If ownership of all or substantially all of MicroVention were to change, your information may be transferred to the new owner so that the Site can continue to operate.  In any such transfer of information, your information would remain subject to the promises made in any pre-existing privacy policy.  You can notify MicroVention that you wish to discontinue receiving information at any time.  We may use your information to improve the value of our Website's content, to present the Website in a fashion customized to match your preferences, to supply information to you (if you requested it), for research and marketing purposes, and for the purposes specified in this Privacy Policy.  We may combine personally identifiable information with other actively collected information unless we specify otherwise at the point of collection.  We will also make full use of all information acquired through this Website that is not personally identifiable.

    d. Security.  Please bear in mind that no Internet transmission is ever 100% secure or error-free.  More specifically, email sent to or from this Website may not be secure.  As a result, you should take particular care in deciding what information you send via email.  Please take care to safeguard any passwords, ID numbers, or other special access numbers you might use to access any part of this Website; such information is your responsibility.  MicroVention takes reasonable steps to protect your personally identifiable information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, but does not and cannot guarantee such protection.

    e. Links to Other Websites.  Links or references to other websites may appear within this Website.  We do not control these websites.  You should be aware that this Privacy Policy does not apply to any websites other than those operated by MicroVention.  Visitors to other Websites are encouraged to read those privacy policies before exploring them.

    f. Children’s Privacy.  Children should always get permission from their parents before sending any information about themselves (such as their names, email addresses, and phone numbers) over the Internet, to us or to anyone else.  The Website is not directed at individuals under 18, and we will not knowingly allow anyone under 18 to provide us any personally identifying information; if you are under 18, please do not provide any information about yourself on this Website.

    g. How to Contact Us.  If you have any questions, comments, or concerns about this Privacy Policy or the information collection practices of this Website, please contact us.

    h. Changes to This Privacy Policy.  MicroVention reserves the right to modify, add or remove portions of this Privacy Policy at any time and in its sole and absolute discretion.  Any changes to this Privacy Policy will be posted on this Website.  Please check back periodically, and especially before you provide any personally identifiable information. This Privacy Policy was last updated on August 28, 2018.

     

    Some products and/or services that we provide require the involvement of third parties. We do not sell, rent, distribute or otherwise make Personal Data commercially available to any third party, except that we may share information within our group of companies, with our service providers and other third parties for the purposes set out in this Policy.

    We have carefully selected these service providers and taken steps to ensure that your Personal Data is adequately protected. All of our service providers are bound by written contract to process Personal Data provided to them only for the purposes of providing the specific service to us and to maintain appropriate security measures to protect your Personal Data.

     

    3. International Transfers of Personal Data

    The transfer of your Personal Data to and between the Affiliates, service providers or other recipients may involve your Personal Data being sent outside of the European Economic Area (“EEA”), to locations that may not provide the same level of protection as those within the EEA countries, including to third countries that are not covered by an adequacy decision of the European Commission, including to such countries as the United States.

    However, we may only transfer your Personal Data outside of the EEA:

    - where the transfer is to a place or by a method or in circumstances that is regarded by the European Commission as providing adequate protection for your Personal Data;
    - where we have put in place standard data protection clauses adopted by the European Commission or a relevant data protection authority; or
    - where none of the above apply but we are still legally permitted to do so, for example if the transfer is necessary for the performance of a contract concluded with you or in your interest, or for the establishment, exercise or defence of legal claims.

    You can request further details about the safeguards that we have in place in respect of transfers of Personal Data outside of the EEA and where applicable a copy of the standard data protection clauses that we have in place by contacting us at: dataprotection@microvention.com.


    4. How Long Do We Store Personal Data?

    It is our policy to retain your Personal Data for the length of time required for the specific purpose or purposes for which it was collected (e.g., for the fulfilment of an agreement with you). However, we may be obliged to store some Personal Data for a longer time, taking into account factors including:

    - legal obligation(s) under applicable law to retain data for a certain period of time (e.g. compliance with tax and accountancy requirements);
    - the establishment, exercise or defence of legal claims (e.g., for the purposes of a potential dispute).

    Whilst we continue to process your Personal Data, we will ensure that it is treated in accordance with this Data Privacy Policy. Otherwise, we securely erase or anonymise your Personal Data once it is no longer needed.

    If you would like to find out how long we keep your Personal Data for a particular purpose, you can contact us at: dataprotection@microvention.com.

     

    5. How Do We Protect Your Data?

    We acknowledge that your Personal Data may be confidential. We will maintain the confidentiality of and protect your Personal Data in accordance with our Privacy Statement and all applicable laws, including the General Data Protection Regulation 2016/679 (“GDPR”).

    We have implemented technological and operational security measures in order to protect your Personal Data from loss, misuse, or unauthorised alteration or destruction. Such measures include the use of firewalls, encryption, proper access rights management processes, careful selection of processors and other technically and commercially reasonable measures to provide appropriate protection for your Personal Data. Where appropriate, we may also make backup copies and use other such means to prevent accidental damage to or destruction of your Personal Data. These measures ensure an appropriate level of security in relation to the risks inherent in the processing and the nature of the Personal Data to be protected.

    Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure. We will notify you promptly in the event of any breach of your Personal Data that might expose you to serious risk.

     

    6. Affiliated Entities

    We may share (or receive) information about you, including personal information, with with the companies of our group which are:

    - MicroVention Europe
    - MicroVention UK
    - MicroVention Gmbh

    When such sharing of information involves transfers outside the European Union, these transfers are based on standard contractual clauses.

     

    7. Your Rights

    The following section explains your rights that you may exercise. The various rights are not absolute and each is subject to certain exceptions or qualifications in accordance with the GDPR and other generally applicable provisions of data privacy law.

    The right to be informed – you have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data. This is why we are providing you with the information in this Data Privacy Policy and in any legal notices or terms and conditions provided to you.

    The right of access – you have the right to obtain from us confirmation as to whether or not your Personal Data is being processed by us, and about certain other information (similar to that provided in this Policy) about how it is used. You also have the right to access your Personal Data, by requesting a copy of the Personal Data concerning you. This is so you are aware and can check that we are using your information in accordance with data protection law. We can refuse to provide information where to do so may reveal personal data about another person or would otherwise negatively impact another person's rights.

    The right to rectification – you can ask us to take measures to correct your Personal Data if it is inaccurate or incomplete (e.g., if we have the wrong name or address for you).

    The right to erasure – this is also known as the ‘right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your Personal Data where, for example, there is no compelling reason for us to keep using it or its use is unlawful. This is however not a general right to erasure and there are some exceptions, e.g. where we need to use the information in defence of a legal claim or to be able to comply with a legal obligation.

    The right to restrict processing – you have the right to ‘block’ or suppress the further use of your Personal Data when we are assessing a request for rectification or as an alternative to erasure. When processing is restricted, we can still store your Personal Data, but may not use it further.

    The right to data portability – you have the right to obtain and reuse certain Personal Data for your own purposes across different organisations (being separate data controllers). This only applies to your Personal Data that you have provided to us that we are processing with your consent and for the purposes of contract fulfilment, which is being processed by automated means. In such a case we will provide you with a copy of your data in a structured, commonly used and machine-readable format or (where technically feasible) we may transmit your data directly to a separate data controller.

    The right to object – you have the right to object to certain types of processing, on grounds relating to your particular situation, at any time insofar as that processing takes place for the purposes of legitimate interests pursued by MicroVention Europe, any of the Affiliates, or by a data recipient. We will be allowed to continue to process the Personal Data if we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or we need this for the establishment, exercise or defence of legal claims. If you object to the processing of your Personal Data for direct marketing purposes, we will no longer process your Personal Data for such purposes.

    The right to withdraw consent – where we process your Personal Data on the basis of your consent, you have the right to withdraw your consent at any time. However, such withdrawal does not affect the lawfulness of the processing that occurred prior to such withdrawal.

    The right to provide us with directives regarding the use of your personal information after your death (only for French people) – you have the right to provide us with instructions on the management (e.g., retention, erasure and disclosure) of your personal information after your death. You can change or revoke your instructions at any time.

    The right to lodge a complaint – if you believe that we do not comply with applicable data protection laws, you have the right to lodge a complaint before any competent data protection authority.

     

    8. How to Contact Us

    If you wish to request further information or exercise any of the above rights, or if you are unhappy with how we have handled your Personal Data, contact :

    - for European countries our : Data Protection Officer at dataprotection@microvention.com

    Before assessing your request, we may request additional information in order to identify you. If you do not provide the requested information and, as a result, we are not in a position to identify you, we may refuse to action your request.

    We will generally respond to your request within one month of receiving your request. We can extend this period by an additional two months if this is necessary taking into account the complexity and number of requests that you have submitted.

    We will not charge you for such communications or actions we take, unless:

    you request additional copies of your Personal Data undergoing processing, in which case we may charge for our reasonable administrative costs, or you submit manifestly unfounded or excessive requests, in particular because of their repetitive character, in which case we may either charge for our reasonable administrative costs or refuse to act on the request.

    If you, as european citizen, are not satisfied with our response to your complaint or believe our processing of your Personal Data does not comply with data protection law, you can file a complaint to the relevant data protection authority, the French Commission Nationale de l’Informatique et des Libertés (CNIL).