This Privacy Notice informs you of important information about how Hologic, Inc. and our family of companies (together, “Hologic” “we” or “our”) process the personal data that we collect when using the Website GETTING SOME? GET TESTED.
Hologic is comprised of Hologic, Inc. and its group of subsidiary companies which are different legal entities. These Disclosures are issued on behalf of this group of entities so when we mention ”Hologic”, “we”, “us” or “our” in this Privacy Notice, we are referring to the relevant company in the group responsible for processing your data. The controller for your data will be identified when you purchase a product or service or interact with us.
The data controller responsible for this website is Hologic Inc. https://www.hologic.com/about.
Our General Data Privacy Statement of the Hologic Group you can find here https://www.hologic.com/privacy-policy.
When we use the term “Services” we mean to refer collectively to:
- The provision of medical technology and related services to our customers including technical support (“Customer Services”);
- The websites owned and controlled by us that link to this Privacy Notice (“Sites”); and
- Interactions with prospective customers and marketing and business development activities, including events we host, social media properties we operate, and emails that we send (“Marketing Activities”).
When we use the term “personal data” we mean data that reasonably can be used to identify a person, or that reasonably relates to a person.
How we collect and use personal data
Additional uses of personal data
How we share and disclose personal data
Transfers of Information across Borders
Data Subject Rights
Links to other sites
Updates to this Privacy Notice
How to Contact Us
How we collect and use personal data
We collect and process personal data about a number of different individuals through the provision of the Services. These individuals include our customers, prospective customers and others who may be interested in our products and services, visitors to our offices, visitors to our Sites, vendors, and other individuals.
Social media platforms: Social media channels, pages and blogs offered as a service to users of the Services (“Social Media”) are hosted by third-party vendors. Those vendors normally require registrants to provide personal data, including name and email address among other kinds of information. This personal data is not collected by us, but may be shared with us. We use this personal data to manage our online communities and for other purposes set forth in this Privacy Notice.
- Use of Google Analytics
Our Site uses Google Analytics, operated by Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
For further information to Google and Data Privacy see https://policies.google.com/privacy?hl=en&gl=en
- Use of Facebook
Our Site has integrated components of the enterprise Facebook. Facebook is a social network.
A social network is a place for social meetings on the Internet, an online community, which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences, or enable the Internet community to provide personal or business-related information. Facebook allows social network users to include the creation of private profiles, upload photos, and network through friend requests.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
With each call-up to one of the individual pages of this Internet website, which is operated by the controller and into which a Facebook component (Facebook plug-ins) was integrated, the web browser on the information technology system of the data subject is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this technical procedure, Facebook is made aware of what specific sub-site of our website was visited by the data subject.
If the data subject is logged in at the same time on Facebook, Facebook detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-site of our Internet page was visited by the data subject. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated into our website, e.g. the “Like” button, or if the data subject submits a comment, then Facebook matches this information with the personal Facebook user account of the data subject and stores the personal data.
Facebook always receives, through the Facebook component, information about a visit to our website by the data subject, whenever the data subject is logged in at the same time on Facebook during the time of the call-up to our website. This occurs regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the data subject, then he or she may prevent this by logging off from their Facebook account before a call-up to our website is made.
The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by the data subject to eliminate a data transmission to Facebook.
- Use of Twitter
On this Site, we have integrated components of Twitter. Twitter is a multilingual, publicly-accessible microblogging service on which users may publish and spread so-called ‘tweets,’ e.g. short messages, which are limited to 280 characters. These short messages are available for everyone, including those who are not logged on to Twitter. The tweets are also displayed to so-called followers of the respective user. Followers are other Twitter users who follow a user’s tweets. Furthermore, Twitter allows you to address a wide audience via hashtags, links or retweets.
The operating company of Twitter is Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07, Ireland.
With each call-up to one of the individual pages of this Site and on which a Twitter component (Twitter button) was integrated, the internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Twitter component of Twitter. Further information about the Twitter buttons is available under https://about.twitter.com/de/resources/buttons. During the course of this technical procedure, Twitter gains knowledge of what specific sub-page of our Site was visited by the data subject. The purpose of the integration of the Twitter component is a retransmission of the contents of this Site to allow our users to introduce this web page to the digital world and increase our visitor numbers.
If the data subject is logged in at the same time on Twitter, Twitter detects with every call-up to our Site by the data subject and for the entire duration of their stay on our Internet site which specific sub-page of our Internet page was visited by the data subject. This information is collected through the Twitter component and associated with the respective Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated on our Site, then Twitter assigns this information to the personal Twitter user account of the data subject and stores the personal data.
Twitter receives information via the Twitter component that the data subject has visited our Site, provided that the data subject is logged in on Twitter at the time of the call-up to our Site. This occurs regardless of whether the person clicks on the Twitter component or not. If such a transmission of information to Twitter is not desirable for the data subject, then he or she may prevent this by logging off from their Twitter account before a call-up to our website is made.
The applicable data protection provisions of Twitter may be accessed under https://twitter.com/privacy?lang=en.
Additional uses of personal data
In addition to the uses described above, we may use your personal data for the following purposes. Some of these uses may, under certain circumstances, be based on your consent, may be necessary to fulfill our contractual commitments to you, are necessary to serve our legitimate interests in the following business operations, or to comply with our legal obligations:
- Operating our business, administering the Services and managing your accounts;
- Contacting you to respond to your requests or inquiries;
- Providing you with newsletters, articles, alerts and announcements, event invitations, and other information that we believe may be of interest to you;
- Providing you with marketing information, and other information that is tailored to your interests;
- Conducting research, surveys, and similar inquiries to help us understand trends and customer needs;
- Analyzing your interactions with us, and improving our products, services, programs, and other offerings;
- Preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Information, our website or data systems; or to meet legal obligations; and
How we share and disclose personal data
We share personal data with the following categories of recipients.
Service Providers: We may disclose your personal data to third-party service providers to provide us with services such as website hosting, professional services, including information technology services and related infrastructure, customer service, e-mail delivery, auditing and other similar services.
Affiliates: We may disclose personal data to our affiliates for the purposes described in this Privacy Notice, including for their marketing purposes, and to be consistent with our goal of providing our the superior customer service and engagement experience that our customers have come to expect from us around the world.
Authorized Distributors: In some regions, we sell our products through distributors rather than directly to buyers. In these regions, we may disclose personal data in order to provide the Services, complete transactions, address product deliver and warranties.
To Perform Customer Services: We may disclose personal data to third parties in order to perform services you request or functions you initiate, such as when you post information and materials on message boards and forums.
Corporate Transactions or Events: We may disclose your information to a third party in connection with a corporate reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or capital, including in connection with any bankruptcy or similar proceedings.
Other Legal Reasons: In addition, we may use or disclose your personal data as we deem necessary or appropriate: (1) under applicable law, including laws outside your country of residence; (2) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (3) to comply with subpoenas and other legal processes; (4) to pursue available remedies or limit damages we may sustain; (5) to protect our operations or those of any of our affiliates; (6) to protect the rights, privacy, safety or property of Hologic, our affiliates, you and others; and (7) to enforce our terms and conditions.
We retain personal data pursuant to our records retention program, for as long as is necessary for the purposes set out in the Hologic Privacy Notice, unless a longer period is required under applicable law or is needed to resolve disputes or protect our legal rights, in accordance with the principles set forth in Article 5(1) of the GDPR.
The criteria used to determine the period for which personal data about you will be stored varies depending on the legal basis under which we process such personal data:
|For a reasonable period of time based on the particular interest, taking into account the fundamental interests and the rights and freedoms of the data subjects.|
|Contractual Necessity||For the duration of the contract plus some additional limited period of time that is necessary to comply with law or that represents the limitation period for legal claims that could arise from the contractual relationship.
|For the duration of time we are legally obligated to keep the information.|
|Consent||For the period of time necessary to fulfill the underlying agreement with you, subject to your right, under certain circumstances, to have certain personal data about you erased (see Data Subject Rights below).
We may face any threat of legal claim and in that case, we may need to apply a “legal hold” that retains information beyond our typical retention period. In that case, we will retain the information until the hold is removed, which typically means the claim or threat of claim has been resolved.
Transfers of information across borders
Any information that you provide to us is stored and processed in, and transferred between, any of the countries in which Hologic and its agents, contractors and affiliated organizations have offices, in order to enable Hologic to use that information as set out in this Privacy Notice.
Not all of these countries have data protection laws equivalent to those in force in the EEA. In order to ensure the protection of your personal data outside of the EEA we have put in place or ensured at least one of the following safeguards:
- European Commission approved Standard Contractual Clauses between each of the Hologic entities processing personal data within the scope of the GDPR.
- Transfer of personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use data processors based in the US, we use, when appropriate and applicable, processors that are certified under the Privacy Shield framework, which requires them to provide similar protection to personal data shared between the EEA and the US.
We seek to use reasonable organizational, technical and administrative measures to protect personal data within Hologic. Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
Data Subject Rights
Individuals whose personal data we process subject to the GDPR have certain rights as required by law, including the right of access, erasure and data portability, as well as the right to rectification, to restrict processing, to withdraw consent, and to object to processing as follows.
Access: Individuals have the right to know if we are processing personal data about them and, if so, to access and obtain a copy of personal data about them, as well as information relating to the processing of that data.
Rectification: Individuals have the right to have us correct or update any personal data about them that is inaccurate or incomplete without undue delay.
Restriction: Individuals have the right to restrict or limit the ways in which we process personal data about them where the accuracy of the personal data is contested by them, where data has been obtained by us unlawfully, where the individual has objected to our processing of the data (see right of objection below) and we are considering whether to cease processing, or where we no longer need to process the personal data.
Objection: Individuals have the right to object to our processing of their personal data where we are relying on legitimate interests as our legal basis and their rights override our legitimate interests in processing their personal data. Individuals also have the right to object to our processing of their personal data for direct marketing purposes.
Withdrawal of Consent: Where we rely on consent as the basis for processing personal data, individuals have the right to withdraw their consent.
Erasure: Individuals have the right to request deletion or erasure of their personal data in a number of circumstances where required by law. These include where we no longer require the personal data for the purposes for which it was collected, the individual has withdrawn consent, or where we are relying on legitimate interests as a legal basis and the individual’s rights override our legitimate interests.
Portability: Individuals have the right to obtain a copy of the personal data we hold about you in a structured machine-readable format and to have it transmitted to another controller. This right only occurs where we are relying on your consent or performance of a contract as our legal basis and the processing is carried out automatically.
Make a Complaint: Individuals also have the right to make a complaint about our personal data handling practices to their local Supervisory Authority (https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080)
Links to Other Sites
Updates to this Privacy Notice
Although most changes are likely to be minor, Hologic may change its Privacy Notice from time to time, and at Hologic’s sole discretion. Hologic encourages visitors to frequently check this page for any changes to its Privacy Notice.
How to contact us
To assert one of your legal rights described in these Disclosures, or if you have questions about these Disclosures or our data handling practices, please email firstname.lastname@example.org or write to:
Hologic Ltd. Heron House, Oaks Business Park, Crewe Road, Wythenshawe, Manchester, M23 9HZ, UK.