Home / Terms of Use and Privacy Policy / Masimo SafetyNet / Privacy
Last updated: January 27, 2022
Table of Contents
1. Introduction
2. What types of personal data do we collect?
3. From what sources do we collect personal data?
4. For what purposes do we use personal data?
5. To whom do we disclose, share or transfer personal data?
6. How long do we store personal data?
7. How do we protect personal data?
8. Children
9. Your Rights
10. Effect of this Privacy Notice; Changes
11. Contact Us
We, Masimo, provide this Privacy Notice to explain how we process personal data when you use the Masimo SafetyNet™ mobile application or the Masimo SafetyNet clinical portal designed to help healthcare providers to remotely manage patient’s care and conditions, and any of the data processing or storage features associated with these services (collectively, “SafetyNet”). Only patients who have been authorized by their healthcare provider to use SafetyNet may do so, and only healthcare providers who have signed up with us to use SafetyNet may authorize individual healthcare professionals they supervise to use the services. We use the term “personal data” or “personal information” to mean any information relating to an identified or identifiable natural person. This Privacy Notice also provides information about rights you may have under applicable privacy laws.
If you are located in the European Economic Area, United Kingdom, Switzerland or Turkey, “Masimo” refers to Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Wien, Austria. If you are located in other jurisdictions, “Masimo” refers to Masimo Americas, Inc. 52 Discovery, Irvine, 92618, USA.
If you reside in California, please see our California Consumer Privacy Act Privacy Policy here for additional information we are required to provide to you under California law.
If you are located in the European Economic Area, United Kingdom, Switzerland or Turkey, please refer to the corresponding Jurisdiction-Specific Disclosures further below for additional information we are required to provide to you under your local laws.
If you are located in Singapore, Hong Kong or Japan, please refer to the corresponding Jurisdiction-Specific Disclosures at the end of our Masimo Services General Privacy Notice here for additional information we are required to provide to you under your local laws.
We collect the following types of personal information about patients who use SafetyNet, which we have grouped together as follows:
We collect the following types of personal information about healthcare professionals who use SafetyNet, which we have grouped together as follows:
You are under no obligation to provide us with the data we ask you for. However, if you do not provide your personal data, you will not be able to use SafetyNet.
If you are a patient, please obtain the consent of your contacts before inputting their personal data into SafetyNet.
We refer to the above groups of personal information by their respective sub-heading (e.g., Registration Information) throughout this Privacy Notice.
If you are a patient, we collect Registration Information, Device Information, Usage Information and Third-Party Contact Information directly from you. We also collect Health Information from(i) medical devices that you connect with SafetyNet, (ii) other applications such as Apple Health and Google Fit that you connect with SafetyNet, and (iii) hospitals and other healthcare providers if you have given them your consent to transfer your personal data to us.
If you are a healthcare professional, we collect Professional Information, Device Information and Usage Information directly from you. We may also collect or verify Professional Information from or with the hospital or other healthcare provider that supervises you.
We use all of the categories of personal data we collect as necessary to:
In addition, if we take steps to enter into a reorganization, restructuring, merger, acquisition or transfer of assets (“Business Transfer”), we may also use your personal information to give effect to that Business Transfer.
Personal data of patients who use SafetyNet may be disclosed, shared or transferred to:
(i) healthcare professionals whom your healthcare provider has authorized with your consent to access and download your personal data for the purposes of managing your care and conditions. Once authorized by you, these healthcare professionals and healthcare providers will have the option to locally download and access your personal data without the use of SafetyNet; and
(ii) third parties selected by you with whom you wish to share your personal data. If you designate a contact to receive your personal data, we may disclose your personal data to that contact until you remove them as a contact in the mobile application or deactivate your SafetyNet account.
Personal data of healthcare professionals who use SafetyNet may be disclosed to the hospital or other healthcare provider that supervises you for the purposes of administering your healthcare provider’s use of SafetyNet.
Whether you are a patient or healthcare professional, your personal data may be disclosed, shared or transferred to employees and affiliated and unaffiliated processors (i.e., service providers) of Masimo that develop, operate and support SafetyNet. Masimo relies on processors in the European Economic Area, Canada, United Arab Emirates, Singapore and United States to process your personal data.
In the event of a Business Transfer, we may transfer personal information to the acquiring or surviving entity in accordance with applicable law.
In general, we store personal data only as long as necessary to fulfil the purpose for which we collected it (the “General Retention Period”), except in the following situations: (1) where applicable laws require us to retain your personal data for a legally prescribed period beyond the General Retention Period. In these cases, we will keep that personal data for the legally prescribed time period before deleting it; (2) where your personal data is relevant to potential legal claim(s) by or against us. In these cases, we will keep that personal data for as long as the legal claim(s) can be made or, if it has been made, for as long as the personal data is relevant to the resolution of the claim(s) or any appeal thereto; (3) if we are instructed by a court order, subpoena, or other legal directive to retain your personal data; and (4) we will retain your personal data for a reasonable period of time necessary for us to verify the purposes for which we collected your data no longer apply and to delete the data following such verification. If any of these exceptions apply to certain personal data, we will retain personal data for as long as the exception applies. For additional information about how long we retain your personal data specifically, please email privacy@masimo.com.
We have taken steps intended to protect the personal data we collect from loss, misuse, and unauthorized processing, including entering into data protection agreements with our service providers and encrypting personal data in transit and at rest. Please note, however, that while we have endeavored to create a secure and reliable online experience for users, the confidentiality or accuracy of any communication or material transmitted to or from us over the Internet cannot be guaranteed. It is your responsibility to safeguard the username and password that you use to access SafetyNet, and to notify us immediately at the contact information below if you ever suspect that your username or password has been compromised.
We only collect personal data about children with the consent of their parent or legal guardian. You must be at least 18 years of age to use SafetyNet. Children may only use Masimo’s hardware products on the instructions, under the supervision, and with the consent, of their healthcare providers and parent or legal guardian.
You may have rights under applicable privacy laws, which may include to access, review, modify or delete the personal data we hold about you, and to access a copy of any privacy-related consent you have given to us.
To submit a request to exercise any rights you may have under applicable privacy laws, please contact us using the contact details under “Contact Us” below and clearly describe your request. If you have rights under applicable privacy laws and your request complies with the requirements under such laws, we will give effect to your rights and respond within any mandatory timeframes as required by law.
This Privacy Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us. We may revise this Privacy Notice from time to time by making the revised document available through SafetyNet and updating the “last updated” date above. We will also obtain consent from you where required by applicable law before processing your personal information for any purpose incompatible with the purposes set forth in prior versions of this Privacy Notice.
If you have any privacy-related inquiries or concerns, please contact our privacy department at privacy@masimo.com.
Jurisdiction-Specific Disclosures - For users in the European Economic Area, the United Kingdom and Switzerland
Table of Contents
2. Who is the data controller?
3. What legal basis of processing does Masimo rely on?
4. Where is your personal data processed and on what basis do we transfer personal data across borders?
5. Your Rights.
Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Wien, Austria. You can contact its data protection officer at privacy@masimo.com. Its UK GDPR representative is Masimo Europe Limited, Matrix House, Basing View, Basingstoke - Hampshire RG21 4DZ.
For patients’ Health Information, the legal basis of processing is your express consent per Article 9(2)(a) GDPR. Health data is considered a special category of personal data. You have the right to withdraw your consent at any time. Such withdrawal does not affect the lawfulness of processing based on your consent before your withdrawal. However, after such withdrawal, we will no longer be able to provide SafetyNet. In extenuating circumstances, such as where the processing is necessary to protect the data subject’s vital interests or to establish, exercise and defend legal claims, the legal basis of processing special categories of personal data may be another legal basis set forth under Article 9(2) GDPR.
The legal basis for processing of personal data which is not Health Information are:
More information is provided below. For additional details regarding the lawful bases of processing your personal data specifically, please contact privacy@masimo.com.
Purposes of use, disclosure, sharing or transfer
Legal Basis and Legitimate Interest
To provide you with SafetyNet and manage your relationship with us.
To respond to or fulfill your requests.
To ensure the security of our services, and analyze the performance of, troubleshoot issues with our product and services.
Research and development including analysis of raw technical and hardware device data for research, development, algorithms and statistical purposes in order to improve user experience, services, usability and effectiveness, and to develop new features for both the SafetyNet product and new products.
To exercise our legal rights, defend and advance our legal interests, protect against fraudulent, harmful and illegal activity.
To comply with applicable laws such as data protection and consumer laws.
To give effect to a Business Transfer
With patients’ explicit consent, we disclose, share or transfer your personal data to the individuals and healthcare providers you have chosen in SafetyNet and who may be within or outside the European Economic Area, Switzerland or the UK.
Moreover, Masimo operates SafetyNet with the assistance of affiliated and unaffiliated service providers in the European Economic Area (Frankfurt, Paris and Dublin) and outside the European Economic Area from time to time, if it is necessary for example for troubleshooting, research and development of improvements, new features, products and services, in the United States or Switzerland. In France, we use a HDS certified (Health Data Host) hosting service.
We only transfer your personal data to countries where the European Commission, Switzerland or the UK (as applicable) has decided that they have an adequate level of data protection or we take measures to ensure that all recipients provide an adequate level of data protection. We do this for example by entering into appropriate data transfer agreements based on Standard Contractual Clauses and performing data protection assessments of data transfer arrangements as appropriate. Data transfer agreements are accessible upon request by contacting us at the details shown further above.
Please see the subsection entitled “Your Rights” under the section entitled “IF YOU ARE IN THE EUROPEAN ECONOMIC AREA (EEA), THE UNITED KINGDOM (UK) AND SWITZERLAND” in our Masimo Services General Privacy Notice here.
Jurisdiction-Specific Disclosures - For users in Turkey
Table of Contents
2. Who is the data controller?
3. What legal basis of processing does Masimo rely on?
4. Where is your personal data processed and on what basis do we transfer personal data across borders?
5. Your Rights.
Turkey’s Law No. 6698 on Protection of Personal Data (the “KVKK”). If we use a term that the KVKK defines in this section for users in Turkey, the term has the same meaning as under the KVKK.
Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Wien, Austria. You can contact its data protection officer at privacy@masimo.com.
For patients’ Health Information, the legal basis of processing is your express consent per Article 6 of the KVKK. Health data is considered a special category of personal data. You have the right to withdraw your consent at any time. Such withdrawal does not affect the lawfulness of processing based on your consent before your withdrawal. However, after such withdrawal, we will no longer be able to provide SafetyNet. In extenuating circumstances, such as where the processing is necessary to protect the data subject’s vital interests or to establish, exercise and defend legal claims, the legal basis of processing special categories of personal data may be another legal basis set forth under Article 6(3) KVKK.
The legal bases for processing of personal data which is not Health Information are:
More information is provided below. For additional details regarding the lawful basis of processing your personal data specifically, please contact privacy@masimo.com.
Purposes of use, disclosure, sharing or transfer
Legal Basis and Legitimate Interest
To provide you with SafetyNet and manage your relationship with us.
To respond to or fulfill your requests.
To ensure the security of our services, and analyze the performance of, troubleshoot issues with our product and services.
Research and development including analysis of raw technical and hardware device data for research, development, algorithms and statistical purposes in order to improve user experience, services, usability and effectiveness, and to develop new features for both the SafetyNet product and new products.
To exercise our legal rights, defend and advance our legal interests, protect against fraudulent, harmful and illegal activity.
To comply with applicable laws such as data protection and consumer laws.
To give effect to a Business Transfer
With patients’ explicit consent, we transfer your personal data to the individuals and healthcare providers you have chosen in SafetyNet and who may be within or outside Turkey. Moreover, Masimo operates SafetyNet with the assistance of affiliated and unaffiliated service providers in the European Economic Area (Frankfurt, Paris and Dublin) and outside the European Economic Area from time to time, if it is necessary for example for troubleshooting, research and development of improvements, new features, products and services, in the United States or Switzerland. We take measures to ensure that service providers provide an adequate level of data protection by entering into appropriate data transfer agreements.
Please see the subsection entitled “Your Rights” under the section entitled “IF YOU ARE IN TURKEY” in our Masimo Services General Privacy Notice here.
PLCO-005649/PLMM-12193A-0122