Privacy Statement
This Privacy Statement was last updated on 18 July 2023.
The mission of Embecta Corp. and its affiliates and subsidiaries (‘embecta’ or ‘we’) is to develop and provide solutions that make life better for people living with diabetes. In doing so, we collect, use, share and otherwise process individually identifiable data about individuals who engage with us or our Sites (defined below), customers, business contacts, healthcare professionals, patients, individual end-users, business partners and other external parties with whom we interact (‘Personal Data’). embecta takes data privacy seriously, and we believe that carrying out our business activities in compliance with applicable privacy and data protection laws is fundamental to our business success.
This external Privacy and Cookies statement (‘Privacy Statement’) describes our practices in connection with Personal Data that we or our service providers collect and process through our interactions with individuals, websites, partner websites, applications and other sources (such as embecta partner websites, applications and/or in-person interactions) as part of embecta’s services (collectively, the ‘Sites’). Additional terms may apply when you access specific services in some areas of this website, through mobile applications, when you provide us Personal Data directly or when you click on links that navigate away from Sites. Any data provided in connection with this Privacy Statement or processed in connection with your engagement with the Sites that reference this Privacy Statement are subject to this Privacy Statement and, where applicable, the Terms of Use of the Site.
1. Collection | We collect names, contact details and other Personal Data related to our commercial relationships. |
2. Use | We use Personal Data to provide our products and services and respond to enquiries, to manage accounts and maintain business operations, to provide relevant marketing and to fulfil other business and compliance purposes. |
3. Sharing | We share Personal Data as necessary to provide our products and services and respond to requests, and to fulfil other business and compliance purposes. |
4. Marketing choices | You have control over how we use your Personal Data for direct marketing. |
5. Cookies | We use cookies and tracking technology on our Site and in our communications and provide choices on use of cookies and tracking technology, including third-party targeting and advertising. |
6. Data-subject rights | Certain laws, like the EU’s General Data Protection Regulation (‘GDPR’), provide for certain rights like the right to request access, rectification/correction, deletion or other actions regarding individuals’ Personal Data. |
7. Data security | We maintain technical and organisational measures with the intention of protecting Personal Data from loss, misuse, alteration or unintentional destruction. |
8. Cross-border data transfers | We provide appropriate protections for cross-border transfers of personal data where specified by law. |
9. Notice to California consumers | California, USA consumers may have additional rights with respect to their Personal Data under the California Consumer Privacy Act of 2018 (‘CCPA’) and California Public Records Act (‘CPRA’). |
10. Other issues | We provide other information in this Privacy Statement about: (i) the legal basis for collecting and processing Personal Data, (ii) the consequences for not providing Personal Data, (iii) automated decision-making, (iv) do-not-track (DNT) signals, (v) data retention, (vi) employee and contractor issues and (vii) changes to this Privacy Statement. |
11. Contact us | Please contact us as detailed below with any questions. |
We may collect, use, share and otherwise process the following categories of Personal Data about you that have been obtained either directly from you, from third parties (e.g. your employer or the healthcare institution you work for) or automatically through your use of Sites:
We require the above categories of Personal Data for the following purposes:
Purpose of use | Categories of Personal Data |
Delivering products and services, including | Identification data; product data; communication details; health-related information; registration and account details; automated data for the DC App only |
Providing customer service and engaging in | Identification data; product data; communication details; health-related information; registration and account details; automated data for the DC App only |
Marketing and customer relationship | Identification data; professional data; product data; communication details; health-related information |
Product/service development and improvement of quality and functionality of products and service | Product data; registration and account details; automated data for the DC App only |
Training records of clinical and other staff | Identification data; professional data; training data; health-related information |
Security and fraud prevention activities | Identification data; professional data; communication details; product data; financial or payment data; registration and account details; automated data for the DC App only |
Complying with legal obligations or | Identification data; professional data; product data; communication details; financial or payment data; registration and account details; health-related information; automated data for the DC App only |
We share with or disclose Personal Data to the following categories of recipients for the following purposes:
You have control regarding our use of your Personal Data for directing marketing. If you no longer wish to receive any marketing communications, remain on a mailing list to which you previously subscribed or receive any other marketing communication for which you have previously provided your consent, you can choose to not receive such communications at any time. Please follow the unsubscribe link in the relevant email, reply ‘STOP’ to the relevant SMS or contact us as detailed below to stop receiving email marketing or SMS campaigns. Please opt-out of unnecessary cookies on this page to prevent your Personal Data from being used in embecta’s online direct marketing.
We use and allow certain trusted partners to use cookies, web beacons and similar tracking technologies (collectively, ‘cookies’) on our Site.
What are cookies?
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Cookies are small amounts of data that are stored on your browser, device, communication or the page you are viewing. = Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognised when you return to a website. More information about cookies and how they work is available at Cookiepedia.
How do we use cookies?
Cookies are used to provide and enhance Sites, products and services, gather information about your usage patterns when you navigate the Sites in order to enhance your personalised experience and to understand usage patterns to improve our Sites, products and services. We also use cookies to provide targeted advertising in some instances and allow certain trusted partner’s cookies on our Sites in order to collect information about your online activities on our Sites over time and across different websites that you visit. This information is used to provide advertising tailored to your interests on websites that you visit, also known as interest-based advertising, and to analyse the effectiveness of such advertising.
Cookies on our Site are generally divided into the following categories:
What are your options if you do not want cookies on your computer?
With the exception of Strictly Necessary Cookies, you are free to decide which of the above-described categories of cookies you would like to permit on your browser by clicking the Cookies Options link in the website footer of our Sites. Please note that depending on the settings you choose, the full functionality of our Sites may no longer be available. Additionally, you can review your Internet browser settings, typically under the sections 'Help' or 'Internet Options', to exercise browser-based choices that you may have for certain cookies.
If you disable or delete certain cookies in your Internet browser settings, you might not be able to access or use important functions or features of the Sites, and you may be required to re-enter your log-in details. For more information on the practical implications of changing cookie settings, you can consult this external page: https://www.allaboutcookies.org.
Where required by applicable law (such as GDPR or CCPA(CPRA)), you may have the right to obtain confirmation that we maintain certain Personal Data relating to you and the corresponding processing activities, to verify its content, origin and accuracy, as well as the right to access, review, rectify or correct, port, delete or anonymise, or to block or withdraw consent to the processing of certain Personal Data (without affecting the lawfulness of processing based on consent before its withdrawal), by contacting us as outlined below. You may also have the right to request information about third parties with whom we have shared your Personal Data, request that we not share data with third parties, as well as the right to request review of decisions based solely on automated data processing.
In particular, you have the right to object to our use of Personal Data for direct marketing and in certain other situations at any time. Contact us below for more details. Please note that we need to retain certain Personal Data as required or permitted by applicable law. In some instances, we must be able to verify your identity using information which we currently have on record to process your data rights requests.
You may also have the right to lodge a complaint with the relevant data protection supervisory authority or regulatory body.
We takes reasonable steps to protect any Personal Data you provide to us from loss, misuse and unauthorised access, disclosure, alteration or destruction. Unless otherwise stated on the relevant page of a Site or through an embecta partner mobile application, embecta uses general security standards but has not taken additional action to secure data provided to its Sites or from its applications or from an embecta partner, and such transmissions are subject to normal Internet security risks. No Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from this Site may not be secure, and you should therefore take special care in deciding what information you send to us or to our partners. Please keep this in mind when disclosing any Personal Data to embecta or to any other party via the Internet. Moreover, when you use passwords, ID numbers or other special access features on a Site, it is your responsibility to safeguard them.
Where permitted by applicable law, we transfer Personal Data to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers. With respect to transfers originating from the European Economic Area (‘EEA’), we implement standard contractual clauses approved by the European Commission, and other appropriate solutions to address cross-border transfers as required by applicable law. Where required by such laws, you may request a copy of the suitable mechanisms that we have in place by contacting us as detailed below.
CA Personal Information. If you reside in California, we are required to provide additional information to you about how we use and disclose your Personal Data, and you may have additional rights with regard to how we use your Personal Data. We have included this California-specific information below.
Consistent with the ‘What Personal Data Do We Collect’ section above, we collect certain categories and specific pieces of information about individuals as defined by Californian law. This includes:
Sources. We collect Personal Data either directly from you and other third parties, including:
Consumer Rights. Subject to certain exceptions, in many jurisdictions such as the European Economic Area and California, you have the right to: (i) request access to your Personal Data; (ii) request deletion or correction of your Personal Data, (iii) request information about the Personal Data that we have disclosed and/or ‘sold’ (as such term is defined under California law) to third parties, and (iv) to limit certain uses and disclosures of sensitive information. Should you wish to request the exercise of your rights, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon this request. Please contact us as detailed below for more information or with any questions. You also have the option of designating an authorised agent to exercise your rights on your behalf. For authorised agents submitting requests, please contact us as described below, with any evidence you have that you have been authorised by a consumer to submit a request on their behalf.
Selling Information. We do not receive payment for any Personal Data. However, some laws define ‘sale’ broadly to include the sharing of Personal Data in exchange for anything of value. If you allow Analytics/Performance or Targeting cookies, the resulting sharing of information may be considered a ‘sale’ of Personal Data under specific laws. If you would like to opt-out of the sale of your Personal Data you can opt-out of Analytics/Performance or Targeting cookies on our Sites or write to us directly.
(i) What is the legal basis of processing?
Some jurisdictions require an explanation of the legal basis for the collection and processing of Personal Data. We have several different legal grounds on which we collect and process Personal Data, including, without limitation: (a) as necessary to perform a transaction or contractual obligation (such as in order to provide the products and services you requested); (b) as necessary to comply with a legal obligation (such as when we use Personal Data for record keeping to substantiate tax liability); (c) consent (where you have provided consent as appropriate under applicable law, such as for direct marketing or certain cookies); and (d) necessary for legitimate interests (such as when we act to maintain our business generally, including maintaining the safety and security of the Site).
(ii) What are the consequences of not providing Personal Data?
You are not required to provide all Personal Data identified in this Privacy Statement to use our Site or to interact with us offline, but certain functionality will not be available if you do not provide certain Personal Data. If you do not provide certain Personal Data, we may not be able to respond to your request, perform a transaction with you or provide you with marketing that we believe you would find valuable.
(iii) Do we engage in automated decision-making without human intervention?
We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
(iv) Does the Site honour Do Not Track (‘DNT’) signals sent via browsers?
Given the divergent practices of organisations that offer browsers and the lack of a standard in the marketplace, we do not respond to DNT signals at this time.
(v) Children’s Privacy
Our Sites are not directed at individuals under the age of 16. Without permission from a parent or legal guardian, we do not knowingly collect Personal Information directly from individuals under the age of 13. If we learn that we have collected Personal Information of individuals under the age of 13 through our website, we will take appropriate steps to address this matter.
(vi) How long do we retain Personal Data?
We typically retain Personal Data related to marketing activities for as long as you accept marketing communications from us, and upon request we will securely delete such data in accordance with applicable law. For Personal Data that we collect and process for other purposes described above, we typically retain such Personal Data for no longer than for the period necessary to fulfil the purposes outlined in this Privacy Statement and as otherwise needed to address tax, corporate, compliance, litigation and other legal rights and obligations.
(vii) Do we process ‘Sensitive Information’?
There are several definitions of Sensitive Information. Some categories of Personal Data which we process which can fall into the category of Sensitive Information including data like geolocation, and health data. In some jurisdictions, like California, you may have the right to opt-out of certain processing or sharing of Sensitive Information. Please contact us at privacy-embecta@embecta.com to exercise that right.
(viii) Japanese users
If you are reading this Privacy Statement and reside in Japan, we jointly use Personal Data in the medical database (MDB) managed and operated by Nihon Ultmarc, Inc. with specific companies. For the items of Personal Data to be jointly used, the scope of the joint users, the purpose of use by the users, and the person responsible for the management of personal data, please refer to the website of Nihon Ultmarc, Inc. (https://www. Ultmarc.co.jp/privacy/shared_use/index.html). Our Privacy Statement does not apply to the linked sites. If you wish to continue, please click the privacy policy at the linked site.
(ix) How will we handle any changes to this Privacy Statement?
We may update this Privacy Statement from time to time as our services and privacy practices change, or as required by law. The effective date of our Privacy Statement is posted above, and we encourage you to visit our Sites periodically to stay informed about our privacy practices. We will post the updated version of the Privacy Statement on our Site and ask for your consent to the changes if legally required.
If you have questions or comments regarding this Privacy Statement or our privacy practices, please contact us at:
Embecta Corp.
300 Kimball Drive, Suite 300
Parsippany, NJ 07054
Attention: Privacy Office
privacy-embecta@embecta.com