This Privacy Statement was last updated on 18 July 2023.
The mission of Embecta Corp. and its affiliates and subsidiaries (‘embecta’ or ‘we’) is to develop and provide solutions that make life better for people living with diabetes. In doing so, we collect, use, share and otherwise process individually identifiable data about individuals who engage with us or our Sites (defined below), customers, business contacts, healthcare professionals, patients, individual end-users, business partners and other external parties with whom we interact (‘Personal Data’). embecta takes data privacy seriously, and we believe that carrying out our business activities in compliance with applicable privacy and data protection laws is fundamental to our business success.
We collect names, contact details and other Personal Data related to our commercial relationships.
We use Personal Data to provide our products and services and respond to enquiries, to manage accounts and maintain business operations, to provide relevant marketing and to fulfil other business and compliance purposes.
We share Personal Data as necessary to provide our products and services and respond to requests, and to fulfil other business and compliance purposes.
4. Marketing choices
You have control over how we use your Personal Data for direct marketing.
6. Data-subject rights
Certain laws, like the EU’s General Data Protection Regulation (‘GDPR’), provide for certain rights like the right to request access, rectification/correction, deletion or other actions regarding individuals’ Personal Data.
7. Data security
We maintain technical and organisational measures with the intention of protecting Personal Data from loss, misuse, alteration or unintentional destruction.
8. Cross-border data transfers
We provide appropriate protections for cross-border transfers of personal data where specified by law.
9. Notice to California consumers
California, USA consumers may have additional rights with respect to their Personal Data under the California Consumer Privacy Act of 2018 (‘CCPA’) and California Public Records Act (‘CPRA’).
10. Other issues
We provide other information in this Privacy Statement about: (i) the legal basis for collecting and processing Personal Data, (ii) the consequences for not providing Personal Data, (iii) automated decision-making, (iv) do-not-track (DNT) signals, (v) data retention, (vi) employee and contractor issues and (vii) changes to this Privacy Statement.
11. Contact us
Please contact us as detailed below with any questions.
We may collect, use, share and otherwise process the following categories of Personal Data about you that have been obtained either directly from you, from third parties (e.g. your employer or the healthcare institution you work for) or automatically through your use of Sites:
We require the above categories of Personal Data for the following purposes:
Purpose of use
Categories of Personal Data
Delivering products and services, including
Identification data; product data; communication details; health-related information; registration and account details; automated data for the DC App only
Providing customer service and engaging in
Identification data; product data; communication details; health-related information; registration and account details; automated data for the DC App only
Marketing and customer relationship
Identification data; professional data; product data; communication details; health-related information
Product/service development and improvement of quality and functionality of products and service
Product data; registration and account details; automated data for the DC App only
Training records of clinical and other staff
Identification data; professional data; training data; health-related information
Security and fraud prevention activities
Identification data; professional data; communication details; product data; financial or payment data; registration and account details; automated data for the DC App only
Complying with legal obligations or
Identification data; professional data; product data; communication details; financial or payment data; registration and account details; health-related information; automated data for the DC App only
We share with or disclose Personal Data to the following categories of recipients for the following purposes:
You have control regarding our use of your Personal Data for directing marketing. If you no longer wish to receive any marketing communications, remain on a mailing list to which you previously subscribed or receive any other marketing communication for which you have previously provided your consent, you can choose to not receive such communications at any time. Please follow the unsubscribe link in the relevant email, reply ‘STOP’ to the relevant SMS or contact us as detailed below to stop receiving email marketing or SMS campaigns. Please opt-out of unnecessary cookies on this page to prevent your Personal Data from being used in embecta’s online direct marketing.
What are cookies?
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Cookies are small amounts of data that are stored on your browser, device, communication or the page you are viewing. = Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognised when you return to a website. More information about cookies and how they work is available at Cookiepedia.
Cookies on our Site are generally divided into the following categories:
What are your options if you do not want cookies on your computer?
With the exception of Strictly Necessary Cookies, you are free to decide which of the above-described categories of cookies you would like to permit on your browser by clicking the Cookies Options link in the website footer of our Sites. Please note that depending on the settings you choose, the full functionality of our Sites may no longer be available. Additionally, you can review your Internet browser settings, typically under the sections 'Help' or 'Internet Options', to exercise browser-based choices that you may have for certain cookies.
If you disable or delete certain cookies in your Internet browser settings, you might not be able to access or use important functions or features of the Sites, and you may be required to re-enter your log-in details. For more information on the practical implications of changing cookie settings, you can consult this external page: https://www.allaboutcookies.org.
Where required by applicable law (such as GDPR or CCPA(CPRA)), you may have the right to obtain confirmation that we maintain certain Personal Data relating to you and the corresponding processing activities, to verify its content, origin and accuracy, as well as the right to access, review, rectify or correct, port, delete or anonymise, or to block or withdraw consent to the processing of certain Personal Data (without affecting the lawfulness of processing based on consent before its withdrawal), by contacting us as outlined below. You may also have the right to request information about third parties with whom we have shared your Personal Data, request that we not share data with third parties, as well as the right to request review of decisions based solely on automated data processing.
In particular, you have the right to object to our use of Personal Data for direct marketing and in certain other situations at any time. Contact us below for more details. Please note that we need to retain certain Personal Data as required or permitted by applicable law. In some instances, we must be able to verify your identity using information which we currently have on record to process your data rights requests.
You may also have the right to lodge a complaint with the relevant data protection supervisory authority or regulatory body.
We takes reasonable steps to protect any Personal Data you provide to us from loss, misuse and unauthorised access, disclosure, alteration or destruction. Unless otherwise stated on the relevant page of a Site or through an embecta partner mobile application, embecta uses general security standards but has not taken additional action to secure data provided to its Sites or from its applications or from an embecta partner, and such transmissions are subject to normal Internet security risks. No Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from this Site may not be secure, and you should therefore take special care in deciding what information you send to us or to our partners. Please keep this in mind when disclosing any Personal Data to embecta or to any other party via the Internet. Moreover, when you use passwords, ID numbers or other special access features on a Site, it is your responsibility to safeguard them.
Where permitted by applicable law, we transfer Personal Data to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers. With respect to transfers originating from the European Economic Area (‘EEA’), we implement standard contractual clauses approved by the European Commission, and other appropriate solutions to address cross-border transfers as required by applicable law. Where required by such laws, you may request a copy of the suitable mechanisms that we have in place by contacting us as detailed below.
CA Personal Information. If you reside in California, we are required to provide additional information to you about how we use and disclose your Personal Data, and you may have additional rights with regard to how we use your Personal Data. We have included this California-specific information below.
Consistent with the ‘What Personal Data Do We Collect’ section above, we collect certain categories and specific pieces of information about individuals as defined by Californian law. This includes:
Sources. We collect Personal Data either directly from you and other third parties, including:
Consumer Rights. Subject to certain exceptions, in many jurisdictions such as the European Economic Area and California, you have the right to: (i) request access to your Personal Data; (ii) request deletion or correction of your Personal Data, (iii) request information about the Personal Data that we have disclosed and/or ‘sold’ (as such term is defined under California law) to third parties, and (iv) to limit certain uses and disclosures of sensitive information. Should you wish to request the exercise of your rights, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon this request. Please contact us as detailed below for more information or with any questions. You also have the option of designating an authorised agent to exercise your rights on your behalf. For authorised agents submitting requests, please contact us as described below, with any evidence you have that you have been authorised by a consumer to submit a request on their behalf.
Selling Information. We do not receive payment for any Personal Data. However, some laws define ‘sale’ broadly to include the sharing of Personal Data in exchange for anything of value. If you allow Analytics/Performance or Targeting cookies, the resulting sharing of information may be considered a ‘sale’ of Personal Data under specific laws. If you would like to opt-out of the sale of your Personal Data you can opt-out of Analytics/Performance or Targeting cookies on our Sites or write to us directly.
(i) What is the legal basis of processing?
Some jurisdictions require an explanation of the legal basis for the collection and processing of Personal Data. We have several different legal grounds on which we collect and process Personal Data, including, without limitation: (a) as necessary to perform a transaction or contractual obligation (such as in order to provide the products and services you requested); (b) as necessary to comply with a legal obligation (such as when we use Personal Data for record keeping to substantiate tax liability); (c) consent (where you have provided consent as appropriate under applicable law, such as for direct marketing or certain cookies); and (d) necessary for legitimate interests (such as when we act to maintain our business generally, including maintaining the safety and security of the Site).
(ii) What are the consequences of not providing Personal Data?
You are not required to provide all Personal Data identified in this Privacy Statement to use our Site or to interact with us offline, but certain functionality will not be available if you do not provide certain Personal Data. If you do not provide certain Personal Data, we may not be able to respond to your request, perform a transaction with you or provide you with marketing that we believe you would find valuable.
(iii) Do we engage in automated decision-making without human intervention?
We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
(iv) Does the Site honour Do Not Track (‘DNT’) signals sent via browsers?
Given the divergent practices of organisations that offer browsers and the lack of a standard in the marketplace, we do not respond to DNT signals at this time.
(v) Children’s Privacy
Our Sites are not directed at individuals under the age of 16. Without permission from a parent or legal guardian, we do not knowingly collect Personal Information directly from individuals under the age of 13. If we learn that we have collected Personal Information of individuals under the age of 13 through our website, we will take appropriate steps to address this matter.
(vi) How long do we retain Personal Data?
We typically retain Personal Data related to marketing activities for as long as you accept marketing communications from us, and upon request we will securely delete such data in accordance with applicable law. For Personal Data that we collect and process for other purposes described above, we typically retain such Personal Data for no longer than for the period necessary to fulfil the purposes outlined in this Privacy Statement and as otherwise needed to address tax, corporate, compliance, litigation and other legal rights and obligations.
(vii) Do we process ‘Sensitive Information’?
There are several definitions of Sensitive Information. Some categories of Personal Data which we process which can fall into the category of Sensitive Information including data like geolocation, and health data. In some jurisdictions, like California, you may have the right to opt-out of certain processing or sharing of Sensitive Information. Please contact us at email@example.com to exercise that right.
(viii) Japanese users
(ix) How will we handle any changes to this Privacy Statement?
We may update this Privacy Statement from time to time as our services and privacy practices change, or as required by law. The effective date of our Privacy Statement is posted above, and we encourage you to visit our Sites periodically to stay informed about our privacy practices. We will post the updated version of the Privacy Statement on our Site and ask for your consent to the changes if legally required.