In addition to this PPTOU, each of the Mobile Apps and Software are subject to additional terms and conditions found in an End-User License Agreement (EULA).
Effective Date: August 2016 Last Updated: May 17, 2018
Welcome to Senseonics.com and its affiliated websites (including global.eversensediabetes.com and eversensediabetes.com) which are owned and operated by Senseonics, Incorporated ("Senseonics", "us" or "we"). At Senseonics®, we seek to improve the lives of people with diabetes by enhancing their ability to manage the disease with ease, convenience, and accuracy. To enable this, we may collect certain personal and health information from website visitors, interested parties, and users of our products and services, for the reasons described below. We are committed to respecting your privacy and protecting your data that we collect by, among other things, following the below guidelines:
- We will be transparent about our data privacy and security practices, will try our best to explain them clearly, and inform you promptly about important news or incidents that may affect your data.
- We will always take the privacy and security of your data seriously, utilize industry-standard privacy and security measures for data protection, and respond promptly to your issues and concerns.
This PPTOU was last updated on the date listed above. Because we may implement changes at any time, we encourage you to review this document regularly when you visit our websites, or use our devices, apps, or software. When you utilize any of Senseonics products and services, you are agreeing to the terms of this PPTOU and how your data is collected, transmitted, stored, and/or processed. If you do not agree to this PPTOU, please do not access or use Senseonics websites, devices, apps, or software. In addition to this PPTOU, you may be subject to additional terms when you access particular services or materials on certain areas of our websites, or by following a link from our websites to third-party websites. As explained in more detail below, you will also be subject to an End-User License Agreement for certain Senseonics apps or software that you use.
In Case of Medical Emergency
If you think you may have a medical emergency, call your doctor, 911 (in the US), or 112 (in the European Union (EU)) immediately. The content provided on or through Senseonics products, mobile apps, software, and websites, do not offer medical advice, decision making, or opinion, is for your general education and information only, and cannot replace your relationship with your healthcare provider. Accordingly, you should always talk to your healthcare provider for diagnosis, therapy, and treatment decisions.
Sources of Data Collection
Senseonics’ Products and Services (defined below) are designed to address many of the problems of traditional glucose sensor technologies and to provide an unmatched combination of accuracy and long sensor life. In an effort to meet this goal and provide patients and customers a beneficial experience, Senseonics collects certain types of data from customers as they utilize our products, services, and tools. This PPTOU applies to data received or collected through the following sources:
- Data collected, stored, and/or transmitted through our subcutaneous Eversense® Sensor and our Eversense Smart Transmitter, which are part of our Eversense Continuous Glucose Monitoring (CGM) System (our “Devices”);
- Data collected, stored, and/or transmitted through the Eversense Mobile Application, the Eversense NOW® Mobile Application, and any other mobile applications available for download through the Apple® App Store, the Google® Play store for Android® devices, the Sites (defined below), mobile device service provider locations, or other sources identified by Senseonics and that may be accessed through computers, tablets, or mobile devices (each a “Mobile App” and collectively the “Mobile Apps”);
- Data collected, stored, and/or transmitted through a personal computer and cloud-based applications such as the Eversense Diabetes Management Software (DMS) and DMS Pro that permit monitoring and analysis of daily and historical glucose values and other health-related information (collectively the “Software”); and
- Data collected, stored, and/or transmitted through our websites located at senseonics.com, including https://eversensediabetes.com and https://global.eversensediabetes.com (each a “Site” and collectively the “Sites”).
The Devices, Mobile Apps, Software and Sites, whether one or more are utilized by a user, customer, or patient, are collectively referred to in this PPTOU as “Senseonics Products and Services.” By obtaining and using Senseonics Products and Services, you authorize Senseonics to process and utilize the data that we collect from you in accordance with this PPTOU. Importantly, this PPTOU covers how we treat your personal and health data related to your current and historical glucose values and other relevant health information we collect. In addition to this PPTOU, each of the Mobile Apps and Software are subject to additional terms and conditions found in an End-User License Agreement (EULA), which includes data and privacy-related provisions for information collected and transmitted through the Mobile Apps or Software. Prior to using a Senseonics Mobile App or Software, Customers must accept and agree to the EULA that is presented to them (and which may be updated from time to time).
What Data Does Senseonics Collect?
Data Collection Generally
In order to provide Senseonics Products and Services, we collect information from you as set forth in more detail in this section. For patients and customers in Europe, this information may include sensitive personal data subject to protections under the GDPR, such as your historical glucose values and other health-related information. By utilizing Senseonics Products and Services, you agree to our collection, transfer, storage and/or processing of your information for the purposes described in this PPTOU.
When You Provide Personal Information
In connection with your use of Senseonics Products and Services, we may receive information about you which we refer to as “Personal Information.” Personal information is data that can be used to identify you personally, such as your name, date of birth, home address, phone number, e-mail address, medical device serial number, or certain personal health information. Personal Information may include, without limitation, the following:
- Information you are required to provide in order to register with us, or to create an account with us to use a Senseonics Product or Service.
- Information you provide to us relating to your use of Senseonics Products and Services, including customer feedback through phone calls, emails, texts, and/or Mobile Apps and Software, as well as the related metadata.
- Information we receive from you that is transmitted through Senseonics Products and Services, including:
- Glucose readings, inputs, and other health-related information
- Information we receive about your use of Senseonics Products and Services, including data used for customer support and product improvement, your IP address and information regarding your computer, internet service, browser, and your use of the Senseonics Products and Services (such as time spent on websites, settings, etc.)
- Information provided by you or about you by another person that you have designated to receive any of your Personal Information through the use of Senseonics Products and Services (“Designated Recipient”)
When You Download a Senseonics Mobile App
When you download and install a Senseonics Mobile App, such as the Eversense Mobile Application or the Eversense NOW Mobile App, you may be asked to create an account. When you create an account, we will ask for some Personal Information, including your email address, age, geography, etc. Your email address will be your account user name, which you will use to log into your account, and we will ask you to create a password. Mobile Apps may also request additional demographic and health-related Personal Information, such as age, height, weight, gender, etc. The Mobile Apps will synchronize with the Devices to capture and store blood glucose level data and other health-related information. (As mentioned above, you may be subject to additional terms under a EULA when using Mobile Apps.)
Your Eversense Account for the Eversense DMS
Senseonics products, like the Eversense Smart Transmitter or the Eversense Mobile App, may connect to a personal computer to upload the sensor glucose history to the Software, such as the Eversense Diabetes Management System (DMS), for review and analysis by you and your physician. To do this, if you have not already done so, you must create an Eversense account. When you create an account, we will ask for some Personal Information, including your email address, age, geography, etc. Your email address will be your account user name, which you will use to log into your account, and we will ask you to create a password. You may be able to customize your Senseonics experience by adding other types of information to your account. Your Eversense account will also be utilized for Customer Care purposes and maintaining the security of your data. The Software will synchronize with the Mobile Apps to capture and store sensor glucose level data and other health-related information.
When You Report a Complaint
If you have an issue, concern, or complaint (“Complaint”) with a Device, a Mobile App, Software or a Site, you can submit your Complaint by contacting Senseonics directly (see “Contact Us” section below). Once you contact us, we will manually log your Complaint into our Customer Care System and, as appropriate or necessary, into our Complaint Handling System. When reporting a complaint, you will be asked for Personal Information such as your name, your sensor insertion date, your sensor serial number, the transmitter serial number, and other information that may be relevant to your Complaint.
When You Visit/Use Senseonics Products and Services
Senseonics collects industry standard data from everyone who visits our Sites—even if you do not have a Senseonics account. This includes log data that automatically records Personal Information about your visit, such as your browser type, operating system, the URL of the page that referred you, the different actions you performed, and the IP address you used to access pages on the Site. Additionally, when you use Senseonics Products and Services using a mobile device, we may collect technical information such as the type of mobile device you use, a unique device identifier (for example, your mobile device’s IMEI number, the MAC address of the mobile device’s wireless network interface, or the mobile phone number used by the mobile device), mobile network information, your mobile operating system, the type of mobile browser you use and time zone setting. We use this type of information to tailor your experience with Senseonics Products and Services, to analyze who is visiting our Sites, to prevent misuse of the Sites and Senseonics Products and Services, and to ensure the Sites and Senseonics Products and Services are working properly. This information is stored by the third party that hosts our Sites. We also collect data from cookies, as outlined in more detail below.
When You Sync Your Device
When you sync your Device through a Mobile App or Software, data recorded on your Device about your current and historical glucose values and any additional health-related Personal Information, is transmitted from your Device to Senseonics servers (hosted by a third party pursuant to an appropriate arrangement). Senseonics servers are located in London, United Kingdom for customers residing in Europe, and in The Dalles, State of Oregon for US customers. Your data stored with Senseonics is primarily used to provide and operate the Senseonics Products and Services that you utilize, and is associated specifically with your account. Each time a sync occurs, data is logged regarding the transmission including, for example, the sync time and date, and technical information about the Devices. (If your data sync results in data transmission to a third-party not affiliated with Senseonics such as Healthkit or Glooko, which you may authorize or facilitate, your data will also be subject to that third party’s separate privacy terms and conditions.)
Information with Contracted Parties
We may contract with third-party organizations to provide Senseonics Products and Services (including, for example, our business partners, our product distributors, specialized contractors that provide technical, payment, and/or delivery services, and analytics providers). Under these arrangements, we may both provide them your information to allow them to perform their services, and we may receive information about you from them as well. In all cases, Senseonics shall enter into appropriate agreements with these subcontractors that, among other things, ensure the adequate protection and confidentiality of your information, and that only the minimum necessary data is disclosed or transmitted for purposes of the subcontractor’s services/function.
Who Controls Your Data?
For purposes of the EU GDPR, the “data controller” of the data collected from you, including any Personal Information, is Senseonics Incorporated, a company based in the United States of America, with its headquarters at 20451 Seneca Meadows Pkwy, Germantown, Maryland 20876. As applicable for Europe users of Senseonics Products and Services, Senseonics collects, stores, manages, and utilizes all collected data in compliance with the EU GDPR. In the United States, Senseonics is also considered to have control of your data collected through your use of Senseonics Products and Services, and complies with all applicable data privacy and security laws. In all countries, Senseonics has a legitimate interest in offering and operating Senseonics Products and Services for your beneficial use and shall utilize your data to do so as well as provide you with relevant updates and notifications. In addition (in particular for those countries subject to the EU GDPR), Senseonics will request your consent or authorization when necessary for certain, specific uses of your data.
How We Use Your Data
General. As we mentioned, we may use your data to facilitate, manage, and maintain your beneficial use of Senseonics Products and Services. Separately, we may also use your data to develop and/or improve products and services (including based on information from user groups), appropriately address your Complaints, inform you of relevant product or service updates, helpful information, tips and reminders, and provide you with targeted offers and proposals that may be of interest to you. For example, we will use the registration information that you provide to manage your account and to link your registration information to the information collected by the Devices, Mobile Apps and Software, and purchases from our Sites. As another example, we may use your data to contact you by phone, email, and/or text, to confirm your correct and comfortable use of Senseonics Devices and to offer assistance and guidance if necessary. When utilizing your data as described, Senseonics shall take all appropriate steps to comply with the applicable data privacy and security laws in your country, including obtaining your consent when/if necessary. Mobile Apps and Sites. We will use the information you provide through your Eversense account from the Mobile Apps and Eversense Diabetes Management System, to enhance your user experience and make Senseonics Products and Services more useful to you. For this reason, we will use the data about your current and historical glucose values and any other health-related information we collect in connection with our provision of Senseonics Products and Services. Also, we may use the information you provide in the event we need to contact you in connection with the provision of Senseonics Products and Services, including sending important information to you regarding Senseonics Products and Services, such as technical notices, updates and alerts, relevant data privacy or security events, or changes to our terms and conditions. We may also use information that we collect when you visit our Sites and Mobile Apps for our internal business purposes, such as data analysis, audits, fraud monitoring and prevention, developing or improving products, enhancing or modifying our services, and identifying usage trends. De-identified Data. In certain cases, we may redact or delete information from the Personal Information we collect that could identify you, and we may use such non-personal, de-identified data for business and other legitimate purposes as we deem appropriate, such as research and development, product improvements, publications and documents, business operations and process improvements, and marketing purposes. We may also provide de-identified data to third parties pursuant to business arrangements Senseonics enters into with such third parties. See below for more information about de-identified data. In all cases, Senseonics shall take steps to comply with your country’s laws on data privacy and protection. Requests to Senseonics. As mentioned above, when permitted by applicable law, we may use your Personal Information to send you emails and notices regarding opportunities relating to our products and services. You may opt out of such communications by contacting us by email at firstname.lastname@example.org, by mail at the address listed in the “Contact Us” section below, or through the process specified in the individual communication itself, and you may also opt in again through one of those methods. We will try to comply with your request as soon as reasonably practicable. Please keep in mind that although you may opt out of receiving promotional or marketing-related emails, you may not opt out from receiving important messages regarding your use of Senseonics Products and Services (for example, technical alerts or notices, certain clinical information, etc.).
How Does Senseonics Keep Your Data Safe?
Industry-Standard Data Security. Senseonics contracts with third-party providers to host and manage the Mobile Apps, Software, and Sites. The contracts between Senseonics and such providers require them to use industry-standard technology and security measures to protect your Personal Information and, among other things, require the transmission of your data in encrypted form. To access your account in the Mobile App or Software, you will typically need to log in using your email address and password. You are responsible for keeping this password confidential, and we recommend that you do not share your password with anyone. While Senseonics employs all reasonable measures and safeguards that are consistent with industry standards for your data privacy and security, no data transmission or storage system is 100% impenetrable because of the inherent nature of the Internet, and therefore we cannot guarantee that your data is absolutely safe from intrusion by others. Accordingly, please take care in authorizing access to your data by others, and keep in mind that any transmission of your data outside of Senseonics Products and Services is done at your own risk (and may be subject to separate privacy standards belonging to the applicable outside party). If you feel that your interactions, communications, or data sharing with Senseonics or through Senseonics Products and Services is no longer secure, has been inappropriately handled, or may be subject to a security breach, please immediately notify us by emailing email@example.com. (Of course, if Senseonics discovers a significant data loss or breach, we will inform you about the incident and take all appropriate steps to control and mitigate the data loss or breach.) Appropriate Contracts with EU Data Processors, Importers. For patients and customers in Europe, Senseonics may contract with third-party providers that may receive, store and process your Personal Information outside of the European Economic Area (EEA). In such event, Senseonics will require that such third parties comply with the obligations of a 'data importer' in the 2010 EU Model clauses extracted from 2010/87/EU Annex EU Standard Contractual Clauses, for the transfer of personal data to data processors established in non-EEA countries. Additionally, the data that we collect from you, including data that is stored and processed within the EEA, may be accessed and processed by Senseonics staff operating outside the EEA. These staff may be engaged in the maintenance of Senseonics Products and Services, including the provision of essential support and operational services required to ensure your continued, beneficial use of Senseonics Products and Services. To maintain an adequate level of data protection, Senseonics commits to complying with the EU GDPR, including incorporating the above-mentioned Standard Contractual Clauses for data protection when applicable. For data transmission outside the EEA to US-based Senseonics employees (or contracted third parties), Senseonics may additionally obtain data security certification(s) from third-party consultants or government programs, obtain patient or customer consent if necessary, or both. Enrollment/Registration in Senseonics Products and Services. As mentioned above, when you use Senseonics Products and Services, you may need to complete a registration or enrollment process where you will be asked to agree to the transfer, storage and processing of your Personal Information as described in this PPTOU. By checking the tick box (or tapping the “Accept” or “Agree” button) when prompted during the registration or enrollment process, you agree to this transfer, storing and processing. Please note that if you do not agree to this transfer, storing, and processing, we will be unable to provide you with the full, beneficial use of Senseonics Products and Services. During or after your registration or enrollment process, if Senseonics requires additional consent from you to authorize certain types of data use, Senseonics will contact you separately to obtain such consent as may be necessary under your country/region’s applicable data protection laws.
What Data May be Shared with Third Parties?
Data That Could Identify You
In order to provide Senseonics Products and Services, we may disclose some or all of your Personal Information (as defined above) under one or more of the following circumstances:
- To our affiliates (including related organizations) for purposes of providing Senseonics Products and Services.
- To companies that are contractually engaged by us in connection with the provision of Senseonics Products and Services, such as software hosting, data storage and processing, order fulfillment, email management, and credit card processing. These companies are obligated by contract to safeguard any Personal Information they receive from us (or directly from you).
- To marketing companies and similar organizations with whom Senseonics has partnered, to provide you with product and service offers, proposals, educational information, and news updates that may be of interest to you (to the extent permitted by the applicable data and privacy laws in your country).
- As required by applicable law, including laws outside your country of residence, when requested by law enforcement, government authorities, or regulatory agencies, or when we determine that such disclosures are necessary and appropriate under the circumstances.
- To protect our rights, privacy, safety, and/or property, including those of our affiliates, you, or other parties; to protect our operations or those of any of our affiliates; to enforce this PPTOU; and to allow us to pursue available remedies or limit the damages that we may sustain.
- In connection with certain transactions we may engage in, such as:
- In the event of a financing of our company, we may disclose Personal Information to potential bankers or investors.
- In the event of the sale, merger, bankruptcy, sale of assets or reorganization of our company, we may disclose Personal Information to the proposed counter-parties to any relevant transaction. We will notify you if a different company will receive your Personal Information, and how this PPTOU will apply to your data once transferred to the new entity.
- To provide important or necessary product or service updates, including potentially technical updates, bulletins, and notices, product recall or field actions, important check-ins and status checks for new product users, and other communications relevant to your beneficial use of Senseonics Products and Services.
- In any other way we may describe to you while using Senseonics Products and Services, which may include a request for your consent.
- To third parties under appropriate arrangements with Senseonics for analytics services ("Analytics Services") to help analyze how users use the Mobile Apps, Software, and Sites, and compile reports on user activity. By using our Mobile Apps, Software, and Sites, you consent to the processing of your data by these Analytics Services providers in the manner and for the purposes set out above. (Please keep in mind that third-party Analytics Services providers might in turn transfer your information to other parties if legally required to do so, or for data processing on their behalf. The use of your information by Analytics Services providers, will also be governed by the privacy terms and conditions of each such third-party provider.)
- For any other purpose with your appropriate authorization or consent (in compliance with the applicable laws of your country).
Data That Does Not Identify You (De-identified Data)
Senseonics may share or sell individual or aggregated de-identified data that does not identify you personally, with partners and the public in a variety of ways. (If the privacy laws in your country require patient consent, Senseonics shall take appropriate steps to obtain consent as necessary.) De-identified data means data that is not associated with or linked to any personal data and would not, by itself or in combination with other data, permit the identification of individual persons. When we provide this information, we perform appropriate procedures so that the data does not identify you and we contractually prohibit recipients of the data from tracing it back to you. We could also use de-identified data to generate research or reports and publish such information or provide it to third parties.
Data that You Direct Us to Share
Your Rights and Responsibilities
As the data owner, you will maintain control over your data. You may update your information and account at any time by logging into your account on our Site or Mobile App and making the appropriate changes. You agree to keep your information and account current at all times while your account is active. If you would like to review, correct, update, suppress, or delete Personal Information that you have provided to us, you may update such information maintained in your account on our Site or Mobile App, or contact us at firstname.lastname@example.org. In your request, please make clear what changes, corrections, suppression or limitations you would like to place on your Personal Information. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as practicable. Please note that we may not be able to meet every request for a change, correction, suppression or limitation, and we may need to retain certain information for recordkeeping purposes, regulatory or legal reasons, and/or to complete any transactions that you began prior to requesting any change. In instances of Personal Information being deleted, there may still be residual information that will remain within our databases and other records, which will not be removed.
How to Deactivate Your Eversense Account
You can deactivate your Senseonics account by contacting us at email@example.com. When you do so, data that can identify you and that is associated with your account will be subsequently removed from Senseonics Products and Services to the extent reasonably possible. Please note that while this data will be removed from our server based upon an automated schedule, such data may persist in our backup or archive storage for an indefinite period of time. Senseonics may continue to use your de-identified data after you deactivate your account.
Senseonics’ Policy regarding Children
Senseonics complies with its labeling and regulatory approvals in all applicable countries and territories, and will only market and promote Senseonics Products and Services to approved age groups. Under no circumstances, however, will Senseonics knowingly market, promote, or recommend Senseonics Products and Services to any persons under the age of 13, nor will we knowingly collect any Personal Information from persons under 13. It is possible that a parent or legal guardian may subscribe to Senseonics Products and Services to assist in the provision of care for a patient who is under 13 (a decision to be made solely by the parent/guardian and the patient’s physician, without promotion or recommendation by Senseonics), but no person under 13 is permitted to directly use Senseonics Products and Services. If you are aware of a user under the age of 13 using Senseonics Products and Services directly, rather than through a parent or guardian, please contact us at firstname.lastname@example.org.
Adults with Guardians, Conservators or Other Legal Supervision
No person who lacks the legal competence to enter into a contract may directly use Senseonics Products and Services. A legal guardian, conservator or other person with the legal right to do so may subscribe to Senseonics Products and Services to assist in the provision of care for such a person. Such legal guardian, conservator or other person with legal right shall be responsible for ensuring that the decision to use Senseonics Products and Services is by such legal guardian, conservator or other person with legal right (along with the applicable healthcare professional), and not by the patient who lacks legal competence. Your Ideas, Comments, and Feedback While Senseonics welcomes your comments, suggestions, feedback and/or ideas submitted on or through our Sites or Mobile Apps, please note that any such information will be considered non-personal, non-confidential, and non-proprietary (other than actual Personal Information, as that term is defined above). By providing any ideas, information, concepts, know-how, techniques or materials to us through our Sites, Software, or Mobile Apps, you grant Senseonics an unrestricted, royalty-free, irrevocable license to use, reproduce, display, perform, modify, transmit and distribute them in any medium, and agree that Senseonics is free to use them for any purpose.
You can email us with any questions or comments at email@example.com. Privacy Officer Senseonics, Incorporated 20451 Seneca Meadows Parkway Germantown, MD 20876