Last Updated: February 15, 2019
This global Data Protection and PrivacyStatement (the “Privacy Statement”) sets out how we, 3D DIAGNOSTIX INC. (a Massachusetts,United States corporation with its headquarters at 24 Denby Rd Boston, MA 02134,USA) and all of our global affiliates (“3DDX” or “we”) handle Personal Data that we process when you visit our web page, purchase a product,enroll in one of our email services, request information, register on the website, enter one of our contests, participate in a promotion, use any of theother interactive portions of our website, communicate with us through social media, or in connection with an actual or potential business or employment relationship with us (together “data subjects”).
Questions about this privacy statement
If you have any questions or comments about this Privacy Statement, 3D DIAGNOSTIX’s privacy practices, or if you would like us to update information or preferences you provided to us, please contact us at
Email: firstname.lastname@example.org with “FYA: Data protection officer” in the subject header (the “Data Protection Contact”),
Web: www.3ddx.com and use the information on the “Contact Us” page,
Telephone: +1 (866) 834-7925 Toll-Free and +1 (617) 820-5279 outside the US and Canada
Types of personal data we process
1. The types of information we may hold about you include:
a) Contact information (such as name, postal or email address, and phone number);
b) Business contact information (such as job title, department and name of organization);
c) Professional information (such as experience with 3DDX products or services);
d) Payment details (including payment card number, expiration date, and billing address);
e) Shipping information (including the shipping address and phone number);
f) Username and password for the account you may establish on our website;
g) Content (such as photographs and comments);
h) Information about you or your patients’ physical condition or health which may be provided to us by your or your health providers to enable us to deliver services and manufacture products for you;
i) Information generated by us in the course of managing our relationship with you, such as a history of our interactions with you, your purchases from us and information about your use of our products;
j) Other information (such as demographic data, and shopping behavior and preferences).
In the European Union (EU), “personal data” is defined very broadly and includes any information relating to a natural person, who can be identified, directly or indirectly, from data that we hold about them or from data that is combined with other information. It may include data relating to our employees, customers, patients, shareholders, contractors or the staff of our suppliers, visitors to our buildings or website users.
Purposes for which we process personal data
2. 3DDX needs to process a certain amount of Personal Data about you for a variety of purposes. 3DDX will only process your Personal Data in accordance with applicable law which may include:
a) Manage our business relationship with you, for example: (i) process your transaction;(ii) manage and maintain your account with us; (iii) respond to your questions and comments and provide customer support; (iv) set up a 3DDX Connect account;(v) allocate a Territory Sales Manager or equivalent to be your dedicated account manager
b) Marketing,advertising and public relations, for example: (i) marketing our business and products to you; (ii) provide you with information you have requested about our company, our products and our services; (iii) provide you with information about, or samples of, our product range for marketing purposes; (iv) contact you through email, telephone or postal mail; (v) tailor your experience on our website by providing content that is relevant to your interests and geographic region;
c) Maintenance and statistics, for example: (i) help diagnose problems with our server;administer the website, and compile broad statistical data; (ii) update and maintain our website;
e) Research and product development, for example we may use information about your experience of using our products to help us improve our products.
Legal ground for processing the personal data
3. EU Data protection law requires us to have a legal basis before processing any Personal Data about you. The legal basis for us processing your Personal Data for the above purposes may be because: (i) you have provided your consent; (ii) it is necessary to for the performance of a contract with you; (iii) the processing is necessary for our compliance with a legal obligation; or (iv) the processing is in our legitimate interests of operating and promoting our business.
4. To the extent provided by applicable law,you may withdraw any consent you previously provided to us, or object at anytime on legitimate grounds, to the processing of your Personal Data. In some circumstances, withdrawing your consent to 3DDX’s use or disclosure of your Personal Data will mean that you cannot take advantage of certain 3DDX products or services.
Disclosure of information relating to data subjects
5. We intend to keep your Personal Data confidential, in compliance with our legal obligations. We do not sell, rent,trade or otherwise disclose this information to third parties, other than as described in this Privacy Statement, for the purposes described above, or as we disclose to you at the time the data is collected. We may disclose your Personal Data in accordance with, and where permitted by, applicable law:
- in order for us to comply with our legal obligations, e.g. where we are required to disclose certain information to tax authorities;
- to protect the security or integrity of our business, including our databases and systems;
- to any of our outsourced service providers, suppliers or distributors to facilitate the provision of contracted services or goods or to provide expanded services to our customers and website visitors, for example; outsource the processing of certain interactive website functions, administering email services and running special promotions
- to any other third party where you have provided your consent.
Security measures used to protect the personal data
6. 3DDX will take appropriate physical,technical and organizational security measures designed to safeguard and secure any information you provide to us.
International transfer of personal data
7. We may disclose or transfer your Personal Data to a third party in countries outside the country in which it was originally collected for further processing in accordance with the purposes set out in section 2 above, in particular your Personal Data maybe transferred throughout the 3DDX branches. In these circumstances we will, as required by applicable law, ensure that your privacy rights are adequately protected by organizational, technical, contractual and/or other lawful means. You may be entitled under applicable law to receive a copy of the safeguards which we have put in place to protect your Personal Data and privacy rights; please get in touch with the Data Protection Contact for further information on how to exercise this right.
Retention of personal data
8. Your Personal Data will be retained for the duration of our business relationship and for a period of time thereafter as required by applicable local law or where we have a legitimate and lawful purpose.
Data subject rights
9. Data protection laws often provide individuals with numerous rights, including the right to: access, rectify,erase, restrict and object to the processing of, their Personal Data. Individuals may also have the right to lodge a complaint with the local data protection authority if they believe that their Personal Data is not being processed in accordance with applicable data protection law. If you would like to exercise any of these rights, please contact the 3D DIAGNOSTIX Privacy Contact at email@example.com To assist us in responding to such requests in a timely fashion, please include the phrase “Privacy Rights Request” in the title of your message.
10. Data subjects may, where permitted by applicable law, request copies of their Personal Data. This is known as a subject access request or SAR.
11. If you would like to make a SAR, i.e. a request for copies of the Personal Data we hold about you, you may do so by writing to the Data Protection Contact whose details are provided above. The request should make clear that a SAR is being made. We may ask you to provide evidence of your identity if it is not clear.
12. Responding to a SAR can be a time consuming exercise. 3D DIAGNOSTIX may be able to get the information that you require more quickly if you are as specific as possible in your request. E.g.,“I would like a copy of my Personal data contained in my website member account file” or if you would like a copy of a particular document it would be helpful if the document is described carefully, including the title, creation date,author and likely place of storage. This will help us to respond to your SAR as quickly as possible. You may be asked for further details to assist us if insufficient information is provided.
13. This website may make chat rooms, careers,message boards, and/or news groups available to its users at various times. Please remember that, unless otherwise stated, any information that is disclosed in these areas becomes public information and you should exercise caution when deciding to disclose your personal information in these areas. Do not use these areas to post personal information about third parties or discuss information about specific, identifiable patients.
Links to other websites
Updates to our privacy statement
15. We may at any time in our sole discretion revise or update this Privacy Statement. We will indicate at the top of the Privacy Statement when it was most recently updated. All changes are effective immediately when they are posted and apply to all access to and use of the website thereafter.
16. In order to collect certain data described in this Privacy Statement, we may use cookie technology on our website.A cookie is a small piece of information which is sent to your browser and stored on your computer's hard drive, mobile phone or other device. You can set your browser to notify you when you receive a cookie. This enables you to decide if you want to accept it or not. However, some of the services and features offered through our websites may not function properly if your cookies are disabled.The following are examples of cookies that may be used on our websites:
a) Strictly necessary cookies. These cookies are essential in order to enable you to move around the website and use its features. Without these cookies,services you have asked for, like saving your account login info, adding products to a cart, checking out, cannot be provided.
b) Performance/ analytic cookies. These cookies collect data about how visitors use our websites, including the country from which the visitor is accessing from.They allow us to recognize and count the number of visitors and to see how visitors move around the site when they are using it. All data these cookies collect is aggregated and do not seek to personally identify you.
c) Functionality cookies. These are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
18. When you visit our websites, we may allow some third parties (such as advertising networks and data analytics companies)to collect information about your online activities over time and across different websites. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit.However, there is no consensus among industry participants as to what “Do NotTrack” means in this context. Like many websites and online services, our websites currently do not alter their practices when they receive a “Do NotTrack” signal from a visitor’s browser. To find out more about “Do Not Track,” visit http://www.allaboutdnt.com.
19. If necessary to comply with applicable law, we will ask for your consent to place cookies on your device. Once your consent has been provided, this message will not appear again when you revisit. If you, or another user of your computer, wish to withdraw your consent at any time, you can do so by altering your browser settings. You can find more information about cookies at: www.allaboutcookies.org and http://www.youronlinechoices.com
California law permits residents of California to request certain details about how their information is shared with third parties for direct marketing purposes. Under the law, a business must either provide this information or permit California residents to opt in to, or opt out of, this type of sharing. If you are a California resident and would like information identifying the categories of personal information which we share with our affiliates and/or third parties for marketing purposes, and the contact information for such affiliates and/or third parties, please submit a written request using the contact details at the beginning of this Privacy Statement.