Medtronic SmartSync Mobile Application - Privacy Statement

This Privacy Statement tells you how we protect and use information that we process through the Medtronic Mobile SmartSync Application (the “Application” or “App”). This Privacy Statement is intended for an audience within the United Kingdom, as part of the limited release process.

This Privacy Statement was last revised on May 16, 2018. We may change the Privacy Statement at any time and for any reason, but if we do so, we will inform you of the new contents.

Please also read the End User Licensing Agreement (EULA) for the Application to understand the general rules about your use of the Application. This Privacy Statement and the EULA are the complete agreement between Medtronic and the medical institution with respect to its use of the Application.

INTRODUCTION

The Application is owned by Medtronic, Inc of Fridley, Minnesota, USA and is licensed to you for purposes of interrogating and programming the implanted cardiac device of your patients. “Medtronic” as referred to in this Privacy Statement designates Medtronic Limited of Watford, United Kingdom. When we use the words "we" or "our," we mean Medtronic. When we use the word “you” or “your” we mean the medical institution using the App and its medical personnel.

The App is part of the SmartSync device programming and interrogation system (“System”), and is downloaded on a tablet which is part of the System. The System is brought into the medical institution by a Medtronic representative but is operated by you with the support of the Medtronic representative. After the programming and/or interrogation procedures, the Medtronic representative removes the System from your facility.

The System collects and processes personal information of your patients and your institution through the Application. Please see below for a definition of personal and non-personal information, and how the System processes them.

WHAT IS PERSONAL INFORMATION?

Personal information is information we process through the App that can specifically identify patients and you. Examples of personal information include:

  • First name
  • Last name
  • Patient’s health condition
  • Hospital/clinic name
  • Medical device serial number
  • Implant date
  • Model number
  • Medical device name
  • Mobile device identifiers, such as model number, manufacturer, serial number, or IMEI/MEID, Device programming parameters and measurements

HOW DOES MEDTRONIC COLLECT AND PROCESS PERSONAL INFORMATION?

The App will serve to program and/or interrogate your patients’ implanted cardiac devices and to collect personal information from such device and deliver the data to you on a digital file or on a print-out (pdf). After the interrogation and transfer to you of the data, any data will be deleted manually from the App by your personnel or by the Medtronic representative prior to the System being removed from your facility.

WILL MEDTRONIC SHARE PERSONAL INFORMATION WITH THIRD PARTIES?

Medtronic will not share any personal information collected from any device through the App, with any affiliated company of the Medtronic group, nor with any third party.

Medtronic does not store any personal data on the App or on the System or any other platform.

WHAT DOES MEDTRONIC DO WITH NON-PERSONAL INFORMATION?

Non-personal Information will be collected and processed for the same purpose as personal data and in the same context. No non-personal information will be stored nor shared with anyone except with your medical institution.

YOUR PERSONAL RIGHTS AND HOW TO CONTACT MEDTRONIC

We do not store personal data after its transfer to you or its communication to you. You have the right to request access to the App to ensure that this is the case, or to object to personal data being processed by the App, but the latter will render the programming or interrogation of the devices by the System impossible. In order to exercise these rights or to obtain information on the applicable procedure, please contact us using the information above. Please note that the exercise of your rights may be subject to restrictions, e.g. in order to allow Medtronic to comply with applicable laws or to protect the data protection rights of third parties. You have the right to lodge a complaint with your data protection authority.

Our Data Protection Officer may be contacted by email at europeanDPO@medtronic.com.

If you have questions or comments about this Privacy Statement, or would like to exercise your rights, please contact us at: rs.privacyeurope@medtronic.com.