Karman’s Global Privacy Notice
Last Updated: March 9th, 2020
Your privacy is important to Karman, so we have developed a Global Privacy Notice (“Notice”) that explains how we collect, use, disclose, transfer, store, and maintain your personal information so that you have everything you need to make the choices that are right for you when using our wheelchairs or services. We are committed to complying with applicable data protection laws and applicable national law in the country where you live, work or otherwise reside (“Applicable Law”).
This Notice applies to the Wheelchairs listed in the Our Products Section as well as other Karman Wheelchairs that refer to this Notice. When used, the generic term “Products” includes Karman and its subsidiaries’ or affiliates’ services, websites, apps, software and devices. In order to help you find the information that you need, we have divided this Notice into relevant sections.
You have certain rights relating to how Karman uses your personal information. You can read about your rights in the Your Rights and Choices section and you are also welcome to contact us.
Who is the Controller When We Process Your Personal Information?
When used, the term “Controller” includes the person or organization that determines the purposes for processing personal information, including the way it is processed. When Karman uses your information for purposes such as our online services, conducting repairs and maintenance, and conducting certain marketing activities, we act as a Controller.
When used, the term “Processor” includes the person or organization that is performing the processing on behalf of a controller. When Karman receives your information from a dealer or retailer to build your customized product, we are acting as a Processor on their behalf.
What Information Do We Collect About You?
When using our Wheelchairs or interacting with us, we collect information about you that we use for different purposes. These purposes include providing you with the services you have requested and communicating with you, but also developing our Wheelchairs and make them better.
We collect personal information about you when you place an order with your dealer for any of our Wheelchairs. We also collect it when you register for any of our online services. We collect the personal information to create, operate and improve our Wheelchairs, provide you with personalized experiences, and help keep you safe. For more information about how we use your personal information, please see the sections titled How Do We Use Your Information? and Our Wheelchairs.
We collect the following categories of personal information depending on the product or service you use:
- Identity information
Identity information includes your first name, last name, username or similar identifier, date of birth, and gender. We collect identity information when you, your dealer, or your clinician reaches out to us for services, when you make a request, or when you lodge a complaint. In some cases, we receive your identity information from your dealer or clinician when your product order is placed.
- Contact information
Contact information includes your email address, mailing address, or phone numbers. We collect your contact information when you reach out to us for services, to make a request, or to lodge a complaint. In some cases, we receive your contact information from your dealer or clinician when your wheelchair order is placed. In most cases, we collect this personal information as a processor or business associate of your dealer or clinician; however, there are instances where we act as a controller or non-covered entity health care provider when processing this information, such as complaint handling, product maintenance, accounting processes, etc.
- Measurement information
During a client evaluation, we collect your body measurements to provide you with a wheelchair custom fit to your specifications and needs. When you are ordering certain seating and positioning products, we conduct pressure point mapping to custom fit your seating and positioning needs.
- Transaction information
Transaction information includes details about you order history, including products and parts, and other details of products and services you have purchased from us.
- Sign-in information
Before you may enrol to access our software and apps, you or your clinician will need to register for an account with the product (“User Role”). Information collected in the registration process includes your name and email address. Your User Role is subject to approval by Karman. Once you have registered and your User Role has been approved, you will receive a username and password.
- Technical information
Technical information includes internet protocol (IP) address, your login credentials, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website and our online products.
- Usage information
Usage information includes details about how you use our website, products and services. This includes your seating and positioning regimen when you register for the Virtual Seating Coach.
- Health information
If you have registered for any of our online services, we collect information on behalf of the clinic or health services provider that you have chosen to deliver and maintain our Wheelchairs, including information about your use of our Wheelchairs, please see the Our Wheelchair section for further information about what type of information related to our Wheelchairs that we collect.
In conducting business, we will receive and create records containing limited health information. Any health information collected is not combined with data from other Products or used for other purposes without your explicit consent. For example, we will not use your health information to market or advertise our Products to you without your explicit consent.
- Location information
Karman offers location-based products that require your explicit consent prior to activation. To provide these location-based Products, we collect, use, and share precise location data with you, your legal guardian, your dealer, or your clinician with your consent. The information shared includes the real-time geographic location of your wheelchair when the GPS device is activated. You can turn on or off location data collection on your device in the My Karman smartphone app, on the My Karman website, by contacting your dealer, or by contacting us.
- Information from device sensors
Karman offers power wheelchairs with sensors that will collect data about your location, wheelchair mileage, battery status, maintenance information, diagnostic data, and service data about the Wheelchairs that you use and receive from Karman upon activation. These sensors are inactive at the time you receive your power wheelchair and can be activated at your request. Your dealer can provide you with information on how to activate the device sensor.
Information about your use of our Wheelchairs is occasionally collected on behalf of your clinic or health services provider to aid you in your specialized treatment. Depending on our Product, you can control what sensor data the device and the apps can use by contacting your dealer or sending an email to privacy@KarmanHealtcare.com.
How Do We Use Your Information?
The type of personal information about you that we process depends on which services and Wheelchairs that you use. Please refer to the Our Products section for more specific information regarding what personal information may be collected by our specific Products.
Legal requirements
Karman stores personal information to fulfil legal requirements, for example according to bookkeeping regulations or to fulfil reporting obligations required by the EU Medical Device Regulations and US Food and Drug Administration (FDA) for Medical Device Manufacturers as applicable for different users. This processing is based on legal obligations under applicable law. Please see the sections titled Legal Obligation and Legal Disclosures for more information about our legal requirements.
Communications
Necessary Communications
From time to time, we use your personal information to send important notices, such as communications about the Wheelchairs and changes to our terms, conditions, and policies. Because this information is necessary for Karman to maintain the quality of our Products, keep you informed of your privacy rights, fulfil our contractual obligations with you, and ensure your safety through proper usage of the device, you may not opt out of receiving these communications. This processing is based on Karman’s legitimate interest purposes or our contract with you.
Optional Communications
The personal information we collect also allows us to, if you are a customer to us, keep you posted on Karman’s latest product announcements, software updates, and upcoming events. This processing is based on our legitimate interest to communicate with you. These communications are optional. If you do not want to be on our mailing list, you can opt out at any time by contacting us or by opting out by clicking the unsubscribe link in the e-mail.
Internal Use
We use personal information to help us create, develop, operate, deliver, and improve our Wheelchairs; and detect and protect against errors, fraud, or other illegal activity. This processing is based on our contract with you or Karman’s legitimate interest purposes.
We also use personal information for internal purposes such as auditing, data analysis, and research to improve Karman’s Wheelchairs and customer communications; enforce the End User License Agreement (“EULA”); enable clinics and health service providers to track and service their fleet of Karman Products, when location services have been activated; and implement billing systems for Karman Products. This processing is based on Karman’s legitimate interest purposes, our contract with you, or your explicit consent and use of My Karman services.
We make every attempt to only use the minimum amount of personal information necessary for performing these tasks and in many cases, we only use information that has been de-identified, anonymized, or pseudonymized.
Information from device sensors
Karman uses your information from active device sensors to:
- Provide your clinic or health services provider with feedback on how and when you use the power seat functions of your product such as power tilt, power recline, or power elevating leg rests. This processing is based on your explicit consent and use of My Karman services.
- Provide you with support for your use of various Karman Products, such as service repairs, parts replacements, and technical assistance with our online services. This processing is based on our contract with you.
- Enable our licensors to improve their licensed technology. This processing is based on our legal obligations.
- Address clinical outcomes. This processing is based on your explicit consent and use of My Karman services.
- Facilitate your Karman product’s compliance with clinician protocols. This processing is based on our legal obligations.
- Enable dealers and clinicians to track and service their fleet of Karman Wheelchairs. This processing is based on your explicit consent and use of My Karman services. Implement billing systems for Karman Products. This processing is based on our contract with you.
Do We Sell Your Information?
No. Karman will not sell, rent, transfer, disclose or otherwise permit the use of your personal information by advertisers or other third-parties, except for your clinic or health service provider, or as set out in the Disclosure to Third-Parties section.
Do we Keep your Data?
Karman keeps your personal information for only as long as necessary for the purposes described in this Notice. We retain and use your personal information as necessary to comply with our legal and regulatory obligations, such as reporting required by the US Medical Device Regulations and US Food and Drug Administration (FDA) for Medical Device Manufacturers as applicable for different users. We also retain and use your personal information as necessary for resolving disputes and enforcing legal agreements and policies. For more information about our retention practices please contact us.
Cookies and Other Technology
We use third-party service providers to help us analyze certain online activities and improve our Products. For example, these service providers help us measure the performance of our Wheelchairs or analyze visitor activity. We permit these service providers to use cookies to perform these services for Karman. Our third-party service providers are required to comply fully with this Notice.
The information collected is Internet Protocol (IP) addresses or similar identifiers. You can set your browser not to accept cookies and our website will tell you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
The method used to block cookies will depend on the web browser used. Consult the “Help” or corresponding menu in your web browser for instructions. You can also often change settings in relation to a specific type of cookie. For more information visit www.aboutcookies.org or www.allaboutcookies.org.
Our use of cookies is generally not linked to any personal information. However, to the extent that non-personal information is combined with personal information, we treat the combined information as personal information for the purposes of this Notice.
Types of Cookies Used
- Strictly necessary cookies: these cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- Performance cookies: these cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.
- Advertising and Targeting Cookies: these cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not directly store personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
- Social Media Cookies: these cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They can track your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Google Analytics and Quantcast Measure
We use Google Analytics and Quantcast Measure to store information about how visitors use our website so that we may make improvements and give visitors a better user experience. Google Analytics is a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you, such as your name, address, etc. and we do not share the data outside of Karman. You can view Google Analytics’ privacy policy at the following link: http://www.google.com/intl/en/policies/privacy/.
You can view Quantcast Measure’s privacy policy at the following link: https://www.quantcast.com/privacy/
IP addresses
An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have from various regions.
What Are the Legal Grounds for Our Processing?
We rely on the following legal bases to use your personal information:
Performance of a Contract
Where it is needed to provide you with our products or services, such as:
- Building or creating your customized product when you place an order
- Verifying your identity when you contact us or make a request
- Processing purchase transactions
- Confirming and verifying the details of your order with you, your dealer, or your clinician
- Updating you, your dealer, or your clinician dealer on the status of your order, as needed
- Allowing you to register your product in line with our warranty policy
- Provide you with technical and customer support.
Legitimate Interest
Where it is in our legitimate interests to do so, such as:
- Managing our products and services and updating your records
- To perform and/or test the performance of, our products, services and internal processes
- To follow guidance and recommended best practice of government and regulatory bodies
- For management and audit of our business operations including accounting
- To carry out monitoring and to keep records of our communications with you and our staff (see below) • For market research and analysis and developing statistics
- For direct marketing communications regarding relevant products and services. We will send marketing to you by SMS, email, phone, post and social media and digital channels (for example, using WhatsApp and HubSpot)
- Subject to the appropriate controls, to provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses
- Where we need to share your personal information with people or organizations in order to run our business or comply with any legal and/or regulatory obligations In all cases where legitimate interest is relied upon as a lawful basis, we take steps to ensure that our legitimate interests are not outweighed by any prejudice to your rights and freedoms.
Legal Obligation
To comply with our legal obligations under applicable law, such as:
- Keeping records for tax purposes
- Responding to subpoenas or compelling orders
- Providing information to public authorities.
- Reporting obligations with legal entities
- Auditing activities as required by applicable law
Consent
With your consent or explicit consent, such as:
- Direct marketing communications
- Sending product updates or technical alerts
- Sending you marketing communications and information on new products, services and assets
- Communicating with you about, and manage your participation in contests, offers or promotions;
- Soliciting your opinion or feedback, provide opportunities for you to test software;
- Processing of special categories of personal information such as about your health, if you are a vulnerable customer
Public Interest
For a public interest, such as:
- Processing of your special categories of personal information such as about your health, criminal records information (including alleged offences), or if you are a vulnerable customer
Disclosure to Third-Parties
Karman will only share your personal information and product use information with your clinic or health services provider and with Karman’s dealers who sell Karman Wheelchairs when you have activated services that collect that information. For more details on any of the topics below or our third-party practices in general, please contact us.
We also collect information on behalf of the clinic or health services provider that you have chosen to deliver and maintain our Wheelchairs, including information about your use of our Products.
Depending on the product or service, we disclose personal information:
- To our third-party service providers that perform services on our behalf, such as web-hosting companies, mailing vendors, analytics providers, and information technology providers.
- To law enforcement, other government authorities, or third parties (within or outside the jurisdiction in which you reside) as may be permitted or required by the laws of any jurisdiction that may apply to us; as provided for under contract; or as we deem reasonably necessary to provide legal services. In these circumstances, we take reasonable efforts to notify you before we disclose information that may reasonably identify you or your organization, unless prior notice is prohibited by applicable law or is not possible or reasonable in the circumstances.
- To service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.
Administrative Disclosures
Karman shares your personal information and product use information with third-parties who provide services to Karman, such as information processing, customer data management, customer research and other similar services. We require these third-parties to protect your information and be obliged, under a written agreement, to act in accordance with our instructions, to follow applicable law and to implement appropriate technical and organizational measures for the protection of the personal information.
Internal Disclosures
Karman shares your personal information and product use information with its internal subsidiaries acting as joint controllers or processors. Karman is a global company with divisions worldwide. As a result, your personal information may be processed by any of our divisions, whether in EMEA, Asia, or the Americas as described in the International Data Transfers section.
Legal Disclosures
It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for Karman to disclose your personal information. We are also required to disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. When we receive information requests, we require that it be accompanied by the appropriate legal documents such as a subpoena or search warrant. We believe in being as transparent as the law allows about what information is requested from us. We carefully review any request to ensure a valid legal basis for it, and we limit our response to only the data law enforcement is legally entitled to for the specific investigation.
Operational Disclosures
We also disclose information about you if we determine that disclosure is reasonably necessary to enforce any EULAs; to protect our operations or other users; or if we are required to do so by any applicable law, rule, regulation, subpoena, or other legal process. Additionally, in the event of a reorganization, merger, bankruptcy or sale we will transfer all personal information and product use information we collect to the relevant third-party, as appropriate.
Our Wheelchairs
Karman is an international company with a variety of Wheelchairs available depending on the region where you live. The following is a list of the products that Karman offers regionally and in some cases globally. For questions regarding any of the listed products, please contact your dealer or clinician for more information. You may also contact us.
Website and software
Our website and software use limited personal information depending on your use of the Product. Limited personal information may be collected from you, your dealer, or your healthcare provider as needed to provide you with a personalized experience, improve service reliability, combat spam or other malware, or improve features and functionality of the website or software. We do not use your data for any advertising or similar commercial purposes without your explicit consent.
Business Region Americas
United States
As a medical device manufacturer, Karman may act as a health care provider when determining the proper type or size of the device that is needed for a particular patient. For more information about our HIPAA related practices, please contact us at: privacy@KarmanHealthcare.com.
Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of Personal Information to third-parties for their direct marketing purposes. To make such a request, please contact us at: privacy@KarmanHealthcare.com.
California law requires that we disclose how Karman responds to web browser “Do Not Track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information (as that term is defined in California law) about a consumer’s online activities. Our Wheelchairs do not currently support “Do Not Track” codes. That is, Karman does not currently respond to or take any action regarding “Do Not Track” requests.
Your Rights and Choices
You have certain rights regarding the personal information we maintain about you. We also offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you. If you have any questions about your rights as stated below, or want to make use of your rights, please contact us.
You may exercise any of your rights at any by contacting us or submitting a request form. You will not have to pay a fee to access your personal information (or to exercise any of the other rights); however, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one calendar month. Occasionally it may take us longer than one calendar month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
Right to be Informed About How Your Personal Information is Used
You have a right to be informed about how we will use and share your personal information. This explanation will be provided to you in a concise, transparent, intelligible and easily accessible format and will be written in clear and plain language.
Right to Access Your Personal Information
You have a right to obtain confirmation of whether we are processing your personal information, access to your personal information and information regarding how your personal information is being used by us. The right to access personal information may be limited in some circumstances by local law requirements. We will respond to all requests to access, modify, or delete your personal information as required by local law requirements. To exercise these rights, please contact us.
Right to Have Inaccurate Personal Information Rectified or Amended
You have a right to have any inaccurate or incomplete personal information rectified. If we have disclosed the relevant personal information to any third parties, we will take reasonable steps to inform those third parties of the rectification where possible
Right to Have Your Personal Information
Erased in Certain Circumstances You have a right to request that your personal information be erased if: • the personal information is no longer necessary for the purposes for which it was collected or otherwise processed
- you object to the processing of your personal information, in accordance with your right to object and we do not have an overriding legitimate interest
- if the personal information has been processed unlawfully by us
- your personal information must be erased to be compliant with a legal obligation under applicable law.
We will consider each request carefully in accordance with the requirements of any laws relating to the processing of your personal information. If you have any questions about your right to erasure, please contact us.
Right to Restrict Processing of Your Personal Information
You have a right to restrict the processing of your personal data in certain circumstances. These include when:
- you contest the accuracy of the personal information, and we must restrict the processing for a certain period to enable us to verify the accuracy of relevant data
- the processing is unlawful, and you request restriction of the use rather than erasure of the personal information
- we no longer need the personal information for the purposes of the processing as stipulated in the How Do We Use Your Information section in this Notice, but the personal information is required by you for the establishment, exercise or defense of a legal claim
- you have objected to processing pursuant to what is set out under the Right to Object section, and our verification of the legitimate grounds is pending
Right to Data Portability
In certain circumstances you can request to receive a copy of personal information about you that you have provided to us (for example by completing a form or providing information through a website). The right to data portability only applies if the processing is based on your consent or if the personal data must be processed for the performance of a contract and the processing is carried out by automated means (i.e. electronically).
Right to Object to processing
You have a right to object to processing of your personal Information in certain circumstances, including where:
- we are processing personal data based on legitimate interests or for the performance of a task in the public interest
- we are using personal data for direct marketing purposes
- information is being processed for scientific or historical research or statistical purposes. If you request to exercise your right to object, we will no longer process the personal information unless we can demonstrate compelling and legitimate reasons for such processing that overrides the privacy interest.
If you object to processing for direct marketing, we will no longer conduct such processing.
In certain circumstances, even if you object to certain processing, we may continue such processing if permitted or obligated to do so under applicable law, such as when we must fulfil legal requirements or to fulfil contractual obligations in relation to the registered person.
Marketing Communications
We would like to send you information about our products and services that may be of interest to you. You can tell us not to send you marketing communications at any time by e-mail by clicking on the unsubscribe link within the marketing e-mails you receive from us or by contacting us as set out under “Contact Us” below.
Giving and Withdrawing Consent
You are asked to provide your consent for certain processing of your personal information. If processing is conducted based on your consent, such processing is stated in this Notice and according to instructions as set out herein.
You may withdraw any consent you previously provided to us for processing of your personal information. Once you have withdrawn your consent, we will stop processing your personal information connected to your consent and for explicitly stated purposes as set out herein.
Please note that even if you withdraw your consent for certain processing purposes, we may continue process other personal information for other purposes where we have another legal ground to do so. This can include processing to fulfil a contractual obligation in relation to you regarding our Products or when we have a legal obligation according to applicable law to do so.
How to Exercise Your Rights
You may exercise any of your rights at any time by contacting us or submitting a request form. Please note that we may contact you and ask you to confirm your identity to ensure that we do not disclose your personal information to any unauthorized person. We may ask you to specify your request before we perform any actions. Once we have confirmed your identity, we will handle your request in accordance with applicable law. Please note that even if you object to certain processing of personal information, we may continue the processing if permitted or required to do so by law, such as when necessary to fulfil legal requirements.
Data Protection for Children
We are committed to protecting children’s data and giving you a choice about how your child’s data is or is not used. We follow global data protection laws as they relate to children’s privacy where applicable to Karman Products, such as the United States’ Children’s Online Privacy Protection Act. We do not knowingly collect personal information from children without proper parental or guardian consent.
If you believe that we may have collected personal information from someone under the age of sixteen (16), or equivalent minimum age depending on your jurisdiction, without parental or guardian consent, please let us know using the methods described in the Contact Us section and we will take appropriate measures to investigate and address the issue promptly.
Data Protection and Security Safeguards
We use industry-standard technologies, such as firewalls, encryption techniques, and authentication procedures, among others, designed to protect the security of your personal information and to protect Karman accounts and systems from unauthorized access.
Although we strive to keep your personal information secure, no security measures are perfect, and we cannot guarantee that your personal information will never be disclosed in a manner inconsistent with this Notice (for example, as the result of unauthorized acts by third parties that violate the law or this Notice).
Karman is in no way liable for any claims or losses of any kind related to the use or misuse of your User ID due to the activities of third-parties outside of Karman’s control or due to your failure to maintain the confidentiality and security of your User ID. We are not responsible if someone else accesses your account through registration information they have obtained from you or through a violation by you of this Notice or the EULA. If you have a security-related concern, please email privacy@KarmanHealthcare.com.
Future Changes
Karman may update this Notice from time to time. When we change it in a material way, a notice will be posted on our website along with the updated Notice.
What happens if there is a change in ownership?
Information about our customers and users, including personal information, may be shared and transferred as part of any merger, acquisition, sale of company assets or transition of service to another provider. This also applies in the unlikely event of an insolvency, bankruptcy or receivership in which customer and user records would be transferred to another entity as a result of such a proceeding.
Contact Us
If you have any questions or concerns about Karman’s Notice or data processing or if you would like to make a complaint about a possible breach of local privacy laws, please contact us using the following contact details:
PRIVACY OFFICER
KARMAN HEALTHCARE, INC
19255 SAN JOSE AVENUE
CITY OF INDUSTRY, CA 91748
privacy@KarmanHealthcare.com
You may also contact us by phone at the relevant customer support number. All such communications are examined, and replies issued where appropriate as soon as possible. If you are unsatisfied with the reply received, you may refer your complaint to the relevant regulator in your jurisdiction. If you ask us, we will do our best to provide you with information you need.