PRIVACY NOTICE
Last updated: 5 February 2024
This Privacy Notice describes how your personal data, including special categories of personal data, are collected and processed, related to the use of your Hearing Devices (“HD”). In this context, this Privacy Notice covers the processing of your personal data carried out via the “Hearing Remote” Application (“Mobile App”) with all related technology to access or otherwise use the Mobile App as described below. The processing of your personal data complies, according to your country, with local law requirements, including the Swiss Federal Data Protection Act (“FDPA”), the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”), the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) for your personal data qualified as Protected Health Information (PHI), or the Cyber Security Law of People’s Republic of China (“PRC”) and the Personal Information Protection Law of PRC.
This Privacy Notice may be updated from time to time. In this case, we will inform you that this Privacy Notice has been modified and the “last updated” date on top of this document will be modified. We recommend that you periodically review the latest version of this Privacy Notice.
1. Who we are
Sonova AG, Laubisrütistrasse 28, 8712 Stäfa, Switzerland (www.sonova.com), (“Sonova AG”) acts as a Controller for the processing listed in the following section.
Your Hearing Care Professional (“HCP”) may also act as Controller for the processing described at the end of the section below.
2. Personal data we collect from you and why
Sonova AG processes your personal data for the following purposes:
Based on your consent (those processing are not mandatory and will occur only if you agree and consent to it):
Insights - Notifications (not applicable for China) / Send you notification reminders to help you benefit from your HD: Network address & identifiers (B2C token, Notification token), Medical device type and settings (supported notification types), Other product type and settings (e.g. mobile version, mobile platform, mobile language).
Analytics (not applicable for China) / Monitor the performance of the HD and Mobile App to understand your demographics and preferences in using the Mobile App: Mobile App usage data (e.g. adjustments, program name personalization, onboarding time, acceptance of privacy notice, etc.), Other product UID (Google Analytics tracking ID), Other product type and settings (e.g. OS name/version, mobile device model, mobile device language, Mobile App version), Network address & identifiers (IP address), Time stamp, Other product UID (Mobile App instance ID – unique to specific app installation on a device), Geolocation information (approximate mobile device location such as city/region/country) (Sonova will not store your location and will not be able to track you in any way).
Based on the performance of your contract (those processing are mandatory as they are necessary to improve your hearing experience and to ensure the proper functioning of your HD and the Mobile App):
Pair & Connect HDs, HD Status and Adjustments / Ensuring your HD and Mobile App are functioning as intended and allow you to make adjustments to your HD: Medical device type and settings (HD model number, type), Medical device UID (HD serial number), HD usage data (classification of ambient sound, battery state of charge, HD wearing time, usage logging), Other data (HD volume, HD program).
Based on our legal obligation (under the Medical Device Regulation, we, as a manufacturer, must set up a monitoring system that enables the collection and analysis of data about the quality, performance and safety of our medical devices):
Crashlytics (not applicable for China) / Collect crash and error reports on the Mobile App to ensure correct operation and security (post-market surveillance): Crash and error data (Mobile App exceptions, errors and crash information), Other product type and settings (e.g., OS name/version, mobile device model, mobile device language), Performance data (e.g., connection with HD, technical log of Mobile App events); Network address & identifiers (IP address), Time stamp, Other product UID (Mobile App instance ID – unique to specific app installation on a device), Session ID (connection ID – random ID regenerated for every Bluetooth connection); Medical device type and settings (HD model).
Your HCP processes your personal data for the following purpose, based on the performance of your contract:
Insights - Asynchronous distance support / Fit your HD remotely: Other product UID (ID for HD pair), Fitting data (configurable offsets, adaptive feature values), Session date/time (time created, time applied, time acknowledged), Session data (remote session version, type of session, state of fitting session), Free form text fields (comments in session), Data subject UID (unique anonymous patient ID), Network address & identifiers (B2B login token).
3. How we share your personal data
Your personal data will be processed according to the instructions we provide to our employees who have received the necessary training in data protection and are subject to an obligation of confidentiality.
Your personal data may also be disclosed to:
Other companies in our group of companies, such as our subsidiaries, all of which are required to protect personal data in accordance with applicable privacy and data protection laws;
Our business partners, contractors and third-party service providers. These third parties only process personal data that are strictly necessary for the services they provide to us, according to our instructions and in compliance with our privacy and security requirements.
Other organizations and public bodies, supervisory and control authorities, including law enforcement agencies, as may be required by law.
By using the Mobile App, only personal data that are strictly necessary for the following purposes are shared:
Microsoft Corporation – Microsoft Azure (Netherlands) or for China 21Vianet Group, Inc (China): provide cloud infrastructure hosting our services.
Purpose of disclosure: Fitting the HDs remotely.
Categories of personal data shared: Other product UID (ID for HD pair), Fitting data (configurable offsets, adaptive feature values), Session date/time (time created, time applied, time acknowledged), Session data (remote session version, type of session, state of fitting session), Free form text fields (comments in session), Data subject UID (unique anonymous patient ID), Network address & identifiers (B2B login token).
Google LLC - Firebase Analytics (USA): analytics. (not applicable for China)
Purpose of disclosure: Monitor the performance of the HD and the Mobile App to understand your demographics and preferences in using the Mobile App.
Categories of personal data shared: Mobile App usage data (e.g. adjustments, program name personalization, onboarding time, acceptance of privacy notice, etc.), Other product UID (Google Analytics tracking ID), Other product type and settings (e.g. OS name/version, mobile device model, mobile device language, Mobile App version), Network address & identifiers (IP address), Time stamp, Other product UID (Mobile App instance ID – unique to specific app installation on a device), Geolocation information (approximate mobile device location such as city/region/country).
Google LLC - Firebase Cloud Messaging (USA): remote configuration and push notifications. (not applicable for China)
Purpose of disclosure: Send you notification reminders to help you benefit from your hearing aids.
Categories of personal data shared: Network address & identifiers (B2C token, Firebase cloud messaging token).
Google LLC – Firebase Crashlytics (USA): crashlytics. (not applicable for China)
Purpose of disclosure: collect crash and error reports on the Mobile App to ensure correct operation and security (post-market surveillance).
Categories of personal data shared: Crash and error data (Mobile App exceptions, errors and crash information), Other product type and settings (e.g., OS name/version, mobile device model, mobile device language), Performance data (e.g., connection with HD, technical log of Mobile App events); Network address & identifiers (IP address), Time stamp, Other product UID (Mobile App instance ID – unique to specific app installation on a device), Session ID (connection ID – random ID regenerated for every Bluetooth connection); Medical device type and settings (HD model).
Before we disclose any personal data to other third parties than those listed above, we will explicitly ask you for your consent. However, if we are obliged to disclose personal data without your consent, we will only disclose personal data that are strictly necessary for that purpose to fulfil our legal obligations.
4. International personal data transfers
Please note that some of the above-mentioned third parties can be located outside your country. Therefore, your personal data may be transferred to countries that do not provide the same level of protection of personal data as your own country. In such cases, we undertake to:
implement adequate procedures to comply with applicable law;
adopt appropriate organizational, technical and legal safeguards in order to ensure an adequate level of protection of the personal data transferred;
implement, if necessary, and according to applicable law, standard contractual clauses as adopted by the European Commission and/or the relevant supervisory authority;
depending on the country of the importing third party, take additional measures such as conducting a transfer impact assessment.
5. How long we keep your personal data
Sonova AG will retain your personal data for a minimal period proportional to the time required to fulfil the purposes outlined in Section 2. This is the case for personal data processed based on the performance of the contract. In the event applicable law or other regulations require a longer retention period, we will apply the longer retention period in order to fulfill our legal obligations.
For personal data processed based on your consent:
Insights: if you decide to deactivate the processing all personal data will be deleted.
Google Firebase Analytics: it is not possible to identify you with data collected for this processing, for any further questions please refer to their retention policy.
Your personal data processed by HCPs, such as for Asynchronous distance support processing, will be retained according to HCPs policy and applicable laws. For more information on their specific retention periods, please contact your HCP.
6. Your legal rights
Within the framework of the collection and processing of your personal data, and as per applicable law, you may have the right to request access, rectification, erasure of your personal data, or restriction of processing. In addition, you may object to the processing, request data portability and withdraw your consent at any time. According to your country, you may have other rights such as providing instructions for how your personal data should be processed posthumously. Under HIPAA you may also have the right to request an accounting of disclosures of your personal data, and the right to receive a paper copy of the notice of privacy practices upon written request.
You may exercise your rights by using the contact details in the “How to contact us” Section below, or you should contact your HCP if your rights concern personal data processed for the purpose of Remote
Support Service.
Please note that the exercise of such rights is subject to the limitations provided by applicable law.
If you consider that the processing of your personal data infringes applicable law then you may also lodge a complaint with the local supervisory authority or the competent regulator.
7. How to contact us
In the event of questions about this Privacy Notice, or the processing of your Personal Data, please contact our Data Privacy Team at privacy@sonova.com.