Privacy Notice

CEFALY US, Inc. takes the privacy and security of our customer’s data seriously.

This Privacy Notice provides you with detailed information regarding the protection of
your personal information by CEFALY US, Inc., whose registered office is located at 19
Old Kings Hwy S, Darien, CT 06820.

We are responsible for the collection, use, and disclosure of your personal information
in the course of our activities. The purpose of this Privacy Notice is to inform you of the
personal information that we collect, how it is used and disclosed, and your rights
related to this information and how to exercise them. We do not sell or rent your
personal information to third parties.

The information we collect depends on the context of your interactions with us and the
choices you make (including your privacy settings), the products and features you use,
your location and applicable law.

1. What personal information do we collect?

The personal information we collect from you may include:

  • Contact information (such as your name, phone number, email address and
    shipping address);
  • Marketing information (such as your contact preferences);
  • Prescription information (copy of a valid prescription for our device from your
    provider);
  • Troubleshooting and support data (which is data you provide or we otherwise
    access in connection with support queries we receive from you. This may
    include, for example, contact or authentication data, the content of your chats
    and other communications with us, and the product or service you are using
    related to your help inquiry);
  • Payment information (including your credit card numbers and associated identifiers,
    billing address, and shipping information).

Information we collect automatically:

When you use or interact with our website, we automatically collect or receive certain
information through our website (for example in log files) and through other technologies
(such as cookies) about your device and usage of the website. In some (but not all)
countries, including countries in the European Economic Area ("EEA"), UK and
Switzerland, this information is considered 'personal data' under data protection laws.

For further information please review Section 7 below.

The information we collect includes:

  • Log and usage data, which is service-related, diagnostic, usage and performance
    information our servers automatically collect when you access or use our website
    and which we record in log files. This log data may include the Internet Protocol
    (IP) address, device information, browser type and settings and information
    about your activity in the Services (such as the date/ time stamps associated with
    your usage, pages and files viewed, searches and other actions you take (for
    example, which features of you use)), device event information (such as system
    activity, error reports (sometimes called 'crash dumps') and hardware settings).
  • Device data, such information about your computer, phone, tablet or other device you
    use to access the website. This device data may include information such as
    your IP address (or proxy server), device and application identification numbers,
    location, browser type,  hardware model Internet service provider and/or mobile
    carrier, operating system and system configuration information.
  • Location data, such as information about your device's location, which can be either
    precise or imprecise. How much of this information we collect depends on the
    type and settings of the device you use to access the website.  For example, we
    may use GPS and other technologies to collect geolocation data that tells us your
    current location (based on your IP address).  You can opt out of allowing us to
    collect this information either by refusing access to the information or by disabling
    your Location setting on your device. Note however, if you choose to opt out, you
    may not be able to use certain aspects of the Services.

This information is used to:

  • maintain the security of the website;
  • provide necessary functionality;
  • improve performance of the website;
  • assess and improve your experience with the website;
  • review compliance with applicable usage terms;
  • identify future opportunities for development of the website;
  • assess capacity requirements;
  • identify customer opportunities and for the security of CEFALY generally (in addition
    to the security of our website);
  • analyze overall trends, to help us provide and improve our website, and to guarantee
    their security and proper functioning.

Some of the data automatically collected within the website, whether alone or in
conjunction with other data, could be personally identifying to you. Please note that this
data is primarily used for the purposes of identifying the uniqueness of website users
logging on (as opposed to specific individuals), apart from where it is strictly required to
identify an individual for security purposes.

2. Why do we use your personal information?

The main purpose of our information processing is to allow you to make a purchase through our website. We use your information to organize the delivery of products, respond to requests for after-sales service, manage rentals, and any other requests related to the sale.

If you agree, we may occasionally use your information to provide you with information about our products and services (for example, launching a new product). We will also use the personal information you provide to us to send you newsletters and other marketing communications, or for promotions or giveaways.

As a manufacturer of medical devices, we are required to carry out safety and efficacy studies on our products, called “post-market studies”. Your information may be used to contact you to determine if you are interested in participating in one of these studies. In this case, we will ask for your consent prior to the use of your personal information.

3. With whom do we share your information?

We do not sell or share your personal information with third parties except as outlined below. We may disclose your personal information to the following categories of recipients:

  • Service providers. In order to provide our products to you and undertake our
    marketing activities, it may be necessary for us to disclose your information to
    contracted third parties and service provider partners who perform certain
    functions of our service on our behalf.  Examples include payment providers (to
    authorize, record, settle and clear payment card transactions); cloud hosting
    providers (to provide data storage and processing services); communications
    providers (to process new queries and to manage our emails); and analytics
    company to perform analysis on our website. These third party service providers
    are not authorized to retain, share, store or use your personal information for any
    purposes other than to provide the services they have been hired to provide.‍
  • Compliance with laws. We may disclose information where we are legally required
    to do so in order to comply with applicable law, governmental requests, a judicial
    proceeding, court order, or other legal process (including in response to public
    authorities to meet national security or law enforcement requirements), including
    where necessary to report an adverse event to a regulatory authority such as the
    US Food and Drug Administration.‍
  • Vital interests and legal rights. We may disclose information where we believe it is
    necessary to investigate, prevent, or take action regarding illegal activities,
    suspected fraud, situations involving potential threats to the safety of any person,
    violations of our Terms of Use or this Notice, or as evidence in litigation in which
    we may be involved.‍
  • Business transfers. We may share or transfer information in connection with, or
    during negotiations of, any merger, sale of company assets, financing, or
    acquisition of all or a portion of our business to another company, provided that
    we inform the buyer it must use your personal information only for the purposes
    disclosed in this Notice.‍
  • Advertising Partners. We may partner with third party advertising networks,
    exchanges and social media platforms (like Facebook) to display advertising on
    our website or to manage and service advertising on other sites and we may
    share personal information with them for this purpose. Please see more
    information in Section 7 of this Notice for further information, including
    information about how you can turn off tracking technologies.‍
  • Consent. We may share your information with any other person with your consent to
    the disclosure, for example, if you consent to participate in a post-market study,
    information analysis companies may receive your information.

Our website may use social media features, such as the Facebook “like” button, the
“Tweet” button and other sharing widgets (“Social Media Features”). You may be given
the option by such Social Media Features to post information about your activities on a
website to a profile page of yours that is provided by a third party social media network
in order to share with others within your network. Social Media Features are either
hosted by the respective social media network or hosted directly on our website. To the
extent the Social Media Features are hosted by the respective social media networks
and you click through to these from our website, the latter may receive information
showing that you have visited our website. If you are logged in to your social media
account, it is possible that the respective social media network can link your visit to our
websites with your social media profile. Your interactions with Social Media Features
are governed by the privacy policies of the companies providing the relevant Social
Media Features.

We reserve the right to share personal information about you with our affiliates in the
course of our business operations.

4. How long do we keep your personal information?

We keep your personal information for as long as necessary to comply with applicable legal and regulatory
provisions, while taking into account operational constraints such as quality customer service.

On this basis, your personal information is kept for 10 years after the purchase of our products.

5. What are your rights and how can you exercise them?

According to applicable laws, you have several rights about your personal information, which may include the
right of access to your personal information or the right to withdraw any consent that
you may have given us to use or process your personal information.

You can exercise the rights listed above by contacting us by e-mail at privacy@cefaly.us or by writing at the address noted above and in Section 8 of this Privacy Notice. We will answer you as soon as possible.

6. How do we protect your information?

We take the security of your personal information seriously. We use reasonable and appropriate administrative, physical, and technical safeguards to secure the personal information we process. Despite these safeguards and our additional efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to
be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third-parties will not be able to defeat our security, and improperly collect, access, steal, or modify your personal information.

7. What should you know about third-party services?

On our website, we use tools developed by third parties. These third parties may place cookies or other Web tags on your browser for targeted advertising purposes. Those services may automatically record your browsing activities when you visit our website (IP address, cookies, activities on our website). This is the case for example of Google Analytics, Facebook, AddThis, AdRoll, Perfect Audience.

Google Analytics: We use cookies served by Google Analytics to collect limited data
directly from end-user browsers to enable us to better understand your use of the
website, including making use of the demographics and interests reports services of
Google Analytics. Further information on how Google collects and uses this data can be
found at www.google.com/policies/privacy/partners/. You can opt-out of all Google
supported analytics within the Services by visiting
https://tools.google.com/dlpage/gaoptout.

Facebook: We also use the pixel function of Facebook Custom Audiences to identify
users who have landed on certain pages for the purposes of target group-orientated
remarketing and advertising. The Facebook pixel stores a cookie, which means that
information about your visit to our website will be shared with Facebook. Also, as part of
the "advanced matching" undertaken by Facebook, other personal information (such as
telephone number, email address, Facebook ID) may be shared with Facebook in a
protected (hashed) form.  These cookies and the information collected is used to create
target groups to  help Facebook deliver advertising on our behalf to users who have
previously visited our website, when they are on Facebook or a digital platform powered
by Facebook Advertising and to track advertising success.  You can modify your
Facebook Ad settings to restrict these advertisements. Navigate to Settings/Adverts in
your Facebook account to adjust your preferences.

Learn more about the different types of Facebook cookies here: https://www.facebook.com/policies/cookies/.

Our Use of Targeted Adevertising

CEFALY tracks and analyses both individualized usage and volume statistical
information related to your use of our website. We also partner with third parties (such
as advertisers and ad networks) to display advertising on our website and/or to manage
and serve advertising on other third party sites.

These third parties use cookies, web beacons, pixel tags and similar tracking
technologies to collect and use certain information about your online activities on our
website and/or other third party sites and services. This information may be used alone
or in combination with information about you we obtain from other sources (like our data
partners) and contact details and CEFALY transaction history to infer your interests and
deliver you targeted advertisements and marketing that are more tailored to you based
on your browsing activities and inferred interests ("Interest Based Advertising"). Such
Interest Based Advertising will only be delivered where permitted by applicable law and
in accordance with your advertising / marketing preferences.

Our third party service providers may also use cookies or similar technologies to collect
information about your visits to our website and/or other third party sites to measure and
track the effectiveness of advertisements and our online marketing activities (for
example, by collecting data on how many times you click on one of our advertisements).

If you do not wish to be the object of targeted advertising (opt out), the following site
allows you to regulate your advertising preferences: www.aboutads.info.
You may also adjust the parameters of your browser to delete or prevent the placement
cookies.

8. Who to contact in case of questions or complaints?

You can contact our privacy officer at privacy@cefaly.us or by writing to:

CEFALY US, Inc.
19 Old Kings Hwy S, Darien, CT 06820
ATTN: Privacy

Last update: May 22, 2020

Prescription Need a prescription? Speak to a Medical Provider