Protection of personal data and responsible handling of information are very important to us. Please refer to this Privacy Policy to learn more. This Privacy Policy explains how the operator of the website www.cordis.com (“Site”) collects and uses information you provide when visiting our Site. This privacy policy applies in particular to California residents from whom we collect personal information (“consumers” or “you”), including when you visit the website Site, who reside in the State of California. We adopt this privacy policy to comply with the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as amended or superseded from time to time (“CCPA”). Any terms defined in the CCPA have the same meaning when used in this privacy policy.

Information We Collect

This Site collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). Personal information does not include: (i) publicly available information from government records; (ii) deidentified or aggregated consumer information; and (iii) information excluded from the CCPA’s scope, such as health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Confidentiality of Medical Information Act (CMIA), and personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA), California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

In particular, the Site collects the following categories of personal information from the sources and for the business or commercial purposes described below:

Category

What We Collect

Source

Business Purposes for Collection

Identifiers

(“Identity Data”).

Name, business email, country, state, providence, business address, business phone, zip code, IP address, job title, job function

  • Indirectly through the use of cookies from third parties and form captures.

  • 3rd Parties include Google

  • Directly through direct contact with you

  • Behavior on our website

  • Sales follow up

  • Content engagement

  • Interest-based advertising

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“Customer Records Data”).

*Some personal information included in this category may overlap with other categories.

Name, business email, country, state, providence, business address, business phone, zip code, IP address, job title, job function

  • Indirectly through the use of cookies from third parties and form captures.

  • Google

  • Directly through direct contact with you

  • Behavior on our website

  • Sales follow up

  • Content engagement

  • Interest-based advertising

Internet or other similar network activity (“Internet Use Data”).

Browsing history, types of searches completed, interactions with our websites

Indirectly through Google

  • Behavior on our website

  • Interest-based advertising


Use and Disclosure of Personal Information

Use of Personal Information. We may also use or disclose the personal information we collect for one or more of the following purposes:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

  • As described to you when collecting your personal information or as otherwise set forth in the applicable law.

  • To service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential, secure, and to use only personal information for the purposes for which we disclose it to them.

  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Cordis’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Cordis about the users of this Services is among the assets transferred.

  • To enforce or apply agreements;

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Cordis, users of the Site, or others;

  • With your consent.

This data will not be passed on to third parties without your express consent. If the processing of your personal data is based on your consent, you have the right to revoke your consent at any time with the consequence that the processing of your personal data will become inadmissible for the future. However, this does not affect the legality of the processing carried out on the basis of the consent until revocation.

Disclosures of Personal Information for a Business Purpose. We share your personal information for a business purpose to the following categories of third parties:

  • Service providers.

  • Data analytics providers.

  • Operating systems and platforms.

When we disclose your personal information to a service provider, we enter into a contract with the service provider that describes the business purpose for which your personal information is disclosed and restricts the service provider from using your personal information for any purpose except performing the contract.

We disclose to these third parties the following categories of personal information for a business purpose:

  • Identity Data.

  • Customer Records Data.

How We Respond to “Do Not Track” Signals

A do not track signal (“DNT”) prevents web applications from tracking you, you can learn more about DNT at https://allaboutdnt.com. Your web browser may let you choose your preference as to whether you want to allow the collection of information about your online activities over time and across different websites or online services. At this time, the Site does not respond to the preferences you may have set in your web browser regarding such collection of your information, and the Services may continue to collect information in the manner described in this Privacy Policy.

Sales of Personal Information

The CCPA requires businesses to disclose whether they sell Personal Data. As a business covered by the CCPA, we do not sell Personal Data.

Children’s Privacy

The CCPA regulates the online collection of Personal Information from children under the age of 16. Our Services are not directed to or used by children, and we do not knowingly collect Personal Information from children under the age of 16.

Your Rights and Choices

Access. If you are a California resident, you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.

  • The categories of sources for the personal information we collected about you.

  • Our business or commercial purpose for collecting that personal information.

  • The categories of third parties with whom we share that personal information.

  • The specific pieces of personal information we collected about you (also called a data portability request).

  • If we disclosed for a business purpose: disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Right to Delete & Rectify. You have the right to request that we delete or rectify any of your personal information that we have collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete or rectify (and direct our service providers) your personal information from our records, unless an exception applies. We may deny your request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

  • Debug products to identify and repair errors that impair existing intended functionality.

  • Exercise free speech, ensure the right of another consumer to exercise that consumer’s free speech rights, or exercise another right provided for by law.

  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.

  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

  • Comply with a legal obligation.

  • Make other internal and lawful uses of the information that are compatible with the context in which you provided it.

How to Exercise Your Rights. To exercise the rights described above, please submit a verifiable consumer request to us by either: emailing us at [DPO@cordis.com]

  • Note that only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
    • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

    • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

  • We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us, but we may require authentication of the consumer that is reasonable in light of the nature of the personal information requested. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format. We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (for a maximum total of 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the receipt of a verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless the request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. Alternatively, we may decline to respond to the request and notify you of our reason for doing so.

Non-Discrimination

You also have the right to not be discriminated against in pricing and services because you exercise any of your rights under the CCPA. Cordis does not offer Financial Incentives or Price or Service Differences to Consumers in exchange for the retention or Sale of a Consumer’s Personal Information.

Changes to this Privacy Policy

We reserve the right to update or change this privacy policy at any time. When we make changes to this privacy policy, we will post the updated notice on this Site and update the date on which this privacy policy was last updated. The date this privacy policy was last updated is at the top of this page. You are responsible for periodically reviewing this Site and this privacy policy to check for any updates or changes. Your continued use of this Site following the posting of changes constitutes your acceptance of such changes.

Contact Us

If you have any questions or comments about this privacy policy or our privacy practices, your choices and rights regarding use of your personal information, or wish to exercise your rights under California law, please contact us by sending an email to DPO@cordis.com.