Effective Date: September 27, 2016
Last Update: June 28, 2021
Masimo is aware of the Court of Justice of the European Union’s decision on July 16, 2020 to declare as invalid the European Commission Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. Masimo addresses cross-border data transfer requirements under the EU General Data Protection Regulation 2016/679 and European Economic Area data protection laws by relying on Standard Contractual Clauses and other adequate measures.
Masimo complies with, and participates in the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and its Member States (“EU”), European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland to the United States, respectively (collectively "Privacy Shield"). Masimo Corporation, Masimo Americas, Inc., and Masimo Semiconductor, Inc. (together, "Masimo") has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles, and is committed to process all personal data received from the EU, EEA, UK and Switzerland in accordance with the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view Masimo's certification, please visit https://www.privacyshield.gov/list.
Masimo collects personal data, as defined in the Privacy Shield Framework, from individuals who visit our public and customer-facing web and mobile sites ("EU, EEA, UK and Swiss Website Visitors"), individual representatives of our corporate customers, suppliers and business partners ("EU, EEA, UK and Swiss Business Contacts"), and Masimo EU, EEA, UK and Swiss employees and temporary staff. Masimo therefore collects both non-human resources personal data, as well as human resources related personal data for Masimo EU, EEA, UK and Swiss employees and temporary staff.
From EU, EEA, UK and Swiss Website Visitors, Masimo may collect the following types of personal data:
From EU, EEA, UK and Swiss Business Contacts, Masimo may collect the following types of personal data:
From Masimo EU, EEA, UK and Swiss employees and temporary staff, Masimo may collect the following types of personal data:
Masimo collects and uses personal data of EU, EEA, UK and Swiss Website Visitors, EU, EEA, UK and Swiss Business Contacts, and Masimo EU, EEA, UK and Swiss employees and temporary staff for the purposes of:
All personal data that we receive from EU, EEA, UK and Swiss Website Visitors, EU, EEA, UK and Swiss Business Contacts, and Masimo EU, EEA, UK and Swiss employees and temporary staff in reliance on the Privacy Shield framework is subject to the Privacy Shield Principles and Supplemental Principles. We also receive some personal data through reliance on other EU-toU.S. data transfer mechanisms, such as data transfer agreements based on EU Standard Contractual Clauses.
With respect to human resources data received from the EU, EEA, UK and Switzerland, Masimo commits to cooperate with the EU Data Protection Authorities and with the Swiss Federal Data Protection and Information Commissioner (FDPIC), respectively in conformity with the Supplemental Principles on Human Resources Data and the Role of the Data Protection Authorities and will comply with any advice given by such authorities.
Masimo may share personal data we collect from EU, EEA, UK and Swiss Website Visitors, and EU, EEA, UK and Swiss Business Contacts, and Masimo EU, EEA, UK and Swiss employees and temporary staff with the following types of third parties and for the following purposes:
If EU, EEA, UK or Swiss Website Visitors, EU, EEA, UK or Swiss Business Contacts, and Masimo EU, EEA, UK and Swiss employees and temporary staff have any questions or complaints regarding this Privacy Shield Notice or need to access, update, change or remove personal data, please contact us at privacy@Masimo.com or by postal mail addressed to:
Attn: Data Protection Manager
Irvine, CA 92618
Masimo will respond to your question, complaint, and/or request to access or delete your information within 30 days. Your right to access your personal data is subject to conditions set out the Privacy Shield Framework.
Under the GDPR, individuals have rights to access, deletion, rectification, objection, restriction, and portability. In compliance with the Privacy Shield Principles, Masimo commits to resolve complaints about our collection or use of your personal information. EU, EEA, UK and/or Swiss individuals with inquiries or complaints regarding this Privacy Shield Notice should first contact privacy@Masimo.com or contact Masimo through the postal address provided above. If you are located in the EEA, EU, UK or Switzerland and we have not been able to satisfactorily resolve your question or complaint regarding our privacy practices, you may raise your concern to the attention of the panel established by the EU Data Protection Authorities ("DPAs"), the Swiss Federal Data Protection and Information Commissioner, as applicable. Masimo commits to cooperate with the panel established by the EU DPAs, UK DPAs and/or the Swiss Federal Data Protection and Information Commissioner, as applicable, and comply with the advice given by the panel and/or Commissioner, as applicable, with regard to data transferred from the EEA, UK and/or Switzerland.
If you are an EEA, EU, UK or Swiss Masimo Website Visitor or EEA, EU, UK or Swiss Business Contact, if at any time you do not want your information disclosed to third parties not acting on our behalf, as set out above, or used for any additional purpose that we notify you of, you may opt out of such use by contacting us via the contact information in the "Right to Access" section above. You may also choose to unsubscribe from our marketing communications by following the instructions or unsubscribe mechanism in the message you received. We will retain and use your personal information in a way that does or may identify you for as long as needed to provide you marketing or services, comply with our legal obligations, resolve disputes, and/or enforce our agreements.
Masimo is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission and the U.S. Federal Trade Commission has jurisdiction over Masimo's compliance with the Privacy Shield. Masimo also is committed to cooperating with EEA, EU, UK and Swiss DPAs and any panel set up by them.
Masimo may disclose personal data in special cases when we have a good faith belief that such action is necessary to: (a) conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; (b) protect and defend our rights or property; (c) enforce the website Terms and Conditions; or (d) act to protect the interests of our users or others.
In the context of an onward transfer to a third party acting as an agent on behalf of Masimo, if the third party processes personal data from the EEA, EU, UK and from Switzerland in a manner inconsistent with the Privacy Shield Principles, Masimo will be liable unless Masimo can prove that it is not responsible for the event giving rise to the damages.
In relation to an onward transfer to a third party acting as a controller, Masimo will enter into a contract with such third party that provides that (i) personal information may only be processed for limited and specified purposes and consistent with a declaration of consent provided (where necessary), (ii) the third party will comply with these Principles or equivalent obligations and will notify Masimo if it can no longer meet this obligation, and that (iii) if such determination is made, the third party shall cease processing or take other reasonable and appropriate steps to remediate. This shall be Masimo's entire liability in respect of processing of personal data by such third parties.
If you are located in the EEA and have exhausted all other means to resolve your concern regarding a potential violation of Masimo's obligations under the Privacy Shield Principles, you may seek resolution via binding arbitration. For additional information about the arbitration process please visit the Privacy Shield website. Under the GDPR, individuals may also file a complaint with their local national DPAs.