Updated: 27 February 2023
ResMed, as the controller of your data, wants to share with you how we treat personal data we receive about you.
This Privacy Notice provides you with information about your rights and the privacy practices that govern how we process your data. It applies when you interact and transact with us, either in person, via telephone and email, on our social media channels, or on our websites, whenever we refer to or link to this Privacy Notice. Please refer to our separate Credit Reporting Policy which explains how we handle your credit information.
Your relationship with us may also be governed by other privacy notices if you use other ResMed products and services.
We may vary these policies from time to time by updating this Privacy Notice.
Please click on the relevant heading below for more information on each of these areas.
- What personal data do we collect about you and how do we collect it?
- How do we use your personal data?
- How do we protect your personal data?
- Who do we share your personal data with?
- Where is your personal data hosted and processed?
- On what basis do we use your personal data?
- How long will we retain your personal data?
- Your personal data rights.
- Personal data from children.
- Links to other sites
1. What personal data do we collect about you and how do we collect it?
In most cases, we collect personal data about you from you, but in some circumstances, we may receive personal data about you from third parties.
WEB SITE VISITORS AND APP USERS
When you visit our websites or use any of our mobile applications, we collect:
- your IP address.
- your browser type, browser activity and related information.
- information about the computer system you are using including the type of system and operating software.
- any information you may enter or share with us.
Through certain technologies employed by our websites and mobile applications, we also collect other information about you in accordance with our Cookie Notice.
For more details about the collection of this type of data, please refer to our Cookie Notice..
END USERS OF OUR PRODUCTS AND SERVICES
Depending on how you interact with us and your country of residence, we collect:
- your title, first name and last name.
- your date of birth and your gender.
- your address and email address.
- your telephone number.
- your payment information.
- your health insurance information.
- information about your healthcare professionals, including your treating physicians and homecare providers.
- identification and background information.
- your image or a photograph of you.
- your authorised representative or guardian’s first name, last name and contact details.
- information about the products you use, i.e. sleep therapy device, mask, etc.
- information about the services you use, i.e. from us and externally.
- your sleep, health, and health-related lifestyle information.
- any other information you provide to us.
In most cases, there will be an additional notice when we collect your personal data such as a pop-up form on our website or a form at our clinic, telling you that we are collecting your data at that point. We collect information about you when:
- you register an account with us.
- you interact with us, e.g. when you call, email or visit our website and social media channels.
- when you make an appointment or visit our clinics.
- when we receive information and prescriptions from your healthcare professional (if applicable in your country of residence).
- you sign up to receive marketing communications, interact with us via social media or other on-line platforms (including when you participate in on-line communities) or participate in promotional offers and surveys.
- your healthcare professional provides us data in relation to your medical care (if applicable in your country of residence).
- we provide products and services on behalf of third parties that you have a relationship with, such as hospitals and home care providers.
In certain circumstances, we may also collect publicly or commercially available personal, identity, geographic and demographic information about you.
HEALTHCARE PROVIDERS
Depending on how you interact with us and your country of residence, we collect:
- your title, first name and last name.
- your date of birth.
- your business name.
- your telephone number.
- your business address and email address.
- your payment information.
- your insurer’s details.
- information about the products you purchase and the services you use.
- any other information you provide to us.
We collect information about you when:
- you register an account for our products and services.
- you register to attend conferences, education sessions and industry events.
- you purchase our products.
- you interact with us, including when you meet with our sales representatives and attend training for our products and services.
JOB SEEKERS
Depending on how you interact or transact with us and your country of residence, we collect:
- your title, first name and last name (and any previous names you have held).
- your gender.
- your nationalities.
- your telephone number.
- your address and email address.
- information about your legal right to work in the jurisdiction where the role is based.
- your qualifications and experience.
- any other information you provide on your resume or during the recruitment process.
We collect information about you when:
- you apply for a role via our careers website (https://careers.resmed.com) or contact us directly.
- you work with a recruiting agency.
- you are referred to us by a contact.
RESEARCH PARTICIPANTS
We collect personal information about you when you agree to participate in a research project, study, trial or other similar undertaking conducted by us.
Depending on the particular undertaking, we collect:
- your title, first name and last name.
- your date of birth and your gender.
- your address and email address.
- your telephone number.
- information about your healthcare professionals, including your treating physicians and homecare providers.
- identification and background information.
- your image or a photograph of you.
- information about the products you use, i.e. sleep therapy device, mask, etc.
- information about the services you use, i.e. from us and externally.
- your sleep, health, and health-related lifestyle information.
- other information relevant to the undertaking or that you provide to us.
In most cases, there will be an additional notice when you agree to participate in the research or other undertaking or when we collect your personal data for those purposes, such as a pop-up form on our website or mobile application or a consent form provided by the research team, telling you that we are collecting your data at that point.
We also use de-identified information for research and analysis purposes.
2. How do we use your personal data?
WEB SITE VISITORS, APP USERS AND END USERS OF OUR PRODUCTS AND SERVICES
Depending on how you interact with us, we use your personal data:
- to respond to your requests for information or materials, and to create, develop and maintain our relationship with you.
- to respond to your requests for information or materials, and to create, develop and maintain our relationship with you.
- newsletters and press releases;
- content relating to products, programs, services or general information we believe may interest you; and
- relevant, timely marketing messages.
- to target communications to you on social media platforms.
- to provide you with products and services, such as:
- technical support;
- sleep testing and risk indications;
- treatment set up and support; and
- annual treatment reviews to check your therapy and equipment.
- to communicate with your health insurer and healthcare providers, e.g. to provide them with relevant product information and your treatment outcomes if they have referred you to us for treatment or support.
- to ensure we do not collect data from children under the age of 13 or otherwise considered a minor under the laws of your country of residence.
- to conduct statistical analyses, surveys and research (including market research) to enhance existing, and develop new products and services, including improvements to our websites.
- to fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims and acting as a medical device administrator.
HEALTHCARE AND HOMECARE PROVIDERS
Depending on how you interact with us, we use your personal data:
- to respond to your requests for information or materials and to create, develop and maintain our relationship with you.
- when you interact with us, including when you meet our sales representatives and attend training for our products and services.
- to send you invoices for our products and services.
- when you register an account for our products and services, and to attend conferences, education sessions and industry events.
- to communicate with you via telephone and unencrypted email and text messages (SMS messages), including to send you:
- newsletters and press releases;
- content relating to products, programs, services or general information we believe may interest you; and
- relevant, timely marketing messages.
- when we engage you to provide us with a service.
- when we are required to report on expenses for any transparency laws that may apply to us.
- to conduct statistical analysis, surveys and research (including market research) to enhance existing, and develop new products and services, including improvements to our websites.
- to fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims.
JOB SEEKERS
We will use your personal data to:
- assess your suitability for the role you have applied for.
- conduct reference checks.
- communicate with you about your application.
- fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims.
RESEARCH PARTICIPANTS
We will use your personal data:
- as part of research, surveys and analysis conducted by us, including both medical and non-medical research.
- to help us understand our end users and prospective end users, and healthcare and homecare providers.
- for marketing, depending on your country of residence.
- in the development and improvement of our products and services.
- in related internal education and regulatory activities.
3. How do we protect your personal data?
We employ a number of different security and privacy controls to protect your data and to comply with applicable data protection laws. Despite the security measures employed by us, you should be aware that it is impossible to guarantee absolute security with respect to information sent through the internet.
If we confirm that your personal data has been subject to a data breach, we will follow applicable data breach notification laws.
We will make reasonable efforts to ensure that the personal data collected is the minimum necessary to fulfil the purposes described in this Privacy Notice.
4. Who do we share your personal data with?
We do not sell or rent your personal data. We only share your data in accordance with this Privacy Notice, and to the extent permitted by applicable law.
We may share your personal data:
- with any affiliate or subsidiary of, and any company owned and controlled by ResMed.
- if some or all of the business of ResMed is transferred to another entity by way of merger, sale of its assets or otherwise. if we are required to do so by law.
- with your healthcare or homecare provider, if you are an end user of our products and services.
- with any recruitment agency you have worked with to apply for a role with us.
We may share your personal data in limited circumstances in a controlled and secure manner, with such third-party data processors and service providers that we engage to provide aspects of our services on our behalf. These data processors and service providers are contractually required to keep your personal data confidential and to use your personal data for the sole purpose of performing the services we have engaged them to provide. They may not use your personal data for any other purpose. Depending on your country of residence, we use third-party data processors and service providers for:
- data processing and hosting.
- marketing.
- customer service.
- sleep testing and to assist you to manage your health conditions.
- order fulfilment (including shipment and payment).
- technical support.
- recruitment.
- conducting analyses, surveys and research (including market research) to enhance existing, and develop new products and services.
5. Where is your personal data currently hosted and processed?
To provide our products and services, your personal data may need to be accessed from or transferred to locations outside the jurisdiction in which you provide it, including Australia, New Zealand, Japan, India, Malaysia, Singapore, the European Union, Canada and the United States of America. Please see ‘Who do we share your personal data with’ for more detail on how your personal data may be shared with other ResMed entities and third party service providers.
If your personal data is accessed from or transferred to locations outside the jurisdiction in which you provide it, we will implement appropriate measures to ensure that your personal data remains protected and secure and otherwise comply with applicable data protection laws.
Transfer of data between ResMed entities is covered by European Union standard contractual clauses that are in place between all ResMed entities that share and process personal data.
6. On what basis do we use your personal data?
We use your personal information on the following bases:
- to perform a contract, such as providing you with the products and services you purchased.
- for the establishment, exercise or defence of legal claims or proceedings.
- to comply with legal and regulatory obligations.
- for legitimate business purposes.
- with your consent.
7. How long will we retain your personal data?
We will retain your personal data for:
- as long as we are required to do so under the laws regarding medical data and financial record retention.
- the limitation period for taking legal action.
- good practice.
- our business purposes.
8. What are your personal data rights?
Applicable data protection laws provide certain rights for data subjects.
You are entitled to request details of the personal data we hold about you and how we process it. You may also have the right in accordance with applicable data protection law to:
- have it rectified or deleted.
- restrict our processing of your personal data.
- stop unauthorised transfers of your personal data to a third party.
- to have personal data relating to you transferred to another organisation, in some circumstances.
If you object to the processing of your personal data, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above (see ‘How do we use your personal data’). You also may not be able to make use of the services and products offered by us.
Please note that even after you have withdrawn your consent we may be able to continue to process your personal data to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
We must ensure that your personal data is accurate and up to date. Therefore, please advise us of any changes to your personal data by emailing us at privacy@resmed.com.
Your rights are not absolute and we will assess them on your request.
If you have an account with us, you may be able to self-serve some of these data requests such as updating or correcting your personal data when you visit your user profile on our website. Otherwise, you can send us your request by emailing us at privacy@resmed.com.
If you wish to make a complaint about a breach of your privacy, you can contact us by mail at the following address:
Privacy Officer
ResMed
1 Elizabeth Macarthur Drive
Bella Vista NSW 2153
You may also have the right to lodge a complaint in relation to our processing of your personal data with a local supervisory authority.
9. Personal data from children
We do not knowingly collect personal data from children. Our website and services are not intended for, or directed to, children. If you are under 13 years of age or otherwise considered a minor under the laws of your country of residence, then please do not use or access our website or services at any time or in any manner.
If a parent or legal guardian becomes aware that his or her child has provided us with personal data without appropriate consent, please contact us by sending an email to privacy@resmed.com.
If we confirm that a user is a minor and has provided us with personal data, we will delete such personal data from our databases.
10. Links to other sites
For your convenience, our website, applications and other communications may from time to time include links to third-party sites whose information practices may differ from ours. You should consult the other sites' privacy policies, as we have no control over information that is submitted to, or collected by, these third parties.