PRIVACY POLICY (CALIFORNIA CONSUMERS)

CONTENTS OF THIS POLICY
  1. WHO WE ARE
  2. ABOUT THIS POLICY
  3. WHAT TYPE OF PERSONAL INFORMATION DO WE COLLECT?
  4. HOW DO WE USE YOUR INFORMATION?
  5. HOW AND WHEN DO WE SHARE PERSONAL INFORMATION WITH THIRD PARTIES?
  6. HOW LONG DO WE STORE PERSONAL DATA?
  7. HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
  8. YOUR RIGHTS
    Access to Specific Information and Data Portability Rights
    Deletion Request Rights
    Exercising Access, Data Portability, and Deletion Rights
    Response Timing and Format
  9. NON-DISCRIMINATION
  10. CHANGES TO THIS POLICY
  11. HOW TO CONTACT US
A. WHO WE ARE

CooperSurgical, Inc. delivers impactful solutions that improve women's healthcare through our offerings, including a range of medical devices. Fertility and genomic solutions are offered through CooperGenomics, Inc. Our vision is a world with healthy women, babies, and families.

In this Policy, CooperSurgical, Inc. may refer to itself as "we", "us" or "our", and doing so may also include our related companies.

B. ABOUT THIS POLICY

We may obtain personal information about consumers, including those of you residing in California. Although this information helps us to serve you, we take pride in safeguarding your privacy.

The California Consumer Privacy Act of 2018 (CCPA) is a law related to protecting the privacy of consumers who reside in the State of California. This California Privacy Policy is a notice to you that describes when, why and how we collect, use and otherwise handle personal information of California consumers.

You can also find our general privacy policy at https://coopersurgical.com/data-privacy-policy

This California Privacy Policy also applies to consumer-related personal information we receive through your use of third-party sites or platforms (for example, via our applications developed by third-parties) where your information may be provided. While those third-party sites or platforms may have their own privacy policies, the information we collect is covered by our privacy policy. Any privacy choices you have made on the third-party site or platform will not apply to our use of the information we have collected directly through our applications.

Please also keep in mind that our sites and applications may contain links to other sites not owned or controlled by us. We encourage you to be aware when you leave our sites or applications and to read the privacy policies of other sites that may collect your personal information.

"Personal Information" is any information relating to you, which can be used to personally identify you, either directly or indirectly. Examples include an individual’s name, postal address, email address, and telephone number – though these may not be the only types of information that you provide or that we collect. Additional details of the information covered by this policy are described in the "WHAT PERSONAL INFORMATION DO WE COLLECT?" section of this California Privacy Policy.

C. WHAT PERSONAL INFORMATION DO WE COLLECT?

The types of personal information we collect is described below. Sometimes we collect anonymous information so that you are not personally identified. Also, and we may use personal information and anonymous information to create aggregate information. Here is a list of the categories of personal information (and an indication of what we collected during the last 12 months):

Categories of Information

Examples

Collected

Identifiers

Your name(s), an alias or unique personal/online identifier (such as user name or login name), address, email address, username, internet protocol (IP) address.

Yes

Additional Identifiers

Your signature: photograph; voice, physical characteristics or description; social security number (or portions thereof); state identification card number; insurance policy number; bank account number, credit card number, debit card number, or any other financial information; medical information or health insurance information.

Yes

Characteristics of Protected Classifications Under California or Federal Law

Age (over 40), race, and gender

Yes

Commercial Information

Records, dates and locations of products or services purchased, obtained, or considered; or other purchasing or consuming histories or tendencies.

Yes

Biometric information

Height; Weight.

No

Internet or Other Electronic Network Activity information ("Electronic Information")

Browsing history; search history; information regarding a consumer’s interaction with an internet website, application, or advertisement; cookies; IP address of your device, information about the operating system and/or app you are using; unique device identifiers; pages that you navigate to and links that you click; your preferences and settings.

Yes

Geolocation Data

Location information collected by a browser or inferred by IP addresses, mobile device signals.

Yes

Sensory Information

Audio, electronic, visual, thermal, olfactory, or similar

No

Professional or employment-related information

Job titles; location of employment or workplace; work history

No

Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))

Schools attended; grades; qualifications; resumes

No

Inferences Drawn From Personal Information

Consumer type; potential purchasing behavior.

Yes

Personal information does not include:

  • Publicly available information from government records
  • Deidentified or aggregated consumer information
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
D. HOW DO WE USE YOUR INFORMATION?

We use personal information for some general purposes. The information allows us to provide you with products, services, and customer support, to bill you for products and services you request, to market products and services which we think may be of interest to you, or to communicate with you for other purposes. The types of general uses include:

  • record keeping, statistical analysis, internal reporting and research
  • hosting, maintaining and otherwise supporting the operation of our websites and other communication platforms, and helping to customize your and improve your experience with our websites and other platforms
  • ensure the quality of the products and services we provide to you and to investigate complaints made by you
  • investigating, resolving or otherwise addressing any disputes between you and us
  • detecting and preventing fraud or other criminal offenses
  • risk management
  • business and disaster recovery (e.g. to create back-ups)
  • network and information security
  • document and data retention/storage

We also use Identifiers, Additional Identifiers, Commercial Information, Electronic Information, Geolocation Data to help us establish and maintain a relationship with you, through things like:

  • creating an account(s) with us or for identification purposes
  • your request for us to send products to you or to provide services to you
  • communicating with you, including with non-marketing materials or marketing materials about our company or our products/services, and to provide you with email alerts or other notices concerning our products or services, events or news that may be of interest to you
  • linking your profile on a third-party site or platform with any account(s) with us
  • entering a promotion, contest, sweepstakes, etc.
  • requesting or submitting a rebate and rebate fulfillment
  • fulfilling orders
  • processing a payment at your request or on your behalf
  • confirming your authorization of transactions

When you use our websites, or third-party platforms or applications, we may collect Identifiers, Additional Identifiers, Electronic Information and Geolocation Data about your usage of the service for:

  • personalize your experience with us
  • enabling your use of the services available on our sites, applications or platforms
  • contacting you about our products, services or other news that you have requested.

Cookies are small pieces of information sent to your browser and stored on your computer’s hard drive. We use information collected by cookies to help improve the contents of our websites and to compile aggregate statistics about people using our site for our internal usage statistics and market research purposes. When installed, cookies collect the domain name of the user, your internet service provider, your operating system, and the date and time of access. You can set your browser to notify you when you receive a cookie, this will enable you to decide if you want to accept it or not. You can also refuse cookies altogether. However, if you do not accept our cookies, you may not be able to use all functionalities of our website.

We use Geolocation Data:

  • to identify where you are contacting us from

Geolocation Data may be collected from your computer, your devices, you telephone, and your use of applications or platforms.

We may be required to collect your personal information to comply with our legal requirements, to enable us to fulfil the terms of any contract that we have with or in preparation of us entering into a contract with you.

E. HOW AND WHEN DO WE SHARE PERSONAL INFORMATION WITH THIRD PARTIES?

CooperSurgical, Inc. may share your Personal Information with members of our corporate group (details of the locations are listed on page 11) in order to provide the products and/or services or information that you have requested. We may also share your information with other members of our corporate group for the purposes of IT support and maintenance, internal governance and administration, and to comply with our legal or regulatory obligations.

We will not share your personal information with a third party outside the CooperSurgical, Inc. corporate group, except:

  • when you permit us to do so
  • where you have instructed us to share your personal information with third-party sites or platforms, such as social networking sites (Please note that once we share your personal information with another company, the information received by the other company is controlled by that company and becomes subject to the other company’s privacy practices)
  • when parties perform services on our behalf, like product delivery, marketing and advertising, customer service, IT services and solutions (e.g. providing data storage, assisting us with database management) or rebate fulfillment. These companies are prohibited from using your personal information for purposes other than those requested by us or required by law
  • when we share your personal information with third-parties in connection with the sale of a business; to enforce our Terms of Use or rules; to ensure the safety and security of you or others; to protect our rights and property and the rights and property of you and others; to comply with legal process; or in other cases if we believe in good faith that disclosure is required by law.

We may also share your personal information with:

  • our accountants, auditors, lawyers or other professional advisers when we ask them to provide us with professional advice
  • any other third party if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or to protect the rights, property and/or safety of CooperSurgical, Inc., any of its Affiliates, its personnel and others;
  • any other third party for the purposes of acting in accordance with the requirements of a court, regulator or government agency, for example, complying with a court order or acting in accordance with an applicable law or regulation;
  • to protect the safety of any person, to address fraud, security, or technical issues, or to protect our rights or property or the rights or property of those who use our services. However, nothing in this California Privacy Policy is intended to limit any legal defenses or objections that you may have to a third-party’s, including a government’s, request to disclose your personal information

We do not share (and during the last 12 months, we did not) sell, rent, or trade personal information with third-parties for their commercial purposes.

F. HOW LONG DO WE STORE PERSONAL DATA?

It is our policy to retain your personal information for the length of time required for the specific purpose or purposes for which it was collected (e.g., for the fulfilment of an agreement with you). However, we may be obliged to store some personal information for a longer time, taking into account factors including:

  • legal obligation(s) under applicable law to retain data for a certain period of time (e.g. compliance with tax and accountancy requirements);
  • the establishment, exercise or defense of legal claims (e.g., for the purposes of a potential dispute)

If you would like to find out how long we keep your personal information for a particular purpose, you can contact us at: ccparequests@coopersurgical.com.

G. HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

We implement technical and organizational security measures to protect your personal information against the risk of loss, misuse, or unauthorized alteration or destruction. Such measures may include the use of firewalls, encryption (where appropriate), access rights management processes, careful selection of processors and other technically and commercially reasonable measures to provide appropriate protection for your personal information. Where appropriate, we may also make backup copies and use other such means to prevent accidental damage to or destruction of your personal information.

Please note, however, that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure. For any payments that we take from you online we will use a recognized online secure payment system.

H. YOUR RIGHTS

The CCPA grants you certain rights that you can exercise. This section explains those rights and how to exercise them.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive your request and verify you as the person whose information is being requested (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:

  • The categories of personal information we collected about you
  • The categories of sources for the personal information we collected about you
  • Our business or commercial purpose for collecting or selling that personal information
  • The categories of third parties with whom we share that personal information
  • The specific pieces of personal information we collected about you (also called a data portability request)
  • If we disclosed your personal information for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request us to delete any of your personal information that we collected and retained, subject to certain exceptions. Once we receive and verify you as the person whose information is being requested (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities
  • Debug products to identify and repair errors that impair existing intended functionality
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.)
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us
  • Comply with a legal obligation
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Before assessing any of your requests, we may request additional information in order to verify your identity. If you do not provide the requested information and, as a result, we are unable to identify you, we may refuse to take action on your request.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We will consider and respond to a verifiable consumer request within forty-five (45) days of its receipt. However, if we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will provide requested personal information in a structured, commonly used and machine-readable format and for it to be transferred to you or another organization, where it is technically feasible.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

I. NON-DISCRIMINATION

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that might result in different prices or rates. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

J. CHANGES TO THIS POLICY

We may revise this Privacy Policy from time to time to accommodate new technologies, industry practices, regulatory requirements or for other purposes. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Privacy Policy.

K. HOW TO CONTACT US

If you wish to request further information regarding this Privacy Policy or the way we use your person information you can contact us at: ccparequests@coopersurgical.com.

  • CooperSurgical, Inc., 75 Corporate Drive, Trumbull, CT 06611, USA
  • CooperGenomics, Inc., 75 Corporate Drive Trumbull, CT 06611, USA