The information we receive, and how we use it, depends on what you do when visiting our website. We collect and use your non-personal information (information that is not identifiable to you personally) differently than your personal information.
Our website uses a technology called “cookies.” A cookie is a tiny element of data that our site can send to your browser, which may then be stored on your hard drive so we can recognize you when you return. All pages on our site where you are prompted to log in or that are customizable may require that you accept cookies. If you have registered with our site, these cookies: (a) may let us know who you are, (b) are necessary to access your information (stored on our computer or yours) in order to deliver personalized services, and (c) will provide us and third parties we may contract with information that we will use to personalize our site in accordance with your preference. Our site may also use a technology called “tracer tags”. These may be referred to as “Clear GIFs” or “Web Beacons”. This technology allows us to understand which pages you visited on our site. These tracer tags are used to help us optimize and tailor our site for you and other future website visitors. These tracer tags or cookies could be from a third party.
You may set your Web browser to notify you when you receive a cookie. However, should you decide not to accept cookies from our site, you may limit your functionality when you visit our site.
WHAT IS NON-PERSONAL INFORMATION?
Non-personal information is information that we collect through this website that does not identify you as an individual person. It may include information such as the following:
- the type of web browser software you use (for example, Internet Explorer or Fire Fox)
- the name of the domain from which you access the Internet
- the Internet address of the website from which you linked directly to our website
- the date and time you accessed our website
- which pages you visited on our website
- personal information that has been de-identified
If you visit our website to read or download information, such as information about one of our products, we may collect certain non-personal information about you from your computer. This information is collected from your computer’s web browser. If you only read or download information on our website, we do not collect or learn your name, email address, home address, or other personal information about you.
WHAT DO WE DO WITH NON-PERSONAL INFORMATION?
Because non-personal information cannot identify you or be tied to you in any way, there are no restrictions on the ways that we can use or share non-personal information. We are always looking for ways to better serve you and improve this website. We will use non-personal information from you to help us make this website more useful to visitors. We will also use non-personal information for other business purposes. For example, we may use non-personal information or aggregate de-identified personal information to:
- create reports for internal use to develop programs, products, services or content
- customize the information or services that are of interest to you
- share it with or sell it to third parties
- provide aggregated “traffic statistics” and “response rates” to third parties
WHAT IS PERSONAL INFORMATION?
Personal information is information we collect through this website that we can use to specifically identify you, such as your:
- telephone number
- email address
- personal health information
- date of birth
In some places on this website you have the opportunity to send us personal information about yourself. For example, you may fill out a registration form, a survey, or an email form. You may also choose to allow us to personalize your visits to the website, in which case we will ask you for certain personal information to make your visits to our website more helpful to you. When this information is combined with the information that we collect through cookies (described above), we will be able to tell that you have visited our website before and can personalize your access to our website, for example, by telling you about new features that may be of interest to you.
HOW DO WE KEEP AND USE PERSONAL INFORMATION?
We may keep and use personal information we collect from you through this website to provide you with access to this website. In addition, we may keep and use your personal information:
- to respond to your requests
- to personalize your access to our website, for example, by telling you about new features that may be of interest to you
- to develop records, including records of your personal information
- to contact you with information that might be of interest to you, including information about clinical trials and about products and services of ours and of others
- for analytical purposes and to research, develop and improve programs, products, services and content
- to remove your personal identifiers (your name, email address, social security number, etc). In this case, you would no longer be identified as a single unique individual. Once we have de-identified information, it is non-personal information and we may treat it like other non-personal information.
- to protect our rights or property
- to protect someone’s health, safety or welfare
- to comply with a law or regulation, court order or other legal process
DO YOU EVER SHARE PERSONAL INFORMATION WITH THIRD PARTIES?
In the ordinary course of business, we will share some personal information with companies that we hire to perform services or functions on our behalf. For example, we may use different vendors or suppliers to ship you products that you order on our website. In these cases, we provide the vendor with information to process your order such as your name and mailing address. In all cases in which we share your personal information with a third party, we will not authorize them to keep, disclose or use your information with others except for the purpose of providing the services we asked them to provide. In addition, we may hire a vendor for marketing assistance or research, and they may need some information to assist them in their process.
We will not sell, exchange or publish your personal information, except in conjunction with a corporate sale, merger, dissolution, or acquisition.
We may be legally compelled to release your personal information in response to a court order, subpoena, search warrant, law or regulation. We may cooperate with law enforcement authorities in investigating and prosecuting website visitors who violate our rules or engage in behavior which is harmful (or illegal) to other visitors.
We may also disclose your personal information to third parties if we feel that the disclosure is necessary to:
- protect our rights or property
- protect someone’s health, safety or welfare
- comply with a law or regulation, court order or other legal process.
WHAT ABOUT PRIVACY ON OTHER WEBSITES?
DO YOU EVER COMMUNICATE DIRECTLY WITH VISITORS TO THIS WEBSITE?
We may contact you periodically by email, mail or telephone to provide information regarding programs, products, services and content that may be of interest to you. In addition, some of the features on this website allow you to communicate with us using an online form. If your communication requests a response from us, we will send you a response via email. The email response or confirmation may include your personal information, including personal information about your health, your name, address, etc. We cannot guarantee that our emails to you will be secure from unauthorized interception.
ARE THERE SPECIAL RULES ABOUT CHILDREN’S PRIVACY?
We care about protecting the online privacy of children. We will not intentionally collect any personal information (such as a child’s name or email address) from children under the age of thirteen. If you think we have collected personal information from a child under the age of thirteen, please contact us.
WHAT ABOUT WEBSITE SECURITY?
We take reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. You should keep in mind that no Internet transmission is ever 100% secure or error-free. In particular, email sent to or from this site may not be secure, and you should therefore take special care in deciding what information you send to us via email.
We comply with the U.S.- EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries andSwitzerland. We certify that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about theSafeHarborprogram, and to view our certification, please visit http://www.export.gov/safeharbor/
We self-certify compliance with:
Enforcement and Dispute Resolution
Claims arising out of or relating to our adherence to the Principles, or the breach thereof, that cannot be resolved through our internal processes after thirty (30) days may be settled by a binding independent recourse mechanism, the American Arbitration Association (“AAA”), unless those claims relate to human resources data collected in Europe. Claims regarding human resources data collected in Europe will be resolved under the conflict resolution procedures of the appropriate local European Data Protection Authorities. The AAA and the European Data Protection Authorities provide dispute resolution services using a neutral arbitrator who will provide resolution of disputes under applicable rules. Written notice of arbitration shall be delivered to CryoLife at the address above. AAA arbitrations will take place in Atlanta, Georgia, USA or other location agreed to by CryoLife. Human resources data conflicts will be resolved in the home of the appropriate local Authority. Each party shall bear its own costs of arbitration. The arbitrator will have no authority to award punitive damages. For more information regarding AAA, please see http:/www.adr.org/drs. For more information regarding the various local European Data Protection Authorities, please see http://ec.europa.eu/justice_home/fsj/privacy/nationalcomm/index_en.htm. We are also subject to the jurisdiction of the Federal Trade Commission (www.ftc.gov/ftc/complaint.htm)