Effective: 25 May 2018

Your privacy is important to us at STAAR Surgical Company ("STAAR").  This privacy statement ("Statement") applies to STAAR Web sites, any mobile applications ("Apps") and digital platforms and services ("Services") (collectively, "Sites") and explains how we collect, use, disclose and otherwise process information that identifies you or from which you are identifiable (“Personal Information”). Please be sure to read this entire Statement before using or submitting information to our Sites. For the purposes of European data protection laws, STAAR is the data controller of your Personal Information.

Personal Information Collected We collect information from you in various ways when you use our Sites. We may collect Personal Information you directly provide on our Sites.  In addition, we may collect Personal Information you generate as a user of our Sites or if you are a patient, which you provide to a healthcare professional or an institutional healthcare provider (collectively, "Providers"). Personal Information we may collect includes name, email address, phone number, gender, date of birth and zip code.

Where we collect and process Personal Information about your health or medical status (i.e., “Sensitive Personal Information”) this information may be subject to stricter requirements than other Personal Information. Before providing (or consenting to the disclosure of) Sensitive Personal Information to us, we urge you to carefully consider whether to disclose such information.

In addition, some information may be automatically collected when you visit our Sites – please see Section on Cookies below. 

If you are a Provider, you are responsible for providing adequate notice to, and obtaining any legally required authorization, consent or other permission from, your patients prior to providing their Personal Information to STAAR through the Sites (though STAAR does not request patient Personal Information). By submitting any Personal Information about a patient to STAAR, you represent and warrant to STAAR that you have provided adequate notice to and obtained all required consents from patients to do so.

Interactive Services

If you choose to participate in our questionnaires and surveys and other interactive Services, we will collect Personal Information that you disclose, to help us better understand how STAAR products are used in addressing visual conditions for which they are marketed.

The information you provide through interactive Services may be combined (subject to all applicable laws) with the Personal Information provided elsewhere in or through the Services. We may combine your and others' Personal Information to create summary data that we will use for our business purposes, such as research to improve our products and analyses that may help us better market our products.

If you submit Sensitive Personal Information (e.g., health-related information) through the Services to participate in a clinical trial, sweepstake or otherwise, we may use such Sensitive Personal Information to assess whether you qualify for enrollment or participation, to contact you about potential participation, and to provide you with additional information.

You may provide information to be published or displayed ("Posted") on public areas of the Services (collectively, "User Contribution"). If you post User Contributions then you do so at your own risk. STAAR does not control the actions of third parties with access to your User Contributions.

Cookies We may automatically collect certain information through the use of "cookies." Cookies are small data files that are stored on your hard drive by a Web site, which the site may then use to identify you on your next visit.  Among other things, the use of cookies helps us to improve our Sites and your experience.  We use cookies to see which areas and features are most popular, to count the number of computers accessing our Sites, to personalize your experience, and to remember your preferences.

A "web beacon" is a piece of code that enables us to monitor user activity and website traffic. A "cookie" is a randomly-generated unique numeric code stored in the user's web browser settings or computer's hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the "lifetime" of the cookie (i.e., when it expires), as well as the randomly generated unique numeric code.

We link the information we store in cookies to any personally identifiable information you submit while on our Sites.  If you prefer not to receive cookies on this website, you can set your browser (such as internet explorer, Google Chrome, Mozilla Firefox, etc.) to warn you before accepting cookies and refuse the cookie when your browser alerts you to its presence. You can set your browser not to accept cookies, but if you do so or if you reject a cookie, you may not be able to access some of the features or services of our Sites.  We may track your activities over time and across third-party websites, apps or other online services to display advertisements on third-party websites. If you do not want us to use your information in this way, please see "Your Privacy Choices" below. For more information about our digital advertising practices, please see "Digital Advertising" below.

If our third party vendors, consultants and other service providers ("Service Providers") use cookies, their use is not covered by this privacy statement.  We do not have access or control over those cookies.  Our Service Providers use session ID cookies to collect data in order to enable us to provide a better user experience.

Google, as a third party vendor, uses cookies to serve ads. Google's use of the first party cookies (such as Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) enables it to serve ads to you based on your visit to our Sites and other sites on the Internet. Additionally, these cookies are used to generate a report on how our ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to visits to our Sites. Users may opt out of the use of the cookie by visiting the Google ad and content network privacy Statement here: adssettings.google.com or http://optout.networkadvertising.org/#!/.

Connecting with Social Media through the Services

Certain Services may link with social media platforms and social media plug-ins (e.g., the Facebook "Like" button, "Share to Twitter" button) (collectively, "Social Media"). When accessing the Services through a Facebook or other Social Media account, STAAR may (depending on the applicable user privacy settings) automatically have access to information provided to or through the Social Media platform. STAAR may collect and use this information for the purposes described in this Privacy Statement or at the time the information was collected.

Connecting with Social Media through Service Providers

Third parties that assist us with our business operations also collect and use information (including Personal Information and "Usage Data" (i.e., information about an individual's activity on or through the Services that, by itself, does not identify the individual, such as browser type, operating system and webpages visited)) through the Services and also may share the collected information with us. For example, our vendors collect and share information with us to analyze use of the Services, to help us detect and prevent fraud and to improve user experience.

Use of your Personal Information We use your Personal Information as necessary to perform a contract (e.g., to respond to your enquiries, to register you for an account with us,  to provide you with our Services), to comply with a legal obligation (e.g., for fraud and security monitoring purposes), for reasons of public interest in the area of public health (i.e., for our medical device vigilance obligations) or for our legitimate business interests (e.g., to operate and improve our Sites, to send you messages, and for other purposes described in this Privacy Policy or disclosed to you on our Sites or in connection with our Services).  For example, we may use the information we collect from you on our Sites:

  • to personalize and improve your experience on our Sites;
  • to respond to comments and questions and provide customer service;
  • to deliver service messages and other services and content you request and to send information related to accounts and services, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages;
  • to send you information about new promotions, products, and services offered by STAAR and our selected partners;
  • to conduct an aggregated analysis of the performance of promotions; and
  • to use Remarketing with Google Analytics to advertise online.

STAAR may store and process Personal Information in the United States or in other countries.

Where required by applicable law, we (or a Provider on our behalf) will obtain your consent to our use of your Personal Information – for example, for the processing of your Sensitive Personal Information.

You have a right to object to processing of your Personal Information where that processing is carried out for our legitimate interest.

Sharing of Personal Information We share information, including Personal Information, with our third party service providers to perform the functions for which we engage them, such as data analysis, system design and maintenance, customer services and for marketing and promotions.  We may also share Personal Information with third parties to (a) comply with laws or respond to lawful requests and legal process, (b) protect the rights and property of STAAR, our agents, members, and others including to enforce our agreements, policies and terms of use, (c) respond to an emergency or protect the personal safety of any person in the good faith belief that disclosure is needed for that purpose; or (d) in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.  In any such event, we will provide notice if your data is transferred and becomes subject to a different privacy statement.

Social Media Plugins

When you use the Services, Social Media operators can place a cookie on your computer to recognize individuals who have previously visited the Services. If you are logged into a Social Media account while using the Services, the social plugins allow that Social Media to receive information that you have accessed and used the Services. The social plugins also allow the Social Media operator to share information about your activities in or through the Services with other Social Media users. For example, Facebook Social Plugins allows Facebook to show your Likes and comments on our pages to your Facebook friends. Facebook Social Plugins also allows you to see your friends' Facebook activity through the Services. STAAR does not control any of the content from the Social Media plugins. For more information about Social Media plugins, please refer to the privacy statements and other legal notices of the Social Media platform.

Digital Advertising

We use third-party advertising companies to serve ads on other websites and digital services. These companies may use information obtained from data collection tools in order to measure advertising effectiveness and to provide advertisements of interest to you.

You can opt out here so as not to receive targeted ads from use of the tools, but this will not affect any general advertisements you may receive.

Security and Retention of Your Personal Information STAAR takes reasonable security measures to protect your personal information to prevent loss, misuse, unauthorized access, disclosure, alteration, and destruction.  Please be aware, however, that despite our efforts, no security measures are impenetrable.  If you use a password on our Site, you are responsible for keeping it confidential.  Do not share it with any other person.  If you believe your password has been misused, please advise us immediately.

We retain information as long as it is necessary and relevant for our operations. In addition, we retain Personal Information to comply with applicable law, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Service, and other actions. When STAAR no longer needs your Personal Information for our business purposes, we dispose of it. The criteria used to determine the retention periods include: (i) how long the Personal Information is needed to provide the Services and operate the business; (ii) the type of Personal Information collected; and (iii) whether we are subject to a legal, contractual or similar obligations to retain the Personal Information (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes).

We employ security measures intended to help protect the security of all information submitted through the Services. The security of information transmitted through the internet cannot, however, be guaranteed. We are not responsible for any interception or interruption of any communications or for changes to or losses of data through the internet. Users of the Services are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of the Services. Any access to the Services through your user ID and password will be treated as authorized by you. To help protect your Personal Information, we may suspend your use of all or part of the Services, without notice, if STAAR suspects or detects any breach of security. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.

Choices about Use of Your Information. You may "opt-out" of receiving promotional emails from STAAR by following the instructions in those emails.  You may also send requests relating to promotional messages and your permission for sharing information with third parties for their marketing purposes by emailing privacyoffice@staar.com.  Opt-out requests will not apply to transactional service messages, including messages about any current STAAR account or Services.  You may "opt-out" of providing requested information on Sites, but then you may not be able to use the Site as intended.

Updating and Accessing Your Personal Information. If your Personal Information changes, we invite you to correct or update your information as soon as possible.  You can request changes or access to your information by emailing privacyoffice@staar.com. If you wish to cancel your account, request that we no longer use your information to provide you services or delete your Personal Information, contact us at privacyoffice@staar.com. 

Users in Europe. Individuals in Europe have certain data subject rights which may be subject to limitations and/or restrictions. These rights include the: (i) right to request access to and rectification or erasure of their Personal Information; (ii) right to obtain restriction of processing or to object to processing of their Personal Information; and (iii) right to ask for a copy of their Personal Information to be provided to them, or a third party, in a digital format (data portability). If an individual wants to exercise their rights they can contact us at privacyoffice@staar.com. Individuals in Europe also have the right to lodge a complaint about the processing of their Personal Information with their local data protection authority.

How We Respond to Browser "Do Not Track" Signals

Some web browsers incorporate a "do-not-track" or similar feature that signals to websites with which the browser communicates that a visitor does not want to have his/her online activity tracked. If a digital service that responds to a particular DNT signal receives the DNT signal, the browser can block that digital service from collecting certain Personal Information about the browser's user. As of the Effective Date not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, STAAR along with many other digital service operators do not currently respond to DNT signals. For more information about DNT signals, visit allaboutdnt.com.

Notice to Residents of Countries outside the U.S. STAAR is headquartered in the United States of America. Your Personal Information may be accessed by or transferred to the United States or to our affiliates and data processors elsewhere in the world. By providing us with your Personal Information, you consent to this transfer to the U.S. which your country may not consider to provide for adequate privacy protections. We will always protect the privacy and security of your Personal Information as expressed in this Statement, regardless of where it is processed or stored. You may withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Privacy Policies of Third Parties This Privacy Statement only addresses the use and disclosure of information by STAAR. We may provide links to outside websites or advertisements for third parties that have their own privacy policies and data collection, use and disclosure practices. Our business partners have their own privacy policies too. We encourage you to familiarize yourself with the privacy statements provided by all third parties prior to providing them with information or taking advantage of an offer or promotion.

Children's Privacy The STAAR website and applications are not intended to attract children, and we do not knowingly collect any Personal Information of anyone under the age of 13. If you believe your child is using our website, please contact us at privacyoffice@staar.com so we can investigate and delete any inappropriate information.

Links to Other Sites Our Site includes links to other Web sites whose privacy practices may differ from those of STAAR.  If you submit personal information to any of those sites, your information is governed by their privacy statements.  We encourage you to carefully read the privacy statement of any Web site you visit.

Testimonials We post customer testimonials on our Web site which may contain Personal Information.  We do obtain the customer's consent via email prior to posting the testimonial to post their name along with their testimonial.  If you wish to request that your testimonial be removed you may do so by emailing us at privacyoffice@staar.com.

Public Forums Our Web site offers publicly accessible blogs or community forums.  You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.  To request removal of your Personal Information from our blog or community forum, contact us at privacyoffice@staar.com.  In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

Changes to This Statement STAAR may change this Statement from time to time, including using collected information for new, unanticipated uses not previously disclosed.  If we make any changes to this Statement to reflect changes in collection or dissemination of information, we will change the "Last Updated" date above.  We encourage you to review this Statement whenever you visit our Sites to understand how your Personal Information is used.

Job Applicants If you have applied for employment with STAAR or one of its affiliates, the Personal Information submitted with your job application will be used to process and consider your job application and where in our legitimate interest for business management purposes. STAAR will not sell the information on your application to unaffiliated third-parties for their marketing purposes. We may share the information on your applications with recruiters, consultants, attorneys, background services and our affiliates. The information on your application may also be used for certain regulatory, compliance and legal purposes, consistent with this Privacy Policy. Should we enter into an employment contract with you we will provide further notification to you about the processing of your Personal Information as an employee.

California Privacy Rights California Civil Code Section 1798.83 entitles California customers to request information concerning whether a business has disclosed Personal Information to any third parties for the third parties' direct marketing purposes. STAAR will not sell or share your Personal Data for marketing purposes without your consent. California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices and policies may contact us at privacyoffice@staar.com, or write to us at STAAR Surgical Company c/o Legal Dept., 1911 Walker Ave., Monrovia, CA 91016.

If you are a California resident under age 18 and are a registered user of any of the Services, then you may request that we remove any of your User Contributions you publicly posted on or in the Services. To request removal of your User Contribution, please send a request with a detailed description of the specific User Contribution to the Privacy Office at the contact information below. (You also may be able to log in to your account and delete your own User Contribution.) STAAR reserves the right to request that you provide information that will enable us to confirm that the User Contribution that you want removed was created and posted by you.

STAAR will make a good faith effort to delete or remove your User Contribution from public view as soon as reasonably practicable. Please note, however, that your request that we delete your User Contribution does not ensure complete or comprehensive removal of your User Contribution. Your User Contribution may remain on backup media, cached or otherwise retained by STAAR for administrative or legal purposes or your User Contribution may remain publicly available if you or someone else has forwarded or re-posted your User Contribution on another website or service prior to its deletion. STAAR may also be required by law to not remove (or allow removal) of your User Contribution.

California Civil Code Section 1798.83 permits individual California residents to request certain information regarding STAAR's disclosure of personal information to third parties for their direct marketing purposes.

Contacting Us

All enquiries, requests or concerns regarding this Privacy Policy or relating to the processing of your Personal Information including all requests as detailed in Section “Users in Europe” above, should be sent to: Privacy Office 1911 Walker Avenue, Monrovia, CA  91016, Email: privacyoffice@STAAR.com.

Be sure to include your name, address, and email address if you want to receive a response by email. Otherwise, we will respond by postal mail within the time required by applicable law.

You may also contact our data protection representative: STAAR Surgical AG Niederlassung

Germany at Harksheider Str. 3, 22399 Hamburg, Germany, Email: DPRepresentative@staar.com.