This Privacy Notice explains how we process personal data when we provide hearing care treatment to our users. We process personal data when we collect, use, store and share your personal data.
1. Data controller
Hidden Hearing Ltd. is responsible for the processing of your personal data as described in this Privacy Notice. Hidden Hearing Ltd. is part of the Demant Group.
If you have any requests or questions related to our use of your personal data, please contact us by using the contact point below:
Hidden Hearing Ltd. (’we’, ’us’, ’our’)
Kent ME14 1HL
Please mark your email with Hidden Hearing Ltd. and state “Data Privacy” in the subject line.
2. How we process your personal data
The Purpose for collecting and using your personal data, including health information, is to carry out your hearing healthcare treatment and to provide you with our services, support and products.
2.1 When you give us your explicit consent1, we will process the categories of personal data set out below, including your health information, to:
- Administer our relationship with you. This includes contacting you regarding appointments, responding to your enquiries and following up on your treatment. In some situations, we may also be required by law to register and maintain client records with information that is relevant for your treatment. This includes, for example, traceability requirements pursuant to the EU/UK Medical Device Regulation.
For this purpose, we will process your name, title, address, telephone number, email, date of birth, customer URN, information about your hearing and technical information about your hearing device. This includes test results/audiograms, electronic media of tympanic membrane (eardrum) and ear canal treatment plans, health insurance details, records of your visits to our clinics and the support and services you have received from us, unique serial number and fitting settings.
- Provide support and repair services. This includes troubleshooting and monitoring how your hearing device is performing (typically in the form of error logs) and to update the software and firmware of your hearing device.
For this, we will process your name, title, address, telephone number, email, date of birth, information about your hearing and technical information about your hearing device. This includes test results/audiograms, electronic media of tympanic membrane (eardrum) and ear canal, treatment plans, records of your visits to our clinics and the support and services you have received from us, unique serial number, fitting settings and possible error logs detailing your personal user experience of the errors.
- Provide you with marketing communication. If you have expressed an interest in receiving marketing communication, we will send you newsletters or recommend products and services we think you will be interested in via email, text message (SMS), telephone and/or physical mail. For electronic means, we will only do this if you have given your consent to this, or if it is otherwise permitted under the applicable direct marketing rules in your country.
We also check your contact information against lists which we receive from third party service providers, or from public sources such as the electoral roll, to make sure that we have recorded your contact details correctly. This helps us to keep our records up to date and ensure that we can provide you with relevant information and services.
For this, we will process your name, email, telephone number and/or postal address.
- Improve our products and services. This includes, for example, analysis of your use of our products and services, together with specific feedback, based on which we can improve and develop new products and services. In some situations, this may be carried out using aggregated/anonymised information.
For this, we will process your title, address, date of birth, information about your hearing and technical information about your hearing device. This includes test results/audiograms, electronic media of tympanic membrane (eardrum) and ear canal, treatment plans, records of your visits to our clinics and the support and services you have received from us, unique serial number, fitting settings and possible error logs detailing your personal user experience of the errors.
- Your consent to the above is voluntary, and you can withdraw your consent at any time by contacting us at the contact point listed above. If you withdraw your consent, this may affect our ability to provide you with our hearing healthcare products and services. Withdrawal of consent will only have a future effect and our use of your personal data before you withdraw your consent will not be affected.
2.2 When you place an order for one of our hearing device products, we will need to process your personal data on the basis of our contractual relationship with you2 in order to:
- Provide you with hearing device products. This includes delivering hearing devices and accessories, and shipping, order and payment processing as well as related invoicing.
For this, we will process your name, title, address, telephone number, email and payment details and purchase history.
2.3 In the legitimate interest of ensuring and improving the user experience of our customers, we will process your personal data to:
- Analyse trends and profiles and target marketing activities. This includes modifying, personalising and improving our services and communications for the benefit of our customers, including target marketing activities. We use social media and advertising tools provided by social media providers to find relevant audiences. We target our advertising activities on social media to social media users that we regard as previous, current or future prospects and customers, including social media users that, based on our knowledge on customer trends, likely correspond to our potential, relevant audiences.
For this, we will process your name, title, address, telephone number, email, date of birth, purchase history and information about your preferences.
3. How we share your personal data
As part of our hearing healthcare treatment and operations, it may be necessary for us to share your personal data with other entities within the Demant Group.
We may also share your personal data outside our organisation with our external third parties for tasks such as:
- conducting hearing tests in our clinics;
- for second opinions or assessment with referrals from our clinics;
- assisting us with the supply or design of our products or with our business administration;
- operating our call centres; and
- providing us with electronic or physical storage services or systems.
We will only share your personal data with external third-party service providers to the extent it is necessary for the purposes described in this Privacy Notice. Our service providers are not authorised to keep or use your personal data for any other purposes, and they will always be under a strict obligation to keep your personal data safe and confidential.
[We may share your personal data with the social media providers to carry out targeted advertising activities by use of the social media tools to social media users as described above. We may also have to share your personal data with insurance companies and/or public authorities for the purpose of administering benefits you are entitled to as described above.]
4. Transfers to countries outside the EU/EEA
If we transfer your personal data to an affiliated company or an external third-party service provider located in a jurisdiction outside EU/EEA, which is not a European Commission-approved third country providing ‘adequate’ data protection, we will always ensure that adequate safeguards are taken to ensure data protection, namely by way of EU Commissions Standard Contractual Clauses. You can request a copy of these clauses by contacting us at the contact point stated in Section 1 above.
We may also disclose your personal data, if the disclosure is warranted by law, court order or judicial act.
5. How long we keep your personal data
We will process your personal data as long as it is necessary to fulfil the purposes for which your personal data have been collected, i.e. as long as we have an engagement with you. We are also required by law to keep your data for a period of time, for example due to traceability requirements under the EU/UK Medical Device Regulation. For direct marketing for which you have given consent, we will remove you from our communication lists if you withdraw your consent.
6. Your privacy rights
According to the EU General Data Protection Regulation (“GDPR”) you have several rights as a data subject:
- The right to access your personal data
- The right to have us rectify (correct) your personal data
- The right to have us delete your personal data
- The right to restrict our processing of your personal data
- The right to data portability
- The right to object to our processing
If you have a concern related to how we use your personal data, please contact us by using the contact point outlined at the top of the Privacy Notice. You also have the right to file a complaint with the relevant national supervisory authority. In the United Kingdom, the relevant supervisory authority is the Information Commissioner’s Office. You can contact the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, +44 0303 123 1113, email: email@example.com.
This Privacy Notice was last updated on 22nd April 2022.
- GDPR Art. 6(1) (a)
- GDPR Art. 6(1) (b)