Privacy Policy
Last modified date: September 18, 2024
Venus Medtech (Hangzhou) Inc. (hereinafter referred to as "we", "us" or "Venus Medtech") attaches great importance to your privacy and fully understands the importance of personal information to you. We hereby solemnly undertake to respect the privacy rights of our users. Please read this Privacy Policy (the “Policy") carefully and understand its contents before accessing our website.
This Privacy Policy applies to users in the People’s Republic of China and the European Union. If users in other countries or regions consider that this Policy does not fully comply with the requirements of local laws and regulations on the protection of personal information, please contact us immediately, and we will adjust and improve the Policy in a timely manner.
This Privacy Policy will help you understand the following:
1.Purpose and scope of the policy
2.Data Controller
3.What Personal Data do we collect and how?
4.Why do we collect your Personal Information and how?
5.Do we share your Personal Data?
6.Is your Personal Data transferred to third countries?
7.How long do we keep your Personal Data?
8.How do we ensure the security of your Personal Information?
9.What are your rights?
10.Updating of this policy
1.Purpose and scope of the policy
Venus Medtech attaches the greatest importance and care to the protection of privacy and Personal Data, as well as to the respect of the applicable data privacy legislation (hereinafter "Applicable Legislation"). The Applicable Legislation includes notably the Personal Information Protection Law of People's Republic of China and the General Data Protection Regulation (EU) 2016/679.
Under the Applicable Legislation, Personal Data must be processed lawfully, fairly, and transparently. Thus, this privacy policy (hereinafter the "Policy") aims to provide you with simple, clear information on the Processing of your Personal Data, in the context of your interactions with us and with our website.
2.Data Controller
In the course of your activity on the Venus Medtech- website, we collect and use Personal Data relating to you, an individual (hereinafter "Data Subject").
3.What Personal Data do we collect and how?
By using our website, you provide us with a certain amount of information about yourself, some of which may be used to identify you ("Personal Data"). This is the case when you browse our site.
The nature of the Personal Data collected will vary depending on the relationship you have with Venus Medtech, the main ones being:
-Identification data: This includes all the information that would allow us to directly identify you, such as your name, first name, telephone number. We may also collect your e-mail address, as well as your postal address (in case of payment, the postal address will be needed to generate an invoice).
In case of subscription, a proof of identity may also be requested.
-Authentication data: This is all the information you provide us to access your personal account, such as your password, and other information necessary to authenticate and access an account.
We also collect your IP address for maintenance and statistical purposes.
-Browsing information: by browsing our website, you interact with it. As a result, some information about your browsing is collected.
-Data collected from Third Parties: Personal Data that you have agreed to share with us or on publicly available social networks and/or that we may collect from other publicly available databases.
4.Why do we collect your Personal Information and how?
We collect your Personal Data for specific purposes and on different legal grounds.
In the context of the execution of the contract or pre-contractual measures, your Data is processed for the following purposes:
-Organizing and participating in conferences
-Engaging into pre-contractual discussions at your initiative
-Managing our contractual relationship
Based on your consent, your Data may be processed for the following purposes:
-Carrying out commercial and marketing prospecting operations.
-Management of the investor relationship newsletter.
-Management of cookies requiring your consent.
Based on our legitimate interests, provided they are not overridden by your own interests or rights and freedoms, your data is processed for the following purposes:
-Posting on social media
Within the framework of the legal and regulatory obligations to which Venus Medtech is subjected, your Data may occasionally be processed for the following purposes:
-Training physicians to the use of our products
Purpose of processing | Categories of personal data | Legal basis | Retention period (active database/archives) |
| Management of conferences | -Identification data -Professional data -Accommodation details | Legitimate interest | 3 years after the end of the conference / 10 years (archived for regulatory compliance) |
| Management of social media posting | -Identification data Professional life | Legitimate interest | 2 years after the last social media interaction / 10 years (archived for regulatory compliance) |
| Management of investor communications | -Identification data -Professional life | Consent | Until you unsubscribe from the investor newsletter / 10 years (archived for regulatory compliance) |
| Management of patient testimonials | Management of patient testimonials -Personal characteristics -Personal characteristics | Consent | Until you withdraw your consent / 10 years (archived for regulatory compliance) |
| Management of contract reviews | -Identification data Professional life | Contract | 7 years after the end of the contractual relationship / 10 years (archived for regulatory compliance) |
| Management of distributors | -Identification data --Professional life | Contract | 7 years after the end of the contractual relationship / 10 years (archived for regulatory compliance) |
| Management of Direct Sales | -Identification data Professional life | Contract | 7 years after the end of the sales relationship / 10 years (archived for regulatory compliance) |
| Training of physicians | -Identification data Professional life -Education, training, qualification | Legal obligation | 2 years from the end of the employment relationship / 10 years (archived for regulatory compliance) |
5.Do we share your Personal Data?
Your Personal Data are intended for the authorized Venus Medtech collaborators in charge of the management and the execution of the contracts and legal obligations, according to the purposes of the collection and within the limits of their respective attributions.
It may be transmitted for certain tasks related to hereabove purposes, and within the limits of their respective missions and authorizations, to the following recipients:
-Entities of the Venus Medtech Group when certain processing operations are outsourced to another entity of the group.
-Service providers and processors that we use to carry out a range of operations and tasks on our behalf, including
•Authorized medical device distributors and sales agents, who may place cookies to track marketing leads and after-sales service inquiries related to our cardiovascular medical devices.
•Clinical research institutions and medical trial partners, who use cookies to anonymize and aggregate user data for post-market clinical follow-up and product safety monitoring.
•Third-party technical service providers (e.g., telemedicine platforms, medical education platforms), who place cookies to support online training, remote consultation, and technical support services.
•Medical industry media and advertising partners, who use cookies to deliver targeted educational content and product information relevant to healthcare professionals, with user explicit consent.
•Logistics and supply chain partners, who may use cookies to manage order tracking and product delivery inquiries for our medical devices.
-Commercial partners only when you have expressly consented to this through a checkbox on our Data collection forms.
-Duly authorized public authorities (judicial, control...), in the framework of our legal and regulatory obligations.
-Regulated professions (lawyers, bailiffs, etc...) who may intervene in the context of the implementation of guarantees, debt collection, or litigation.
When your Data is provided to our service providers and processors, they are also required not to use the Personal Data for purposes other than those originally intended. We make every effort to ensure that these third parties maintain the confidentiality and security of your Personal Data.
In all cases, only the necessary Personal Data is provided. We make every effort to ensure the secure communication or transmission of your Personal Data.
We do not sell your Personal Data.
6.Is your Personal Data transferred to third countries?
Venus Medtech is accessing your data from outside the European Economic Area (EEA).
The Personal Data we collect when you use our platform or services are transferred to other countries. This is for example the case if some of our service providers are located outside the European Economic Area.
During such a transfer, we guarantee that it will be carried out:
-to a country ensuring an adequate level of protection, i.e. a level of protection equivalent to what the European privacy regulations require; or
-within the framework of standard contractual clauses; or
-within the framework of Binding Corporate Rules.
7.How long do we keep your Personal Data?
We retain your Personal Data only for as long as is necessary to fulfill the purpose for which we hold the data, notably to meet your needs or our legal obligations.
Retention times vary depending on several factors, such as:
-Venus Medtech business needs.
-Contractual requirements.
-Legal requirements.
-Recommendations from regulatory authorities.
The retention periods for your Data are as follows:
[PLEASE REFER TO THE COMPANY'S DATA REPOSITORY TO COMPLETE]
Purpose | Retention periods |
Management of orders, purchases | 7 years after the end of the sales/contractual relationship / 10 years (archived for regulatory compliance) |
Contract management | 7 years after the end of the contractual relationship / 10 years (archived for regulatory compliance) |
Loyalty programs management | 2 years after the last customer interaction / 10 years (archived for regulatory compliance) |
Managing your customer account | Until the account is closed + 7 years / 10 years (archived for regulatory compliance) |
Complaints and after-sales service management | 2 years after the resolution of the complaint / 10 years (archived for regulatory compliance) |
Carrying out sales and marketing prospecting operations | 3 years after the last marketing interaction / 10 years (archived for regulatory compliance) |
Transmission of your Data to our business partners | Until the completion of the relevant business purpose + 7 years / 10 years (archived for regulatory compliance) |
Newsletter management | Until you unsubscribe from the newsletter / 10 years (archived for regulatory compliance) |
Managing cookies that require your consent | As specified in our Cookie Statement (session-based or up to 2 years, depending on cookie type) / 10 years (archived for regulatory compliance) |
Establishing statistics for product and service improvement | 2 years after the statistical analysis is completed (data anonymized) / 10 years (archived for regulatory compliance) |
Conducting satisfaction surveys and polls | 1 year after the survey/poll is completed (data anonymized) / 10 years (archived for regulatory compliance) |
Management of pre-litigation and litigation | 10 years after the final resolution of the legal matter / 10 years (archived for regulatory compliance) |
Fight against Fraud | 10 years after the detection of the fraudulent activity / 10 years (archived for regulatory compliance) |
Fight against money laundering and terrorism financing | 5 years after the end of the business relationship / 10 years (archived for regulatory compliance) |
General and subsidiary accounting | 10 years from the end of the fiscal year (in compliance with accounting regulations) / 10 years (archived for regulatory compliance) |
8.How do we ensure the security of your Personal Information?
Venus Medtech is committed to protecting the Personal Data we collect and process from loss and unauthorized destruction, alteration, access, or disclosure.
Thus, we implement all appropriate technical and organizational measures, depending on the nature of the Personal Data and the risks that their processing entails. These measures must preserve the security and confidentiality of your Personal Data. They may include practices such as limiting access to Personal Data on a need-to-know basis, pseudonymization or encryption.
In addition, our practices, policies, and security measures (secure access, authentication process, backup, software, etc.) are regularly reviewed and updated as necessary.
9.What are your rights?
The Applicable Legislation provides Data Subjects with rights that they can exercise. Thus, are provided:
1.Right to information: the right to have clear, precise, and complete information on the use of your Personal Data by Venus Medtech.
2.Right of access: the right to obtain a copy of the Personal Data that the Data Controller holds on the requester.
3.Right to rectification: the right to have Personal Data rectified if they are inaccurate or obsolete and/or to complete them if they are incomplete.
4.Right to erasure / right to be forgotten: the right, to have your Personal Data erased or deleted, unless Venus Medtech has a legitimate interest in keeping it.
5.Right to object: the right, under certain conditions, to object to the processing of Personal Data by XXX for reasons related to the particular situation of the requester.
6.Right to Withdraw Consent: the right to withdraw Consent at any time where the processing is based on your consent.
7.Right to the restriction of processing: the right, under certain conditions, to request that the processing of Personal Data be suspended.
8.Right to Data Portability: the right to request that Personal Data be transmitted in a reusable format that allows it to be used in another database.
9.Right not to be subject to a decision based solely on automated processing: the right of the requester to refuse fully automated decision-making and/or to exercise the additional safeguards offered in this regard.
10.Right to define post-mortem directives: the right for the data subject to define directives concerning the fate of Personal Data after his/her death.
Additional rights may be granted to Data Subjects by local legislation.
In order to facilitate the exercise of these rights, Venus Medtech has implemented a procedure for the management of data subjects' rights in accordance with the requirements of the Applicable Legislation. This procedure lays out:
-the standards to be respected to ensure the transparent information of data subjects;
-the applicable legal requirements;
-the modalities for exercising each right, depending on the category of Data Subjects;
-The business processes for handling these requests in accordance with the above requirements;
-The stakeholders involved in these processes, their roles, and responsibilities.
To exercise your rights, you may contact our Data Protection Officer at the following address privacy@venusmedtech.eu or privacy-protection@venusmedtech.com,by phone at+86 571 87772180.
When you send us a request to exercise a right, please specify as far as possible the scope of the request, the type of right being exercised, the concerned data processing activity, and any other useful information in order to facilitate the examination of your request. In addition, in case of reasonable doubt, you may be asked to prove your identity.
10. Updating of this policy
This Policy may be updated from time to time to reflect changes in the Applicable Legislation.
