Privacy Policy

Last Revised: March 2022

This Privacy Notice informs you of important information about how Hologic, Inc. and our family of companies (together, “Hologic,” “we,” “us” or “our”) process the personal data that we collect in online and offline formats through the Services.

By accessing or using the Services, you consent to our collection, use and disclosure of your information (including your personal data) in accordance with this Privacy Policy. If you do not agree to our Privacy Policy, you may not access or use the Services.

When we use the term “Services” we mean to refer collectively to:

  • The provision of medical technology and related services to our customers including technical support (“Customer Services”);
  • The websites owned and controlled by us that link to this Privacy Notice (“Sites”); and
  • Interactions with prospective customers and marketing and business development activities, including events we host, social media properties we operate, and emails that we send (“Marketing Activities”).

When we use the term “personal data” we mean data that reasonably can be used to identify a person, or that reasonably relates to a person.

    We collect and process personal data about a number of different individuals through the provision of the Services. These individuals include our customers, prospective customers and others who may be interested in our products and services, visitors to our offices, visitors to our Sites, vendors, and other individuals.

    Customers and prospective customers: The majority of our customers and prospects are corporate entities and data about entities is not personal data. But we do process personal data of their employees, representatives and other personal data customers and prospects provide to us or allow us to collect on their behalf.

    We collect the following personal data in the context of providing Customer Services and Marketing Activities: 

    • Names
    • Job titles
    • Email address
    • Physical address
    • Phone number
    • Diagnostic solutions device log data (but not patient data) 

     

    We also obtain personal data about individuals who may be interested in our products or services from third-party sources such a lead generation list providers and conference organizers when they provide us personal data about conference attendees.

    Our legal bases for processing personal data in connection with Customer Services and Marketing Activities are:

    • To comply with legal obligations and professional responsibilities;
    • To perform contracts;
    • To pursue our legitimate interests of:
      • ensuring that we deliver the best possible service to our customers,
      • keeping individuals informed of developments in our technology, products, and services,
      • business development and general marketing, and
      • ensuring we build and maintain a good working relationship with you;
    • Your consent, but where we make it clear to you in advance that we are relying on you consent (for example, when you sign up to our mailing list).

     

    Health Care Professionals: We often interact with the health care professionals in the conduct of our business. In connection with our Marketing Activities, we may contract with them to perform consulting or speaking engagements. We collect the following personal data about health care professionals:

    • Names
    • Job titles
    • Email address
    • Professional address
    • Phone number
    • Resume and work history details
    • Financial and tax information (when we need to pay consultants and for speaking engagements)

    Our legal bases for processing this personal data are:

    • To comply with legal obligations and professional responsibilities (for example, transparency laws and codes governing the health care industry);
    • To perform contracts;
    • To pursue our legitimate interests of:
      • ensuring that we deliver the best possible service to our customers,
      • keeping individuals informed of developments in our technology, products, and services,
      • business development and general marketing, and
      • ensuring we build and maintain a good working relationship with health care professionals in the industry;
    • Your consent, but where we make it clear to you in advance that we are relying on you consent (for example, when you sign up to our mailing list).

     

    Visitors to our Sites: We collect certain personal data from visitors to our Sites. We generally collect this information directly from you when you fill out form fields, interact with our iStore, download product documentation, apply for a job, or register for and participate in our medical education services. In this variety of different circumstances on the Sites we collect:

    • Name
    • Customer account number
    • Company name
    • Your photo, if you provide it to us
    • Email address
    • Physical address
    • Phone number
    • Time zone
    • Resume and work history details, if you apply for a job with us
    • The products and medical education services you are interested in

    The legal bases we rely on to process this information are:

    • To pursue our legitimate interests of operating and growing our business, operating and improving the Sites, delivering the Customer Services and engaging in Marketing Activities; and
    • Your consent, where we make it clear to you in advance that we are relying on you consent (for example, when you sign up to our mailing list).

     

    Visitors to our offices: For visitors to our offices we take a record of name and contact information. This information is recorded for legitimate business purposes and for health and safety purposes so that we know who is in the building in event of an emergency. If you attend one of our events and we serve food, we may have information about your dietary requirements.

    The legal bases we rely on to process this personal data are:

    • To comply with our legal obligations; and
    • To pursue our legitimate interests in ensuring the safety and security or our employees and visitors.

     

    Vendors and business partnersWe process personal data of vendors and business partners in the conduct of our business operations, including name, contact information, financial information, tax information, and information to verify identity. For vendors, we do this so that we can liaise about the services the vendors are providing to us now and in the future. For business partners, we do this to support, grow and maintain the relationship. For individual vendors and business partners, we hold financial information in order to pay invoices. Sometimes we receive this information from a third party who is recommending the service to us.

    The legal bases we rely on to process this personal data are:

    • To perform contracts;
    • To comply with our legal obligations; and
    • To pursue our legitimate interests of managing and operating our business, including through use of vendors and business partners.

     

    Social media platformsSocial media channels, pages and blogs offered as a service to users of the Services (“Social Media”) are hosted by third-party vendors. Those vendors normally require registrants to provide personal data, including name and email address among other kinds of information. This personal data is not collected by us but may be shared with us. We use this personal data to manage our online communities and for other purposes set forth in this Privacy Notice.

    In addition to the uses described above, we may use your personal data for the following purposes. Some of these uses may, under certain circumstances, be based on your consent, may be necessary to fulfill our contractual commitments to you, are necessary to serve our legitimate interests in the following business operations, or to comply with our legal obligations:

    • Operating our business, administering the Services and managing your accounts;
    • Contacting you to respond to your requests or inquiries;
    • Processing and completing your transactions including, as applicable, order confirmation and delivering products or services;
    • Providing you with newsletters, articles, alerts and announcements, event invitations, and other information that we believe may be of interest to you;
    • Providing you with marketing information, and other information that is tailored to your interests;
    • Conducting research, surveys, and similar inquiries to help us understand trends and customer needs;
    • Analyzing your interactions with us, and improving our products, services, programs, and other offerings;
    • Preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Information, our website or data systems; or to meet legal obligations; and
    • Enforcing our Terms of Use and other agreements.

    We share personal data with the following categories of recipients. 

    Service Providers: We may disclose your personal data to third-party service providers to provide us with services such as website hosting, professional services, including information technology services and related infrastructure, customer service, e-mail delivery, auditing and other similar services.

    Affiliates: We may disclose personal data to our affiliates for the purposes described in this Privacy Notice, including for their marketing purposes, and to be consistent with our goal of providing our the superior customer service and engagement experience that our customers have come to expect from us around the world.

    Authorized Distributors: In some regions, we sell our products through distributors rather than directly to buyers. In these regions, we may disclose personal data in order to provide the Services, complete transactions, address product deliver and warranties..

    To Perform Customer ServicesWe may disclose personal data to third parties in order to perform services you request or functions you initiate, such as when you post information and materials on message boards and forums.

    Corporate Transactions or EventsWe may disclose your information to a third party in connection with a corporate reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or capital, including in connection with any bankruptcy or similar proceedings.

    Other Legal ReasonsIn addition, we may use or disclose your personal data as we deem necessary or appropriate: (1) under applicable law, including laws outside your country of residence; (2) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (3) to comply with subpoenas and other legal processes; (4) to pursue available remedies or limit damages we may sustain; (5) to protect our operations or those of any of our affiliates; (6) to protect the rights, privacy, safety or property of Hologic, our affiliates, you and others; and (7) to enforce our terms and conditions.

    Security

    Hologic takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. However, please be advised that when information is transmitted over the internet, it cannot be guaranteed to be completely secure.

    European Economic Area and UKFor individuals in the European Economic Area, please click here for additional detailed disclosures. 

    State of California, United StatesWe may disclose personal data to affiliates of Hologic, Inc., which may use this information for all purposes outlined in this Privacy Notice. Under California Civil Code Section 1798.83, separate legal entities are considered “third parties” and certain communications with our affiliates might be viewed as promoting our services. Therefore, we are providing the following information for California residents who have provided us with their personal data during the creation of or during the course of an established professional services relationship that is primarily for personal, family, or household purposes (“California Residents”).

    Individual California Residents may request information about our disclosures of certain categories of personal data to third parties (i.e., our affiliates) for such third parties’ direct marketing purpose, consistent with California Civil Code Section 1798.83. 

    Individual California Residents must submit requests to us either by email at data.privacy@hologic.com or by mail at the following address:

    Hologic, Inc.
    Legal Department
    250 Campus Dr, Marlborough, MA 01752, USA

    In response, we will provide a list of the categories of “Personal Information”, as that term is defined by California Civil Code Section 1798.83, disclosed to third parties for direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties.

    This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the email or mailing addresses specified in this section.

    CanadaFor individuals in Canada, please click here for additional detailed disclosures.

    We may periodically send you relevant alerts and newsletters by e-mail. To help improve our marketing activities, we often receive a confirmation when you open an e-mail or click on a link included in one of these emails, if your computer supports such capabilities. Instructions on how to unsubscribe from these alerts and newsletters are included in each e-mail.

    How we use cookies

    We use cookies and related technologies (“Cookies”) to provide Services, gather information when users navigate through the Sites to enhance and personalize the experience, to understand usage patterns, and to improve our Sites, products, and Services. 

    Cookies on our Sites are generally divided into the following categories:

    • Essential Cookies: These cookies are strictly necessary to provide you with services available through our Services and to use some of their features, such as access to secure areas. Because these cookies are strictly necessary to deliver the Services, you cannot refuse them without impacting how our Services function.
    • Performance and Functionality Cookies: These cookies are used to enhance the performance and functionality of our Services but are non-essential to their use. However, without these cookies, certain functionality may become unavailable.
    • Analytics and Customization Cookies: These cookies collect information that is used to help us understand how our Services are being used or how effective our marketing campaigns are, or to help us customize our Services for you in order to enhance your experience.
    • Targeting Cookies: These record your visit to our Sites, the pages you have visited and the links you have followed to recognize you as a previous visitor and to track your activity on the Sites and other websites you visit. These Cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Sites. You can delete these cookies via your browser settings. See below for further details on how you can control third-party targeting cookies.

    We also allow third parties to use Cookies on our Sites to collect information about your online activities over time and across different websites you visit. This information is used to provide advertising tailored to your interests on websites you visit, also known as interest based advertising, and to analyze the effectiveness of such advertising.

    How to control Cookies

    You can review your Internet browser settings, typically under the sections “Help” or “Internet Options,” to exercise choices you have for certain Cookies. If you disable or delete certain Cookies in your settings, you may not be able to use features of the Sites. 

    To learn more about the use of Cookies by Google for analytics and to exercise choice regarding those Cookies, please visit the Google Analytics Opt-out Browser Add-on.

    We support the Self-Regulatory Principles for Online Behavioral Advertising of the Digital Advertising Alliance (“DAA”). To learn more about certain third-party Cookies used for interest-based advertising, including through cross-device tracking, and to exercise certain choices regarding such cookies, please visit the Digital Advertising AllianceNetwork Advertising InitiativeDigital Advertising Alliance-CanadaEuropean Interactive Digital Advertising Alliance or your device settings if you have the DAA or other mobile app.

    The opt-outs described above are device- and browser-specific and may not work on all devices. If you choose to opt-out through any of these opt-out tools, this does not mean you will cease to see advertising. Rather, the ads you see will just not be based on your interests.

    For more information on specific Cookies used on our sites please see our Cookies Notice.

    Occasionally we provide links to other websites for your convenience and information. These sites operate independently from our Sites and are not under our control. These sites may have their own privacy notices or terms of use, which you should review if you visit any sites linked through our Sites. We are not responsible for the content or use of these unrelated sites. 

    Although most changes are likely to be minor, Hologic may change its Privacy Notice from time to time, and at Hologic’s sole discretion. Hologic encourages visitors to frequently check this page for any changes to its Privacy Notice.

    Data Subject Access Request

    You may exercise your rights to review, know, correct, update, delete, restrict or object to the processing of your personal information at any time by completing Data Subject Access Request here.

    Complaints

    You may exercise your rights to submit a complaint regarding the processing of your personal data at any time by completing a form here.

    If you have any queries, questions or concerns about this Privacy Notice or our personal data handling practices, please contact us at data.privacy@hologic.com.

    Last Revised: [March 2022]

    These disclosures (the “Disclosures”) supplement the Hologic Privacy Notice1 All terms not defined in these Disclosures have the same meaning as in the Hologic Privacy Notice.

    The Disclosures apply only to our processing of personal data within the scope of the Personal Information Protection and Electronic Documents Act (“PIPEDA”) as well as those federal, provincial and territorial laws and regulations that apply to Hologic’s processing of personal information (together, the “Privacy Laws”).

    Hologic is comprised of Hologic, Inc. and its group of subsidiary companies which are different legal entities. These Disclosures are issued on behalf of this group of entities so when we mention ”Hologic”, “we”, “us” or “our” in this Privacy Notice, we are referring to the relevant company in the group responsible for processing your data. The controller for your data will be Hologic Canada ULC or the Hologic entity that is identified when you purchase a product or service or interact with us.

    Data Retention

    We retain personal data pursuant to our records retention program, for as long as is necessary for the purposes set out in the Hologic Privacy Notice, unless a longer period is required under applicable law or is needed to resolve disputes or protect our legal rights.

    Transfers of information across borders

    If you are a resident of Canada and you use the Services, your personal data may be stored or accessed outside of Canada, including by our affiliated companies or by third party service providers. This means that your personal data will be subject to the laws of the jurisdiction in which it is stored or accessed including the access rights of the government of that jurisdiction. If you do not wish for your personal data to be stored or accessed outside of Canada you have the option of not using the Services. If you have questions about storage of your personal data outside of Canada please contact us as set forth above in the “Contact Us” section.

    Data subject rights

    Under PIPEDA and related provincial legislation, you have the right, under certain circumstances, to access information we hold about you. Any such access request must be writing and provided to us at the email or postal addresses described in the “Contact Us” section below.

    We may need to verify your identity before responding to your request. In some circumstances, we may not provide access to your personal information, for example, if it contains the personal information of other persons, if it constitutes confidential commercial information, or if it is otherwise not properly the subject of an access request.

    Contact Us

    If you have any questions, requests or complaints about our information practices, please contact our Privacy Officer:

    Privacy Officer

    data.privacy@hologic.com

    Hologic Canada ULC
    2400 Skymark Avenue, Unit 7A
    Mississauga, ON L4W 5K5

    Subprocessors

    For more information on parties that may process our Client personal data ("Subprocessors"), see below. You may find this list of Subprocessors as part of our Data Protection Agreement (DPA), if applicable to you. Note that these Subprocessors may not apply to our website visitors or general public.