This website (the “Website”), provides information about the products and services (“Services”) marketed by Tentrek Lasers Ltd and its affiliated companies, (the “Tentrek Lasers”, the “Group”, “We“, “Our”, “Us”, as appropriate). Tentrek Lasers is committed to protecting and respecting your privacy in accordance with applicable laws. This privacy policy provides comprehensive information about our processing activities in the Group (the “Privacy Policy”), though the particular processing activities and privacy practices may vary in different companies and jurisdictions. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Website. Please note that all capitalized words used throughout this Privacy Policy have the same meanings as described above.
1. IMPORTANT INFORMATION AND WHO WE ARE.
This Privacy Policy (together with the terms and conditions of any other agreement you may have with us) sets out the basis on which any Personal Data (as defined below) we collect from you, or that you provide to us, will be processed, stored and shared by us. We process Personal Data in accordance with “Applicable Data Protection Laws” (which means the General Data Protection Regulation 269/2016 (“GDPR”) and any data protection and privacy laws and regulations applicable to us). Please read the following carefully to understand our practices regarding your Personal Data, before you access or use the Website and/or Services. By browsing this Website and using our Services, you consent to the processing of your Personal Data as detailed in this Privacy Policy, (except in specific cases where your consent will be collected through a consent form). If you have read this Privacy Policy, and remain opposed to our practices, you must immediately leave this Website, and avoid or discontinue all use of the Website and/or Services. If you have further questions or concerns regarding this Privacy Policy please contact us at: [email protected].
This Website and our Services are not intended for persons under 18 and we do not knowingly collect data relating to minors under 18. Insofar as Personal Data may be collected based on your consent, you must be above the age of 18. If these age requirements are not met, you are required to avoid using the Website and/or Services. Consistent with the requirements of applicable law, if we learn that we have received any information directly from a minor without his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the minor that he or she cannot use the Services and subsequently will delete that information.
2. WHAT IS PERSONAL DATA?
“Personal Data” means information that can directly or indirectly identify you. Personal Data may include:
- “Identifiers” such as your real name, alias, postal address, unique personal identifier, photos, online identifier, Internet Protocol address, account name, and other similar identifiers;
- “Contact Details” such as your name, address, email address, and telephone number;
- “Payment Information” such as debit/credit card, Paypal Account and/or bank account;
- “Health Data” including but not limited to details of medical condition, vital signs measurements, information in medical consent forms, medical tests required for procedures, records of treatment, name of attending physician, name of HMO, health insurance details etc.
- “Personal information” categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“Consumer Records”) such as a name, signature, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories;
- “Protected classification characteristics” under California or federal law such as age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information);
- “Internet or other similar network activity” such as browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement;
- “Geolocation data” such as physical location or movements;
- “Professional or employment-related information” such as current or past job history or performance evaluations;
- “Inferences drawn from other personal information” such as a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes;
- Other information such as an IP address; in certain US States, Personal Data may include your house-hold data and other items of information.
The term Personal Data shall also include and refer to similar terms in Applicable Data Protection Laws. “Sensitive Personal Data” means information of private nature, for example: your health and medical condition or your religious and political views; that requires additional safeguarding measures. This term shall include “Special Categories of Personal Data” (as defined in the GDPR), and any similar term in the Applicable Data Protection Laws.
3. THE CATEGORIES OF PERSONAL DATA WE COLLECT AND HOW WE COLLECT IT
- 3.1. General Overview We use different methods to collect data from and about you, including through:
- a) Direct interactions: You may give us your Personal Data by speaking to us in person on-site at our premises or off-site; by filling in forms, by requesting information from us, by attending a conference in which we are participating, or by corresponding with us by post, phone, email or otherwise.
- b) Automated technologies or interactions: As you interact with our website, we may automatically collect data about your equipment, browsing actions and patterns. We collect this Personal Data by using technologies of third party providers.
- c) Third party service providers: We may receive Personal Data such as Contact Details and Payment Information about you from various third parties including from providers of technical, payment and delivery services.
- d) Cookies and similar technologies:We use cookies (small, often encrypted, text files that are stored on your computer or mobile device) and similar technologies “Cookies”) to provide the Services and help collect data. Our Cookies Policy explains how we use Cookies to collect information about the way you use the Services and how you can control them.
- e) Where we need to collect Personal Data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
- f) When you provide us data, you are requested not to submit sensitive data or Health Data through the “contact us” form on our website.
- 3.2. For easy reference, we provide below information about the collection of Personal Data, according to the relationship we have with you.
- a) Business Representatives: if you are a member of the personnel of a business (a legal entity) which is one of our customers or service providers, and you wish to request a quote from us or to place an order with us, we may collect your Contact Details.
- b) Physicians: if you are a physician and you wish to request information and/or a quote or to place an order, we may collect your: Contact Details, license number, postal address, shipping and billing address, date of birth and Payment Information.
- c) Patients: if you are a Patient and you submit a complaint, or when you or your Physician inform us about an adverse effect or injury you have experienced from use of our Products or Services, we may need to collect your Contact Details and Health Data including the details of your use of our Products and Services. When we are legally required to report an adverse effect we may also be required to disclose to competent authorities your age, gender weight, race and ethnicity.
- d) Visitors: when visitors come to the premises of a Group company for meetings, inspections, project work, building and electrical work etc., we may collect some of their Contact Details and name of workplace.
- e) Participants to Trainings and Events: Attendees When you book or register for a training course or an event run or hosted by us, we may collect: your Contact Details, order history, professional registration and qualification and training history. Models. When you volunteer to be a model on a training course or at an event, we may collect: your Contact Details, Health Data, age and date of birth. Where you have volunteered to be a model we may also take before/after treatment photos of you. Trainers. When you run a training course, we may collect: your Contact Details, professional details and biography. In all of the above cases, (subject to your consent if required), we may film you when we video record the course or event.
- 3.3. In all of the above relationships mentioned in Section 3.2: i) we may collect information on the handling of your request and/or the relationship with you and any other Personal Data you voluntarily provide to us; ii) you represent the Personal Data you provide is accurate, complete and up to date and that you are legally authorized to provide it.
4. HOW WE USE THE PERSONAL DATA AND WHAT ARE THE LEGAL BASES OF PROCESSING?
We collect and use your Personal Data for the following purposes and under the following legal bases:
- 4.1. In order to enter into and/or perform a contract with you, we may: provide you with the information that you request from us; maintain your order history and Contact Details in our customer relations database; book you onto a course or an event, ensure that you have the necessary qualifications and experience to join the course, take payment if required and keep a record of attendees so we can issue a certificate of completion.
- 4.2. To fulfill our legal and regulatory obligations, we may: take action to prevent, investigate and detect crime, fraud or anti-social behavior and prosecute offenders, (including working with law enforcement agencies or the regulators); take necessary action to ensure the health, safety and protection of you and our staff; for example we may question you, if you wish to participate as model in our events in order to ensure that you are a medically suitable candidate for the procedure or that you have not had a negative reaction to previous treatments, or had treatments too close together. We may have a legal obligation to maintain a record and/or report information including your Personal Data in the event of an adverse reaction to a product or an injury.
- 4.3. To exercise tasks under our legitimate interests such as:
- a) to enforce our terms and conditions, notably conditions of returns, refunds and payments;
- b) to handle customer contacts, queries and complaints or disputes;
- c) to protect our operations or those of any of our Group companies;
- d) to know who is on-site for security purposes and to check timings and attendance in relation to project works to protect our rights, privacy, safety of property, and that of our group companies, you or others;
- i) to allow us to pursue available remedies or limit our damages;
- f) to ensure the security and integrity of our services and ensuring our websites operate effectively;
- g) to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
- h) to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
- i) where we assist you in obtaining your own finance for the purchase of our products and/or services we may pass your Personal Data to credit reference agencies and they may keep a record of any search that they do. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
- j) to improve our training courses.
- 4.4. Where you have provided your consent we may: deliver relevant on-line and/or off-line advertising to you; make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them; if you are a leader of a course we may provide your professional information to delegates, and in our marketing materials. We may use event/course video recordings and/or before/after photos that may include information about you for education and marketing purposes on the product and how treatments are administered. We may process your Personal Data as a volunteer model under consent. You are required to fill in a consent form for each and every procedure.
- 4.5. Vital Interests: We may also process your Personal Data in order to protect the vital interests, health and safety of attendees including models.
- 4.6 We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. NON PERSONAL DATA WE COLLECT OR GENERATE
- 5.1. In addition to the categories of Personal Data described above, we will also process “Non-Personal Information”, (meaning information that does not personally and specifically identify a natural person, such as anonymized information) which may be collected through the App in the following ways:
- a) Information that your browser sends (“Log Data”). This Log Data may include, but is not limited to, non-identifying information regarding the User’s device, operating system, internet browser type, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamps, the web page you were visiting, information you search, etc.
- b) We may collect further Non-Personal Information through use of automated devices and applications to evaluate usage of our Service and through cookies. We use these tools to help us improve our Website, performance and user experience. We may also engage third parties to track and analyze data or provide other services on our behalf. Such third parties may combine the Non-Personal Information that we provide about you with other information that they have collected from other sources. This Policy does not cover such third parties’ use of the data and such use is governed by such third parties’ privacy policies.
- c) Other Apps and applications may also place or read cookies on your computer’s browser. For more information about our use of cookies, please see our Cookie Policy.
6. DATA RETENTION – FOR HOW LONG IS THE DATA STORED?
- 6.1. We retain Personal Data as long as we are required to keep the information by applicable laws, or in accordance with our contractual obligations or legitimate interests. The information may be located in the EU, the USA and/or other jurisdictions. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
7. WHO MAY THE INFORMATION BE SHARED WITH?
We may share Personal Data that we receive from you including information used to order our products and/or services with the following third parties:
- 7.1. Companies who are members in our Group.
- 7.2. Our service providers – such as accountants, auditors, experts, lawyers, credit reference agencies, IT systems providers, manufacturers, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
- 7.3. Government or other public authorities – including, but not limited to, government health organizations, law enforcement or other agencies to which we are required to disclose Personal Data by law, or by a warrant, subpoena or court order.
- 7.4. Other third parties – In the event that we sell or buy any business or assets, we may disclose your Personal Data to the prospective seller or buyer of such business or assets. If the Group or a company which is part of the Group or substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets.
- 7.5. We do not sell, share or rent any information collected to third parties except for those detailed in this Privacy Policy.
- 7.6. Applicable law may require us to disclose your Personal Data if: (i) reasonably necessary to comply with legal process (such as a court order, subpoena or search warrant) or other legal requirements; (ii) disclosure would mitigate our liability in an actual or threatened lawsuit; (iii) necessary to protect legal rights of our Group, our users, customers, business partners or other interested parties; or (iv) necessary for the prevention or detection of crime (subject in each case to applicable law). For residents of the European Economic Area (“EEA”), we will disclose Personal Data only when permitted to do so under applicable European and EU Member States’ national data protection laws and regulations.
- 7.7. California Shine the Light Law – California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to [email protected].
8. MARKETING
- 8.1. If you opt-in (on-line or off-line) to receive on-line marketing and offers we will add your name and email address to our marketing database. In some jurisdictions, we may also send you on-line marketing messages if you have previously placed an order with us or where you have provided your information for the purpose of contact (for example a badge scan at a tradeshow or industry event). You can change your marketing preferences at any time and will always be offered the opportunity to unsubscribe.
- 8.2. We will still contact you regarding your account or orders even if you have opted out of receiving marketing from us.
9. SECURITY
- 9.1. We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
- 9.2. We have put in place procedures to deal with any suspected “Personal Data Breach” (as this and similar terms are defined in the Applicable Data Protection Laws) and will notify you and any applicable regulator of a Breach where we are legally required.
- 9.3. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk and you acknowledge this when you choose to access, visit and/or use the Website. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
- 9.4. THE SITE AND ALL INFORMATION THAT YOU SUBMIT THROUGH THE SITE IS COLLECTED, STORED, AND PROCESSED IN THE UNITED STATES WITHIN DATABASES CONTROLLED BY US. IF YOU ARE LOCATED OUTSIDE OF THE UNITED STATES, INFORMATION WE COLLECT (INCLUDING COOKIES) ARE PROCESSED AND STORED IN THE UNITED STATES, WHICH MAY NOT OFFER THE SAME LEVEL OF PRIVACY PROTECTION AS THE COUNTRY WHERE YOU RESIDE OR ARE A CITIZEN.
10. SOCIAL MEDIA PLATFORMS AND LINKS TO THIRD PARTY WEBSITES
- 10.1. When you use our company page on a social media platform, and/or when you use social sharing buttons on our Website, or click on any links contained in our Website to the websites of our partner networks, our social media pages, advertisers and affiliates; you do so at your own discretion and subject to the terms and conditions as well as the privacy policies of each social media platform respectively. Please note that we do not accept any responsibility or liability for these policies and that these social media platforms or websites may track your activity.
- 10.2. We may collect Personal Data from your public profile, including, name, photo and other information you make available to us when you like, post or otherwise interact with our social media pages such as Facebook, Twitter and Instagram.
11. YOUR RIGHTS
- 11.1. Different privacy rights may apply in various jurisdictions. In some jurisdictions, you may have a right to receive information about the processing of your Personal Data by us, the right to rectify your Personal Data and/or to request deletion of your Personal Data.
- 11.2. General conditions for complying with Personal Data inquiries: When you contact us about your Personal Data, we may need to ask you to provide us certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of Personal Data related to others and to ask you questions to better understand the nature and scope of data that you request to access. We may redact from the data which we will make available to you, any Personal Data related to others. In addition, we may delete your Personal Data if required by Applicable Data Protection Laws.
- 11.3. At any time, you may contact us at: [email protected] in order to inquire about your Personal Data rights. We will make good-faith efforts to assist you as we are required under the Applicable Data Protection Laws. Residents of the EEA and California may have additional rights concerning the access and updating of their Personal Data (see Sections 12 and 13 below).
- 11.4. If you think that the processing of Personal Data by us violates the Applicable Data Protection Laws, you can lodge a complaint with the regulator at your jurisdiction. We may provide the details of the regulator upon request.
12. INFORMATION FOR CALIFORNIA RESIDENTS
- 12.1. Our Services collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, the Services collect or may have collected in the last twelve (12) months the categories of personal information as described in Section 2 above.
- 12.2. We may use or disclose the personal information we collect for one or more of the business purposes indicated in Section 4 above. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
- 12.3. We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. We share your personal information with the categories of third parties listed in Section 7 above.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
- Identifiers
- California Customer Records personal information categories
- Protected classification characteristics under California or federal law
- Internet or other similar network activity
- Geolocation data
- Professional or employment-related information
- Inferences drawn from other personal information
We do not sell personal information. In the event that we do sell any personal information, we will update this Privacy Policy to list the categories of consumers’ personal information sold.
- 12.4. Our Policy on “Do Not Track” Signals under the California Online Protection Act (CalOPPA). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. We do not support Do Not Track. If such technology is available by virtue of our email service or website platform, we are neither aware of it, nor utilize it. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. You should know that you can also opt out of internet based advertising by installing a plug-in for your browser. Such plug-ins are available from third parties.
- 12.5. California Civil Code permits customers of the Group who are California residents to request certain information regarding its disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected]. Please note that we are only required to respond to one request per customer each year.
- 12.6. If you are a California resident under the age of 18 and a registered user, California Business and Professions Code permits you to remove content or Personal Data you have publicly posted on our Website. If you wish to remove such content or Personal Data, please send an email to [email protected] and specify which content or Personal Data you wish to be removed, and we will do so in accordance with applicable law. Please be aware that after removal you will not be able to restore removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or Personal Data you have posted and that there may be circumstances in which the law does not require us to enable removal of content. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.
- 12.7. Under the California Consumer Privacy Act 2018, you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. You may have the following rights, subject to submission of a verifiable request made to us:
- a) The right to know whether your Personal Data is collected and processed by us;
- b) The right to know what specific categories of Personal Data we collect about you, the sources from which it was obtained and the business or commercial purposes for which it is collected or sold;
- c) The categories of third parties with whom we share Personal Data;
- d) If we sell information or disclose information for a business purpose, the categories of third parties to whom your Personal Data was sold or disclosed and which Personal Data was sold or disclosed;
- e) Request us to rectify and/or delete your Personal Data; please note that such removal does not ensure complete or comprehensive removal of the content or Personal Data you have posted and that there may be circumstances in which the law does not require us to enable removal of content. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies;
- f) Personal Data portability;
- g) The right to request us not to sell your Personal Data.
- 12.8. To exercise your rights, please submit a verifiable consumer request to us by email to [email protected].
- 12.9. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
- 13.10. You may only make such a request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
- 12.11. We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
- 12.12. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
- 12.13. We will not discriminate against you for exercising any of your CCPA rights.
13. CHANGES TO OUR PRIVACY POLICY
We may revise this Privacy Policy from time to time. Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy. Any information that is collected through the Services are covered by the Privacy Policy in effect at the time such information is collected. Any changes will be effective immediately upon being posted, unless otherwise stated in the change. We will update the “Last updated” date above to indicate the date on which the most recent changes to the Privacy Policy became effective.
If we make any material changes that reduce your privacy rights, we will notify you in advance by sending you an email and/or by posting a notice in the Services or on the Website.
Thank you for visiting our Website. Copyright Tentrek Lasers, 2022.