Website Privacy Statement

In this Website Privacy Statement (“Privacy Statement”), we, Nevro Corp. (“Nevro”) provide information about how we collect, use and transfer personal data from you, our website visitor, through www.nevro.com, and other websites that we operate and on which we post a direct link to this Privacy Statement (collectively the "Site").

INFORMATION YOU SUBMIT

When you contact us via the “Contact Us” section on the site, or otherwise actively send us data, we usually collect data such as your name, institution, specialty, email address(es), mailing address(es), country, and other information you insert into the free text field on the Site. In each such instance, you will know what data we collect through the Site, because you will actively submit it.

INFORMATION WE AUTOMATICALLY COLLECT

As part of the standard operation of the Site, we may collect non-personal information from your computer or mobile device, including but not limited to your internet browser type, your device’s operating system, your IP address and the domain name from which you accessed the Site, and if you are accessing our Site with your mobile device, the type of mobile device. In addition, we may collect information about how you use our Site, such as the date and time you visit the Site, the areas or pages of the Site that you visit, the amount of time you spend viewing the Site, the number of times you return to the Site, and other click-stream data. We also work with third party publishers and advertising service providers that place cookies, tracking pixels and other technologies on end user devices to track conversion rates and determine whether you came to our Site because of a particular advertisement you saw.

FIRST-PARTY COOKIES

We may use cookies, web beacons or similar technologies to collect the information described above. A cookie is a small text file that may be stored on the hard drive of your computer or device when you access the Site. We may also use first-party cookies to: (1) provide you with customized content or offers on the Site; (2) monitor Site usage; (3) remember you when you return to the Site; and (4) conduct research to improve our content and services.

You are free to decline cookies, but by doing so, you may not be able to use certain features on the Site or take full advantage of our offerings.

THIRD-PARTY COOKIES

We may use third-party advertising service vendors to provide advertisements. In these instances, we may not always have access to or control over this information, however, because a third party collects it.* These vendors may use cookies, web beacons or similar technologies to serve you advertisements tailored to interests you have shown by browsing on this and other sites you have visited. In doing so, these vendors may collect non-personal data such as your browser type, your operating system, web pages visited, time of visits, content viewed, advertisements viewed, and other clickstream data. We do not tie the information gathered to your personal data.

*One such third-party we work with is Google. For information on how Google uses your data, please visit: https://www.google.com/policies/privacy/partners/

Behavioral Advertising

We partner with third party advertisement networks to display advertising on our Sites and to manage our advertising on other websites. Our network partners use cookies and web beacons to collect non-personally identifiable information about your internet-browsing activities to provide you with interest-based advertising. If you wish not to receive targeted advertisements, you may opt out by clicking here. Please note this only stops interest-based advertising; you will continue to receive generic advertisements.

COLLECTION PURPOSES, USE OF DATA

We use the data we collect for the following general purposes:

  • To respond to the request that you sent us such as your request for information;
  • To administer, protect and improve our Site and our systems;
  • To better understand the preferences of our Site visitors;
  • To identify server problems;
  • To compile aggregated statistics about Site usage;
  • To help personalize your experience of our Site;
  • To inform our products, services, other internal business practices;
  • To provide you with information about our technologies, product or service releases, news, and other communications, including Nevro advertisements;
  • To the extent permitted by applicable law, we may combine the various types of data that we collect; and
  • Any other use we describe at the point where we collect the data.

DISCLOSURES OF PERSONAL INFORMATION

We do not share your data with others, except as follows: We share your information with third parties who process the data on our behalf for the purposes set forth in this Privacy Statement. We may also share your information as required by law or in the interest of protecting or exercising our or others' legal rights, e.g., without limitation, in connection with requests from law enforcement officials and in connection with court proceedings. We may share or transfer your information in connection with a prospective or actual sale, merger, transfer or other reorganization of all or parts of our business. Finally, we may also share your personal information where you have granted us permission, and we reserve the right to fully use and disclose any information collected via the Site that is not in a personally identifiable form.

OPT-OUT

In connection with promotions or other projects, we may ask you specifically whether you have objections against a certain kind of data use or sharing. If you prefer to opt-out under such circumstances, please e-mail opt-out@nevro.com.

Australian Privacy Policy

1. INTRODUCTION

1.1 The privacy of your Personal Information is important to us at Nevro Medical Pty Ltd ABN 53 150 636 945 (Nevro).

1.2 We are committed to protecting your Personal Information. We are bound by the Australian Privacy Principles (APPs) established by the Privacy Act 1988 (Cth) (the Privacy Act) and, in respect of your Health Information, by relevant Health Privacy Principles under State and Territory legislation.1

1.3 This Privacy Policy sets out the approach we take in relation to:

  • (a) collecting your Personal Information;
  • (b) using and disclosing your Personal Information;
  • (c) holding your Personal Information and keeping it secure;
  • (d) allowing you to access and correct your Personal Information; and
  • (e) handling privacy-related complaints.

1.4 This Privacy Policy contains important information and you should read it carefully.

1.5 In this Privacy Policy "We", "Our" or "Us" means Nevro and includes its directors, employees and agents, and "You" or "Your" means the person reading this Privacy Policy and whose Personal Information will be treated by Nevro in accordance with its terms.

2. COLLECTING YOUR PERSONAL INFORMATION

2.1 With your consent, we will collect Personal Information (including Health Information) from you.

2.2 We will not collect Sensitive Information from you, other than Health Information.

2.3 We will only collect Health Information from you to the extent that it is reasonably necessary for Nevro to perform one or more of its functions or activities.

2.4 We will collect your Personal Information to:

  • (a) generate your patient identification card;
  • (b) maintain a distribution record of Nevro products;
  • (c) support your use of your Nevro device and to improve its operation and effectiveness (including to individualise and optimise your pain management programme);
  • (d) contact you in connection with safety issues relating to your Nevro device; and
  • (e) process any warranty claim(s) made by you in connection with your Nevro device.
  • (together, the Primary Purposes).

2.5 The Personal Information we collect from you may include the following:

  • (a) your name;
  • (b) your date of birth;
  • (c) your personal contact details (for example, your residential and postal addresses, your telephone number(s) and your email address);
  • (d) your general medical and surgical history;
  • (e) the details of, and data relating to, the current and past pain management programmes you have followed or have been prescribed;
  • (f) data relating to the mapping of the anatomical distribution of your sensation and pain;
  • (g) your current and historical levels of physical activity;
  • (h) the results of radiological or other imaging investigations relating to the location of the lead for your Nevro device;
  • (i) your self-rated levels of pain;
  • (j) changes to your level of medication consumption/prescription.

2.6 If you do not consent to us collecting your Personal Information, provide none or only part of the Personal Information requested from you by us, or provide incorrect Personal Information, we may not be able to:

  • (a) provide you with optimal level of service and support in connection with your Nevro device;
  • (b) advise you of any safety issues relating to your Nevro device; and
  • (c) optimize pain management programming.

2.7 Because of the nature of the Personal Information we collect from you, and the Primary Purposes for which it is collected, it is not practicable to transact or otherwise deal with you on an anonymous basis or through the use by you of a pseudonym.

3. USING AND DISCLOSING YOUR PERSONAL INFORMATION

Use

3.1 We will use your Personal Information for the Primary Purposes listed in paragraph 2.4 above.

3.2 With your consent we may also use your Personal Information for one or more purposes other than a Primary Purpose (the Secondary Purposes). The Secondary Purposes may include:

  • (a) conducting research into your Nevro device to, amongst other things, better understand the operation and benefits of your Nevro device and to further develop your Nevro device and related Nevro products.

3.3 Notwithstanding that we may not have obtained your consent, we may also use your Personal Information for a Secondary Purpose:

  • (a) if both of the following apply:
    • (i) the Secondary Purpose is related to the Primary Purposes (or, if the Personal Information is Sensitive Information, the Secondary Purpose is directly related to the Primary Purposes); and
    • (ii) it would be reasonable for you to expect us to use your Personal Information for the Secondary Purpose.
  • (b) if we reasonably believe that the use is necessary to lessen or prevent:
    • (i) a serious or imminent threat to an individual's life, health or safety; or
    • (ii) a serious threat to public health or public safety;
  • (c) if we have reason to suspect that unlawful activity has been, or is or may be engaged in, and may use your Personal Information as a necessary part of our investigation of the matter or in reporting our concerns to relevant persons or authorities; or
  • (d) if the use (ie, the Secondary Purpose) is otherwise required or authorised by law.

3.4 We will not use your Personal Information without taking reasonable steps to ensure that the information is accurate, up to date, complete and relevant.

3.5 We will not use your Personal Information for the secondary purpose of Direct Marketing.

Disclosure

3.6 With your consent we may disclose:

  • (a) your de-identified Personal Information (in other words, your Personal Information excluding your name, date of birth and personal contact details) to medical practitioners and other third parties in connection with the research described in paragraph 3.2(a) of this Privacy Policy (including the reporting and publication of the results and analysis of any such research);
  • (b) your Personal Information in connection with the circumstances described in paragraph 3.2 of this Privacy Policy.

3.7 Notwithstanding that we may not have obtained your consent, we may also disclose your Personal Information in connection with the circumstances described in paragraph 3.3 of this Privacy Policy.

3.8 We may disclose your Personal Information to Nevro's parent company, Nevro Corporation (headquartered in the United States of America) (Nevro Corporation) and to other Related Bodies Corporate of the Nevro Corporation (whether located in Australia, the United States of America or elsewhere), with your consent.

3.9 We draw to your attention that the Nevro Corporation and certain other Related Bodies of the Nevro Corporation are Overseas Recipients of your Personal Information. While your Personal Information will be held securely, the Nevro Corporation and its Related Bodies Corporate are not subject to, and they have not undertaken to comply with, the APPs, any relevant Health Privacy Principles or any other Australian privacy requirements.

3.10 Although reasonable steps will be taken to ensure that the Overseas Recipients do not breach the APPs, if you have provided us with your consent to disclose your Personal Information to these Overseas Recipients, you will not have recourse against Nevro under the Privacy Act if such a breach was to occur.

3.11 We will not disclose your Personal Information without taking reasonable steps to ensure that the information is accurate, up to date, complete and relevant.

4. QUALITY OF YOUR PERSONAL INFORMATION

4.1 Nevro will take reasonable steps to ensure that Personal Information collected, used or disclosed by Nevro is accurate, complete, up-to-date and relevant as required by the Privacy Act.

5. STORING AND PROTECTING YOUR PERSONAL INFORMATION

5.1 We may store your Personal Information in hard-copy documents or electronically.

5.2 We will take reasonable steps to ensure that any hard-copy and/or electronic records containing your Personal Information are stored securely and protected from misuse, interference and loss, and from unauthorised access, modification or disclosure. These steps will include maintaining:

  • (a) physical security (for example, locks and other security systems) at the premises at which your Personal Information is stored; and
  • (b) computer and network security in connection with our computer systems.

5.3 We will regularly review and, where necessary or appropriate, update our information security practices.

5.4 We will take reasonable steps to destroy or permanently de-identify your Personal Information if:

  • (a) it is no longer needed for any purpose for which Nevro may use or disclose the information: and
  • (b) we are not required by law or a court or tribunal order to retain the information.

6. ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION

6.1 Upon receiving a request from you, we will ordinarily allow you as soon as practicable to access our records containing your Personal Information. However, in certain circumstances we are permitted by the Privacy Act to refuse your request for access, or to limit the access we provide you with – in these circumstances we will advise you why your request has been refused or your access has been limited.

6.2 Upon receiving a request from you, we will update/correct as soon as practicable our records containing your Personal Information in accordance with the requirements of the Privacy Act.

6.3 You may submit a request to access and/or to correct our records containing your Personal Information by contacting us by one of the means set out in paragraph 8 below.

6.4 We will not charge you a fee to lodge a request to access your Personal Information or to have your Personal Information updated/corrected. However, we may charge you a fee for:

  • (a) the time we spend on locating, collating and explaining the Personal Information you have requested access to; and
  • (b) any out-of-pocket expenses we incur.

7. WITHDRAWING YOUR CONSENT

7.1 Having provided your consent to the collection, use and disclosure of your Personal Information, you may withdraw that consent at any time by contacting us by one of the means set out in paragraph 8 below.

7.2 If you choose to withdraw your consent, the consequences set out in paragraph 2.6 of this Privacy Policy may apply.

8. CONTACTING NEVRO

You may request further information regarding this Privacy Policy or to lodge a complaint by:

Writing to us at:

Att: Jeff Esbjerg
Nevro Corp Country Manager
c/o Southertons
Level 6, 468 St Kilda Road
Melbourne VIC 3004

Emailing us at:

privacy@nevro.com

9. HANDLING YOUR COMPLAINTS

9.1 We aim to:

  • (a) acknowledge the receipt of your complaint within 30 Business Days; and
  • (b) resolve your complaint within 60 Business Days (although this may not be possible in every case).

9.2 If we cannot resolve your complaint within 60 Business Days, we will notify you of the reason for the delay and provide you with an indication of when we expect to resolve your complaint.

9.3 If you are not satisfied with how we have resolved your complaint, we will advise you of the external dispute resolution avenues available to you.

10. UPDATING THIS PRIVACY POLICY

We will regularly review and, where necessary or appropriate, update or amend this Privacy Policy.

11. GLOSSARY

The following definitions apply in this Privacy Policy.

Business Day means a day that is not a Saturday, Sunday or public holiday in the primary place in which your complaint is being handled.

Direct Marketing means the marketing of goods or services through means of communication including written, verbal or electronic means.

Health Information means:

  • (a) information or an opinion about:
    • (i) the health or a disability (at any time) of an individual; or
    • (ii) an individual's expressed wishes about the future provision of health services to him or her; or
    • (iii) a health service provided, or to be provided, to an individual;
    • that is also Personal Information; or
  • (b) other Personal Information collected to provide, or in providing, a health service; or
  • (c) other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
  • (d) genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.

Nevro means Nevro Medical Pty Ltd ABN 53 150 636 945 and its subsidiaries.

Overseas Recipients means the Nevro Corporation and certain other Related Bodies of the Nevro Corporation that are located outside of Australia.

Personal Information means information (including Health Information) or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

Privacy Act means Privacy Act 1988 (Cth).

Related Body Corporate means that, where a body corporate is:

  • (a) a holding company of another body corporate; or
  • (b) a subsidiary of another body corporate; or
  • (c) a subsidiary of a holding company of another body corporate,
  • the first mentioned body corporate and the other body corporate are related to each other.

Sensitive Information means:

  • (a) information or an opinion about an individual's:
    • (i) racial or ethnic origin; or
    • (ii) political opinions; or
    • (iii) membership of a political association; or
    • (iv) religious beliefs or affiliations; or
    • (v) philosophical beliefs; or
    • (vi) membership of a professional or trade association; or
    • (vii) membership of a trade union; or
    • (viii) sexual preferences or practices; or
    • (ix) criminal record,
    that is also Personal Information; or
  • (b) Health Information about an individual; or
  • (c) genetic information about an individual that is not otherwise Health Information.

1 For example, those contained in the Health Records and Information Privacy Act 2002 (NSW), Health Records Act 2001 (Vic) and the Health Records (Privacy and Access) Act 1997 (ACT).