Privacy Policy

Our Global Privacy Notice. Sections 1-10 to this notice apply to all recipients and users of our Services worldwide and covers our general privacy practices.

Processing Under Specific Laws. Section 11 contains territory-specific supplements that apply only if such territory’s regulatory framework applies to our processing of personal data about you.

Your Communications with Us. We, and our service providers, collect information you communicate to us, such as through email, the contact form on the Website or App, or via our web chat tool. Such information includes your contact details (name, email address, and phone number). If you provide us with sensitive personal data as part of communicating with us, we will only use it for the specific purpose for which you provided it (such as to connect you with a local medical professional).

Loyalty Programs. If you participate in our loyalty programs (for example PulsePal), we collect personal data related to your enrollment and participation, including your contact details, account information, transaction history, points or rewards balance, and preferences related to the program. We use this information to administer the program, track your participation, provide you with program benefits, and communicate with you about program updates and offers.

Transactions. If you subscribe to a paid account of the Services, or if you make purchases via the Services (for example: when you purchase pulses) we will receive your payment transaction details (such as your name, the amount paid, the date of payment, and other billing details) from the payment service provider that processed your payment. We do not receive or process the details of your credit card or other payment method that you use to pay for the Services.

Surveys. When we contact you to participate in surveys, if you decide to participate, we will collect personal data from you in connection with the survey, including your contact details and any information you choose to provide us as part of the survey.

Interactive Features. We and others who use our Services may collect personal data that you submit or make available through our interactive features (e.g., our Marketing Templates feature, messaging features, commenting functionalities, forums, blogs, and social media pages). Such information includes any information you choose to provide using the public sharing features of the Services, note that such information will be considered “public.”

Conferences, Trade Shows, and Other Events. We will collect personal data from individuals when we attend or host conferences, trade shows, and other events. Such information includes your contact information and any additional information you choose to provide us.

Business Development and Strategic Partnerships. We will collect personal data from individuals and third parties to assess and pursue potential business opportunities, including contact details, company information, business interests, professional background, and information relevant to potential partnerships or collaborations.

Job Applications. If you apply for a job with us, we will collect any personal data you provide in connection with your application, such as your contact details, CV, employment history, educational background, professional qualifications, references, and any other information included in your application materials.

Device Information. We collect personal data about your device, such as your Internet protocol (IP) address, user settings, cookie identifiers, other unique identifiers, browser or device information, Internet service provider, and location information (including, as applicable, approximate location derived from IP address and precise geo-location information). Such information includes device type, operating system, browser type and version, screen resolution, and mobile network information.

Usage Information. We may collect personal data about your use of the Services, such as the pages that you visit, items that you search for, the types of content you interact with, information about the links you click, the frequency and duration of your activities, and other information about how you use the Services.

Cookie Notice (and Other Technologies). We, as well as third parties, may use cookies, pixel tags, and other technologies (“Technologies”) to automatically collect personal data through your use of the Services. For more information about our use of such Technologies, please see our Cookie Notice.

Providing access to certain areas, functionalities, and features of the Services;

Answering requests for support;

Communicating with you;

Sharing personal data with third parties as needed to provide the Services; and

Processing your transaction details in connection with purchases you make on the Services.

Pursuing our legitimate business interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;

Carrying out analytics;

Creating de-identified and/or aggregated information;

Processing applications if you apply for a job we post on our Services;

Allowing you to register for events;

Enforcing our agreements and policies; and

Carrying out activities that are required to comply with our legal obligations.

Service Providers. We disclose personal data to third-party service providers that assist us with the provision of the Services. This includes service providers that provide us with hosting, customer service, analytics, marketing services, IT support, and related services. In addition, personal data and chat communications may be disclosed to service providers that help provide our chat features.

Google Analytics. For more information about how Google uses personal data about you, please visit Google Analytics’ Privacy Notice. To learn more about how to opt-out of Google Analytics’ use of personal data about you, please click here.

• Hotjar. We use Hotjar’s session replay analytics services. This allows us to record and replay an individual’s interaction with the Services. For more information about how Hotjar uses personal data about you, please visit the “Personal Data collected from a visitor of a Hotjar Enabled Site” section of Hotjar’s Privacy Policy. To learn more about how to opt-out of Hotjar’s use of your information, please click here.

Third-Party Services You Share or Interact With. Where the Services link to or allow you to interface, interact, share information with, direct us to share information with, access and/or use a Third-Party Service.

Business Partners. We will share personal data about you with business partners to provide you with a product or service you have requested. We will also share personal data about you with business partners with whom we jointly offer products or services.

Affiliates. We will share personal data about you with our corporate affiliates.

Advertising Partners. We will share personal data about you with third-party advertising partners. These third-party advertising partners set Technologies and other tracking tools on our Services to collect information regarding your activities and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners use this information (and similar information collected from other services) for purposes of delivering personalized advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising”, “personalized advertising”, or “targeted advertising”.

Email Communications. If you receive an unwanted email from us, you can use the unsubscribe functionality found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails. We may also send you certain non-promotional communications regarding us and the Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to this Privacy Notice).

Text Messages. If you receive an unwanted text message from us, you may opt out of receiving future text messages from us by following the instructions in the text message you have received from us or by otherwise contacting us as set forth in “Contact Us” below.

Mobile Devices. When using our App, you may opt-out to receive push notifications by using the settings interface in the App and by allowing the App to send you notifications via your mobile device’s settings. You may opt out of receiving these push notifications at any time by changing the settings on your mobile device. With your consent, we will also collect precise location-based information via App. You may opt out of this collection by changing the settings on your mobile device.

Deletion of Account. At any time you can delete your account by using our standard deletion functionality available via the Services, or by contacting us using the information set forth in “Contact Us” below and requesting that we delete it.

Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Cookies. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. On our Website, you can use our Cookie Tool for this purpose. However, if you adjust your preferences, the Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt-out of certain tracking on some mobile applications by following the instructions for Android, iOS, and others. You can also chose what permissions you choose to grant our App on you mobile device’s settings.

We process your account and payment details to perform the contract with you.

We will process Personal data to comply with a legal obligation and to protect your and others’ vital interests.

We will further rely on our legitimate interests, which we believe are not overridden by your fundamental rights and freedoms, for the following purposes:Communications with you, including direct marketing where you are our client or a user of our client, or where you make contact with us through our Services or otherwise.Cyber security.Support, customer relations, service operations.Enhancements and improvements to yours and other users’ experience with the website and Services.

• Fraud detection and misuse of the Services.

All processing of Personal data which are not based on the lawful grounds indicated below, are based on your consent.

At any time, contact us if you want to withdraw your consent to the processing of personal data. Exercising this right will not affect the lawfulness of processing based on consent before its withdrawal.

Request to delete or restrict access to Personal data. We will review your request and use our discretion, pursuant to the provisions of the applicable law, to reach a decision about your request and respond to it.

If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you may request to be informed that third parties that hold Personal data, in accordance with this policy, will act accordingly.

You may ask to transfer Personal data in accordance with your right to data portability.

You may object to the processing of Personal data for direct marketing purposes. Additional information about this right is available under the Your Privacy Choices chapter in this notice.

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting you.

You have a right to lodge a complaint with a data protection supervisory authority of your habitual residence, place of work or of an alleged infringement of the GDPR.

EU Representative. Albert Veral, Eu.rep@sofwave.com

UK Representative. Sofwave Medical UK Ltd., 37 Broadhurst Gardens, London NW6 3QT, UK, uk.rep@sofwave.com

Swiss Representative. EDPO Switzerland, Rue de Lausanne 37, 1201 Geneva, Switzerland, which may be contacted at:

• Online request form: https://edpo.com/swiss-data-request/

• General Email: info@edpo.com

Categories of Personal Information Collected. We collect identifiers (name, email, phone, IP address, device identifiers), California Customer Records information (contact details, payment transaction details), protected classification characteristics (from job applications or surveys), commercial information (pulse purchases, subscription details, transaction history), internet or electronic network activity (browsing history, pages visited, device information, cookies), geolocation data (approximate location from IP address and precise location via App with consent), professional or employment-related information (contact details, company information, employment history), and inferences drawn from other personal information to create consumer profiles.

Purposes for Collecting Personal Information. We collect personal information to provide and operate the Services, fulfill requests, process transactions, and communicate with you. We also use it to improve our Services, develop new products, pursue legitimate business interests (direct marketing, research and development, network security, fraud prevention, analytics), comply with legal obligations, enforce agreements, and process job applications.

Sale or Sharing of Personal Information. We do not “sell” personal information as most consumers define the term. However, we share identifiers, California Customer Records information, commercial information, internet activity, geolocation data, professional information, and inferences with advertising partners for personalized advertising, which may constitute a “sale” or “sharing” under CCPA.

Retention Period. We retain personal information for as long as you use the Services or as necessary to fulfill collection purposes and pursue our business purposes. Retention periods vary based on legal requirements, the amount and sensitivity of data, risk factors, and whether we can achieve our purposes through other means.

Notice of Right to Opt-Out of Sale/Sharing. You can opt out of the collection of personal information by third-party advertising and analytics tools by visiting our “Your Privacy Rights” webpage or contacting us at privacy.policy@sofwave.com.

Privacy Policy. For more information on our privacy practices, please review our General Privacy Notice at sofwave.com.

Overview of Personal Data Collected, Disclosed, Sold, and Shared

Sources of Personal Data. We collect the above categories of personal data from the following sources, as further detailed under Our General Privacy Notice:

• We collect personal data that you provide us directly, when you communicate with us, make transactions, participate in Surveys, apply for a job, and when we meet in conferences, trade shows, and other events,

• We automatically collect personal data from your device and browser when you use our Services, including by using Cookie and similar tracking technologies.

• We receive personal data from third parties, including our business partners, service providers, and publicly-available information, depending on your interaction with our Services.

Purposes of Processing. As further detailed under Our General Privacy Notice, we use and disclose the personal data that we collect for the business and commercial purposes detailed under the How We Use Personal Data chapter in Our General Privacy Notice.

Consumer under the age of 16. Sofwave does not have actual knowledge of any “sale” or “sharing” for “cross-context behavioral advertising” of personal information of minors under 16 years of age.

Sensitive Personal Data. We only receive sensitive personal data (including special category data, data of special sensitivity, and any equivalent term under applicable privacy laws) when you provide us with such as part of communicating with us, and only use it for the specific purpose for which you provided it (such as to connect you with a local medical professional), which is reasonably expected by consumers providing such data for this purpose.

Your Rights. In addition to other rights detailed under Our General Privacy Notice, you have the following rights as a U.S. resident:

• Access to specific personal data and data portability rights. You have the right to request that we disclose certain information to you about our collection and use of personal data about you over the past 12 months preceding your request. Upon verification of your request, we will disclose the following information to you: (A) The categories of personal data we collected about you; (B) The categories of sources for the personal data we collected about you; (C) Our business or commercial purpose for collecting that personal data; (D) The categories of personal data that we disclosed for a business purpose, and the categories of third parties with whom we disclosed that particular category of personal data; (E) The specific pieces of personal data that we collected about you; and, (F) If we disclose personal data about you for a business purpose, we will provide you with a list which will identify the personal data categories that each category of recipient obtained.

• Deletion rights. You have the right to request that we delete any personal data about you. Upon confirmation of your request, we will delete personal data about you from our records, unless an exception applies.

• Opt-out of Selling or Sharing. We don’t “sell” personal information as most consumers typically define the term “sell” or “sold” or otherwise share it with third parties for monetary or disclose it for monetary or other consideration. However, our Services use advertising and analytics tools provided by third parties that may constitute a “sale” of personal information under certain U.S. state laws. At any time, you can opt out of the collection of personal data by such service providers by contacting us or by visiting our “Your Privacy Rights”

• Non-discrimination. You also have a right not to be discriminated against for exercising your rights under applicable United States privacy laws.

• Limit the Use of Sensitive Personal Data. We do not provide you with an option to limit our use of such sensitive personal data, because (as detailed above) we already use it solely for permitted purposes under applicable U.S. Privacy Laws. If you have further questions about our use of sensitive personal data about you, please contact us at privacy.policy@sofwave.com.

Retention. Please see Retention of Personal Data under Our General Privacy Notice.

Consumer Health Data We Collect

Information that could identify your attempt to seek health care services or information, including services that allow you to assess, measure, improve, or learn about your or another person’s health. For example, we collect information you submit to the Services, which may include information concerning your health and wellbeing, mental health, medical conditions, or other health-related topics.

• Information about your health-related conditions, symptoms, status, diagnoses, disease, testing, or treatments.

• Information about social, psychological, behavioral, and medical interventions.

• Information about use or purchase of prescribed medication.

• Information about measurements of bodily functions, vital signs, symptoms, or characteristics.

• Information about diagnoses or diagnostic testing, treatment, or medication.

• Information about surgeries or other health-related procedures.

• Reproductive or sexual health information.

• Biometric information.

• Genetic data.

• Information related to the precise (geo)location information of a consumer used to indicate an attempt by a consumer to receive health care services or products.

• Other information that may be used to infer or derive data related to the above or other consumer health data.

Why We Collect and Use Consumer Health Data

Why We Collect and Use Consumer Health Data

Sharing of Consumer Health Data

Business CollaboratorsLife Sciences CompaniesProduct co-promotion partnersProduct co-development partnersMarketing and Advertising AgenciesSocial Media Companies and PlatformsService Providers (including those hosting or analyzing data on our behalf, those assisting with fraud prevention, those assisting in program administration, those assisting in incident management and reporting, those administering our call center and websites, and those who assist with our information technology and security programs)Emergency PersonnelAuthorized/legal representatives, family members, and caregiversThird parties (including those with whom Sofwave has joint marketing and similar arrangements, those who provide marketing and data analytics services, those who provide program enrollment or product fulfillment, payment, and authorization, other third parties as necessary to complete transactions and provide products or Services, or where required by law)Sofwave lawyers, auditors, and consultantsLegal and regulatory bodies

• In addition, we may share or disclose consumer health data as permitted or required by law, such as (i) to an acquiring organization if we are involved in a sale or a transfer of our business, (ii) as needed to prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, (iii) in situations that may involve violations of our terms of use or other rules, (iv) to protect our rights and the rights and safety of others, (v) as needed to support external auditing, compliance and corporate governance functions, (vi) as needed to preserve the integrity or security of our systems, or (vii) to investigate, report, or prosecute those responsible for any action that is illegal under applicable state or federal law.

How to Exercise Your Rights

The right to confirm whether we are collecting, sharing, or selling your consumer health data and to access such data, including to receive a list of affiliates or specific third parties with whom we have shared or sold your information, along with contact information such as an active email address for each third party;The right to review and request corrections to your consumer health data;The right to withdraw consent from our collection or sharing of your consumer health data; and

• The right to request that we delete your consumer health data.

Specific consumer health data intended for “sale”:  Consumer health data collected via cookies and similar technologies including but not limited to browsing activity on our website.

Purpose of the “sale” of consumer health data:  To tailor and deliver personalized advertisements to you.

How consumer health data purchasers gather and use the data: Consumer health data purchasers will gather the data via cookies and other tracking technologies when you visit https://sofwave.com/. These purchasers may use the data to assist us to deliver personalized advertisements to you and in accordance with their privacy policies linked below.

Consumer health data purchasers’ contact information:

• Google: Privacy Policy

• Microsoft: Privacy Statement

• Contact information for Sofwave: privacy.policy@sofwave.com.

The provision of goods or services may not be conditioned upon you accepting the terms of this Authorization.

Purchasers may redisclose the consumer health data sold under this authorization and such data may no longer be protected by the CTDPA, MHMDA, NVCHDPL, and/or applicable state consumer health data privacy laws.

You may revoke this authorization at any time through the https://sofwave.com/ cookie banner To do so, please be sure the box next to “Personalize marketing” is unchecked and click “Save my choices.” you may also click “Decline all” to decline our use of all cookies not required to operate our website.

A revocation will not impact previously sold consumer health data. In addition, if you use different browsers or devices, you must indicate your choices on each browser/device used to access https://sofwave.com/.

If you have any questions about how to revoke your authorization, please contact: privacy.policy@sofwave.com.

This authorization will expire one (1) year after accepting it.

Right to Unsubscribe: At any time, you may notify us of your refusal to receive the newsletter material by using the unsubscribe link in the messages that we send you.

Right to Review Personal Data: You have a right to review personal data about you which is held in our databases, subject to certain applicable legal limitations.

Right to Correct Personal Data: If you find that any of the personal data about you is inaccurate, incomplete, unclear, or outdated, you may request that this personal data be corrected or deleted. If we decide to refuse your request, we will notify you of our refusal in accordance with applicable law, and you may appeal our decision.

Right to Delete Personal Data Transferred From the EEA: If personal data about you is transferred to us from the European Economic Area (EEA) by a source other than yourself, you have the right to request its deletion. Such deletion request is subject to limitations under applicable laws.

Please contact us at privacy.policy@sofwave.com  to exercise your rights. We will ask you to provide certain details or credentials to verify your identity, before attending to your request.