Privacy Policy

This Privacy Policy describes Diagnosys LLC’s policies and procedures on the collection, use and disclosure of your personal information when you use the website. In connection with your collaboration with Diagnosys LLC or the local Diagnosys affiliate with which you are collaborating, Diagnosys will collect, process, and use personal data in accordance with applicable legislation. In this document, “you” and “user” mean any person or entity that accesses this website; “Diagnosys” “we,” or “us” refers to Diagnosys LLC, a Massachusetts limited liability company, and any of its affiliates, including its United Kingdom affiliate: Diagnosys UK Ltd and Diagnosys Vision Ltd.

Diagnosys LLC takes privacy seriously and recognizes that website users do too. We want you to  understand what information is collected through this website, how that information is used, and  how you can contact us if you have privacy questions.

Collecting and Using your Personal Data

While using our website, we may ask you to provide us with certain personally identifiable information  that can be used to contact or identify you or your customers. Personal identifiable information may  include, but is not limited to: email address, first and last name, mailing address and usage data.

Usage data is collected automatically when using the website. Usage data may include information such  as your device’s internet protocol address (e.g. IP address), browser type, browser version, the pages of  our website that you visit, the time and date of your visit, the time spent on those pages, unique device  identifiers and other diagnostic data.

When you access the website through a mobile device, we may collect certain information automatically,  including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP  address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

We may also collect information that your browser sends whenever you visit our website or when you access the website by or through a mobile device.

Use of Cookies

Like many companies, our website collects information about visitors through “cookies.”  Cookies are bits of text placed on your computer when you visit certain websites. Cookies allow  websites to remember your actions and preferences over a period of time.

How Do We Use Cookies?

We use functional cookies to record information about the choices you have made. This  information is typically anonymized and is not used for any other purpose.

We use the Google Analytics and HubSpot Demographics and Interests function and  performance cookies placed by other service providers to help us understand our visitors’  interests and improve our website functionality. These cookies provide us information on audience size, geographic locations, demographic information (such as statistics on age and  gender of visitors) and usage patterns. This information is primarily used for statistical purposes.  However, if at any time you provide us with your Contact Information, we may combine that  with information from our web analytic services to understand in more detail how you use our  website. If you choose to opt out of cookies, anonymized information will still be tracked and  gathered.

How Can You Control Cookies?

You can control and/or delete cookies as you wish – for details, visit aboutcookies.org. you can  delete all cookies that are already on your computer and you can set most browsers to prevent  them from being placed. If you do this, however, you may have to manually adjust some  preferences every time you visit a site and some services and functionalities may not work.

If you do not want to be tracked by Google Analytics and HubSpot, see Google Analytics’ opt out options here and HubSpot’s options here.

Information You Give Diagnosys

If you request more information about our products or services, or if you request a quote, we  may ask you to provide unique contact information, such as your name, company name, industry,  work address, work phone number, and work email address (“Contact Information”). While we  may share your Contact Information with our affiliates, we promise that we will never sell your  Contact Information or share it with someone unrelated to these purposes.

We process your personal data for the following purposes:

To be able to contact you in relation to your specific contractual relationship with  Diagnosys, i.e. sending out purchase orders, invoices, etc.

To comply with applicable legislation, i.e. on tax and bookkeeping

To be able to contact you in relation to your specific equipment.

Note, that while some of our customers collect third-party data from patients and health care  providers as part of their operations, which may include the use of Diagnosys equipment,  Diagnosys itself does not collect any such third-party data.

How Did We Obtain Your Personal Data?

The personal data Diagnosys is processing about you and your company is collected from you directly by us.

How Long Will We Store Your Personal Data?

We store your personal data for as long as necessary to fulfil the purposes above but normally no  longer than 5 years. However, if you provide services within an area regulated by health laws  and GxP rules, we may be required to retain certain personal data about you for up to 30 years.

Security of Your Personal Data

The security of your personal data is important to us, but remember that no method of  transmission over the internet, or method of electronic storage is 100% secure. While we strive  to use commercially acceptable means to protect your personal data, we cannot guarantee its  absolute security.

Data Protection Rights Under GDPR and California Consumer Privacy Act

In certain jurisdictions you may have the right to request access and receive information about  the personal information we maintain about you, to update and correct inaccuracies in your personal information, to restrict or object to the processing of your personal information, to have  the information blocked, anonymized or deleted, as appropriate, or to exercise your right to data  portability to easily transfer your personal information to another company. Those rights may be  limited in some circumstances by local law requirements. In addition to the above-mentioned  rights, you also have the right to lodge a complaint with a competent supervisory authority  subject to applicable law.

Where required by law, we obtain your consent for the processing of certain personal  information collected by cookies or similar technologies or used to send you direct marketing  communications, or when we carry out other processing activities for which consent may be  required. If we rely on consent for the processing of your personal information, you have the  right to withdraw it at any time and free of charge. When you do so, this will not affect the  lawfulness of the processing before your consent withdrawal.

To update your preferences, ask us to remove your information from our mailing lists, delete  your account or submit a request to exercise your rights under applicable law, please contact us  as specified in the “Contact Us” section below.

Diagnosys will process your personal data according to applicable legislation, including the EU  General Data Protection Regulation (“GDPR”) to the extent applicable.

What Is the Legal Basis In the EU For Our Processing Of Your Personal Data?

The legal basis in the EU for our collection and processing of your personal data set out above is:

GDPR art. 6(1)(f) (“the balancing of interest test”). It is Diagnosys’ assessment that the  processing of your personal data is necessary for the processing of vendor data. • GDPR art. 6 (1) (b) processing is necessary for the performance of a contract.  • GDPR art. 6 (1) (c) processing is necessary for compliance with a legal obligation, e.g.  according to applicable legislation, i.e. on tax and bookkeeping. As a medical  manufacturing company, Diagnosys is also obligated to abide by certain applicable rules  set out in applicable laws, and we may therefore also process your personal data to live  up to these rules.

Will We Disclose Your Personal Data To Third Parties?

For the purpose of complying with relevant tax and bookkeeping legislation, your personal data might be disclosed and shared with the following recipients:

A federal, state or local tax authority

If the Company is involved in a merger, acquisition or asset sale, your personal data may be  transferred in connection with such transaction, in which event your privacy rights would be  subject to the privacy policy of the acquiring entity.

Under certain circumstances, the Company may be required to disclose your personal data in  response to valid requests by public authorities (e.g. a court or a government agency).

The legal basis for the disclosure in the EU is:

The relevant local VAT notification duty in each EU country, cf. GDPR Article 6(1)(c)

Will We Disclose Your Personal Data To Data Processors?

No; we share the data with our in-house Diagnosys help Center only.

Will We Transfer Your Personal Data To Recipients In Countries Outside The EU/EEA?

We transfer your personal data to the following Diagnosys recipients located in countries outside  the EU/EEA:

Diagnosys LLC
55 Technology Drive, Suite 100
Lowell, MA 01851
U.S.A.

Your Rights

Diagnosys has taken necessary and adequate steps in order to protect your personal data and  ensure your rights as a data subject. Please note that certain limitations may apply to your ability  to exercise these rights. Subject to these limitations, you have the following rights:

Right of access
— You have the right to request access to the personal data Diagnosys processes  about you.

Right to rectification
— You have the right to rectification of inaccurate personal data concerning you,  including completion of incomplete personal data.

Right to erasure (right to be forgotten)
— You have the right to the erasure of the personal data concerning you.

Right to restriction
— You have the right to restrict Diagnosys processing of personal data concerning you.

Right to data portability
— Where processing is based on a consent or a contract and the processing is carried  out by automated means, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. you have the right to transmit this personal data to a third party without hindrance  from Diagnosys, if technically possible.

Automated individual decision-making, including profiling
— As a general rule you have the right not to be subject to a decision based solely on  automated processing, including profiling, which produces legal effects or affects you significantly. This does not apply if, among other things, automated decision making and profiling is necessary for entering into, or performing, a contract  between you and Diagnosys.

Right to object
— You have the right to object, on grounds relating to your particular situation, at  any time to processing of personal data concerning you which is based on  legitimate interests as legal basis for the processing (as set out in article 6(1)(f) of  the GDPR), including profiling based on this provision.
— Where your personal data are processed for direct marketing purposes, you have  the right to object at any time to processing of personal data concerning you for  such marketing, which includes profiling to the extent that it is related to such  direct marketing. Where you object to processing for direct marketing purposes,  Diagnosys must no longer process the personal data for such purposes.

If processing of your personal data is based on your consent, you may withdraw your consent at  any time. Please note that this does not affect Diagnosys’ processing of your personal data prior  to the withdrawal of your consent.

You also have the right to lodge a complaint with the competent supervisory authority.

If you wish to exercise any of your rights as described above or have any questions, please  contact the Diagnosys by using the contact information provided below.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. You are advised to review this Privacy  Policy periodically for any changes. Changes to this Privacy Policy are effective when they are  posted on this page.

Contact Details

Should you have any questions in regards to the protection of your personal data or if you wish  to exercise your legal rights, please contact Diagnosys by using the below contact details:

Diagnosys LLC
55 Technology Drive, Suite 100
Lowell, MA 01851
U.S.A.

Tel: +1 (978) 458-1600

Email: mail@diagnosysllc.com

433282.3