SSP Privacy Statement

Introduction
Stryker recognises that the personal information it receives is held in a position of trust. Stryker seeks to fulfill that trust by adhering to general principles regarding the protection of personal information. This Privacy Statement explains how we collect, use, share and protect information in the course of operating our business.

Scope
This Privacy Statement (“Statement”) applies to the personal information of consumers that is collected or used by Stryker, its affiliates or subsidiaries (collectively, “Stryker”, “we”, “our”, “us”). This Statement applies to all the personal information that Stryker collects when consumers interact with us, such as when visiting our websites, using or purchasing our products or services, contacting customer service and when interacting with us as a business customer, supplier or business partner (collectively, the “Services”). 

This includes, without limitation, all online and offline collections of all types of personal information. However, some Stryker collections involve types of data with special requirements (for example, health information) which require a different privacy notice. Whenever that is the case, Stryker will make it clear that the privacy notice concerned is different from this Statement.

For those who reside in California, please see our Privacy Notice for California Residents for additional information regarding our practices.

For those who reside in Australia and New Zealand, our Australian and New Zealand Privacy Policy below will also apply to you.

Information collection 
Stryker may ask you to provide personal information for purposes including, but not limited to, the following:

  • Buying Stryker products and services;
  • Activating or registering certain products and services or enhancing functionality;
  • Receiving information about Stryker products and services;
  • Participating in Stryker online communities, including our social media channels/pages; 
  • Storing your preferences for future interactions and communications from Stryker; 
  • Helping us to develop products and services and create campaigns that are designed around you, optimise customer services and continuously improve our websites; 
  • Helping us to improve products and services, and allowing Stryker to keep you informed of, or involve you in the testing of, new products and services; 
  • Resolving consumer and/or product and services issues; 
  • Registering visitors of Stryker facilities or Stryker organised events and conferences; 
  • Contract or tender management; and 
  • Receiving personalised messages, special offers and advertisements that are relevant to your personal interests, based on the information you have shared with us and on the information we have collected through cookies or similar techniques regarding your use of the Stryker websites/social media/blogs. 

Stryker maintains physical, technical, and administrative safeguards to protect your personal information and only allows disclosures as permitted by law to assist in providing products or services. We may also collect product and service information and provide these statistics to others in an aggregate form where the information has been de-identified.  

Personal information collected may include:

  • Contact information, such as name, address, email, telephone number, fax number, organisation name, and/or job title;
  • Unique identifiers and preference information such as username, password, marketing preferences, internet protocol (IP) address, browser type, operating system, computer or mobile device, or navigation and clickstream behaviour for online interactions;
  • Resume or CV, including work history, professional qualifications, publications, awards, references, completed trainings, and signature;
  • Food restrictions, passport info for travel bookings or identification purposes, social security number (where required by law), bank account details, (emergency) contact persons, family information (where applicable and in accordance with local law);
  • Creditworthiness, VAT number, product, purchase information history, request documentation;
  • Pictures, video and audio recordings where you have provided your permission;
  • Sensitive personal information, such as health information or reports of an individual end-customer (e.g.,concerning product claims and investigations, patient pre- and post-operative outcomes for research & statistical purposes, or criminal records for due diligence procedures in accordance with applicable law).

Stryker will retain and use the personal information collected for above mentioned processes and processing purposes in accordance with legal obligations. 

Legal Bases
The legal basis Stryker uses to process personal information will be dependent on the processing purposes and the jurisdictional legal requirements. Where the personal information collected involved is of EU citizens, in general, we use the following basis:

  • Consent to use the personal information, e.g. where this involves (digital) direct marketing activities and where we would like to use a photo, video or audio recording with identifiable individuals for external publishing; 
  • Establishment or performance of a contract, e.g. where we enter into a contract with a party and we collect contact information and signatures, as well as potential bank account details that may be linked to a representative of a company we do business with; 
  • Compliance with a legal obligation, e.g. where we need to disclose consumer details for compliance with (local or industry) laws such as the Physician Payments Sunshine Act or for compliance with the Medical Device Regulation; 
  • Legitimate interest of Stryker, e.g. where Stryker collects contact information and preferences, details for lodging and travel for attendees of Stryker organised events & trainings or third party hosted events & trainings in collaboration with Stryker; 
  • Public interest or for the exercise of public authority in strictly limited cases, e.g.. where we would be required to cooperate with the police or other government bodies in case of illegal conduct; 
  • For the establishment, exercise or defence of legal claims, e.g. for court cases; 
  • For scientific or research purposes, e.g. for clinical research studies with sufficient safeguards safeguarding confidentiality; 
  • For preventative and occupational medicine, medical diagnosis pursuant to contract with healthcare professionals; 
  • For public interest in the public health to ensure high standards of quality and safety of healthcare and products; and
  • Where the individual chooses to disclose the personal information publicly by its own initiative. 

If you choose not to provide the personal information we reasonably require, it may hinder Stryker’s ability to provide the information or services you have requested.

Cross-Border Transfers
To the extent personal information is transferred out of the country where the owner of that personal information lives, such as to Stryker affiliates or business partners in other countries, including in the United States, different standards may apply to how your data is used and protected in those countries. Stryker has appropriate safeguards in place in accordance with applicable legal requirements to ensure that data is adequately protected irrespective of the country. This includes obtaining written assurances from any third party given access to your data so as to require them to adopt standards that ensure an equivalent level of protection for data as that adopted by Stryker and standardized corporate safeguards and contractual measures (based on the European Commission Model Clauses) for internal data transfers to Stryker affiliates in third countries which are deemed to provide an inadequate level of data protection.

Privacy Statement for Children
Stryker will not collect personal information from anyone we know to be under the age of 16 without the prior, verifiable consent from his or her legal representative. Such legal representative has the right, upon request, to view the information provided by the child and/or to require that it be deleted. 

Retention of Information
Stryker will retain your personal information for as long as reasonably necessary to comply with legal obligations or for no longer as required for legitimate business purposes. 

Disclosure of Information
Stryker may share personal information we have collected with companies or agents doing technological maintenance or working on our behalf to help fulfil business needs, including providing customer services and distributing marketing communications. Stryker may also share personal information with our subsidiaries and affiliates.

Other service providers that may be used to perform certain functions on our behalf and to whom personal information may be disclosed in order to perform their intended function include call-centre support, sending or processing postal or electronic mail or analysing or hosting information on cloud-based servers. 

Stryker does not share your personal information with unaffiliated third parties for their own direct marketing purposes.

Security
The security and confidentiality of your personal information matters to us. For this reason, Stryker has physical, technical and administrative controls in place to protect your personal information from unauthorised access, use and disclosure. Stryker evaluates these safeguards on an ongoing basis to help minimise risks from new security threats as they become known.

Rights
You may request details of personal information which we hold about you. If you believe that any personal information we are holding about you is incorrect or incomplete, please contact us as soon as possible, at the address below. We will promptly correct any personal information found to be incorrect.

You may always choose to object to the collection or use of your personal information or to have your information erased. If you would like a copy of the information held about you for your own use or to transfer to another party, or if you wish to exercise any other right, please contact us at globalprivacy@stryker.com.

Updates to Privacy Statement

This Statement may be amended at any time. If material changes are made in how personal information is collected, used, disclosed or otherwise processed, this Statement will be updated and notices will be provided when/where appropriate. Any material changes to this Statement will be effective at the time of our posting of the notice of the update. Where required to do so by law, Stryker may seek your prior consent to any material changes we make to this Privacy Statement.

Contact

If you have any questions, concerns or comments about this Statement, please contact us. Stryker will use reasonable efforts to respond to you as soon as possible.


Send mail to:
Stryker Corporation
Attn.: Data Privacy Director
2825 Airview Boulevard
Kalamazoo, MI 49002

Send email to:
globalprivacy@stryker.com

EU Data Protection Officer: europe.privacy@stryker.com

If we fail to respond to you within a reasonable period of receiving it in writing, or if you are dissatisfied with the response that you receive from us, you may lodge a complaint with the data protection authorities in your home country.

PLEASE READ THIS PRIVACY STATEMENT CAREFULLY. THIS PRIVACY STATEMENT IS MADE AVAILABLE TO YOU FREE OF CHARGE.

Australian and New Zealand Residents  

Introduction
Stryker Australia Pty Ltd, Stryker New Zealand Limited and its affiliates or subsidiaries (“Stryker”, “We”, “Us”) is committed to the protection and correct use of information. This Privacy Statement tells you how we protect and use any information we gather through this website and through any other source. 

Stryker reserves the right to change this Privacy Statement at any time and for any reason without prior notice to you. The last date this Privacy Statement was modified can be found at the end of the Statement.

Your rights
We will handle any personal information that we collect in accordance the Australian Privacy Principles. The Australian Privacy Principles (“APPs”) ensure that your personal information is managed in an open and transparent way. The APPs grant you a right to:

  • Access any of your personal information that we hold
  • Correct your personal information
  • Complain about a breach or perceived breach of your rights

To the extent it applies to you, we will also handle any personal information that we collect in accordance with the Privacy Act 2020 (NZ) and the Health Information Privacy Code 2020 (NZ).

To enforce any of these rights, contact the Stryker Privacy Officer at the following address:

  Australian residents New Zealand residents
Email privacyaustralia@stryker.com privacyaustralia@stryker.com
Post Privacy Officer
Stryker Australia Pty Ltd
8 Herbert St
St Leonards, NSW 2065
Privacy Officer
Stryker Australia Pty Ltd
8 Herbert St
St Leonards, NSW 2065

Stryker will respond to these requests within thirty (30) days. All requests will be handled by Stryker’s Privacy Officer in accordance with relevant laws.  Access to, and correction of, your personal information is made available to you by Stryker free of charge.

Non-Personal Information

Non-personal information includes any information Stryker Australia gathers about you that does not contain your identity, and that cannot reasonably be used to ascertain your identity. Each time you visit Stryker’s website to read or download information we may collect non-personal information about you from your computer including the following ("non-personal information"):

  • the web browser you use 
  • the name of the domain from which you access the Internet
  • the Internet address of the website from which you linked directly to our website
  • the date and time you access our website
  • the pages you have visited on our website
  • any questions, comments and suggestions (“Feedback”) that you submit 

Stryker may also collect certain non-personal information including patient identification numbers and corresponding implant part numbers from hospitals.

What does Stryker do with non-personal information? 
We will use non-personal information to help us make our website more useful to visitors and for other business purposes. We may prepare reports and other materials using non-personal information. 

Any non-personal information you provide to us may be used in any way, and we are free to reproduce, use, disclose, exhibit, display, transform, commercialise, create derivative works and distribute this information to others without limitation. 

Further, Stryker shall have no obligation to acknowledge and may not be prohibited from using any ideas, inventions, concepts, know-how or techniques contained in Feedback or anything else you send to Stryker via its website for any purpose whatsoever, including, but not limited to, developing, manufacturing and marketing products incorporating such Feedback. 

Stryker collects patient identification numbers and corresponding implant part numbers to help us ensure patient safety. This information is necessary to manage the safety requirements of medical devices.

Personal Information
Personal information is any kind of information or opinion stored in physical or electronic form about an identified individual, or information or opinion about an individual who is reasonably identifiable. The information or opinion does not have to be correct to be protected by the APPs.

What kinds of personal information does Stryker collect?

The personal information that we collect from you may include:

  • your name
  • address
  • email address
  • professional status
  • place of employment
  • professional titles, registration or speciality field
  • other personal information 

Stryker will collect this information with your consent wherever practicable. Stryker may also collect certain non-personal information including patient identification numbers and corresponding implant part numbers from hospitals.

How does Stryker collect your personal information?
Most of our services do not require any form of registration and we allow you to visit the public areas of our website without providing us with any personal information. 

If you register with for certain services, you may need to provide some personal information. If you choose to withhold this information it may not be possible for you to gain access to the full service. 

We also receive some personal information from hospitals and other service providers that have direct contact with patients. This information is provided to Stryker to enable us to identify and investigate health risks relating to our products and provide sufficient information to these entities to allow them to take the necessary corrective or preventative action. Stryker collects this information with the consent of the patient wherever practicable.

How does Stryker use your personal information?
We may use the personal information we collect to perform activities including the following: 

  • contact you, via email, regular mail, telephone or otherwise
  • provide you with information that we believe may be of interest to you, which may include marketing our products and services to you;
  • develop records, including records of your personal information 
  • develop and improve programmes, products, services and content 
  • enforce this Privacy Statement and website Terms of Use 
  • protect Stryker's rights or property 
  • protect someone's health, safety or welfare 
  • comply with a law or regulation, court order or other legal process.

By submitting personal information you agree that we may keep a record of this information and may use it in accordance with the above. 

How does Stryker store and protect your personal information?
We recognise our responsibility to protect any personal information that is entrusted to us. We have taken reasonable steps to protect this information from any interference, misuse, loss, unauthorised access, modification or disclosure.

We use a variety of secure techniques to protect your personal information including secure forms and servers, firewalls and the encryption of your data. We have also taken reasonable steps to ensure that any overseas recipients of your personal information store this information using the same or equivalent secure techniques.

Stryker stores all of your personal information in accordance with your rights under the Australian Privacy Principles and any other rights granted by the Privacy Act 1988(Cth) and Australian State law. 

Accessing personal information held by Stryker
You have a right to access any of your personal information held by us. To make a request for access to this information contact Stryker Australia’s Privacy Officer. Stryker will respond to these requests within a reasonable time period.

No charges will apply to the making of a request for information. Access will be provided in the form that you request where reasonable to do so. Stryker may charge a reasonable fee to cover material costs where personal information is provided in printed form.

We will provide you with written reasons if your access is refused.  We will only refuse a request for access to personal information where:

  • The requested access is in contravention of a law or court order; or
  • There are reasonable grounds to believe that access constitutes a serious threat to individual or public health or safety; or
  • Stryker has  a reasonable belief that the requested access relates to unlawful activity or serious misconduct relating to Stryker’s functions or activities; or
  • Stryker has a reasonable belief that disclosure of the requested information may prejudice an investigation.

If you wish to make a complaint about a refusal by Stryker to provide access to your personal information please refer to the section ‘Making a Complaint’, below.

Correcting your personal information
Stryker Australia Pty Ltd will take reasonable steps to correct any personal information we store to ensure that it is accurate, up-to-date, complete, relevant and not misleading where:

  • We are satisfied that the personal information held needs to be corrected; or
  • An individual requests that their personal information be corrected.

To make a request for your personal information to be corrected contact Stryker Australia’s Privacy Officer. Stryker will respond to these requests within thirty (30) days.

No charges will apply to the making of a request for correction of your personal information, for associating your request with the relevant personal information, or for correcting that personal information.

Stryker will provide you with reasons in writing if your request for correction is refused. To make a complaint about a refusal to correct your personal information, you may contact the OAIC using the information provided in the section ‘Making a Complaint’ below.

Sharing personal information with others
In order to better manage the storage of your personal information, and to appropriately investigate certain healthcare matters, Stryker Australia Pty Ltd may disclose this information to overseas recipients, including entities under common ownership with Stryker Australia Pty Ltd.

These entities are located in:

  • United States of America
  • Japan
  • Republic of Ireland
  • Germany

Stryker takes seriously the protection of your personal information and has taken all reasonable steps to ensure that these overseas recipients store and protect your information in accordance with your rights under the Privacy Act 1988, including the Australian Privacy Principles.

If you believe that your rights have been breached by any of Stryker’s overseas data recipients, contact Stryker Australia’s Privacy Officer.

Is Stryker ever required to share information with third parties?
Except as otherwise written in this Privacy Statement, we will keep your personal information private and will not share it with others, unless the disclosure is necessary to:

  • comply with a law or regulation, court order, subpoena or other legal process
  • protect our rights or property
  • enforce our Terms of Use or this Privacy Statement 
  • protect a person’s health or safety.

In addition, you are prohibited from posting or transmitting any unlawful, threatening, libellous, defamatory, obscene, scandalous, inflammatory, pornographic, or profane material or any material that could constitute or encourage conduct that would be considered a criminal offence, give rise to civil liability, or otherwise violate any law. We will fully cooperate with any law enforcement authorities or a court order requesting or directing us to disclose the identity of anyone posting any such information or materials.

Making a complaint about a breach of your rights
If you believe that a breach of your rights under the Australian Privacy Principles has occurred, you may contact Stryker Australia’s Privacy Officer. Stryker may be able to resolve the breach by correcting or destroying your information. Stryker will respond to your request within thirty (30) days.

If you wish to make a complaint about a breach of your rights, you may contact the Office of the Australian Information Commissioner (OAIC) by email, web form, or post using the following contact details:

Email: enquiries@oaic.gov.au
Web form: https://forms.business.gov.au/aba/oaic/privacy-complaint-/

Post: GPO Box 5218 Sydney NSW 2001 or  GPO Box 2999 Canberra ACT 2601

For more information or assistance in lodging a complaint you may also phone the OAIC Enquiries Line on: 1300 363 992 within Australia, or + 61 2 9284 9749 for locations outside Australia.

Are there special rules about children’s privacy?
We care about protecting the privacy of children. It is our policy never to knowingly collect or to maintain information about anyone under the age of 16 (such as a child's name or email address). If you believe that we have collected personal information from a child under the age of 16, please contact us using the details above.

Last Modified
August 2022