Privacy Policies
PRIVACY POLICY
1. Pledge on Privacy
The term "personal data" as used in this Policy refers to information such as your name, birth date, e-mail address or mailing address, which can be used to identify you. CIBA VISION will not process your personal data without your consent.
In processing your personal data, we pledge to fully comply with internationally recognized standards of privacy protection. In so doing, we ensure compliance by our staff with strict standards of security and confidentiality.
The next sections explain how and when we collect personal data from you.
2. Intended Use of Personal Data
Most of our services do not require any form of registration, allowing you to visit our site without telling us who you are. However, some services may require registration. When you register with us, you may need to complete certain fields (some are required and some are optional), as well as choose a user name and password. In these situations, if you choose to withhold any personal data requested by us, it may not be possible for you to gain access to certain parts of the site and for us to respond to your query.
CIBA VISION processes personal data for specific and limited purposes, which we inform you about when we ask you for information. For example, we may collect and use personal data to provide you with products or services, to bill you for products and services you request, to market products and services which we think may be if interest to you, or to communicate with you for other purposes. Information you send to our customer service department is used only to help resolve your problem and is otherwise kept private.
CIBA VISION keeps your data only for as long as is reasonably needed for such purposes and in accordance with any applicable legal or ethical reporting or documentation retention requirements.
3. Non-Disclosure of Information
CIBA VISION will not sell, share, or otherwise distribute your personal data to third parties outside the Novartis group. However, personal data may occasionally be transferred to third parties that act for or on behalf of CIBA VISION, or in connection with the business of CIBA VISION, for further processing in accordance with the purpose(s) for which the data were originally collected.
Where disclosure of personal data to a third party is likely or necessary for whatever reason, CIBA VISION will, wherever possible, endeavor to ensure that the disclosure and intended use of the data are clearly indicated.
Such third parties may operate different Privacy Policy. However, we endeavor to ensure that such third parties provide the same level of protection as CIBA VISION and, where appropriate, we will contractually require them to process data transferred only for the purposes expressly authorized by CIBA VISION.
We will not share with third parties any data about you that is sensitive (e.g., medical information) in the absence of your prior and explicit consent. Your consent may always be revoked at a later date. If consent is revoked CIBA VISION may not be able to carry out certain requests made by you. CIBA VISION will, where practicable, inform third parties to which your data have been transferred of your withdrawal of consent.
4. Right of Access
You have the right to access and update your personal data or to require their deletion. We endeavor to ensure that personal data are up-to-date, accurate, and complete. If you wish to access or correct your personal data held by us, please contact us. Your requests will be dealt with in a prompt and proper manner. No charge will be levied for complying with a correction request, however, for all other requests CIBA VISION may charge a small fee to cover its costs. Requests to delete personal data will be subject to any applicable legal and ethical reporting or document filing or retention obligations imposed on CIBA VISION.
5. Security and Confidentiality
To ensure the security and confidentiality of personal data that CIBA VISION collects on-line, CIBA VISION uses data networks protected, inter alia, by industry standard firewall and password protection. Access to personal data is restricted to those employees who have a need to use the data and who have been trained to handle such data properly and observe strict standards of confidentiality. If an employee breaches our Privacy Policy he/she will be disciplined accordingly. Staff compliance with our policies and procedures is regularly audited and reviewed. While we cannot guarantee against any loss, misuse or alteration to data, we try to prevent such unfortunate occurrences.
6. Data Transfer Abroad
CIBA VISION and its Parent company Novartis are a global enterprise and have databases in different jurisdictions. Novartis and/or CIBA VISION may transfer your data to one of its databases outside your country of domicile. If the level of privacy protection in a country does not comply with recognized international standards, we will ensure that data transfers to Novartis databases in that country are adequately protected and that the transfer of data to third parties in such countries will not occur unless we obtain your express consent to such transfer in advance.
7. Anonymous Data and "Cookies"
Most of the information that CIBA VISION collects from its website(s) is anonymous information, such as the pages you visit and searches you perform. When you visit our website we do not collect any personal data from you unless otherwise authorized by you.
Anonymous information is processed by CIBA VISION to help improve the contents of the site and to compile aggregate statistics about individuals using our site for internal, market research purposes. In so doing, CIBA VISION may install "cookies" that collect the first level domain name of the user (e.g., "bigmail.com" from an e-mail address of "john@bigmail.com") and the date and time of access. "Cookies" by themselves cannot be used to discover the identity of the user. A "cookie" is a small piece of information which is sent to your browser and stored on your computer's hard drive. Cookies do not damage your computer. You can set your browser to notify you when you receive a "cookie", this will enable you to decide if you want to accept it or not.
8. Spamming
CIBA VISION does not condone "spamming". Spamming is defined as sending unsolicited e-mails, usually of a commercial nature, in large numbers and repeatedly to individuals with whom the sender has had no previous contact or who have declined to receive such communications.
In contrast, where CIBA VISION believes that certain product, health, or other information is of importance to you it reserves the right to inform you by e-mail whilst giving you the choice of opting out of such service.
9. Personal Information and Children
CIBA VISION will not knowingly collect, use or disclose personal data from a minor under the age of 13, without obtaining prior consent from a person with parental responsibility (e.g., a parent or guardian) through direct off-line contact. We will provide the parent with (i) notice of the specific types of personal data being collected from the minor, and (ii) the opportunity to object to any further collection, use, or storage of such information. CIBA VISION abides by the Children's Online Privacy Protection Act in the U.S. and respect similar laws designed to protect children found in other countries.
10. Links to Other Sites
This Privacy Policy applies only to CIBA VISION websites to the exclusion of third party websites. CIBA VISION may provide links to other websites which we believe may be of interest to our visitors. We aim to ensure that such websites are of the highest standard. However, due to the nature of the World Wide Web, CIBA VISION cannot guarantee the standards of every website link it provides or be responsible for the contents of non-CIBA VISION sites.
11. Contact CIBA VISION
If you have any queries or complaints about our compliance with this Privacy Policy, or if you would like to make any recommendations or comments to improve the quality of our Privacy Policy, please contact us.
SAFE HARBOR PRIVACY STATEMENT
Safe Harbor StandardsThis Safe Harbor Privacy Statement (the "Statement") sets forth the privacy principles followed by
CIBA Vision Corporation in connection with the transfer and protection of "personal information" received from the European Union (EU) or Switzerland.
About The Safe Harbor
The "Safe Harbor" program was jointly established in June 2000 by the United States Department of Commerce and the European Commission, as a method for transferring personal information from the European Union (EU), to companies in the United States. The program is a voluntary self-certification process for companies operating in the United States. Companies that certify represent that they are upholding privacy standards for personal information received from the EU that have been jointly accepted by the EU Commission and the US Department of Commerce. These standards exceed current US privacy standards. CIBA Vision Corporation has certified to the Safe Harbor program and makes that commitment.
"Personal Information" means information that can directly or indirectly lead to the identification of a living person, such as an individual's name, address, e-mail, telephone number, license number, medical identification number, photograph, or other identifying characteristic. The identification can occur by reference to one or more factors specific to the individual's physical, physiological, mental, economic, cultural or social identity. Personal information does not include information that has been anonymized, encoded or otherwise stripped of its identifiers, or information that is publicly available, unless combined with other non-public personal information.
Scope
This Statement governs personal information transferred from countries in the EU or Switzerland (which has adopted substantially similar privacy laws to those of the EU), to the United States on behalf of CIBA Vision Corporation. It applies to personal information in electronic and off-line formats.
Safe Harbor Privacy Principles
The following privacy principles apply to the transfer, collection, use or disclosure of personal information from the EU by CIBA Vision Corporation.
Notice: CIBA Vision Corporation informs individuals in the EU about the purposes for which it collects and uses their personal information, how to contact CIBA Vision Corporation, the types of third parties with which CIBA Vision Corporation shares their personal information, and the choice and means CIBA Vision Corporation offers for limiting the use and disclosure of their personal information.
Consistent with the Safe Harbor requirements, CIBA Vision Corporation may not be in a position to furnish notice in certain limited situations. Specifically, notice is not required where the processing of EU personal information is necessary to respond to a government inquiry; is required by applicable laws, court orders or government regulations; or is necessary to protect CIBA Vision Corporation' legal interests and providing notice would interfere with those interests.
Choice: CIBA Vision Corporation will not process personal information about EU individuals for purposes other than those for which the information was originally obtained or subsequently authorized by the EU individual unless the individual affirmatively and explicitly consents ("opt-in") to the processing, or unless an exception applies. CIBA Vision Corporation also provides EU individuals with the opportunity to withdraw consent at any time ("opt-out"), in which case their personal information will not be further processed. There are certain limitations on the right to opt-out, such as those that apply in the clinical research situation. In that situation, CIBA Vision Corporation can continue to rely upon personal information already provided by clinical research participants who choose to discontinue participation in a clinical trial, to the extent needed to protect the integrity of the study, but cannot collect any additional personal information about that individual once the written request to withdraw participation is received.
Data Integrity: CIBA Vision Corporation seeks to ensure that any personal information held about EU individuals is accurate, complete, current and otherwise reliable in relation to the purposes for which the information was obtained. CIBA Vision Corporation collects personal information that is adequate, relevant and not excessive for the purposes for which it is to be processed. EU individuals have a responsibility to assist CIBA Vision Corporation in maintaining accurate, complete and current personal information about them.
Transfers To Third Parties: CIBA Vision Corporation will only transfer personal information about EU individuals to third-parties where the third-party (a) has provided satisfactory assurances to CIBA Vision Corporation that it will protect the information consistently with this Statement; or (b) is located in the EU or a country considered "adequate" for privacy by the EU Commission, and therefore is required to comply with the EU data protection laws or substantially equivalent privacy laws; or (c) the third-party has also certified to the Safe Harbor, and is accordingly independently responsible for complying with the Safe Harbor requirements.
Where CIBA Vision Corporation has knowledge that a third-party to whom it has provided EU personal information is processing that information in a manner contrary to this Statement or the Safe Harbor requirements, CIBA Vision Corporation will take reasonable steps to prevent or stop the processing.
Access And Correction: Upon written request to CIBA Vision Corporation, CIBA Vision Corporation will provide EU individuals with reasonable access to their personal information. CIBA Vision Corporation will also take reasonable steps to allow EU individuals to review their information for the purposes of correcting their information. There are certain limitations to the Access and Correction rights, as set forth in the US Department of Commerce's Safe Harbor website.
Security: CIBA Vision Corporation takes reasonable precautions to protect EU personal information in its possession from loss, misuse, unauthorized access, disclosure, alteration and destruction.
Enforcement: CIBA Vision Corporation has established internal mechanisms to verify its ongoing adherence to this Statement. CIBA Vision Corporation also encourages individuals covered by this Statement to raise any concerns about our processing of their personal information by contacting CIBA Vision Corporation' Privacy Office at the address below or by contacting their local privacy officer or Legal Department. CIBA Vision Corporation will seek to resolve any concerns. CIBA Vision Corporation has also agreed to participate in the dispute resolution program provided by the European Data Protection Authorities.
Limitation On Scope Of Principles: Adherence to these Privacy Principles may be limited to the extent required to meet a legal, governmental, national security or public interest obligation.
Effective Date: This Safe Harbor Privacy Statement is effective as of December 16, 2008.
Contact Information: Questions or comments about this Statement should be directed to:
Latonya Raston
Counsel/Privacy Officer
CIBA Vision Corporation
11460 Johns Creek Parkway
Duluth, Georgia 30097
Latonya.Raston@cibavision.com