2. Who we are
The legal entity who is controller and responsible for processing your personal data is:
GN Hearing Ltd, Unit 13, Talisman Business Centre, OX26 6HR (the “Company”).
Data Protection Officer
For general questions concerning personal data you may contact our data protection officer on (click on the link): GN Data Privacy Inquiry Site
For specific request concerning your personal data you may contact our data protection officer on (click on the link): GN Data Privacy Request Site
The Company is part of an international group of companies which is engaged in different activities: production and marketing of for example hearing instruments, headsets, speakerphones, webcams, accessories and other services and products.
These products and services are marketed under a variety of brands such as Resound, Beltone, Interton, Jabra, Blueparrott, Falcom, a.m.
The GN companies may act as independent controllers or processors in relation to each other. The GN companies may also act as joint controllers when processing your data. In such case we jointly determine the purposes and means of processing personal data. We have determined how the respective tasks and responsibilities in the processing of personal data are structured and who fulfils which data protection obligations.
GN Store Nord, Lautrupbjerg 7, 2750 Ballerup, Denmark (“GNSN”) is an affiliated company to the Company. GNSN is at your disposal as your central point in case of any questions in relation to our use of personal data, and GNSN can be contacted using the contact information above. You are also free to assert your rights by contacting any of the involved companies. In case you do so and if necessary, GNSN and the company in question will coordinate in order to respond to your inquiry and to guarantee your rights as a data subject.
3. How we collect your personal data?
We collect your data in different scenarios and from different sources, such as directly from you, through third parties and/or through automated means, such as:
- We collect and use personal data such as data that you provide to us yourself, e.g. when you type in information when using our websites, our apps, contact us on telephone, email, text or through other channels to purchase products or services, request support, provide ratings, apply for job positions, subscribe to newsletter or white papers, participate in a competition, a test, meetings, events, promotions or surveys;
- We may collect contact data or other business-related data about you if you are an employee with, or otherwise engaged by any of, our partners;
- We may use personal data about you as an end user of our products and services received from our partners, such as your hearing care professional and/or similar partners to the extent provided by such hearing care professionals or partners.
- we may use information from rating companies or other agencies providing information about you; and
- We may use personal data about you from publicly available sources;
- We may use automatically collected information about you collected when you use our websites or apps, open our emails/messages or from the use of third parties’ websites or apps; (cf also more about Automatically Collected Information).
- We may receive personal data about you from various third parties (including social media platforms, search engines and other similar third-party websites), when you communicate with us or otherwise use our services on social media platforms and similar websites; (cf. also the section on social media platforms below).
4. What data do we use and why?
We use the personal data to achieve purposes such as outlined below:
- to maintain a professional relationship with our business partners, we collect your and/or your company’s contact info, title, records of sales, plans, professional activities, product inquiries, minutes of meetings, services provided to you or your company etc;
- to allow for purchasing, self-service and training by our customers we give you access to profile areas such as web shops or partner portals. In this connection we collect your contact info where needed, depending on the service, your access credentials and the activity you create within the portals, such as purchases, downloads, training completed etc;
- to provide and supply services and products requested and/or purchased by you and to communicate with you about such services and/or products, i.e. requests, inquiries, complaints in relation to these, we may use your contact information such as name, address, email, phone number, your purchase history, payment information and your specific requests. If you are a current or potential customer of our hearing aids or other medical related products, we may also collect and use sensitive information about your health where necessary and when provided by you to us and/or your hearing care professional. If you are acting on behalf of another person, we note your contact information and our communication;
- to manage our hiring process when you apply for a job in our company, we collect the information such as your name, email address, postal address, phone number, nationality, language skills, education, job history, and other information you choose to include in your job application or CV. We encourage you to not provide us with sensitive information about yourself.
- to provide you with the chance to have your hearing ability tested, we offer certain hearing tests online, and subject to your consent, we collect information such as your contact information, age, gender and your test result and transfer this to a hearing care professional in order for the hearing care professional to contact you regarding a hearing consultation;
- to recommend products and services we think you will be interested in, we may contact you on phone, text, social media, email or in browsers, subject to the consent you have given us (where required). When doing so we use your information such as name, address, email, phone number, purchase history and the information we have registered about your preferences, including but not limited to Automatically Collected Information collected via your use of GN websites (separate consent), emails, GN apps and other websites (see more about Automatically Collected Information below);
- to provide you with our services in our apps, subject to your privacy choices, we collect and use Product and Device Information (as defined below). We may also collect information such as name, address, telephone, age, gender, and location (if you have accepted a GPS-enabled service) and other data types. Some of our apps have features that require you to take pictures of yourself and your hearing aids. These features rely on facial and object recognition technologies and are used with the purpose of ensuring a good quality fitting and sound experience for you. The pictures are only stored locally in the app and are not accessed or used by GN nor shared with any third parties. The pictures can be deleted directly in the app or simply through uninstalling the app from your phone. Some of our apps allow you to subscribe to functionality, for example, to create your own plan for managing tinnitus;
- to tailor products and services to you, and subject to your consent, we collect information such as age, gender, location, usage data, hearing loss, purchases, returns, requests, complaints, ratings, feedback on surveys, hearing aid usage logs, fitting information, device usage etc. to understand your individual characteristics and to provide you with recommendations for usage, products, services, guidance etc;
- to better understand how people interact with our products and services, to analyze trends, to create statistical information, to develop optimized and personalized product and feature profiles, we use information in an anonymized format such as age, gender, location, usage data, hearing loss, purchases, returns, requests, complaints, ratings, feedback from surveys or test panels, hearing aid usage logs, fitting information, collected actively from you, via online services and or from a designated partner e.g. a hearing care professional or other partners;
- to better understand how people interact with our websites and apps, to analyze trends, to ensure security on our websites, to create statistical information, to develop optimized and personalized product and feature profiles we, subject to your consent, where required, collect certain automated information (“Automatically Collected Information”):
- to ensure payment for subscription of certain services through our websites, your contact and payment information may be collected. GN may use external payment providers for this service and GN will in such case not have access to your payment information. GN refers you to the payment service providers’ personal data policies for information about your payment;
- for subscription of apps through various third-party app stores, GN refers you to privacy policies available within these services;
- to communicate with current and potential customers, to market, improve and develop our products and services and to inform about various activities, we use social media platforms cf. also the section on social media platforms below;
- to prevent or detect fraud and to establish, exercise or in defense of legal claims, we use your contact info such as name, address, email, phone number and the information we have registered about your requests, inquiries, purchases and returns;
- to comply with applicable legislation such as tax, accounting or medical requirements and/or requests from law enforcement agencies, we use and share with such law enforcement agencies and regulatory authorities, information about purchases, returns or complaints and your contact info such as name, address, email, phone number to the extent required;
- We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for an additional purpose which is compatible with the original purpose. If we were to consider using your personal information for a new purpose, we will inform you or, as required, collect your consent.
5. What is our legal basis?
Applicable personal data legislation may require us to outline the legal basis on which we collect and use your personal data. This is for example a requirement under the EU General Data Protection Regulation and similar national legislation.
Below we have outlined the legal basis we rely on to collect and use your data. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
We will use your personal data based on the following legal bases:
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, we base our use on our legitimate interest;
- where the information is needed to perform a contract, we are about to enter into or have entered into, we rely on the performance of the contract as a legal basis;
- where the information is needed to comply with a legal or regulatory obligation, we rely on this as a legal basis;
- where your consent is required as a legal basis for processing your personal data, we strictly use your data based on your consent;
- Where it is necessary for the establishment, exercise or defense of legal claims.
When we rely on our legitimate interest, we do this to:
- manage our relationship with you and comply with any obligations towards you and/or third parties;
- study how e.g. customers purchase, return, use or react to our products/services in order to provide you with better products and services;
- run our business and ensure provision of administration and IT services and hereby provide you with the products and services you have purchased, and to provide effective service and support to you;
- ensure your safety when using our products and services and visiting our websites;
- prevent fraud and hereby ensure you the best possible service and support experience.
- send you newsletters;
- use your health data;
- transfer your data to a third-party or affiliate inside or outside your country;
We will only use and transfer your personal data when applicable law allows us to.
6. What happens if you fail to provide us with the required data?
Where we need to collect personal data by law, or under the terms of a contract we have with you or your company and you fail to provide us with the data when requested, or choose to withdraw a former given consent, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you or your organization have with us; but we will duly notify you about this if relevant.
7. Social media and online search platforms
This section describes how we process your personal data in connection with your interaction with us as a data controller by use of different social media platforms and online search platforms, such as Facebook, Instagram, X, YouTube, LinkedIn, Google and more.
We use social media platforms to get in contact with current and potential customers, to improve, develop and market our products and services and to inform about various activities, i.e. we use the social media platforms:
- to understand our current and potential customers on social media platforms in relation to their demographic, preferences and interests;
- to analyze trends to develop and improve our services and communications;
- to process and respond to requests and inquiries received from you;
- to carry out market surveys to improve and develop our services and communications for the benefit of our users through our social media pages; and
- to recommend products and services we think you will be interested in, we carry out direct marketing to our customers and/or potential customers. However, if we use electronic methods, such as email or direct messaging through our social media pages, for instance, to send direct marketing to you, we will only do so if it is permitted under the applicable rules on direct marketing.
We may use information about you, such as your name, email, age, gender, country, job title, current and former employer, education background, profile picture, interests, your friend list/connections/followers, and other publicly available information, provided that you have published all or parts of this information on your social media profile, posted it on one of our social media pages or sent it directly to us via our social media platforms.
In some cases, for instance, in relation to our certain social media platforms we may act as joint controller together with a social media platform in relation to the processing of your personal data.
We generally refer to the different social media platforms' privacy policies and cookie policies for more information about their processing of your personal data, including any information on when our use is considered joint use with the social media platform in question. Below you will find a listing of the social media platforms that we use and a reference to their privacy policies.
8. Cookies and similar technologies
Both we and our third-party tracking partners use browser storage, app storage, cookies and similar technologies like pixels, beacons, scripts and tags to operate our websites and apps, and provided you have given consent, we use these to analyze your use and market products and services to you.
Cookies are small data files that your browser sets on your computer or device. A cookie itself does not contain or collect information. However, when it is read by a server via a web browser, it can help a website deliver a more user-friendly service – for example, remembering previous purchases or account details.
An example of another technology similar to cookies is a pixel. A pixel is a small piece of code that is embedded in an email or on a website. Pixels are used to track user behavior, such as whether an email was opened or a link was clicked. They work by loading a tiny image that sends a signal back to the server when it is loaded. This signal can be used to track user activity and provide analytics data to the website or email sender.
We only use your data to the extent you have given us your consent, where required, to use the data.
If you do not give your consent to certain cookies, please note that some parts of our website or apps may become inaccessible or not function properly.
We are using various types of cookies which can be categorized into four different categories:
Necessary Cookies: Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. Further, necessary cookies keep you logged in, provide security and fraud prevention, hold your digital shopping bag stored while you browse and remember volume settings and more. The website cannot function properly without these cookies. This category of cookies cannot be disabled and does not require a consent.
Statistical Cookies: Statistical cookies collect data for statistical purposes only, such as analyzing and reporting visitor interactions with a website.
Preference Cookies: Preference cookies are used to enable a website to remember information that changes the way the website behaves or looks, like your preferred language.
Marketing Cookies: We use both first-party(GN) cookies and third-party cookies.
The first-party cookies are used to learn more about your interest, including which sites and adds you click on, which products and services you are interested in, or purchase, on our websites or apps. We use this data to show you more personal marketing and product recommendations on our websites or in our apps, in our membership and program offerings and to use the information about your interests and behavior on our website to make the content of any marketing messages we send the user more relevant based on your interest and site behavior.
Third-party cookies allow third parties to collect cookies allowing us to make targeted marketing/ads of our products and services on other websites, apps and on social media. The third parties will set cookies tracking your interests and behavior including which products and services you are interested in, or purchase, on this and other websites, social media, apps and devices. Be aware that these third parties are either joint or independent data controllers of the personal data tracked via the cookies and they will also use the data for their own purposes.
Necessary cookies are essential for the website, and you cannot opt out of them, but you can delete necessary cookies after use – see how below.
For all other cookies, you can adjust your settings and revoke your consent.
However, cookies are placed on your device. This means that we cannot delete any cookies already placed. You must do that yourself in the way prescribed by your specific device. If you are on a website operated by us, you can also avoid cookies being placed by adjusting the browser settings on your device. If you are using an app published by us, please note that cookies set in an app work in a different way and you will have to control this via your device directly. Browser cookies are set to expire. Similar types of technologies like local storage on your device, do not have expiration built-in but must be deleted by you. We have linked to instructions on how to adjust/delete cookies on some of the more common devices below.
Please find examples of guides on how to block cookies and how to remove cookies in the various browsers for PCs and Macs:
We do not knowingly or specifically collect personal data from users under the age of 13 and no one under age 13 is authorized to submit any information, including personal data on our websites. Parents or legal guardians of children under age 13 cannot agree to these terms on their behalf. If it is determined that such information has been inadvertently collected on anyone under the age of 13, we shall immediately take the necessary steps to ensure that such information is deleted from our system's database.
We will not share or disclose your personal data, except as described herein or otherwise stated at the time the personal data is collected.
We will generally limit sharing of your personal data and always only share to the extent necessary.
However, we might share your personal information with:
- GN Group companies when necessary to carry out the purpose. See more about the GN Group on www.gn.com;
- service providers, e.g. hosting, maintenance, technical support and/or market partners. We will only share your information, if it is necessary in order for our service providers to perform the specific service for us. These service providers are not authorized to keep or use your personal data for any other purposes, and they will always be under an obligation to keep your personal data safe and confidential;
- Selected third parties, such as hearing care professionals, distributors, resellers, payment providers, financial institutions and/or shipping/courier companies, but only to the extent this can be done in compliance with applicable law and only to fulfill our obligations to you or enforce or apply any terms and conditions or related contracts with you or your company; and
- public authorities and our professional advisors if we are under a duty to do so in order to comply with any legal obligation, if it is in our legitimate interests to do so or if necessary for the establishment, exercise or defense of legal claims.
11. International transfers
In some cases, we will transfer personal data to recipients mentioned above which may be located in countries outside of your jurisdiction. Such transfers will be conducted in strict accordance with applicable laws, and where required we will provide appropriate safeguards for such transfers.
When transferring personal data out of the European Union or other jurisdictions requiring similar appropriate safeguards, we will use either the standard contractual clauses as approved by the European Commission or equivalent national bodies, or any other contractual agreement approved by the competent authorities as a basis for the transfer and where necessary, implement additional supplementary safeguards to ensure an adequate level of protection.
Your personal data will be stored in your jurisdiction if the applicable law requires so.
Please contact us by using the contact details in section 2 above, if you would like further information on the specific mechanism used by us when transferring your personal data out of the European Union and/or other jurisdictions requiring appropriate safeguards.
12. Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, such as accounting, tax or other reporting requirements.
To determine the appropriate retention period for personal data, we consider the nature, the sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available upon request.
Please use the contact information outlined in section 2 above.
13. Your rights
Data protection law gives you a range of rights in connection with our processing of your personal data. In this regard you have the right to request access to the personal data concerning you that we use. You may request that we rectify or delete the personal data or restrict the use of your personal data, if you think they are inaccurate. You may have the right for data portability. We are required to assess and act on your request.
The mentioned rights may be subject to conditions or restrictions. Accordingly, there is no certainty that you will be entitled to for example data portability in the specific situation; it will depend on the circumstances of the processing.
If our use of your personal data is based on your consent, you may withdraw your consent at any time. However, please note that this does not affect our use of your personal data prior to withdrawal of your consent.
If you wish to contact us about our processing of your personal data, feel free to contact our Data Protection Officer as specified above in section 2.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month and shorter where required. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
The contact information of the Danish Data Protection Agency is firstname.lastname@example.org, www.datatilsynet.dk, telephone +45 33193200.
14. Unsubscribe to marketing communication
We provide you with the opportunity to unsubscribe to communications from us if you receive newsletters etc. via e-mail, text (SMS) or other direct message channels. At the end of each message, instructions on how to unsubscribe and be removed from the mailing list are included.
15. Third-party links
16. In connection with a sale, merger or related event
17. Data Security
Personal data is used stored in accordance with applicable data protection legislation. We take steps to ensure that the information we process is dealt with in accordance with this privacy notice and in accordance with applicable laws.
When required or appropriate, we shall obtain written assurances from third parties that may access your data that they will protect the data with equivalent safeguards to those adopted by GN.
To protect the privacy of your information we maintain both technical and organizational safeguards, and we regularly update and test our security measures.
18. Data Processor
GN may in some situations act as a data processor based on agreements entered into with partners or customers etc. The partners/customers are in these cases considered data controllers. In such case your personal data is processed by GN on the basis of the instructions provided by the controller. For more information about how your personal data is used we refer to the privacy policies of the relevant controller.
20. California privacy rights.
For California residents this section 20 applies in addition to the preceding sections:
You are free to request and obtain from us once a year, free of charge, information about the personal information, (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year.
Please be informed, that we do not sell and have not sold personal information in the preceding 12 months. We do not sell the personal information of minors.
Although we do not sell personal information as such, the information transferred to parties third parties via statistics cookies, preference cookies and marketing cookies may be considered a “sale” under the California Consumer Privacy Act (CCPA). If you previously accepted these cookies, you can exercise your right to opt out of the “sale of your information” by turning off any optional cookies on our websites.