Bernafon logo

Bernafon’s Privacy Notice

When you use our services, you’re trusting us with your information. We understand this is a serious responsibility and work hard to protect your information.

This Privacy Notice is meant to help you understand what information we collect, why we collect it, and how you can have the control over your information, including the option to delete it.

This is the Privacy Notice for our website bernafon.com, our social media channels, and associated apps. Some of our services have their own notices. You can find these below.

Read our Privacy Notice
Read our app privacy notices 
Read our Social Media Privacy Notice 
Read our Privacy Notice for MyBernafon 

 

Privacy Notice for Bernafon AG

1. INTRODUCTION

At Bernafon AG, we respect and protect the privacy of our users, and we are dedicated to being as transparent as possible regarding the use of your personal data.

This Privacy Notice explains how we collect and use your personal data. In this Privacy Notice, “we”, “us” and “our” mean Bernafon AG.

We may change this Privacy Notice from time to time, so please check back when you use our services to make sure that you have seen the most recent version.

2. WHO WE ARE

This website is owned and operated by Bernafon AG, and Bernafon AG is the data controller of the personal data collected through the website and other means.

If you have any questions about this Privacy Notice, or you would like to exercise your rights, you can contact us by using the contact points below.

Bernafon AG
C/O Oticon A/S
Kongebakken 9
2765 Smørum
Denmark
Tel.:+45 39177300
E-mail: privacy@demant.com

3. PERSONAL DATA WE COLLECT AND USE

We collect your personal data:

  • When you make enquiries or book an appointment through our website form, take our online hearing test, purchase products from us through our website, register for an account on our website, request marketing material or sign up to receive our newsletter.
  • When you visit our website and cookies are placed on your computer. Please see our cookie policy for further information.
  • When you email, call or write to us, visit our branches or provide us with information in any other way, including by interacting with us via social media such as Facebook and Twitter.
  • When a relative or friend gives us information about you during discussions about this person’s hearing, or where an individual has indicated that he or she would like you to accompany them to a hearing assessment, hearing aid fitting or service appointment.

We process the following types of personal data:

  • Your name, title, postal address, telephone number and email address, and, if you make a purchase with us, credit or debit card details.
    Information about your use of our call centers and your branch visits.
  • Information you provide to us during communications you have with us, whether by email, post, telephone, in person or through our website, for example comments or queries about the products and services we provide.
  • If you register for a hearing test with us, give us information about your hearing or purchase one of our hearing aids, you might give us sensitive information about your health. This could include, for example, whether you currently use a hearing aid and, if so, what type of hearing aid, information about your hearing condition and, where appropriate, your family history. We will only collect and use sensitive information about your health with your explicit consent.

We will do our best to ensure that the personal data we process about you is correct. We will also make sure to update your personal data continually. As our services depend on your correct and updated personal data, we kindly ask you to inform us if there are any relevant changes regarding your personal data. You may use our contact information above to notify us of any changes.

4. WHY DO WE COLLECT AND USE YOUR PERSONAL DATA AND WHAT IS OUR LEGAL BASIS FOR DOING SO?

We use your personal data for the following purposes:

  • To process and respond to requests, enquiries and complaints received from you, in accordance with our legitimate interest to provide our customers with a responsive service.
  • To provide services and products requested and/or purchased by you and to communicate with you about such services and/or products. We do this as necessary in order to carry out a contract with you and in accordance with our legitimate interest to operate a business which offers products and services related to hearing health care.
  • To update our records and for audit purposes, in accordance with our legitimate interest to do so and/or when required by legislation.
  • To prevent or detect fraud and to establish, exercise or defend legal claims, in accordance with our legitimate interest to do so.
    Where legally required or where it is in our legitimate interests to do so, to comply with requests from law enforcement and regulatory authorities.
  • To analyze trends and profiles, for our legitimate interest to aim to enhance, modify, personalize and improve our services and communications for the benefit of our customers.
  • To carry out customer satisfaction research, for our legitimate interest to aim to enhance, modify, personalize and improve our services and communications for the benefit of our customers.
  • To recommend products and services we think you will be interested in. We do this in accordance with our legitimate interest to carry out direct marketing to our customers and, where we use your health data or electronic methods such as email, only with your explicit consent.

5. HOW WE SHARE YOUR PERSONAL DATA

We will not rent, sell or otherwise share or disclose your personal data, except as described herein or otherwise stated at the time the data is collected.

We may share your personal data with affiliated companies within the William Demant Group in order to deliver, enhance and develop our products and services. Please refer to the organisational chart in our latest annual report to see which companies are part of the William Demant Group. You can find our latest annual report at www.demant.com.

We may share your personal data with our service providers for tasks such as:

  • assisting us with administering or troubleshooting our website;
  • assisting us with the supply or design of our products or with our business administration;
  • assisting us with our marketing campaigns;
  • operating our call centers; or
  • providing us with electronic or physical storage services or systems.

We will share your information in these circumstances only if it is necessary in order for our service providers to perform the service for us. These service providers are not authorized to keep or use your personal data for any other purposes, and they will always be under an obligation to keep your personal data safe and confidential.

We may disclose your personal data to selected third parties such as law enforcement agencies, regulatory authorities and our professional advisors if we are under a duty to do so in order to comply with any legal obligation, or if it is in our legitimate interests, or in order to enforce or apply our website Terms of Use or other related contracts with you or your company.

6. TRANSFER OF DATA TO THIRD COUNTRIES

In order to deliver our products and services to you, we may share your personal data with affiliated companies in the William Demant Group located outside the EU/EEA.

If we process your personal data outside the EU/EEA, we will implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the relevant Data Protection laws, including ensuring the protection of the rights of the data subject. The transfer of personal data is based on the EU Commission’s standard contractual clauses, which the EU Commission finds provide adequate guarantees for the protection of privacy, basic rights and liberties, as well as for exercising the associated rights.

7. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We will keep your personal data for as long as we need to for legitimate legal or business reasons, including to comply with any regulatory obligations. We will delete your personal data when it is no longer required in relation to the purpose for our collection, processing and storage of your personal data. We will store personal data that we are obliged to keep in accordance with the law.

If you would like more detailed information about our retention policy, please contact us by using the contact points above.

8. SECURITY

We have put in place appropriate technical and organizational measures to protect your personal data against unintended loss or amendment, against unauthorized disclosure and against access by unauthorized persons.

Should a breach of security occur, we will inform you as soon as possible if the breach may result in high risk to your rights, for example identity theft, discrimination of you, loss of reputation or other significant inconvenience.

9. YOUR PRIVACY RIGHTS

You have the right, at any time, to request information about the personal data we are processing about you, where the data is collected from, and what we are using it for. You also have the right to know how long we will keep your personal data and who we share your data with. If you request, we can give you details (and a copy) of the personal data we hold about you. Your access can be restricted to ensure other people’s privacy protection, trade secrets and intellectual property rights. You may also have the right to data portability. If you think the personal data we are processing about you is inaccurate or incomplete, you have the right to request correction. Please contact us and let us know how to rectify your information.

In some instances, we are obliged to delete your personal data. This might be the case if you withdraw your consent. If you believe that our retention of your personal data is no longer necessary in accordance to the purpose for which we collected it, you are entitled to request its deletion. You can also contact us if you believe that your personal data is being processed contrary to applicable law or other legal obligations.

When you make a request to have your personal data rectified or erased, we will investigate whether the conditions are fulfilled. If so, we will carry out the amendments or deletion as soon as possible.

You have the right to object to our processing of your personal data. You can also object to our use of your personal data for marketing purposes. You can contact us at the contact points outlined at the top of the Privacy Notice if you want to submit an objection. If your objection is justified, we will ensure the termination of the processing of your personal data.

10. RIGHT TO LODGE A COMPLAINT

If you have a concern in relation to how we use your data, please let us know, and we will reply to your queries and, if necessary, take steps to ensure our practices are consistent with our obligations. If you are still not satisfied with the way we use your data, you have the right to lodge a complaint with the relevant national data protection authority. In Denmark, the relevant data protection authority is the Danish Data Protection Agency (DDPA) whose contact details are as follows:

Danish Data Protection Agency (DDPA)
Carl Jacobsens Vej 35
2500 Valby
Denmark
Phone: +45 33 19 32 00
E-mail: dt@datatilsynet.dk

11. CHILDREN’S PRIVACY

We provide solutions for children, but this website is not intended or designed to collect personal data about children under the age of 13. We do not intentionally collect personal data from any person we know to be under the age of 13.

12. THIRD-PARTY WEBSITES

This website may contain links to websites of other companies and organizations. This Privacy Notice does not apply to such third-party sites, and we suggest that you contact those third-party sites directly for information on their data collection and distribution policies.

13. CHANGES TO THE PRIVACY NOTICE

We may update this notice from time to time by publishing a new version on our website. Where relevant, possible and appropriate, you will be notified by email.

This Privacy Notice was updated on 05.01.2024.

Privacy Notice for Bernafon AG's apps

The privacy notices below describes how and why we collect information about you as a user. The privacy statement applies only to information gathered on the mentioned app.

Privacy notices:

Bernafon App

EasyControl-A app

SoundGate App

Privacy Notice for Bernafon AG’s processing of personal data on social media platforms

1. INTRODUCTION

At Bernafon AG, we respect and protect the privacy of our users, and we are dedicated to being as transparent as possible regarding the use of your personal data.

This Privacy Notice explains how Bernafon AG processes your personal data in connection with your interaction with Bernafon AG as a data controller by use of different social media platforms, such as Facebook, Twitter, YouTube and LinkedIn.

In this Privacy Notice, "we", "us" and "our" mean Bernafon AG.

We may change this Privacy Notice from time to time, so please check back when you use our services to make sure that you have seen the most recent version.

2. WHO WE ARE

If you have any questions about this Privacy Notice, or you would like to exercise your rights, you can contact us by using the contact points below.

Bernafon AG
C/O Oticon A/S
Kongebakken 9
2765 Smørum
Denmark
Tel.:+45 39177300
E-mail: privacy@demant.com

3. PERSONAL DATA WE COLLECT AND USE

We may process the following types of personal data:

  • Information about you, such as your name, email, age, gender, country, job title, current and former employer, education background, profile picture, interests, your friend list/connections/followers etc., and other publicly available information, provided that you have published all this information on your social media profile or posted it on one of Bernafon AG social media pages.
  • Other information you provide to us by posting on Bernafon AG social media page, including your comments and/or likes to our posts and pictures or direct messages you send to us via Bernafon AG social media platforms.

In addition to the above, the different social media platforms collect personal data concerning you through your use of these social media platforms and through the use of cookies and similar technologies, including cookies collected via the social media tools, such as Facebook Insights, Facebook Pixel, etc.

In some cases, for instance, in relation to our Facebook page, Bernafon AG acts as joint controller together with Facebook in relation to the processing of your personal data. Thus, we recommend that you read Facebook's privacy notice to understand how Facebook processes your personal data.

We generally refer to the different social media platforms' privacy notices for more information about their processing of your personal data. Below you will find a listing of the social media platforms that Bernafon AG uses and a reference to their privacy notices.

4. WHY DO WE COLLECT AND USE YOUR PERSONAL DATA AND WHAT IS OUR LEGAL BASIS FOR DOING SO

We use your personal data for the following purposes:

  • To understand the audience to our social media channels by getting to know the demographic, preferences and interests which enables us to provide relevant information.
  • To analyze trends and profiles to enhance, modify, personalize and improve our services and communications for the benefit of our audience.
  • To process and respond to requests and enquiries received from you.
  • To carry out market surveys to enhance, modify, personalize and improve our services and communications for the benefit of our users through Bernafon AG social media pages on Facebook, LinkedIn, Twitter and YouTube.
  • To recommend products and services we think you will be interested in, we carry out direct marketing to our customers and/or potential customers. However, if we use electronic methods, such as email or direct messaging through our social media pages, for instance, via Facebook and/or Instagram, to send direct marketing to you, we will only do so if it is permitted under the applicable rules on direct marketing.

The legal basis for collecting and processing your personal data via Bernafon AG different social media pages is our legitimate interest as described above in accordance with EU General Data Protection Regulation (“GDPR”) art. 6(1)(f). Our legitimate interests are under these circumstances regarded to override your interests.

5. HOW WE SHARE YOUR PERSONAL DATA

We will not pass, sell or otherwise share or disclose your personal data, except as described herein or otherwise stated at the time the personal data is collected.

As mentioned under section 3, we may act as joint data controller in relation to the processing of your personal data via our social media pages together with the specific provider of the social media, for instance, Facebook Inc. or Facebook Ireland Ltd. This means that we are jointly responsibly for processing of your personal data. We have inserted a reference to Facebook’s privacy notice in section 3.

We may share your personal data with affiliated companies within the Demant Group in order to deliver, enhance and develop our products and services. Please refer to the organizational chart in our latest annual report to see which companies form part of the Demant Group. You can find our latest annual report at www.demant.com.

  • assisting us with administering or troubleshooting our website;
  • assisting us with the supply or design of our products or with our business administration;
  • assisting us with our marketing campaigns, for instance, via Facebook Custom Audiences and Facebook Lookalikes;
  • providing us with electronic or physical storage services or systems.

We will only share your information under these circumstances, if it is necessary in order for our service providers to perform the specific service for us. These service providers are not authorized to keep or use your personal data for any other purposes, and they will always be under an obligation to keep your personal data safe and confidential.

We may disclose your personal data to selected third parties, such as law enforcement agencies, regulatory authorities and our professional advisors if we are under a duty to do so in order to comply with any legal obligation, or if it is in our legitimate interests, or in order to enforce or apply our website Terms of Use or other related contracts with you or your company.

6. TRANSFER OF DATA TO THIRD COUNTRIES

In order to deliver our products and services to you, we may share your personal data with affiliated companies in the Demant Group located outside the EU/EEA and non-affiliated companies, such as service providers or business partners located outside the EU/EEA provided this is considered necessary in relation to a particular data processing activity or performance of the service.

If your personal data are transferred outside the EU/EEA, we will implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the relevant data protection laws including ensuring the protection of the rights of the data subject. Where necessary, we have entered into the EU Commission’s standard contractual clauses with the recipient of the personal data. The EU Commission finds these clauses to provide adequate guarantees for the protection of privacy, basic rights and liberties, as well as for exercising the associated rights.

7. HOW LONG DO WE KEEP YOUR PERSONAL DATA

We will keep your personal data for as long as necessary for legitimate legal or business reasons, including to comply with any regulatory obligations.

We will delete your personal data, when it is no longer required in relation to the purpose for our collection, processing and storage of your personal data. We will also store personal data that we are obliged to keep in accordance with the law.

If you have commented on any of our posts on social media platforms, such comments will be deleted at the time when the post in question is deleted. We may, however, choose to delete specific comments at an earlier point in time. You may also at any time choose to delete your own comment.

Information that is collected via social media platforms for a specific purpose, for instance, a targeted marketing campaign, will be deleted 1 year after the specific processing activity is carried out. Certain data may be retained up to 2 years after the specific campaign for documentation purposes.

If you would like more detailed information about our retention policy, please contact us by using the contact points in section 2 above.

8. YOUR PRIVACY RIGHTS

Pursuant to the GDPR, as a result of our processing of your personal data, you may exercise a number of rights. They are:

  • The right to access to your personal data
  • The right to have us rectify (correct) your personal data
  • The right to have us delete your personal data
  • The right to restrict our processing of your personal data
  • The right to data portability
  • The right to object to our processing

These rights may, however, be subject to conditions and/or exemptions, e.g. to ensure other people’s privacy, trade secrets, intellectual property rights or to comply with a legal obligation.

If you would like to exercise one or more of your rights, please contact us by using the contact points in section 2 above.

9. RIGHT TO LODGE A COMPLAINT

If you have a concern in relation to how we use your data, please let us know, and we will reply to your queries and, if necessary, take steps to ensure our practices are consistent with our obligations. If you are still not satisfied with the way we use your data, you have the right to lodge a complaint with the relevant national data protection authority. In Denmark, the relevant data protection authority is the Danish Data Protection Agency (DDPA) whose contact details are as follows:

Danish Data Protection Agency (DDPA)
Carl Jacobsens Vej 35
2500 Valby
Denmark
Phone: +45 33 19 32 00
E-mail: dt@datatilsynet.dk

10. CHILDREN’S PRIVACY

We provide solutions for children but our social media pages on Facebook, Twitter, YouTube and LinkedIn are not intended or designed to collect personal data about children under the age of 16. We do not intentionally collect personal data from any person we know to be under the age of 16.

11. THIRD PARTY LINKS

Beranfon AG social media pages on Facebook, Twitter, YouTube and/or LinkedIn may contain links to websites of other companies and organizations. This Privacy Notice does not apply to such third-party sites, and we suggest that you contact those third-party sites directly for information on their data collection and distribution policies.

12. CHANGES TO THE PRIVACY NOTICE

We may update this Privacy Notice from time to time by publishing a new version on our website www.bernafon.co.nz and different social media pages on Facebook, Twitter, YouTube and/or LinkedIn.

This Privacy Notice was updated on 05.01.2024.

Privacy Notice for MyBernafon

INTRODUCTION

This Privacy Notice explains how we collect and use your personal data, when you – as a hearing care professional (HCP) or professional customer use the following services:

  • MyBernafon

WHO WE ARE

Bernafon A/S acts as data controller and is responsible for the collection and use of your personal data through the Services as described in this privacy notice.

If you have any requests or questions related to our use of your personal data, please contact us by using the contact points below:

Bernafon A/S
Re.: Data Privacy
Kongebakken 9
DK-2765 Smørum
E-mail: privacy@demant.com

In this privacy notice, "we", "us" and "our" refer to Bernafon A/S.

PERSONAL DATA WE COLLECT

When you use the Services, we collect and use your personal data to provide you with the Services and to manage our relationship with you. The legal basis for our processing of your personal data is our legitimate interest in operating and delivering the Services, cf. GDPR article 6(1)(f).

Below, we describe how we collect and use your personal data in each of the specific Services.

MyBernafon

MyBernafon is a secure online self-service business portal, which offers hearing care professionals the possibility of performing a number of actions, such as online ordering, overview of order history and access to marketing and support materials.

When you place an order on MyBernafon we subscribe the order details to your account and process the order based on the account details.

When you apply for a MyBernafon account, we collect and register your name, customer ID, email address and other relevant contact information. We use those data to verify your customer status and to set up and manage your account.

HOW WE SHARE YOUR PERSONAL DATA

As part of our hearing health care services and operations, it may be necessary for us to share your personal data with other entities in the Demant Group. To see which companies are part of the Demant Group, please refer to the organizational chart in our latest annual report on www.demant.com.

We may also share your personal data with our suppliers and service providers for tasks such as:

  • assisting us with the supply or design of our products or with our business administration;
  • operating our call centres;
  • providing us with electronic or physical storage services or systems;
  • data analysis;
  • delivery of products (eg. logistics operators)

We will only share your personal data if it is necessary in order for our suppliers and service providers to deliver their services to us. Our suppliers are not authorized to keep or use your personal data for any other purposes, and they will always be under a strict obligation to keep your personal data safe and confidential.

We may also disclose your personal data, if the disclosure is warranted by law, court order or judicial act.

TRANSFER OF DATA TO THIRD COUNTRIES

We may share personal data with affiliated companies in the Demant Group located outside the EU/EEA and non-affiliated companies, such as service providers or business partners, located outside the EU/EEA, if this is considered necessary in relation to a particular data processing activity.

If your personal data are transferred outside the EU/EEA, we will implement appropriate technical and organisational measures to ensure that processing will meet the requirements of the relevant data protection laws, including ensuring the protection of the rights of the data subject. Where necessary, we have entered into the EU Commission’s Standard Contractual Clauses with the recipient of the personal data. The EU Commission finds these clauses to provide adequate guarantees for the protection of privacy, basic rights and liberties, as well as for exercising the associated rights.

HOW LONG DO WE KEEP YOUR DATA

We will only process and keep your personal data as long as it is legitimate and necessary for purposes related to our supply of the Services or to comply with any regulatory or legal requirements. After that, we will either delete your data or de-identify it so it is no longer associated with you.

YOUR PRIVACY RIGHTS

As a result of our processing of your personal data, you have certain rights under the GDPR. They are:

  • The right to access your personal data
  • The right to have us rectify (correct) your personal data
  • The right to have us delete your personal data
  • The right to restrict our processing of your personal data
  • The right to data portability
  • The right to object to our processing

These rights may be subject to conditions and/or exemptions, e.g. to ensure other people’s privacy, trade secrets, intellectual property rights or to comply with a legal obligation.

If you would like to exercise one or more of your rights, please contact us by using the contact points outlined at the top of the privacy notice.

RIGHT TO LODGE A COMPLAINT

If you have a concern related to how we use your personal data, please contact us by using the contact points outlined at the top of this notice. We will reply to your queries as soon as possible and if necessary, we will take steps to ensure that our practices are consistent with our obligations.

If you are still not satisfied with the way we use your data, you have the right to file a complaint with the relevant national data protection authority. In Denmark, the relevant data protection authority is Datatilsynet. You can contact Datatilsynet at tel: +45 33 19 32 00 or e-mail: dt@datatilsynet.dk. Alternatively, you may contact the relevant data protection authority in your country of residence or work.

 

This Privacy Notice was updated May 2021.