Last updated May 18, 2023.
Intuitive Surgical, with principal locations including Intuitive Surgical, Inc., 1020 Kifer Road, Sunnyvale, CA 94086, and Intuitive Surgical Sàrl, 1, Chemin daes Mûriers, 1170 Aubonne, Switzerland and their affiliates (hereinafter also referred as: “Intuitive”, or “we” or “us”) conducting business within the European Economic Area (EEA) or processing the personal data of data subjects within EEA understands the importance of privacy to our customers, visitors and suppliers, business partners, employees and other individuals (hereinafter also referred as: “you” or the “user” or the “data subject”). We are committed to safeguarding your privacy. We collect and store information (non-personal information and personal information or personal data) so that we can efficiently provide our products and services and support your interest in our products.
We may provide distinct privacy notices for selected services that use personal information, such as My Intuitive. If you are a user of such services, please refer to such service specific privacy notices for additional details.
Please be sure to read this Privacy Policy before using the Sites or submitting information to us. Your use of the Sites is subject not only to this Privacy Policy, but also to our Sites’ Terms of Use, medical advice disclaimer, training disclaimer and other documents linked from our Legal page https://www.intuitive.com/en-us/about-us/company/legal. By accessing and using our Sites and by providing us with your information, you acknowledge the practices described in this Privacy Policy and any country or regional-specific privacy notices (located at www.intuitive.com/privacy) that may apply to you.
Please contact us at Data.Privacy@intusurg.com with any questions.
The information we collect and how we handle it depends on the data type and what you do when you use our services and products. You should not provide Intuitive with any personal information that is not specifically requested.
When you interact with our Sites or engage with our services or products, we may have collected the following information from you:
| Type of data | Examples of data |
|---|---|
| Identification data | First name, last name, birthdate, personal characteristics, geolocation |
| Contact details | Email address, postal address, phone number |
| Data related to your exchanges with Intuitive | Exchanges with our services and/or products(date, hour, subject, content) |
| Data related to our surgical systems, including training systems | Activity data such as usage (date, hour, subject, kinematic, procedure) |
| Relationship management data | Requests for information / complaints (date, subject, action taken), other interactions with our products and services |
| Professional data | Title, role, employer, professional specialty, professional interests, education/training, and identification number |
Also, the Sites automatically collect the following data via cookies and other automatic means:
| Type of data | Examples of data | Purposes |
|---|---|---|
| Internet or other electronic network activity information | Date and time of the visit, IP address, device type, browser type, viewed pages, location based on IP address | This data is necessary for the proper functioning of the Site, or internal business analytics purposes such as audience measurement. For more information on cookies and other trackers, please see the Cookie Policy of the Sites. |
You are not required to provide your personal information to us, although some information may be provided by you, your employer or a hospital or healthcare facility at which you have privileges and we with which have a contract. However, not providing your information may impact our ability to support your or your employer/hospital’s use of certain product features or functionality, including the use of relevant training materials or metrics.
Information provided to Intuitive by users is generally not subject to the US Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (collectively, “HIPAA”). However, we may receive protected health information from a health care provider that is subject to HIPAA and our service agreement with the provider. We will comply with HIPAA and the service agreement when using such information.
We only use the information required to provide the products and services requested and for the purposes to which you agreed, unless otherwise required by law. Where we are required by law to request and receive your consent prior to collection, use, transfer or other processing of your information, Intuitive is committed to seeking such consent.
We may have used the information we collected for the following purposes:
| Purpose | Legal basis |
|---|---|
| Managing commercial relationships with existing and prospective customers (e.g., providing services and communicating with you). | Contract |
| In the event of a sale, merger, transfer of substantial assets, other business change, reorganization, or liquidation, to transfer, or assign information concerning your relationship with us, including, without limitation, your personal information. | Legitimate interests |
| Complying with statutes, regulations or other legal obligations to which Intuitive is subject. | Legal obligation |
| Except where consent is required by law, offering information or promotional materials about our products and services offered. If you do not wish to have your email and contact information used by Intuitive to promote our own products or services, you can opt-out by clicking “unsubscribe” on the email communication you received or by sending us an email stating your request to data.privacy@intusurg.com. | Legitimate interest if you are an existing client / Consent if you are not an existing client |
| Conducting our business, including improving our services, the Sites and investigating, preventing or taking pre-litigation or litigation actions regarding potential violations of our policies, suspected fraud, situation involved potential threats to the safety of any person and illegal activities. | Legitimate interests |
Unless we have your consent or to the extent permitted by applicable law, we do not use your personal information for automated decision-making, including profiling, that produces legal effects or similarly significantly affects you.
To the extent permitted by applicable law, we may create pseudonymous, deidentified or anonymous data for the purpose of helping us develop product improvements and other internal business functions.
For questions or additional information regarding the purpose and legal basis for processing personal information, please contact Data Privacy Officer at data.privacy@intusurg.com.
Intuitive will only grant third-party access to personal information on a need-to-know basis and such access will be authorized and limited to the personal information that is necessary to perform the function for which such access is granted.
Our service providers are legally and contractually required to abide by our instructions when processing personal information and will only receive personal information according to the purposes of the service agreement or any other type of contract entered into with Intuitive.
In the last twelve months, the information collected about you may have been shared with the following recipients. Please also see the purposes and information categories shared:
| Recipients | Purposes | Categories of information shared |
|---|---|---|
| Intuitive and its duly authorized employees or Intuitive’s corporate affiliates | For the management of the Sites and provision of the services provided on it or in order to enforce or apply our terms of use and other agreements, including for billing and collection purposes; or to protect the rights, property, or safety of Intuitive, our customers, or others. | Identifiers Customer records information Gender/gender identity Geolocation Education/training information Professional information Inferences related to the use of our products Personal opinion |
| Intuitive’s contractors (hosting provider, IT service providers, consultants, etc.) |
To support our business or in connection with the administration and support of the activities noted above and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them (e.g., database hosting providers, managed services providers; shipment and order fulfillment providers). | Identifiers Customer records information Gender/gender identity Geolocation Professional information Inferences related to the use of our products Personal opinion |
| Administrative or judiciary authorities | Exclusively in the case of an express and legally justified request or in case of an alleged violation of legal or regulatory provisions. | Identifiers Customer records information Gender/gender identity Geolocation Education/training information Professional information Inferences related to the use of our products |
| Patient Safety Oversight Agencies | In the event of an adverse event that may impact patient safety. | Contact information, content of complaint/adverse event report |
| Lawyers and all interested parties | If we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements, including for billing and collection purposes; or to protect the rights, property, or safety of Intuitive, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction. | Identifiers Customer records information Gender/gender identity Geolocation Education/training information Professional information Inferences related to the use of our products |
| Other third parties | To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Intuitive’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Intuitive is among the assets transferred. We may also disclose information to third parties if required to do so by applicable law such as pursuant to a subpoena or other legal or regulatory process. We may also disclose information to other third parties with your express consent. |
Identifiers Customer records information Gender/gender identity Geolocation Education/training information Professional information Inferences related to the use of our products |
Your personal information may be transferred to countries where the local legislation provides a different level of protection for your personal information and rights. If that is the case, we use appropriate safeguards like standard contractual clauses to effectuate the transfer and will transfer the data only after having carried out an assessment of the level of protection of your rights on the territory of the third country where the recipient is established. The information that we collect about you will be stored in the United States and may also be stored in the EU/EMEA, Switzerland, UK, Israel and/or Mexico. We have implemented international data transfer agreements based on standard contractual clauses; a copy of these clauses can be obtained by contacting us at data.privacy@intusurg.com.
We will not retain your personal information longer than such personal information is necessary for the purpose for which it was collected or otherwise processed, subject to applicable retention requirements. We keep your Personal information only as long as needed to guarantee our commitments related to our products and services, including for professional training and development. We may keep your Personal information longer if required by applicable law or where we have a legitimate and lawful purpose to do so.
We will securely dispose of personal information once the retention period ends.
The security and confidentiality of your information is important to us. We store personal information with commercially reasonable information technology and cloud services. We have also implemented technical and organizational security measures to protect your personal data from loss, misuse or unauthorized access, disclosure, deletion or modification. It includes, among other mechanisms, secured back-up and archiving servers, access control, firewalls or encryption. Unfortunately, however, no data transmission over the Internet is certain to be 100% secure. As a result, while we strive to protect this information, we cannot guarantee its security.
We use different types of “cookies” as part of data collection.
Essential cookies are required for the proper functioning of the site and may be used to:
Non-essential cookies are not required for the proper functioning of the site, and may be used to:
We use Google Analytics to help analyze how visitors interact on our websites. If you would like more information about this practice and your choices about how this information is used, please visit Google Analytics.
We understand the need to protect children's privacy online (we define "children" as minors younger than 16 years of age). We do not knowingly collect or use any personal information from children. We do not knowingly allow children to register with us, order our products, communicate with us, or to use any of our online services. If you are a parent or guardian of a child and you become aware that he or she has provided us with personally identifying information without your consent, you should contact us at data.privacy@intusurg.org If we become aware that a child has provided us with personally identifying information, we will delete this information.
Under the applicable data protection legislation/regulations, you have various rights in connection with the processing of your personal information. These rights may differ based on your region. Please refer to your specific region’s privacy notice located at www.intuitive.com/en-us/privacy.
Intuitive Surgical shall strictly uphold your rights and is responsible for implementing adequate procedures and policies to effectively protect your rights and monitoring compliance with applicable data protection laws and regulations. We will respond and provide information upon request without undue delay and in any event within the legally required timeline for your jurisdiction. That period may be extended where possible by local law.
Please refer to the Personal Data Privacy Policy here.
Please note that we will have to identify you in order to fulfil your request; this requires identification documents that can prove your identity. We will retain archival copies of the information you have requested. Until our backups are overwritten, we will retain the information, but make no further use of your personal information. You can submit your requests to our Data Protection Officer via email at Data.Privacy@intusurg.com or via phone at (800) 876-1310.
As data subjects, your rights may include the following, depending on your jurisdiction and applicable laws:
If you are a resident of the European Union, European Economic Area, Japan, South Korea, Switzerland or the United Kingdom, the disclosures set out below apply to you in addition to the disclosures set out in the general sections of this Privacy Policy and any additional privacy notices available at www.intuitive.com/en-us/privacy.
To exercise your rights, to obtain details of our data transfer safeguards, or for any other questions related to personal information, you may contact our data protection office by emailing data.privacy@intusurg.com.
When necessary, we may request identifying information from you to confirm your identity. We will respond to requests in accordance with applicable data protection law.
Right to access. You are entitled to obtain confirmation from Intuitive as to whether or not any personal information concerning you is processed by Intuitive.
You have the right to access such personal information, to obtain a copy of it free of charge (except for repetitive or excessive requests) and to be provided with the following information: (i) purposes of such processing, (ii) categories of personal information concerned, (iii) recipients or categories of recipients of personal information, in particular recipients in third countries where there is not an adequacy decision, (iv) the envisaged retention period or, if not possible, the criteria used to determine it, (v) existence of the right to request rectification or erasure of personal information, as well as the right to object to or request restriction of processing, (vi) the right to lodge a complaint with a supervisory authority, (vii) information relating to any third party source of personal information if the data were not collected from you and (viii) the existence, the logic involved, the significance and the consequences of any automated decisions, including profiling. Where personal information is transferred outside of your home jurisdiction, we will accomplish the transfer as described in this privacy policy.
Right to rectification. You have the right to obtain without undue delay the rectification of inaccurate, incomplete or outdated personal information concerning you.
Right to erasure. You have the right to obtain without undue delay the erasure of your personal information in one of the following cases:
However, Intuitive may refuse the erasure of personal information if the processing of such data is necessary for (i) exercising the right of freedom of expression and information, (ii) compliance with a legal obligation or for the performance of a task carried out in the public interest, (iii) reasons of public interest in the area of public health, scientific or historical research purposes or statistical purposes, or (iv) establishment, exercise or defense of legal claims.
Right to restriction. You have the right to obtain restriction of processing in the following cases:
When you have obtained a restriction of processing of your personal information, you will be informed prior to lifting of such restriction.
Right to object. As a general rule, you have the right to object, at any time and on legitimate grounds relating to your particular situation, to the processing of your personal information. Provided that such objection is justified, Intuitive will no longer process the personal information concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests.
Right to data portability (not applicable in South Korea). In cases where the data processing is based on your consent or on your contract and where such processing is carried out by automated means, you can request us (i) to communicate to you the personal information concerning you, in a structured, commonly used and machine-readable format, in order to be able to further transmit such personal information to another data controller, or (ii) to directly transmit such personal information to such other data controller, if technically feasible. However, Intuitive can refuse such request if the processing concerned is necessary for the performance of a task carried out in the public interest or if responding to such request risks to adversely affect the rights and freedoms of others.
Right to withdraw consent. Where the processing of your personal information is based on consent, you have the right to withdraw such consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Right to lodge a complaint. You also have the right to lodge a complaint with the competent supervisory authority.
You will never be discriminated against if you exercise your rights.
If you are in Israel or Taiwan, the disclosures set out below apply to you in addition to the disclosures set out in the general sections of this Privacy Policy.
Right to access. You are entitled to obtain confirmation from Intuitive as to whether any personal information concerning you is processed by Intuitive. You have the right to access such personal information, to obtain a copy.
Right to rectification. You have the right to obtain without undue delay the rectification of inaccurate, incomplete or outdated personal information concerning you.
Right to erasure. You have the right to obtain without undue delay the erasure of your personal information in certain cases and subject to certain limitations.
Right to restriction. You have the right to request that we restrict the use, collection or processing of data under certain circumstances.
Right to withdraw consent. Where the processing of your personal information is based on consent, you have the right to withdraw such consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Right to lodge a complaint. You also have the right to lodge a complaint with the competent supervisory authority.
To exercise your rights, you may contact our data protection office by emailing data.privacy@intusurg.com.
When necessary, we may request identifying information from you to confirm your identity. We will respond to requests in accordance with applicable data protection law.
You will never be discriminated against if you exercise your rights.
India’s privacy and data protection legal framework related to the collection, disclosure, and transfer of sensitive personal data or information (“SPDI”) is governed by the applicable provisions of the Information Technology Act, 2000, (“IT Act”) as amended by the Information Technology (Amendment) Act, 2008 (“IT Amendment Act”) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, (“Privacy Rules”).
With respect to children’s rights in India, a child is defined as an individual who has not reached majority, or minors younger than 18 years of age. Intuitive will obtain consent from the parent/legal guardian in order to process SPDI of such children.
International Transfer of Data. Intuitive may transfer SPDI within or outside of India if the person receiving the SPDI ensures the same level of data protection as provided under Indian law. Further, the transfer is only allowed if it is necessary for the performance of a lawful contract or where the provider of SPDI has consented to such data transfer.
Data Subject Rights. If you are in India, the disclosures set out below apply to you in addition to the disclosures set out in the general sections of this Privacy Policy.
Right to access. You are entitled to obtain confirmation from Intuitive as to whether any personal information concerning you is processed by Intuitive. You have the right to access such personal information and to obtain a copy of it free of charge.
Right to be informed. You have a right to be provided with the following: (i) the information being collected, (ii) purposes of such processing, (iii) intended recipients of personal information or SPDI concerned, and (iv) name and address of the entity collecting and retaining the personal information or SPDI.
Right to rectification. You have the right to obtain without undue delay the rectification of inaccurate, incomplete or outdated personal information concerning you.
Right to withdraw consent. Where the processing of your personal information is based on consent, you have the right to withdraw such consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Right to lodge a complaint. You also have the right to lodge a complaint with the competent supervisory authority, e.g., Grievance Officer.
To exercise your rights, you may contact our data protection office by emailing data.privacy@intusurg.com.
When necessary, we may request identifying information from you to confirm your identity. We will respond to requests in accordance with applicable data protection law.
You will never be discriminated against if you exercise your rights.
If you are in Canada, the disclosures set out below apply to you in addition to the disclosures set out in the general sections of this Privacy Policy.
Right to access. You are entitled to obtain confirmation from Intuitive as to whether any personal information concerning you is processed by Intuitive. You have the right to access such personal information, to obtain a copy.
Right to rectification. You have the right to obtain without undue delay the rectification of inaccurate, incomplete or outdated personal information concerning you.
To exercise your rights, you may contact our data protection office by emailing data.privacy@intusurg.com.
When necessary, we may request identifying information from you to confirm your identity. We will respond to requests in accordance with applicable data protection law.
You will never be discriminated against if you exercise your rights.
California Civil Code Section 1798.83 permits individual California residents to request certain information regarding our disclosure of certain categories of personal information to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us using the information in the “Contact Us” section below. This request may be made no more than twice in a 12-month period and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified below. Note that we do not currently share personal information with third parties for those third parties’ direct marketing purposes.
In addition, California residents have the following privacy rights:
The right to know. You have the right to request to know (i) the categories of personal information we have collected about you in the last 12 months; (ii) the specific pieces of personal information we have about you; (iii) the categories of sources from which that personal information was collected; (iv) the categories of your personal information that we sold or disclosed in the last 12 months; (v) the categories of third parties to whom your personal information was sold or disclosed in the last 12 months; and (vi) the purpose for collecting and selling your personal information.
Right to correct. You have the right to obtain without undue delay the correction of inaccurate, incomplete or outdated personal information concerning you.
The right to deletion. You have the right to request that we delete the personal information that we have collected or maintain about you. We may deny your request under certain circumstances, such as if we need to comply with our legal obligations or complete a transaction for which your personal information was collected. If we deny your request for deletion, we will let you know the reason why.
The right to equal service. If you choose to exercise any of these rights, Intuitive will not discriminate against you in anyway. If you exercise certain rights, understand that you may be unable to use or access certain features of our websites or services.
Intuitive does not “sell” or “share” your personal information as those terms are defined in the California Privacy Rights Act. To de-identify any patient information, we comply with HIPAA de-identification standards employing either “safe harbor” or “expert determination” methodology.
You may exercise your right to know twice a year free of charge. To exercise your rights, contact us using the information provided in the “Contact Us” section below.
We will take steps to verify your identity before processing your request. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information. We will only use the personal information provided in the verification process to verify your identity or authority to make a request and to track and document request responses, unless you initially provided the information for another purpose.
You may use an authorized agent to submit a request. When we verify your agent’s request, we may verify your identity and request a signed document from your agent that authorizes your agent to make the request on your behalf. To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on their behalf.
If you are a Nevada resident, you have the right to opt out of the sale of certain personal information, including your name and mailing address, to third parties. As of the date of this privacy policy, Intuitive does not sell any personal information to any third party. If that changes in the future, we will update this privacy policy.
Web browsers and other technologies you may use to access the Sites may include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
This Privacy Policy is subject to change at any time, so please check back periodically. If significant changes are made in how your personal information is collected, shared, or otherwise processed, we will update this Privacy Policy and post an alert on our website. If required by law, we will seek your consent prior to any significant change.
Any inquiry regarding our Privacy Policy can be addressed to the Data Privacy Officer at Data.Privacy@intusurg.com.
The policy effective date is at the top of this page.
If you have any questions about this Privacy Policy and your rights, please contact Intuitive Surgical using the below details.
Intuitive Surgical, Inc.
Attn: Data Privacy Officer
1020 Kifer Rd
Sunnyvale, CA 94086
USA
data.privacy@intusurg.com
800.876.1310
Intuitive Surgical, Sarl
Attn: Data Privacy Officer
Ch. Des Mûriers 1
1170 Aubonne
Switzerland
data.privacy@intusurg.com
Intuitive Surgical SAS
Attn: Data Privacy Officer
11 avenue de Canteranne,
33600 Pessac
France
data.privacy@intusurg.com
Important safety information
For important safety information, please refer to www.intuitive.com/safety. For a product’s intended use and/or indications for use, risks, full cautions, and warnings, please refer to the associated user manual(s).