Purposes and Legal Bases of Our Processing
Tandem collects the categories of your personal data explained in the what information do we collect from you section of our Notice of Privacy Practices. Tandem processes your personal data when we have your consent to do so; when the processing is necessary for our legitimate business interests, and when the processing is required by law.
Before processing your health data, we will request that you consent to our use of it. Your health data includes your diabetes care and management information collected when you complete new patient forms and when you transfer your pump data to our t:connect web application.
Legitimate business interest
GDPR also allows us to process your personal data if we have a legitimate interest to do so. Some examples of processing based on Tandem’s legitimate business interests include collecting your responses to online surveys to help us improve our products and services; collecting your email address so we may inform you about and provide you with new products and services; and processing your pump data to perform product safety analyses.
As another example, we collect your online identifiers when you visit our website(s). Online identifiers are data such as your IP address or cookie information. We have a legitimate interest in processing these types of data so that we can, for example, perform system audits, diagnose and correct technical problems; understand how site visitors use our website; optimize our website’s design and users’ experience, and make sure we’re providing you with relevant content.
Legal and regulatory requirements
Some EU Member State laws and regulations require medical device manufacturers like Tandem to report instances where use of its pump results in a serious injury. Accordingly, if Tandem becomes aware that its pump has caused injury, Tandem may be legally mandated to share your personal data with the applicable government authority(ies). This personal data may include your gender, age, weight, pump serial number, and information explaining the serious injury.
Is Your Data Ever Transferred Internationally?
At times, Tandem may transfer your personal data internationally. Some of these transfers may be to a country that has different data protection laws than the EU, such as the U.S. In those instances where your data is transferred to a third party across international borders, we secure the privacy of your data via Standard Contractual Clauses, or other similar means, in accordance with Articles 46-49 of the GDPR.
Back to Top >>