Itamar™ Medical Privacy Policy

[Last Modified: January, 2023]

Itamar Medical Ltd. and its affiliates (“Itamar Medical“, our”, we or us“) respect privacy rights and are committed to protect the privacy of this website’s visitors (“Visitors”), our customers, business partners, physicians, and hospitals (“Customers”) and our Customers’ patients who we may process their data on behalf of and for our Customers (“Patients”) in connection with each Patient’s use of our sleep apnea proprietary PAT technology medical devices and related applications (“Devices”) (collectively “user” or “you”).

This privacy policy (“Privacy Policy”) details the way we process, use and share data and our legal basis for processing the Personal Data (as defined herein) while you use this website, its features, our CloudPAT platform (“Platform”) or any of Itamar Medical’s other websites linked herein (“Site/s”), as well as any related services available on the Site or through the use of our Devices including without limitation Patient’s response to questionnaires submitted through the Devices (collectively “Services”).

The Privacy Policy is an integral part of our applicable Terms and Conditions available at:                                         and           in           https://www.itamar-

Lawful Basis

We have included information below regarding which data is collected while you visit our Site, use our Services and how we process and use data, however we would first like to explain the basis for such processing:

·           If you become a Customer and use our Services or contact us directly, we will process your Personal Data in order to perform our contract with you;

·           If we have a legitimate interest in processing data, such as online identifiers (i.e. IP addresses) which are required for us to be able to provide and operate the Site or provide our Services; or

·            We will also process your Personal Data where you have provided us with your consent to do so.


We reserve the right to periodically amend or revise this Privacy Policy at our sole discretion; such changes will be effective immediately upon the display of the revised Privacy Policy. The last revision date will be reflected in the “Last Modified” heading. Your continued use of this Site and the Services following the amendments constitutes your acknowledgement of such amendments. In the event of a material change we will make a reasonable effort to provide notification of such change. We recommend that you periodically review this Privacy Policy, as it may be subject to amendments from time to time.

Type of Data We Collect and Purpose of Processing

When you access our Site or use our Services we may collect or process certain data. The two types of data that we may collect are: (i) Non-personal data which is technical and aggregated data, that is non- identifiable (i.e. one would not be able to identify you with such data) (“Non-Personal Data”); and (ii) personal data, which is information that identifies an individual or may with reasonable effort identify an individual as well as health data which may be considered as sensitive data (collectively “Personal Data”). If we combine Personal Data with Non-Personal Data, we will treat the combined data as Personal Data for as long as it remains combined.

For your convenience, we have arranged the types of data we collect according to the ways in which you interact with us. The first table lists the data we collect from Visitors and the second table includes the data we collect from Customers as well as Patients’ data processed on our Customers’ behalf. The tables below will also explain how we use each type of data.

Data We Collect from Visitors:


Data We Collect

Purpose of Collection and Use

Information provided voluntarily: If you contact us (e.g., via email, via our online contact form, through one of our customer care representatives (via phone or email), submit a customer questionnaire), register for an Itamar Medical event, you may need to provide us with your contact information such as your name, phone number, address, email, specialty etc. Furthermore, if you contact one of our customer care representatives or submit a customer questionnaire, you may be sharing additional information, including sensitive information concerning your health with the representative assisting you.

We will use your information in order to respond to your inquiry, provide you with support, assistance or any other service requested by you, We will retain our correspondence with you for as long as needed, subject to applicable law.

Newsletter Registration:

If you subscribe to our newsletter, you may be required to provide us with your email address. You can unsubscribe at any time from receiving our newsletter by clicking on the “unsubscribe” link within the body of the email that you receive the newsletter in or by contacting us directly.

We use this information solely to provide you with the content you have requested.

IP Address:

When you access the Site we, or third parties on our behalf (such as Google Analytics please see the “Cookies” section below) will collect your Internet Protocol (“IP”) address.

We use the IP address in order to maintain and manage the Site, customize and improve our Site and the content and services provided therein, as well as enhance your experience, in order to perform research, analytical and statistical activities regarding traffic flow and users’ interaction with our Site, detect fraud, and detect and resolve security or technical issues.

Technical Data:

We collect information about your interaction with the Site. This may include your aggregated usage information and technical information transmitted by your device, including but not limited to: type of browser and settings, operating system, type of device, pages viewed within the Site, date and time stamp, duration of your visit on each page, approximate geographical location, and the path taken by you in the Site.

We use this technical data in order to enable your use of the Site and to improve our Site and Services.

Data We Collect from Customers Through Our Services, Platform or Devices and Patient’s Data That We Process on Behalf of Our Customers:



Data We Collect

Purpose of Collection and Use

Customer’s Contact Details:

If you become a Customer or are authorized to use our Services on a Customer’s behalf you will provide us with your contact information such as your name, phone number, address, email, specialty etc.

We will use this information in order to, contact you with proposals and tailored information regarding new Devices that are available, provide you with a username, provide you with support, assistance or any other service requested by you.

Patient’s data processed on behalf Customers:

When our Customer and their Patients use our Services or Devices, certain information regarding the Patient will be uploaded on to our Platform, including without limitation Patient’s names, addresses, email addresses, phone numbers, personal identifiers, date of birth as well as sensitive information including health related data (e.g., PAT signal, heart rate, oximetry, body position, snoring and chest


We may store this information, analyze it and provide a report to our Customers to help enable them to properly treat and assist their Patients and in order to enable us to provide our Services. We will retain any such information for as long as needed, subject to applicable law.

Technical data processed on behalf of Customers:

When our Customers and their Patients in the United States of America use our Platform or Devices, we collect certain information about their interaction with such Services. This may include technical and usage information transmitted by your device, such as device type and operating system, app version, pages viewed within the app, date and time stamp, questionnaire section, module, question and answer, as well Customer clinic and Patient UUID (unique CloudPAT™ identifiers).

We will use this technical data in order to provide our Customers and their Patients with better customer support and to manage and improve our Services including the development of future services and additional functionality.

Patient’s Mobile Phone Location:

If you install our WatchPAT ONE™ or SleePATh™ mobile applications on a phone that runs Android operating system 11 or lower, we will ask for access to your phone’s location information. We only ask for such access because Google requires us to do so in order to enable Bluetooth scans on such phones.

We will NOT access or use your location information in any way.

IP Address:

When you access the Site, attempt to log into or log into the Platform, or respond to Itamar Medical’s STOP-BANG questionnaire we, or third parties on our behalf (such as Google Analytics – please see the “Cookies” section below) will collect your IP address.

We use the IP address in order to maintain and manage the Site, customize and improve our Site and the content and Services, as well as enhance your experience, in order to perform research, analytical and statistical activities regarding traffic flow and users’ interaction with our Site, detect fraud, and detect and resolve security or technical issues.


Data we Collect from Patients’ response to Questionnaires Submitted Through WatchPAT™ with SleePATh™:




Data We Collect

Purpose of Collection and Use

Patient’s names, email addresses, phone numbers, personal identifiers, date of birth as well as sensitive information including health related data, medical history, sleep patterns, all to the extent included in the Device App questionnaire.

We share this information with the Patient’s healthcare provider (i.e. our Customer) for the Customer to provide the Customer’s recommendation to the Patient, subject to the terms and conditions between Patient and Customer.


How We Collect Information

Based on the nature of your interaction with the Site and Services, we may collect information as follows:


·       Automatically – we may use cookies and similar tracking technologies (as explained in the Cookies & Opt-Out section below) to gather some information automatically when you access the Site.

·       Provided by you voluntarily we will collect information if and when you choose to provide us with information, such as through a Patient questionnaire, or via our contact us form.

·       Uploaded by a Customer or Patient to the Platform – we will collect information and store it when you choose to upload it to the Platform.

Cookies & Opt-Out

As stated above, when you access the Site we may use “cookies” (or similar technologies). The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enable automatic activation of certain features (i.e., shopping cart), remembering your preferences, your interest in products, and making the interaction quicker and easier. Cookies are also used to help customize your experience and for advertising purposes. You can find more information about cookies at:

There are several types of cookies we may use:

·       Essential, Functionality, Operation & Security Cookies. These cookies are essential for enabling movement around the Site, for the Site to function properly, and for security purposes (i.e., used to authenticate users, prevent fraudulent use, etc.). This category of cookies either cannot be disabled, or if disabled, certain features of the Site may not work.

·       Analytics, Measurement & Performance Cookies. These cookies are used to collect information about how users use the Site, in order to improve our Services and Site. These cookies enable us to, for example, assess the number of users who have viewed a certain page or product, as well as their country of origin.

·       Targeting & Advertising Cookies. These cookies are included on our Site and are run by third party companies. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising.



We use the following third-party cookies on our Site:




Privacy Policy and Opt-Out

Google Analytics

Analytics, Measurement & Performance.

These cookies gather information allowing us to understand interactions with our Sites and ultimately refine your experience. out ies/managing?hl=en

Google Console


Analytics, Performance.



Google Ads

Targeting & Advertising



For additional information on our use of Google products, click here.

Please note that most browsers will allow you to erase cookies from your device, block acceptance of cookies, or receive a warning before a cookie is stored through your device or browser settings. However, if you choose to disable cookies, some features of our Services may not operate properly and your online experience may be limited. For more information about cookies and how you can control them, please review your browser settings. We have included the settings of the major browsers below for your convenience:



Browser Type




Firefox preferences;



Internet Explorer delete-manage-cookies;


Safari sfri11471/mac;



Who We Share Data With:

Except as set forth in this Privacy Policy and below we do not share any Personal Data that we collect or process with others:

(a)   Legal Requirements - we will fully cooperate with any law enforcement authority or court order requesting or directing us to disclose the identity, behavior or digital content of any individual suspected

to have engaged in illegal or infringing behavior and we may disclose information when we believe it is necessary in order to comply with any applicable law, regulation, legal process, subpoena or governmental request or to protect ours or others’ rights, property, or safety;

(b)   Policy Enforcement and Our Rights - we will share information solely to the extent needed to enforce our policies including the investigation of potential violations thereof, to detect, prevent, or otherwise address illegal activities or other wrongdoings, suspected fraud, or security or technical issues as well as to the extent needed to establish or exercise our rights to defend against legal claims;

(c)  Corporate Transactions - we may share Personal Data, in the event of a corporate transaction (e.g., when Itamar Medical or its subsidiaries is undergoing any change in control, including by means of a merger, acquisition or purchase of all or substantially all of the assets or business of Itamar Medical). In such case, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy;

(d)    Authorized Disclosures we may disclose your Personal Data when we were provided with consent for a particular disclosure or in order to perform a contract;

(e)   Legitimate Business Purposes – we may collect, hold and manage your Personal Data through a third party’s cloud based service, as are reasonable for our business purposes, which may be located in countries outside of your jurisdiction, including but not limited to the United States of America.

(f)   Customer - the Patient’s healthcare provider.

Please note that once we share your information with another company, that information becomes subject to the other company’s privacy practices. Furthermore, we may share or use aggregated or Non- Personal Data with third parties in any of the above circumstances, as well as for the purpose of providing and improving our Services as detailed above.

User Rights

We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make informed decisions about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your Personal Data, according to applicable data protection and privacy laws. Some of the principal rights you may have are:

·       the right to access your Personal Data;

·       the right to ensure your Personal Data is accurate, complete and up-to-date;

·       the right to have your Personal Data amended (by correction, deletion, or addition of information);

·       the right to withdraw consent, subject to legal or contractual restrictions and reasonable notice;

·       the right to object to processing of your Personal Data;

·       the right to know who your Personal Data is being shared with and how it is being shared;

·       data portability; and

·       the right to file a complaint to an applicable governmental authority. Please review our Data Subject Rights Overview to learn more.

If you wish to exercise any or all of the above rights, please fill in the data subject request (“DSR”) form available here and send it to our privacy team at: [email protected]. Please include the rights that you wish to exercise in the DSR form and if applicable, what Personal Data you would like to receive. Additionally, if you are a Patient you may have the right to exercise some of the above rights only through one of our Customers. In such a case, we will make a reasonable effort to assist you in contacting our Customer and work with them to enable you to exercise your rights, subject to applicable law requirements.

If we are not able to provide you with the information that you have asked for, we will attempt to explain the reasoning behind such inability and inform you of your rights in such a case. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable laws. In addition, the process of locating and deleting the data may take up to thirty (30) days (following our receipt of the validation proof that we requested) in accordance with applicable laws. Please note that, data, privacy and other related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.

Data Retention

Subject to and in accordance with applicable laws, we will retain the information we collect for as long as needed to provide the Services, carry out our business purposes, perform our contract with you, comply with our legal obligations, resolve disputes and enforce our agreements.

The below table sets forth our retention policy with regards to Personal Data:


Data Sets

Retention Period

Customer Data

In accordance with applicable laws.

IP address

60 Days.


Contact Details

12 months unless otherwise required for our business operations or in order to defend our rights and interests, subject to applicable laws.


Newsletter Registration Data

Upon user’s request to opt-out and to unsubscribe from our mailing list.

Patient Data

For as long as required under applicable law.

Patient Questionnaire data

We will retain any such information for as long as needed, subject to applicable law.


Where Do We Store Your Data, Safeguards and Data Transfers

We take great care in implementing and maintaining the security of the Site, Services and your information. We employ industry standard procedures and policies and implement technical and administrative security measures to ensure the safety of Personal Data and in order to prevent unauthorized access or use of it. For more information regarding our security measures, please click here.

We may store or process your Personal Data outside of your jurisdiction. If you are a resident of a jurisdiction where the transferring of your Personal Data requires your consent, then your use of our Site

and the Services includes your consent for such transfer of your information. If you are a resident of the European Economic Area ("EEA") we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer outside of the EEA.

If you feel that your privacy was not treated in accordance with our Privacy Policy, or if any person attempted to abuse our Site and Services or acted in an inappropriate manner, please contact us directly at [email protected]. Furthermore, in the event of a data breach, in which we discover that your Personal Data is at risk, we will notify you through the Site or, if technically possible, by sending you an email and we will also contact the relevant authorities, in accordance with applicable legal requirements.

Do Not Track Disclosure

We do not respond to Do Not Track signals. For more information about Do Not Track signals, please see

California Residents

California residents have specific rights under the California Consumer Privacy Act of 2018 (“CCPA”). For more information and to exercise your rights, please see the Privacy Notice for California Residents in the following link:



Children Information

The Site and our Platform are not appropriate or intended for use by individuals under the age of 18 (or minors as otherwise defined in the relevant jurisdiction). We do not knowingly collect or maintain information from Visitors who are children. If we become aware at a later point that we have collected or processed Personal Data from a Visitor who is considered to be a child under applicable law, we will take steps to immediately delete his/her Personal Data. We request that such individuals do not provide Personal Data. If a parent or guardian becomes aware that we have collected Personal Data from a child, we invite him/her to contact us at: [email protected]. Additionally, if you become aware or have any reason to believe that a child has shared any information with us through our Site, please contact us and we will take reasonable steps to ensure that such information is immediately deleted from our files.


Itamar Medical regularly reviews its compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or our treatment of Personal Data by contacting us as provided above. When we receive formal written complaints, it is Itamar Medical’s policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of Personal Data that cannot be resolved between Itamar Medical and an individual.

Government Use

For Government Use, “you” is limited to patients, who are the users of the proprietary PAT technology medical devices. Until the actual transfer of your data to your Healthcare Provider according to its agreement with Itamar Medical, you understand that you own any data specific to you that is generated through the Services, and Itamar Medical shall use and disclose such data to provide the Services. You understand and agree that pursuant to the terms of your arrangement with your Healthcare Provider, Itamar Medical shall provide such data to your Healthcare Provider.

Have any Questions? Contact Us.

If you have any questions (or comments) concerning this Privacy Policy or any concerns with respect to how your privacy has been handled, you are more than welcome to send us an email or otherwise contact our privacy team at: [email protected].

Additionally, you may also contact us at the following address: Israeli Headquarters:

Itamar Medical Ltd. 9 Halamish Street,

PO Box 3579

Caesarea, 38900 Israel

Telephone: + 972 4 6177000

Fax: + 972 4 6275598

U.S. Headquarters:

Itamar-Medical Inc.

3290 Cumberland Club Drive Atlanta, GA 30339

Telephone: 1-888-748-2627