Home
|
Privacy Policy

Privacy Policy

Evergen

Privacy Policy

Effective December 2024

Evergen respects your privacy and is committed to protecting the privacy of information collected through our websites. This Privacy Policy is provided by Evergen (“the company”), including our affiliated companies and subsidiaries. It contains information about our practices for collecting, using, and safeguarding the information you provide to us through this website.

This Privacy Policy describes our practices in connection with information that we or our service providers collect through the website operated and controlled by us from which you are accessing this Policy. By accessing any of our websites, you understand and agree to this Privacy Policy and our Terms of Use. We may update this Privacy Policy from time to time, and all updates are effective immediately, applying to all access to and use of our websites thereafter.

Please also refer to:

  • Supplemental Website Privacy Notice for California, Colorado, Virginia, Utah, and Connecticut consumers

Data collection

In order to access certain options, offers, or services on our site, you will be asked to provide relevant personal information, such as contact information for enrollment in a program or information about the service you are seeking. You always have the option of unsubscribing from our commercial programs at any time. Occasionally, we may invite you to participate in a survey or poll about our site content, services, or products. Your responses will be anonymous unless you choose to provide your contact details so that we can provide you with additional information regarding the survey or poll.

We collect certain types of Personal Data in connection with our sales and marketing activities with customers, through Evergen’s website(s) and in other interactions. Generally, this Personal Data is collected directly from customers but in certain circumstances, we may also collect this information directly from a patient or another third party (e.g., as part of the reporting of an adverse event) or from publicly available sources and industry databases (e.g., hospital websites, journals, industry publications, and publicly available social media posts) that contain customers’ contact details (e.g., as part of our efforts to ensure the information we hold is accurate and up to date and/or to identify subject matters experts in relation to certain events which we may organize and/or as part of our legitimate brand management activities). Depending upon the interaction, and in accordance with applicable laws and business obligations, the information that we collect (which may not always constitute Personal Data) may include, without limitation, the following:

  • Business contact details (if and when applicable): name of healthcare organization and customer(s) interacting with us; job titles/medical specialty; years of experience; business address; address of invoicing if different; telephone numbers; fax number; business email addresses; internal identification number of the customer; tax identification number (if warranted); the names of individuals to contact at the organization; after hours/emergency contact information (such as for any urgent patient needs); and preferences for how to contact them.
  • Data related to the performance of the commercial contract and/or the commercial relationship (if and when applicable): information about the healthcare organization and its business; commencement of the business relationship; devices/products of interest; purchase history; frequency and overall amount purchased; contact history (sales calls, inquiries, etc.); website and other program enrollments and cancellations; Evergen employees who interact with the customer; correspondence and service interactions; information gathered through satisfaction survey participation, customer feedback requests and/or product evaluations; any marketing preferences that have been requested by the customer/organization; feedback from the customer/organization about their preferences to best meet their needs (i.e., would like devices shipped on first of the month, wants to be contacted about new products, etc.).
  • Data for Evergen Events: If you are a presenter at one of our events, we may collect your resume and other credential information about you to determine if you are an appropriate speaker, your photograph, and we may also collect information provided by event attendees who evaluated your performance as a presenter. We may also make and store a recording of your voice and likeness in certain instances and with your consent. If you are an attendee at one of our events, we may collect data from you to register and facilitate the event and your attendance at it, including as necessary to manage any follow-up actions, such as reimbursement of expenses and collection of post-event feedback. We may also collect some personal data of individuals attending live events for contact tracing purposes to comply with local law.
  • Data related to the customer’s orders and payments (if and when applicable): specific order deliveries (including address and depending on the nature of the device, limited patient information as determined by the treating HCP/instruction, such as imaging and sizing information necessary for the planning, manufacturing, and delivery of the device); delivery conditions; billing and payment terms and conditions; discounts, account status, returns, creditworthiness reviews, and credit approvals (to extend credit on purchases); bank details for incoming or outgoing wire payments; and redacted credit card numbers.
  • Data collected for patient safety-related purposes (if and when applicable): information and training on proper use (sizing, placement, etc.) of medical devices and their component parts; collection, follow-up, and reporting of any adverse experiences; feedback about favorable patient experiences; recommendations or insights about ways in which we can further improve its devices or the information about their use; and information about new labeling or other safety related updates pertaining to our products.
  • Data collected for legal and compliance purposes (if and when applicable): import and export information; collection or creditworthiness checks and other necessary background checks; tax and regulatory obligations; information required for any regulatory inspections, inquiries, or audits; reporting of any payments to healthcare professionals under the laws of certain countries (including the Sunshine Act laws—see below) and other information of a legal nature. For certain customers (such as those outside of the United States) and consistent with applicable laws, we may also collect information to comply with customs and trade laws, as well as anti-terrorism requirements.
  • Data related to regulatory disclosure fulfillments (if and when applicable): information relating to contracts (agreements) with healthcare professionals (other than those for the purchase of goods or services), including, for example, those relating to sponsorships, education, or consultant work for we; and information relating to the provision by or on behalf of Evergen of any other items of monetary value, such as lunches or any tangible items. Under the laws of certain countries, this information must be provided to national authorities and some of it is publicly available, including the name of the recipient and the surrounding details.

Where the customer is an organization and the information above constitutes Personal Data about its employees, workers, or contractors, you should bring this notice to their attention.

Suppliers:

We may collect several types of Supplier Personal Data, depending on the nature of our relationship with a supplier, including without limitation:

  • General contact and identification information (e.g., name, first name, last name, gender, email and/or postal address, and/or mobile phone);
  • Function (e.g., title, position, and name of employer);
  • Electronic identification data where required for the purpose of delivering products or services to our company (e.g., badge number and picture, logs, access, and closed-circuit television [CCTV] footage); and
  • For natural persons acting as suppliers or service providers, in addition to the Personal Data listed above, financial information (e.g., bank account details).

Evergen limits the Personal Data that it collects to that which is relevant and proportionate for the intended purpose. We also take reasonable steps to ensure that the Personal Data collected from customers is accurate, complete, and where necessary, up-to-date in accordance with the purposes for which it was collected. As part of this undertaking, we encourage customers to keep their Personal Data on file with us updated or let us know to correct your information if it changes or if you believe the information that we have collected is inaccurate so that we can continue to provide optimal service to you.

Data Processing

Evergen collects and processes Personal Data only for the purposes for which it was collected, and any compatible purposes permitted by law.

Where we need to collect Personal Data by law or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter with you. In some circumstances, we may anonymize your Personal Data so that it can no longer be associated with you, in which case we may use and disclose such information without further notice to you.

If we need to use your Personal Data for an unrelated purpose than that for which it was collected and the further processing is incompatible with that initial purpose, we will notify you and, where required by law, explain the legal basis which allows us to do so. We may process your Personal Data without your knowledge or consent, where this is required or permitted by law.

Sharing your information

Consistent with applicable laws and requirements, as well as with the data protection notices that we provide in relation to various programs or projects, the personal information that you provide to us through this website may be combined with other information that we have about you from other sources, may be used by the company for marketing and promotional purposes, and/or may be shared with other companies within Evergen. We may also share some of it with third-party business partners who assist us with initiatives such as order fulfillment or improving our site. When we do share this information, we require those third parties to adopt measures to protect your information in a manner consistent with this policy. We do not rent or sell your information or otherwise share it with any unaffiliated third party for their own use.

There may also be limited types of legal situations in which we are required to share some of your information, such as in the event of a transfer of ownership of the business, in connection with regulatory or legal matters, where required for safety and security, or as otherwise required or permitted by law. When we do share your information in such a situation, we limit the transfer to the information that is relevant under the circumstances and, to the extent possible, require the recipient to uphold an equivalent level of protection for the data.

International data transfers

As a global business, your information will be transferred and stored in the United States and other locations around the world. We have also put in place appropriate measures to comply with the cross-border data transfer obligations that apply to our business.

When we transfer Personal Data out of the European Economic Area (EEA), we ensure an adequate level of protection by implementing one of the following safeguards:

  • Only transferring the Personal Data to a country or territory deemed to provide an adequate level of data protection by the European Commission and/or the UK supervisory authority; or
  • By using specific data transfer contracts approved by the European Commission and/or the UK supervisory authority which give Personal Data the equivalent protection it has in Europe, i.e., Standard Contractual Clauses; or
  • When we transfer Personal Data out of other regions, we comply with the applicable regulatory requirements of cross-border transfer.

Cookies and web tracking

We use cookies and other similar web technologies on our websites. Please read about our practices for using cookies and similar technologies, including those from third parties who we may use to advertise our products to you when you visit our, or other non-affiliated websites in the future, by clicking on our Cookies Policy.

Safeguarding your information

To be consistent with applicable laws, we have adopted reasonable and appropriate measures that are designed to safeguard the confidentiality of your information and protect it from loss, misuse, alteration, destruction, or unauthorized access. Please note that, despite our efforts, there is always some risk that your data will be improperly accessed, including, for example, during your transmission of the information to us. We kindly remind you to safeguard any passwords and user IDs that you may obtain for restricted sections of our sites and to contact us immediately if you believe they have been compromised.

If you need to update or correct your personal information profile, you may do so directly on our website or by contacting us at the address below.

Policies for children

This website is not intended to collect or maintain any information from children under the age of 13 (or any other higher age threshold for children required by applicable data protection law). If we learn that we collected any information from anyone under the relevant age, we will purge it immediately, except for responding to a question or inquiry on a one-time basis from the individual.

Right of access, correction, or objection

We take reasonable steps to ensure that your personal information on file with us is accurate and up-to-date. In that regard, we invite you to contact us to update your information, such as your email address if it changes, so that you can continue to receive the information that you have requested from us. In accordance with applicable laws, you may also access or request correction of the information that we have retained about you, object to the processing of your data, request that your data be sent elsewhere, or request that we delete your information. There are certain exceptions that apply to these rights, and we uphold them in accordance with the regional/local requirements, such as in relation to the EU General Data Protection Regulation (GDPR) and the implementing laws in the EU member states. As noted above, you always have the right to withdraw consent to our use of your data for any marketing purpose. EU residents also have the right to contact their local supervisory authority.

Linked sites

Our website contains links to third-party (“external”) websites, and, occasionally, we may purchase space on a social media or other third-party site to provide information about our Company, our products, or other offerings. Evergen does not endorse or make any representations or warranties for the accuracy of content located on linked external websites and we are not responsible for any linked external website’s privacy policies, content, products, data collection procedures, materials, software, business activities, etc. We strongly encourage you to read and review the website and other policies of those organizations. Where possible, and in accordance with applicable laws, we also post our own website privacy policy for website users who visit the pages that we have included on those third-party sites.

Changes to this policy

We encourage you to review this policy periodically when you return to our site as we may update it from time to time to reflect changes to our practices, new requirements, and new security risks and safeguards. The changes become effective upon posting the new version of this policy, and those changes that relate to the use of personal information apply to information that is collected after posting.

Contact us

If you have any questions or if you have a complaint or claim about our data privacy practices, please contact us at the address below:

Data Protection Officer
Evergen
11621 Research Circle
Alachua, FL 32615
dpo@evergenbio.com

Supplemental Website Privacy Notice for California, Virginia, Utah, and Connecticut consumers

Effective January 2024

This Supplemental Website Privacy Notice (“Supplemental Notice”) applies only to information collected about California, Colorado, Virginia, Utah, and Connecticut consumers. It provides information required under the California Consumer Privacy Act of 2018 and California Privacy Rights Act of 2020 (collectively, the “CPRA”), the Colorado Privacy Act of 2021 (the “CPA”), the Virginia Consumer Data Protection Act of 2021 (the “VCDPA”), the Utah Consumer Privacy Act of 2022 (the “UCPA”), and the Connecticut Data Privacy Act of 2022 (“CDPA”). We also provide a brief paragraph regarding information collected about Nevada consumers under the heading “Privacy Notice for Nevada Residents” at the end of this Supplemental Notice. The other portions of this Supplemental Notice do not apply to Nevada consumers.

This Supplemental Notice describes Evergen (“we,” “us,” “our”) practices regarding the collection, use, and disclosure of Personal Information and provides instructions for submitting data subject requests. This Supplemental Notice is parallel in scope to our Privacy Policy.

Some portions of this Supplemental Notice apply only to consumers of particular states. In those instances, we have indicated that such language applies only to those consumers.

Definitions specific to this statement

“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with, directly or indirectly, a particular consumer or household. Personal Information includes “personal data” as that term is defined in the CPA, VCDPA, UCPA, and CDPA. Personal Information also includes “Sensitive Personal Information,” as defined below, except where otherwise noted.

“Sensitive Personal Information” means Personal Information that reveals a consumer’s social security, driver’s license, state identification card, or passport number; account log-in, financial account number, debit card number, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious beliefs, or union membership; contents of email or text messages; or genetic data. Sensitive Personal Information also includes processing of biometric information for the purpose of uniquely identifying a consumer and Personal Information collected and analyzed concerning a consumer’s health, sexual activity, or sexual orientation. Sensitive Personal Information also includes “sensitive data” as that term is defined in the CPA, VCDPA, UCPA, and CDPA.

“Third Party” has the meanings afforded to it in the CPRA, CPA, VCDPA, UCPA, and CDPA.

“Vendor” means a service provider, contractor, or processor as those terms are defined in the CPRA, CPA, VCDPA, UCPA, and CDPA.

To the extent other terms used in this Supplemental Notice are defined terms under the CPRA, CPA, VCDPA, UCPA, or CDPA, they shall have the meanings afforded to them in those statutes, whether or not capitalized herein. As there are some variations between such definitions in each of the five statutes, the definitions applicable to you are those provided in the statute for the state in which you are a consumer. For example, if you are a Virginia consumer, terms used in this Supplemental Notice that are defined terms in the VCDPA shall have the meanings afforded to them in the VCDPA as this Supplemental Notice applies to you.

The Personal Information we collect and process

We and our Vendors collect Personal Information directly from California, Colorado, Virginia, Utah, and Connecticut consumers, as well as from joint marketing partners, public databases, providers of demographic data, publications, professional organizations, social media platforms, people with whom you are connected on social media platforms, caregivers, Vendors and Third Parties that help us screen and onboard individuals for hiring purposes, and Vendors and Third Parties when they share the information with us.

A. Information we collect
We, and our Vendors, may have collected and processed the following categories of Personal Information about you in the preceding 12 months that we may also disclose to Vendors and Third Parties:

  • Identifiers, such as name, signatures, alias, online identifiers, internet protocol (IP) address, account name, physical characteristics or description.
  • Contact and financial information, including phone number, address, email address, financial information, medical information, health insurance information.
  • Commercial information, such as transaction information and purchase history.
  • Internet or other electronic network activity information, such as browsing history and interactions with our websites or advertisements.
  • Geolocation data, such as device location.
  • Audio, electronic, visual, olfactory and similar information, such as call and video recordings.
  • Professional or employment-related information, such as work history and prior employer.
  • Education information, as defined in the federal Family Educational Rights and Privacy Act, such as student records and directory information.
  • Purchase history, such as commercial information, including products or services purchased, obtained, or considered or other purchasing or commercial histories or tendencies.
  • Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

B. Why we process this information
We, and our Vendors, collect and process the Personal Information (excluding Sensitive Personal Information) described in this Supplemental Notice to:

  • Operate, manage, and maintain our business
  • Provide, develop, improve, repair, and maintain our products and services
  • Hire and manage our employees, as well as for related employment purposes
  • Personalize, advertise, and market our products and services
  • Conduct research, clinical studies, analytics, and data analysis
  • Conduct investigations
  • Maintain our facilities and infrastructure
  • Undertake quality and safety assurance measures
  • Conduct risk and security controls and monitoring
  • Detect and prevent fraud
  • Perform identity verification
  • Service accounts
  • Perform accounting, audit, and other internal functions, such as internal investigations
  • Comply with law, legal process, and internal policies
  • Fulfill contracts
  • Maintain records
  • Process orders and transactions and payment
  • Provide customer service
  • Maintain, process, or fulfill insurance and workers’ compensation claims
  • Provide analytic services
  • Exercise and defend legal claims
  • Otherwise accomplish our business purposes and objectives

Sensitive Personal Information

We, and our Vendors, may have collected and processed Sensitive Personal Information about you in the preceding 12 months that we may also disclose to Vendors and Third Parties for the specified purposes outlined below.

A. Sensitive Personal Information we process
Personal Information that reveals:

  • Government Identification such as social security, driver’s license, state identification card, or passport number
  • Account log-in, financial account number, debit card number, or credit card number in combination with any required security or access code, password, or credentials for allowing access to an account
  • Financial information such as bank account number, credit card number, debit card number, or any other financial information
  • Precise geolocation
  • Characteristics of protected classifications under law, such as age (40 years or older), gender, marital status, sex, sexual activity, sexual orientation, race, ethnic or national origin, religious or philosophical beliefs, union membership, physical or mental health conditions, disability, genetics, and veteran or military status
  • Contents of a consumer’s email and text messages, unless the business is the intended recipient thereof
  • Biometric data processed for the purpose of uniquely identifying a consumer such as Imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, faceprint, voiceprint, and sleep, health, or exercise data
  • Personally identifiable education information that is not publicly available such as grades and financial aid
  • Personal Information collected and analyzed concerning a consumer’s medical information or health insurance information

B. Why we process sensitive personal information
We, and our Vendors, collect and process and share the sensitive personal information described above only for:

  • Performing the services or providing the goods reasonably expected by an average consumer who requests those goods or services, such as fulfilling medical device orders, providing customer service, and processing or fulfilling insurance claims
  • Ensuring security and integrity to the extent the use of the consumer’s Personal Information is reasonably necessary and proportionate for these purposes
  • Short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer’s current interaction with us, provided that we will not disclose the consumer’s Personal Information to a Third Party and or build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with us
  • Performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing grants to charitable foundations, hosting events, providing analytic services, providing storage, or providing similar services on our behalf
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us
  • Hiring and managing our employees, as well as for related employment purposes

Categories of entities to whom we disclose Personal Information

A. Affiliates and Vendors
We may disclose your Personal Information to our affiliated companies, if required, and Vendors for the purposes described above in this Supplemental Notice. Our Vendors provide us with services for our websites, as well as other products and services, such as web hosting, data analysis, payment processing, order fulfillment, software, customer service, infrastructure, technology services, email delivery services, credit card processing, legal services, study sites, experts helping us with a clinical project and other similar services. We grant our Vendors access to Personal Information only to the extent needed for them to perform their functions and require them to protect the confidentiality and security of such information.

B. Third Parties
We may disclose your Personal Information to Third Parties in the following circumstances:

  • At your direction. We may disclose your Personal Information to any Third Party with your consent or at your direction.
  • Where it is required by law for safety and security.
  • Business transfers or assignments. We may disclose your Personal Information to other entities as reasonably necessary to facilitate a merger, sale, joint venture or collaboration, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

C. Legal and regulatory
We may disclose your Personal Information to government authorities, including regulatory agencies, health authorities and courts, as reasonably necessary for our business operational purposes, to assert and defend legal claims, and otherwise as permitted or required by law.

Retention of Personal Information

We retain your Personal Information for the period reasonably necessary to provide goods and services to you and for the period reasonably necessary to support our business operational purposes listed in this notice.

Selling Personal Information

We do not sell Personal Information, including that of minors. We may, however, engage in the following activities:

  • Disclose a consumer’s Personal Information upon the consumer’s instruction
  • Interact with a Third Party upon the consumers instruction
  • Use or share consumers’ Personal Information pursuant to a written contract with a service provider that is necessary to perform a business purpose, where our contract prevents the provider from using, keeping, or disclosing consumers’ Personal Information for any purpose other than the reason supplied in the contract
  • Transfer a consumers’ Personal Information as part of a transaction in which the Third Party assumes control of all or part of our business

A. Disclosure for California consumers:
We have not sold or shared Personal Information about California consumers in the past twelve months. Relatedly, we do not have actual knowledge that we sell or share Personal Information of California consumers under 16 years of age. For purposes of the CPRA, a “sale” is the disclosure of Personal Information to a Third Party for monetary or other valuable consideration, and a “share” is the disclosure of Personal Information to a Third Party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.

B. Disclosure for Colorado, Virginia, Utah, and Connecticut consumers:
We do not sell or share Personal Information to Third Parties or process Personal Information for purposes of targeted advertising, as the terms “sell,” “share,” “process,” and “targeted advertising” are defined in the CPA, VCDPA, UCPA, and CDPA.

Your data subject rights

California, Colorado, Virginia, Utah, and Connecticut consumers have certain rights with respect to the collection and use of their Personal Information. Those rights vary by state. As required by the CPRA, we provide detailed information below regarding the data subject rights available to California consumers. Colorado, Virginia, Utah, and Connecticut consumers have similar rights and can find more detail by referencing the CPA, VCDPA, UCPA, or CDPA, as applicable.

Data subject rights disclosure for California consumers: California consumers have the following rights regarding our collection and use of their Personal Information, subject to certain exceptions.

Right to receive information on privacy practices: You have the right to receive the following information at or before the point of collection:

  • The categories of Personal Information to be collected
  • The purposes for which the categories of Personal Information are collected or used
  • Whether or not that Personal Information is sold or shared
  • If the business collects Sensitive Personal Information, the categories of Sensitive Personal Information to be collected, the purposes for which it is collected or used, and whether that information is sold or shared
  • The length of time the business intends to retain each category of Personal Information, or if that is not possible, the criteria used to determine that period

We have provided such information in this Supplemental Notice, and you may request further information about our privacy practices by contacting us as at the contact information provided below.

Right to deletion: You may request that we delete any Personal Information about you we that we collected from you.

Right to correction: You may request that we correct any inaccurate Personal Information we maintain about you.

Right to know: You may request that we provide you with the following information about how we have handled your Personal Information in the 12 months preceding your request:

  • The categories of Personal Information we collected about you
  • The categories of sources from which we collected such Personal Information
  • The business or commercial purpose for collecting Personal Information about you
  • The categories of Personal Information about you that we shared or disclosed and the categories of Third Parties with whom we shared or disclosed such Personal Information
  • The specific pieces of Personal Information we have collected about you

Right to receive information about onward disclosures: You may request that we disclose to you:

  • The categories of Personal Information that we have collected about you
  • The categories of Personal Information that we have sold or shared about you and the categories of Third Parties to whom the Personal Information was sold or shared
  • The categories of Personal Information we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose

California residents under age 18. If you are a resident of California under the age of 18 and a registered user of our website, you may ask us to remove content or data that you have posted to the website by writing to our Data Protection Officer at dpo@rtix.com. Please note that your request does not ensure complete or comprehensive removal of the content or data, as, for example, some of your content or data may have been reposted by another user.

Disclosure about direct marketing for California residents. California Civil Code § 1798.83 permits California residents to annually request certain information regarding our disclosure of Personal Information to other entities for their direct marketing purposes in the preceding calendar year. We do not distribute your Personal Information to other entities for their own direct marketing purposes.

Privacy notice for Nevada residents. We do not sell Covered Information as defined under Nevada law, and we generally do not disclose or share personal information as defined under Nevada law for commercial purposes. Under Nevada law, you have the right to direct us to not sell or license your personal information to Third Parties. To exercise this right, if applicable, you or your authorized representative may contact our Data Protection Officer at dpo@evergenbio.com.

Changes to our Supplemental Notice. We reserve the right to amend this Supplemental Notice at our discretion and at any time. When we make material changes to this Supplemental Notice, we will notify you by posting an updated Supplemental Notice on our website and listing the effective date of such updates.

Right to non-discrimination: You have the right not to be discriminated against for exercising your data subject rights. We will not discriminate against you for exercising your data subject rights. For example, we will not deny goods or services to you, or charge you different prices or rates, or provide a different level of quality for products or services as a result of you exercising your data subject rights.

You may exercise data subject rights applicable to you under the CPRA, CPA, VCDPA, UCPA, or CDPA by contacting our Data Protection Officer. If you submit a request by mail or email, include “Data Subject Rights Request” and your state of record on the front of the envelope or in the subject line of your message and include your name and whether your request is a “request for access” or a “request to delete.”

Data Protection Officer
RTI Surgical, Inc.
11621 Research Circle
Alachua, FL 32615
dpo@evergenbio.com

Verification process
Within 10 business days of Evergen receiving your request, you will be contacted and guided through a process to verify your identity and your request. We will confirm receipt of your request, but before responding, we will verify your request by comparing the information you submit with the request to the information we have in our systems. In some cases, we may ask you for additional information to confirm that we have identified the correct consumer record. If you designate an agent to make a request your behalf, we may require the agent to provide proof of signed permission from you to submit the request, or we may require you to verify your own identity to us or confirm with us that you provided the agent with permission to submit the request. Subject to certain exceptions that may apply under the law, if we are able to verify your request, we will accommodate it.

Appeals for Virginia, Colorado, and Connecticut consumers
Virginia, Colorado, and Connecticut consumers have the right to appeal our decisions on their data subject requests. This section does not apply to California or Utah consumers. To appeal our decision on your data subject requests, you may contact our Data Protection Officer at dpo@evergenbio.com. Please enclose a copy of or otherwise specifically reference our decision on your data subject request, so that we may adequately address your appeal. We will respond to your appeal in accordance with applicable law.

Changes to our Privacy Statement
We reserve the right to amend this Privacy Statement at our discretion and at any time. When we make changes to this Privacy Statement, we will post an updated notice on this webpage with an updated “effective” date.

 Evergen. Advancing regenerative biomaterial solutions.
 Evergen. Advancing regenerative biomaterial solutions.
 Evergen. Advancing regenerative biomaterial solutions.