Effective Date: August 2021
This Privacy Notice explains how Patterson Companies, Inc. and its subsidiaries (“Patterson Companies,” “we,” “us,” or “our”) may collect, use and share (collectively, “process”) your personal information. We are committed to ethical privacy practices that protect your privacy and maintain the security of your personal information. You should read this Privacy Notice carefully to understand our privacy practices. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at firstname.lastname@example.org or 1-800-328-5536.
This Privacy Notice (“Notice”) applies when you engage with us for any reason, including visiting our website, purchasing through one of our e-commerce sites; creating an account; or downloading or using any of our mobile-enabled or desktop solutions (collectively, the “Services”). Please read the following carefully to understand our practices regarding your personal information and how it will be treated.
This Notice applies to all information collected through our Services (which, as described above, includes our Website), as well as any related services, sales, marketing or events. This Notice does not apply where we act only as:
- a service provider or data processor, such as when your personal information is processed by us only to fulfill an order received from our customer; or,
- a HIPAA business associate, such as when your provider may use our practice management services in the United States.
1. Information You Provide to Us
We may collect any information that you provide to us when:
- You use any of the Services,
- You create an account or complete details of any profile using the Services,
- You post, upload or share any material or content through any of the Services (for example if you submit a “success story”, request a demo, or participate in pop-up surveys on our websites),
- You report a problem with any of the Services, or
- You make a transaction using one of our Services.
Categories of Information We Process
When you use the Services, we may use your personal information to verify your identity, process your payment for the services, and learn how you engaged with our website, product, or mobile application. Below is a list of the categories of personal information we may collect from or about you:
Name and Contact Information: Your first and last name, email address, mailing address, personal phone number, photo, beneficiary and emergency contact details, and other similar data.
Financial information: Bank account details, credit or debit card information, debt and other obligations. For example, to process any required payment for the Products or Services, we may collect payment information. We may also need to collect additional financial information if you make an offer for credit to us. We will determine your creditworthiness in accordance with applicable laws.
National identifiers: Your national ID/passport, citizenship status, national provider or Drug Enforcement Agency number, social security number, or other taxpayer/government identification number.
Demographic Information. This includes your date of birth and gender as well as more sensitive personal information (also known as special category data), including information relating to racial and ethnic origin, religious, political or philosophical beliefs, trade union membership or information about your health, parental status, disabilities, sexual orientation, gender identity, and military status.
Account Information: Some information you provide to us for your account is required, but you may also choose to provide us with additional information. For example, shipping addresses, business name and registration information, and information related to your customers.
Identity Information: Photographs, Photo IDs, passports, or biometric authentication (when enabled on your device), and other information we may collect about the device you use to download our Services or to download documents contained on our website. When you have a device that enables payment or login capabilities through the use of biometrics (e.g., fingerprint or face ID), we do not collect that personal information from your device.
Transaction Information: Payment type used, date and time, payment amount, billing information, and other related details.
Health Information: Height, weight, age, medications, procedure history, race and ethnicity, and other related information may be collected as a result of your use of the Services. If you’re in the United States, we treat this information as Protected Health Information subject to HIPAA and our processing of that information is described in our HIPAA Patient Notice of Privacy Practices. If you’re a resident of the EEA or U.K., we treat this information as special categories under GDPR.
Biometric Information: Fingerprint, voice prints, retina scans, analysis of behaviors, hand or face geometry, and other tools or information unique to you.
Customer Feedback and Support: Details in any of your communications with us about or related to your use of the Services, such as when you contact our customer support team or contact us via email.
Other Information: In some instances, we may collect additional information from third-party sources, but we will notify you where we collect additional categories of data and, where required, will collect your consent before we do so. For example, we may collect information about you or your business from government agencies for regulatory purposes, or credit reporting agencies, to determine your creditworthiness.
Information Automatically Collected by using the Services
When you use the Services, we may automatically collect and store certain information in our server logs to get a better understanding of how people use the Services, for system administration purposes including system audits, and to ensure we provide a good user experience and customer service. This type of information includes information about when, how, and what parts of the Services you use.
Location Information: Your IP address or mobile device GPS may provide us with your precise or approximate location information. In some instances, we may collect this information even when you are not using one of our mobile-enabled products. You can turn this function off and on through the settings options on your device.
Usage Information: Pages or content you view on any of our websites or in our Services, may be collected to provide usage metrics.
Device Information: The device’s unique device identifiers, operating system, setting preferences (e.g., screen resolution), and mobile network information.
Log Information: Details about how you’ve used our Services, such as when you click on a link to a third-party application, access dates and times, hardware and software information, crash data, and cookie data (when it’s turned on).
Analytics Information: Details and image re-creations about your session engagement is recorded on some of our sites. Although this functionality is automatically turned on, you can choose to turn it off. To learn how to do so, you can review our Cookies Policy.
2. How We Use Your Personal Information
Generally, we use your personal information to:
Deliver, Manage, and Improve our Services: We use this information to enable you to have full use and functionality of the Services. We may also use your personal information to gather insights about our Services so that we can improve and make your experience better. For example, if you contact us with a complaint or question about the Services or any of the products or other services that we offer, we may keep a record of that correspondence to improve our Service features and functionality. Where practical, use of your personal information for insights and improvement of the Services is aggregated and de-identified personal information.
We may collect or process your biometric personal information under the instructions of a data controller. For instance, when our Fingerprint ID feature is enabled, it allows patients or employees of our customers to automate a sign-in or clock-in process. Some laws regulate the processing of this type of information because it is sensitive personal information. In areas where it is required, we process such data either under the specific instructions of a data controller, or will solicit your consent to perform the processing as required by your local laws. In all cases we will provide you notice of the collection of biometric information.
Ensure the Security of Personal and Confidential Information: We use your personal information to ensure the security of your use of the Services, any user accounts you may have with us. This includes protecting individuals, our workforce, and the Company against loss. For example, we may use your personal information to detect malicious activities meant to access personal information or our systems.
Advertise and Market our Services to you and others: We use your contact details to communicate with you and provide you with information about our Services which may be of interest to you, where permitted by applicable law. We collect this information either from you or from third-party sources. If you do not want us to use your information in this way, you can opt-out by clicking “unsubscribe” in the email footer of the marketing communication that we sent to you. Please note that if you opt-out from receiving marketing communications, we may still contact you about service-related issues, such as where we may make changes to the Services, any terms and conditions, or this Notice.
Fulfill our Legal and Regulatory Obligations: We may have to disclose your personal information to courts, law enforcement, or governmental or public authorities. For instance, we may need to disclose your identity as part of a mandatory reporting obligation for sanctions screening.
Prevent and Detect Fraud, Waste, and Abuse: We use your personal information to ensure the security of your use of the Services, any user accounts you may have with us and our business, as well as for the purposes of preventing or detecting fraud or abuse of our Services. For example, we may use your personal information to conduct due diligence when you purchase our products or services to ensure you are eligible to make the purchase.
3. When We Share Your Personal Information
Service Providers: In some circumstances, it may be necessary for us to share your personal information with a third party in order to provide you with the Services. For example, we may need to share your personal information with our payment processing partner in order to process your payment of the Services. These third parties are our service providers and their processing of your personal data will never be for their own purposes.
Between Patterson Company Entities: To enable to smooth operation of our business, many of our subsidiaries may have to disclose personal information with other Patterson Companies Entities to provide the Services, customer or product support.
At Your Direction: Some of our Services integrate with third-party applications. When you engage with a third-party application, we may need to share certain personal information with the third party and when required, we may need your consent to do so. In many cases, the third party’s continued use of your personal information will no longer be subject to this Notice.
Your use of any of our online or mobile applications will also be subject to the privacy notices and policies of any app store provider and/or operator (“App Store Provider”) from whom you have downloaded the app. Please check these third-party privacy notices and policies before providing any personal information to any other website or App Store Provider.
Government, Regulatory, and Law Enforcement Requests: Many of our Services are regulated under federal, state or other local laws. For example, regulations of our drug distribution service through Patterson Animal Health and Patterson Dental may require that we notify law enforcement in certain circumstances. Our law enforcement reporting may require disclosure of your personal information.
4. Storage and Transfer of Your Personal Information
As allowed by laws in your area, the personal information we process may be transferred to, and stored within, a destination outside of your country which may have less strict, or no data protection laws, when compared to those in your country. We reserve the right to store your personal information outside of your country of residence, in accordance with applicable laws.
5. Children’s Personal Information
Our Services are not intended for use by people under the age of 13.
6. Maintaining the Security of Your Personal Information
We are committed to the continuous improvement of our Services to ensure the integrity of your personal information. To do so, we have implemented a variety of administrative, technical and organizational measures throughout our Services to help protect against unauthorized access, use or disclosure of your personal information.
We retain personal information collected subject to this Notice for as long as necessary fulfill the purposes for which the information was collected and to comply with applicable laws or regulatory requirements.
7. Residents of the U.K. and EEA
We process your personal information in compliance with the General Data Protection Regulation (“GDPR”) and the ePrivacy Directive. Our processing of your personal information as described in this Notice will typically be pursuant to one of the following:
- It is necessary to fulfil a contract that we have in place with you;
- For our legitimate business interests;
- Your consent; or
- Where the processing is necessary for compliance with our legal obligations.
We may process special categories of personal information as defined by the GDPR, but we will only do so where we have a legal basis and the processing is allowed under Article 9. An example of special categories of personal information is information relating to your medical history, which may include patients’ experiences using our Services.
Your personal information may also be processed by staff operating outside the EEA who work for us or for one of our service providers, for example in the provision of support services. Whenever we transfer your personal information outside of the EEA, we will take legally required steps to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this Notice. You may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances. Depending on the Services you use, the terms of our Data Processing Addendum may also apply.
Additionally, your local data protection laws provide you the following rights to your data:
- the right to object or withdraw consent to the processing of your personal information;
- the right to access a copy of your personal information; and,
- the ability to erase, restrict or receive a machine-readable copy of your personal information.
You may also update or delete your account(s) as you choose but if you do so, you may be unable to access or us some or all of our Services. If we deny your request, we will provide you the reason for the denial, such as our legal requirement to retain certain personal information. We will handle any request to exercise your rights in accordance with applicable law. If you wish to exercise any of these rights please refer to the “Contact Us” section of this Notice.
8. Residents of California
California law permits you to request certain information about our disclosure of personal information to third parties for their direct marketing purposes during the preceding calendar year. This request is free and may be made once a year. To make such a request, please send us an e-mail or write to us at the address provided in the “Contact Us” section of this Notice, or as we may otherwise advise, and indicate in the subject line that you are a California resident making a “California Shine the Light” inquiry.
Your state law also provides you the following rights to your data:
- Access the personal information we have about you;
- Delete your personal information; and,
- Appoint a representative to take these actions on your behalf.
We do not sell your personal information; therefore, we do not provide you the ability to opt-out of the sale of personal information. We will also not take adverse action against you for choosing to elect any of these rights; however, if you choose to have us delete your personal information, you may not be able to fully utilize the features of our Services.
We do not take adverse action against anyone for exercising their rights under applicable laws.
If you wish to exercise any of these rights please refer to the “Contact Us” section of this Notice. In some cases, we may not be able to honor your request because we may be required to retain your information to comply with laws or these rights may not apply to our processing of your personal information. If so, we will tell you the reason your request was denied in our response to you.
9. Contact Us
If you have a privacy concern or question related to this Notice, you may contact or write to us at:
Attn: Privacy Officer
1031 Mendota Heights Road
Saint Paul, MN 55120
Telephone: (+1) 800.328.5536
10. Changes to this Notice
From time to time, it may be necessary for us to update this Notice with more relevant information or to otherwise comply with legal obligations. When we make updates, we will notify you in advance of any changes and provide you copies of previous versions for as long as they are maintained.
11. Our Services
As mentioned above, this Notice applies when we process your personal information through a variety of our Services. Our Services include:
- Our Websites
- Our Mobile and Web-based Applications
- Our Desktop Products
Last Updated: August 3, 2021