STRATX® PRIVACY NOTICE

Last modified: November 11, 2020

Introduction

This Privacy Notice informs you of important information about how Pulmonx Corporation (“Pulmonx” or “Company”) processes data, including personal data, that we collect through the portal hosted at https://www.PulmonxStratXUSA.com and associated web pages (the “Website”) and the StratX® Lung Analysis Platform made available therein (collectively, the “Platform”). Please read this Privacy Notice carefully to understand our policies and practices regarding your information and how we will treat it. The StratX® Terms of Service, including definitions of certain capitalized terms, are available online at https://www.PulmonxStratXUSA.com/terms (“Terms”).

StratX® is a cloud-based quantitative computed tomography (“CT”) analysis service that supports patient selection and treatment targeting using Pulmonx products by providing information on emphysema destruction, fissure completeness, lobar volumes and procedural success based on post-treatment scans. The Platform allows Pulmonx Customers to upload fully de-identified lung CT scans for patients that it wishes to be assessed for potential use of the Zephyr Valve or other Pulmonx products, or for post-implantation revisions (“Scans”). Pulmonx then generates a report, including associated data and information, unique to that Scan which may contain tabulated data on fissure completeness by lobe, destruction score by lobe, inspiratory lobar volume by lobe and valve occlusion status by airway (the “Report”). Pulmonx makes StratX® available to regular Pulmonx Customers.

This Privacy Notice describes the types of information we may collect through the Platform and our practices for collecting, using, maintaining, protecting, and disclosing that information. This Privacy Notice applies to information we collect through the Platform. It does not apply to information collected by us offline or through any other means, including on any other website operated by Company or any third party; or any third party, including through any application or content (including advertising) that may link to or be accessible from the Platform.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Website, including information:

  • By which you may be personally identified, such as an individual’s name, username / email address, first name, last name and name of affiliated institution (“personal data”); and
  • About your internet connection, the browser or other equipment you use to access our Website, and usage details.

We collect this information:

  • Directly from you when it is provided to us.
  • Automatically as you navigate through the Platform. Information collected automatically may include usage details, internet connection information, such as the IP address of your computer and/or Internet service provider, the date and time you access the site and information collected through cookies, web beacons, and other tracking technologies.
  • From third parties, for example, our business partners.

Information You Provide to Us

The information we collect on or through the Platform may include:

  • Any Scans uploaded to the Platform.
  • Information that you provide through the Platform.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information. We use automatic data collection to log information about your use of our Website, which is temporarily stored in association with your account. The log data is aggregated and used to improve the Platform and to deliver a better and more personalized service.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal data:

  • To present the Platform and its contents to you.
  • To generate Reports based on the Scans.
  • To provide you with information, products, or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To improve the Platform and our other services, including for research and development of our products and services.
  • To facilitate diagnostic and treatment discussions.
  • Share Scans and Reports within our organization and with third parties as appropriate.
  • Transfer Scans and Reports among cloud servers as reasonably necessary.
  • To notify you about changes to our Website or any products or services we offer or provide though it.
  • To allow you to participate in interactive features on our Website.
  • In any other way we may describe when you provide the information.
  • For any purpose that does not violate law or the Terms (as defined below).

Disclosure of Your Information

We may disclose aggregated information about you, and information that does not identify any individual, without restriction, including pursuant to the uses discussed above. We may disclose personal data that we collect or you provide as described in this Privacy Notice:

  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support the Platform to deliver you products and services and need access to such information to carry out their work for us; for example, we may partner with other companies to fulfill requests, optimize our services, send newsletters and marketing emails, support email and messaging services, and analyze information.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Pulmonx’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by Pulmonx about the Platform users is among the assets transferred.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal data:

  • To comply with any court order, law, legal process, or regulatory requirement including to respond to any government or regulatory request or support improvements to the Platform.
  • To enforce or apply our Terms and other agreements.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Pulmonx, our partners and customers, or others.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal data you provide to us. We have created mechanisms to provide you with the following control over your information:

  • Tracking Technologies. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

California residents may have additional personal data rights and choices. Please see Your California Privacy Rights for more information.

Your California Privacy Rights

We may disclose personal data to affiliates of Pulmonx, which may use this information for all purposes outlined in this Privacy Notice. Under California Civil Code Section 1798.83, separate legal entities are considered “third parties” and certain communications with our affiliates might be viewed as promoting our services. Therefore, we are providing the following information for California residents who have provided us with their personal data (“California Residents”). Individual California Residents may request information about our disclosures of certain categories of personal data to third parties (i.e., our affiliates) for such third parties’ direct marketing purpose, consistent with California Civil Code Section 1798.83. To make such a request, please send an email to stratxUSsupport@pulmonx.com or write us at: Pulmonx, 700 Chesapeake Drive, Redwood City, CA 94063. In response, we will provide a list of the categories of “Personal data”, as that term is defined by California Civil Code Section 1798.83, disclosed to third parties for direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the email or mailing addresses specified in this section

Data Security

We seek to use reasonable organizational, technical and administrative measures to protect personal data within Pulmonx. Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.

Changes to Our Privacy Notice

We may update this Privacy Notice from time to time and in our sole discretion. We encourage visitors to check this page frequently for any changes to it.

Contact Us

If you have questions, comments, or concerns about this Privacy Notice or our privacy practices, or if you would like to request to update your information, other than as provided above, please send an email to stratxUSsupport@pulmonx.com, write us at: Pulmonx, 700 Chesapeake Drive, Redwood City, CA 94063, or call us at (866) 300-4550.