PROTECTION OF YOUR PERSONAL DATA

Sonova AG and Aureliym GmbH as independent or joint controller

Sonova & Aureliym processes the following categories of personal data:

Personal information

Diagnostic data

Contact details

Therapy data

Hearing Assessment

Hearing instrument sales data

Sonova & Aureliym have the following legal basis to process your personal data:

Consent

Performance of the contract

Legal obligation

Legitimate interest

Sonova & Aureliym processes your personal data for the following purposes:

Send you marketing communications

Appointment arrangement

Medical/Audiological service

Contacting you

Safety purposes/ Post-market surveillance, administrative regulations

Analytics and statistics evaluation

Your data can be shared with entities in:

The EEA

Switzerland

The UK

Sonova & Aureliym have taken the following measures to secure the processing of personal data:

Intracompany agreements and data protection clauses

Policies and procedures

Safety and security measures

Employee training

Your rights:

Access

Rectify

Deletion

Objection

Portability

Contact:

Contact Sonova or Aureliym

Data Protection Officer:

privacy@aureliym.com or privacy@sonova.com

File complaints with the national

Data Protection Authority:

Europe: www.edpb.europa.eu

Belgium/België: https://www.dataprotectionauthority.be

Deutschland: https://www.bfdi.bund.de

Ireland: https://www.dataprotection.ie/

Nederland: www.autoriteitpersoonsgegevens.nl

Italia: https://www.garanteprivacy.it/

Suisse/Schweiz/Svizzera: https://www.edoeb.admin.ch/edoeb/en/home.html

USA: https://www.state.gov/bureaus-offices/under-secretary-for-management/bureau-of-administration/privacy-office/

Personal data we collect from you and why: Sonova and Aureliym will only process your personal data for the following purposes.

Based on your consent:

• Send you emails communications: send you information and offers about hear care and tinnitus products and services.
Personal data: first name, last name, e-mail address.
• Analytics: measure the impact of marketing campaigns via the mobile tracking and attribution tool Appsflyer. Personal data: device identifiers such as advertising ID’s, network data such as IP address

Based on the performance of the contract and the service provided by SilentCloud. The following processing described are part of the service we provide you when using the SilentCloud app and therefore categories of personal data mentioned are shared between Aurelyim and Sonova:

• Create your account: managing your account information to provide you with the service. Personal data: first name, last name, date of birth, gender, e-mail address, phone number, zip code, city.
• Appointment arrangement: creating patient record to ensure continuity of service; creating new record/lead in the local CRM database; booking an appointment.; Personal data: personal information (first name, last name, date of birth, gender); contact data (e-mail address, address, city, country, phone number); hearing assessment; selected Hearing Care Professional (HCP); how you heard about the Silent Cloud app.
• Provide medical service: activating the therapy, providing medical service and personalizing the therapy for your as a patient (i.e. masking levels, tone frequency); guiding you through the use of the SilentCloud app; answering patients’ questions/queries; monitoring service levels.; Personal data: personal information, contact data, selected HCP, diagnostic data such as medical history questionnaire, medication use, tinnitus related questionnaires, tinnitus assessment, hearing assessment, selected ENT, ENT prescription information, confirmation of app subscription payment/ payment confirmation;therapy data such as usage and status data (e.g., timestamps, provision for occasional or on demand repeats), tinnitus assessment outcome (i.e., questionnaire scores, including tinnitus severity, mental health issues, quality of life, medical patient history; and psychophysical measurements), hearing assessment, details of therapy data (i.e., type of therapy selected, progress of therapy, compliance of therapy, overall therapy outcome), and in some cases, HCP and ENT data in order to verify function of the dashboard.
• Contact you: • contacting you through email/phone (or any other agreed forms of communications) for additional medical follow up providing you with any communication related to the service delivered by the SilentCloud app; Personal data: e-mail address, phone number

Based on our legal obligation:

• Safety purposes, post-market evaluation, or requirements under administrative regulations; Personal data: diagnostic data (pseudonymized) such as medical history questionnaire, medication use, tinnitus related questionnaires and assessment, ENT prescription information; therapy data (pseudonymized) such as all usage and status including timestamps and provision for occasional or on demand repeats, therapy outcome and steps, tones for tonal therapy and volume of masking noise for masker therapy.

Based on our legitimate interest:

• Analytics and statistical evaluation: improving process and/or products; gaining insights about the efficiency of communication channels; monitoring and optimizing your experience across both Tinnitus Therapy and Hearing Instruments (HI) journeys; ensuring the continuity of the therapy and your journey (continue where they left off and avoid repeating tasks; Add additional assessments based on your feedback); Personal data: pseudonymized usage data; pseudonymized diagnostic data; pseudonymized therapy data; and pseudonymized data collected in other standard hearing care processes, i.e. pseudonymized HI sales data (country, region, campaign code, average customer spending, average age, average binaural factor).
• For the processing based on our legitimate interest, you have the right to object (opt-out) at any time by contacting us at privacy@AURELIYM.com

How long we keep your personal data: Those personal data will be retained for a minimal period proportional to the time required to fulfil the purposes described. In the event applicable law or other regulations require a longer retention period, we will apply the longer retention period in order to fulfill our legal obligations.

How we treat your personal data. Sonova & Aureliym may share your personal data with affiliated Sonova entities in Europe, UK, but also in Switzerland (where our headquarters are). All our employees are required to follow these rules and are regularly trained. We have secured our systems with modern protection and restricted the access In cases where we need to, we share your personal data with trusted third parties as well. Microsoft Ireland Operations Limited (Ireland), Microsoft Azure (data are stored in EU or US depending on user’s location), which is the infrastructure hosting our services; Lavabeam Ltd (UK) which is our reporting dashboard supplier and will have access to pseudonymize data for development purposes; AppsFlyer Ltd (US) (data are stored in EU) which is our marketing analytics tool. Sonova & Aureliym ensure your personal data is protected at the same level as it would be in your home country. We have agreements with all involved parties to make sure no one uses your data in an illegal way.

You have rights. Within the framework of the collection and processing of your personal data, and as per applicable law, you may have the right to request access, rectification, erasure of your personal data, or restriction of processing. In addition, you may object to the processing, request data portability and withdraw your consent at any time. According to your country, you may have other rights such as providing instructions for how your personal data should be processed posthumously. Under HIPAA you may also have the right to request an accounting of disclosures of your personal data, and the right to receive a paper copy of this notice upon written request.
Please note that the exercise of such rights is subject to the limitations provided by applicable law.

How to contact us.You can always contact the Data Protection Officer of Sonova or Aureliym for any of the purposes mentioned above at privacy@aureliym.com or privacy@sonova.com.

If you want to file a complaint about Sonova or Aureliym handling your personal data, we appreciate you telling us directly, but you can also contact your local Data Protection Authority on

Europe: www.edpb.europa.eu

Belgium/België: https://www.dataprotectionauthority.be

Deutschland: https://www.bfdi.bund.de

Ireland: https://www.dataprotection.ie/

Nederland: www.autoriteitpersoonsgegevens.nl

Italia: https://www.garanteprivacy.it/

Suisse/Schweiz/Svizzera: https://www.edoeb.admin.ch/edoeb/en/home.html

USA: https://www.state.gov/bureaus-offices/under-secretary-for-management/bureau-of-administration/privacy-office/

Terms of Service

These Terms of Service ("Terms", "Terms and Conditions") govern your relationship with:

the website www.silentcloud.com operated by Sonova AG of Laubisrütistrasse 28, 8712 Stäfa, Switzerland, registration number CHE-101.989.88
the SilentCloud app manufactured by Aureliym GmbH of Hauptstrasse 96, 53474 Bad Neuenahr-Ahrweiler, Germany, registration number HRB 26319, Koblenz.

Together these two elements constitute the "service".

Contact: privacy@sonova.com, privacy@aureliym.com, website: www.sonova.com/www.aureliym.com ("us", "we", or "our").

Please read these Terms and Conditions carefully before using the Service. Your access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service. By accessing or using the Service you agree to be bound by these Terms. If you disagree with any part of the terms, then you may not access the Service.

Intellectual property

The Service and its original content, features and functionality are and will remain the exclusive property of us and its licensors. The Service is protected by copyright, trademark, and other laws of both the Germany and foreign countries. Our trademarks and trade dress may not be used in connection with any product or service without the prior written consent of us.

Links to other web sites

Our Service may contain links to third-party web sites or services that are not owned or controlled by us. We have no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third-party web sites or services. You further acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such web sites or services. We strongly advise you to read the terms and conditions and privacy policies of any third-party web sites or services that you visit.

Limitation of liability

In no event shall we, nor its directors, employees, partners, agents, suppliers, or affiliates, be liable for any indirect, incidental, special, consequential or punitive damages, including without limitation, loss of profits, data, use, goodwill, or other intangible losses, resulting from (i) your access to or use of or inability to access or use the Service; (ii) any conduct or content of any third party on the Service; (iii) any content obtained from the Service; and (iv) unauthorized access, use or alteration of your transmissions or content, whether based on warranty, contract, tort (including negligence) or any other legal theory, whether or not we have been informed of the possibility of such damage, and even if a remedy set forth herein is found to have failed of its essential purpose.

Disclaimer

Your use of the Service is at your sole risk. The Service is provided on an "AS IS" and "AS AVAILABLE" basis. The Service is provided without warranties of any kind, whether express or implied, including, but not limited to, implied warranties of merchantability, fitness for a particular purpose, non-infringement or course of performance. Our subsidiaries, affiliates, and its licensors do not warrant that a) the Service will function uninterrupted, secure or available at any particular time or location; b) any errors or defects will be corrected; c) the Service is free of viruses or other harmful components; or d) the results of using the Service will meet your requirements.

Governing law

These Terms shall be governed and construed in accordance with the laws of Germany, without regard to its conflict of law provisions. Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service and supersede and replace any prior agreements we might have between us regarding the Service.

Changes

We reserve the right, at our sole discretion, to modify or replace these Terms at any time.

What constitutes a material change will be determined at our sole discretion. By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Service.

Contact us

If you have any questions about these Terms, please contact us at privacy@sonova.com or privacy@aureliym.com