Privacy Policy

Effective Date May 24, 2018

Glaukos Corporation and its subsidiaries (collectively, “Glaukos” or “we”) are committed to protecting the privacy of visitors and customers accessing websites we operate or control (our “Websites”) and we have created this Privacy Policy to demonstrate our commitment to you. This Privacy Policy advises our visitors and customers of the types of information that may be collected via our Websites and emails we send you, and the practices that Glaukos follows with respect to the use of such information. This Privacy Policy applies only to our Websites and emails and does not apply to other sites or to information collected off-line. By providing personal information to us or by using our Websites, you agree to our collection, use, disclosure, and storage of information as described in this Privacy Policy.

Information We Collect

Information You Provide Directly to Glaukos

We collect personal information that you voluntarily submit to us, including when you communicate with us via our Websites. For example, if you request information about a product or service from us via our “Contact Us” form on a Website, your name, email address, phone number, and other contents of your message will be collected. This includes any text characters and any audio, video, and graphic information formats included in the message. If you voluntarily submit information to us that is sensitive in nature (e.g., health information), that will also be collected and processed for the purposes set out below. We may combine this information with information we collect or receive about you from other publically and commercially available sources, such as LinkedIn and other social media platforms. We may combine all of the information we receive about you and use or disclose it in the manner described in this Privacy Policy.

Information We Collect Automatically

Like many websites, Glaukos and its third party service providers use a variety of automatic detection tools such as cookies, embedded web links, pixel tags, Flash cookies, and web beacons, to passively collect certain information about your use of and visits to our Websites. For example, we may collect your Internet Protocol (IP) address, your authentication information, the type of device used, the web browser and operating system used to access our Websites, the time and duration of your visits, your search queries, and information about the content and webpages you view and the features you access on a Website. This information helps us better understand the use and effectiveness of our Websites and is in a form that does not, on its own, permit direct association with any specific individual, however, much of this information is considered Personal Data as defined below.

Below is more information about some of those technologies and how they work:

  • Cookies. Cookies are small text files used to store information about users on the users’ own computer. Cookies may be used to recognize you as the same user across different visits to our Websites. Knowing how a user is using our Websites through cookies enables us to tailor our content to more effectively meet visitors’ needs. It also enables us to improve the quality of your visit by making sure that our Websites are properly formatted for your computer and web browser. Some Internet browsers can be configured to warn you each time a cookie is being sent or to refuse cookies completely. Refer to your browser help menu for more information. Please note, however, that without cookies you may not be able to use all of the features of the Websites.

  • Other local storage. Local Shared Objects (also referred to as “Flash cookies”) and HTML5 local storage are similar to cookies in that they can be stored on your computer and can be used to store certain information about your activities and preferences. These objects are stored in different parts of your computer from ordinary browser cookies, however. Many Internet browsers allow you to disable HTML5 local storage or delete information contained in HTML5 local storage using browser controls. You also may be able to delete your Flash cookies or adjust your Flash cookie settings by visiting the Adobe Flash Website Storage Settings Manager (click to open a new window).

  • Web beacons. Web beacons can be embedded in web pages, videos, or emails, and can allow a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the Web beacon, the IP address of your computer, and the URL of the web page from which the Web beacon was viewed.

Use of Your Information

We use the information we collect and receive for the following purposes:

  • to help us develop, operate, deliver, and improve our Websites and our other products, services, and offerings;

  • to provide you with information you request or respond to inquiries we receive from you or your company or organization;

  • to analyze how users use our Websites and related analysis, research, reporting, and troubleshooting as we believe is necessary or appropriate to protect, enforce, or defend legal rights, privacy, safety or property, whether our own or that of employees or agents or others; and

  • with your separate consent, to provide you with promotional materials, relevant content and advertisements, surveys, newsletters, questionnaires, and other materials; and to comply with applicable law.

Disclosure of Your Information

To the extent consistent with applicable law, we will share your personal information in the following circumstances:

  • Glaukos, and Its Subsidiaries and Affiliates. We will share information within Glaukos and with our subsidiaries and corporate affiliates for the purposes set out in this Privacy Policy, such as responding to your inquiry and providing you information that you have requested.

  • Website Consultants and Service Providers. Some affiliated and third-party consultants and service providers, such as partners that provide us technical support, information request processing, data and website hosting, event hosting and registration, customer support, and other services, collect certain information relating to your use of our Websites, including through the use of cookies, Web beacons, and similar technologies.

  • Enforcement of Rights/Security. We may disclose information (i) when required by law or in response to a request for cooperation by a government entity or law enforcement; (ii) to protect and/or enforce the rights, property interests, or safety of us, or any of our respective affiliates, business partners, customers, or employees; or, (iii) to resolve disputes, troubleshoot problems, prevent fraud and otherwise enforce this Privacy Policy and Website Terms of Use.

  • Reorganization of Glaukos. In the event we sell or transfer all or a portion of a business or assets to a third party, such as in connection with a merger or in the event of a bankruptcy reorganization or liquidation.

  • With Your Consent. We may share your information when you or your company or organization consent to or request such sharing. Among other things, when you provide information through the “Find an iStent Physician” function on our Websites, we may disclose the information to our subsidiaries, affiliates, or to health care providers in your area in order to put you in touch with clinicians.

International Transfers

As Glaukos is a global organization, the information you provide will be transferred to Glaukos or a third party in the United States of America, which does not have similar data protection legislation and may provide a lower level of protection for your information. By using our Websites and providing us with your personal information, where applicable law permits, you consent to such transfers, as well as the processing, and storage of such information outside your country of residence.

Links to Other Websites

Our Websites may contain links or references to third-party owned or operated websites or online services. Glaukos is not responsible for the collection of personal information or the security or privacy of any such third party sites or services. Likewise, Glaukos is not responsible for the collection, usage, and disclosure policies and practices (including the data security practices) of any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any information you disclose to such other organizations through or in connection with our social media pages, any mobile sites, applications, widgets, and other mobile interactive features. We encourage you to review the privacy statements posted on the websites you visit.

Information Security and Integrity

The security of your information is important to us. We follow security standards to protect the information submitted to us from unauthorized access, loss, interference, misuse, disclosure, alteration or destruction, both during transmission and once we receive it. These safeguards vary based on the sensitivity of the information that we collect, process and store and the current state of technology. No method of transmission over the Internet, or method of electronic storage, is guaranteed to be completely secure, however. Therefore, we cannot guarantee its absolute security. We also maintain reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete and current. If you have any questions about data security and integrity on our Websites, you can contact us using the details in the “How to Contact Us” section below.

Opt-Out of Marketing Communications

You will only receive information about our products and services and special offers from us if you specifically request it. At any time after making such a request, you can let us know that you no longer wish to receive such information by contacting us using the details in the “How to Contact Us” section below. If you are emailing us, please place “Opt-Out Request” in your email subject line.

Children’s Information (applies only to U.S. users)

The Websites are intended to be used by adults and corporate entities interested in Glaukos. It is not intended for children, and Glaukos does not knowingly collect or store personal information about anyone under the age of 18.

Reviewing Your Information

You may review and update the personal information we have collected, including your name, phone number, email and postal address, and other information by which you can be personally identified, about you by contacting us using the details in the “How to Contact Us” section below. If you are emailing us, please place “Information Review Request” in your email subject line. Note, to protect your privacy and security, we may take reasonable steps to verify your identity before we disclose or make any corrections to such information.

Your California Privacy Rights

California residents are entitled once a year, free of charge, to request and obtain certain information regarding Glaukos’ disclosure of certain categories of personal information to third parties for their direct marketing purposes in the preceding calendar year. To make such a request, please write to us using the email or mailing address in the “How to Contact Us” section below. However, Glaukos does not disclose personal information to third parties for direct marketing purposes.

Do Not Track Signal

Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates. We do not currently take action in response to those signals. If an industry standard on responding to such signals is established and accepted, we may reassess how to respond to those signals.

Users from the European Union

This section of the Privacy Policy applies only to users who use the Websites or products and services covered by this Privacy Policy from a country that is a Member State of the European Union (“EU Users”), and supplements the information in this Privacy Policy.

Glaukos Corporation is the data controller for processing of information defined as personal data under applicable data protection law (“Personal Data”).

Legal Basis for Data Processing

We process Personal Data for the purposes set out in this Privacy Policy, as described above. Our legal basis to process personal data includes processing that is: necessary for the performance of the contract between you and Glaukos (for example, to provide you with the products and services you request and to identify and authenticate you so you may use the Websites); necessary to comply with legal requirements (for example, to comply with applicable accounting rules and to make mandatory disclosures to law enforcement); necessary for our legitimate interests (for example, to manage our relationship with you and to improve the Websites and our products and services); and based on consent by our customers (for example, to communicate with you about our products and services and provide you with marketing information), which may subsequently be withdrawn at any time (by contacting us as specified in the “How to Contact Us” section of this Privacy Policy) without affecting the lawfulness of processing based on consent before its withdrawal.

You are not required, as a necessity to enter into a contract, to provide us with Personal Data for processing as described above.

International Transfers of Personal Data

As set out above, the Websites are hosted in the United States. Also, the Glaukos personnel and some of the third-party vendors to whom we disclose Personal Data (as set out above) may be located in the United States and other countries outside of the European Economic Area (“EEA”), including in countries that may not provide the same level of data protection as your home country. We take appropriate steps to ensure that recipients of your Personal Data are bound to duties of confidentiality and we implement measures such as standard data protection contractual clauses to ensure that any transferred Personal Data, remains protected and secure. A copy of these clauses can be obtained by contacting us as specified in the “How to Contact Us” section of this Privacy Policy.

Retention of Personal Data

Personal Data will be retained only for so long as reasonably necessary for the purposes set out above, considering criteria such as applicable rules on statute of limitations and at least the duration of your use of our Websites and services.

Your Rights

You are entitled, in accordance with applicable law, to object to or request the restriction of processing of your Personal Data, and to request access to, rectification, erasure and portability of your own Personal Data. Requests should be submitted by contacting us as specified in the “How to Contact Us” section of this Privacy Policy.

If you are aware of changes or inaccuracies in your Information, you should inform us of such changes so that our records may be updated or corrected. You may lodge a complaint with a supervisory authority (which may be the authority in your country of residence or work) if you consider that our processing of your Personal Data infringes applicable law.

Children (applies only to UK users)

The Websites are not directed to children under the age of 16, and children under the age of 16 years of age are not eligible to use the Websites. Protecting the privacy of children is very important to us. We do not collect information from people we actually know are under 16 years of age, and no part of our Websites is designed to attract people under 16 years of age. If we later learn that an individual has provided us with their information and they are under 16 years of age, we will take steps to remove that user’s information from our databases and to prevent the user from utilizing the Websites.

Changes to this Privacy Policy

We reserve the right to change this Privacy Policy from time to time to reflect changes in our business practices, technological advancements and legal/regulatory environment. Any changes to this Privacy Policy, including information collected and the use and disclosure of information will be posted here. Following any modification, we will revise the “last updated” date at the top of this Privacy Policy. If you are concerned about how your information is used, you should check our Websites periodically. By continuing to use the Websites following the “last updated” date of any updated Privacy Policy, you are agreeing to be bound by the terms and conditions of such updated Privacy Policy.

How to Contact Us

Please read this Privacy Policy carefully. To update your preferences, review or update your information, submit a request, raise any issues regarding the processing of your personal data or raise any questions, comments, or concerns about our Privacy Policy, you may contact us at:

GLAUKOS CORPORATION

229 Avenida Fabricante

San Clemente, CA 92672

Telephone: 949.367.9600

Fax: 949.367.9984

Email: contact@glaukos.com