Privacy Policy

Topcon Healthcare Group Privacy Policy

Effective Date: August 18, 2025
Last Updated: January 1, 2021 (previous version)

1. Our Role in Your Privacy

Topcon Healthcare Inc. (“Topcon,” “we,” “our,” or “us”) respects your privacy. This Privacy Notice explains how we collect, use, and share personal information when you interact with our corporate websites, marketing, and sales operations.

This notice does not apply to our software platforms, connected medical devices, or any patient data governed under healthcare-specific privacy frameworks. Please refer to product-specific documentation or contractual terms for those systems.

2. What This Notice Covers

This Privacy Notice applies to:

  • Visitors to our public facing websites
  • Individuals requesting information about our products or services
  • Business-to-business contacts, including prospects, partners, and vendors
  • Participants in marketing campaigns, webinars, or events

It does not apply to:

  • End users of our clinical platforms or medical devices
  • Job applicants (see our Workday portal)
  • Employees or contractors of Topcon
  • Patient or de-identified clinical data processed in our capacity as a Business Associate under contract with Covered Entities (as defined under HIPAA)

3. The Data We Collect

We may collect personal data when you:

  • Submit forms or request product demos
  • Interact with us via email, webinars, or trade shows
  • Use our websites and digital marketing content

Types of data we collect include:

  • Contact information – Name, email, phone number
  • Professional details – Job title, company name, area of interest
  • Location data – Country, region, IP address
  • Form submissions – Product preferences, event signups
  • Engagement data – Email opens/clicks, downloads, page views
  • Device/browser data – Browser type, cookies, referral URL

We do not collect sensitive personal data or Protected Health Information (PHI) via this website.

4. How We Use Your Data

We use your personal data for our legitimate business purposes, including:

  • Responding to product inquiries and demo requests
  • Providing customer support and information
  • Sending marketing communications (where permitted)
  • Improving our website and marketing effectiveness
  • Meeting legal or regulatory obligations

5. How We Share Your Data

We may share your data with:

  • Trusted service providers (e.g., CRM, analytics, marketing platforms, payment processors)
  • Affiliates within the Topcon corporate group
  • Webinar co-hosts or event partners
  • Legal or regulatory authorities, when required

We do not sell personal data. We require all third parties to respect your data and comply with data protection laws.

6. Your Privacy Rights

Depending on your location, you may have rights to:

  • Access or obtain a copy of your personal data
  • Correct or update inaccurate data
  • Delete your data (with some exceptions)
  • Object to or restrict processing
  • Withdraw consent (where processing is based on consent)
  • Lodge a complaint with a data protection authority

You can exercise your rights by contacting: [email protected]

7. How We Protect Your Data

We implement appropriate technical and organizational safeguards to protect your personal data, including:

  • Secure servers and firewalls
  • Encryption in transit and at rest
  • Access restrictions and authentication controls

If we experience a data breach, we will notify affected individuals and regulators as may be required by applicable law.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this notice, unless a longer retention period is required by law. We securely delete or anonymize data once it is no longer needed.

9. International Transfers

Topcon Healthcare operates globally. Your personal data may be transferred to countries outside your home country, including the United States, Japan, UK, and countries in the European Economic Area (EEA). We implement appropriate safeguards and utilize appropriate transfer mechanisms (e.g., Standard Contractual Clauses) to ensure an adequate level of protection and compliance with applicable legal requirements.

10. Cookies and Tracking

Our websites use cookies, beacons, and analytics tools to:

  • Improve user experience and navigation
  • Track marketing campaign effectiveness
  • Analyze website usage patterns

You can manage your cookie preferences through your browser settings. Please note that disabling cookies may affect site functionality. For a list of the cookies we use, visit our Cookie List.

11. Children’s Privacy

Our website and services are not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe we have inadvertently collected such data, please contact us for deletion.

12. HIPAA Statement

This website and our corporate marketing activities are not subject to HIPAA, and we do not collect or process Protected Health Information (PHI) in relation to these activities. However, when Topcon Healthcare acts in a HIPAA-regulated capacity, such as through our platforms or device integrations serving Covered Entities, our practices may be deemed those of a Business Associate and may be governed by HIPAA and applicable state laws. Any obligations arising under healthcare laws or regulations are addressed in service-specific documentation and contractual agreements between Topcon and the relevant entities. If you have any questions about your data stored on Topcon devices or platforms in use by healthcare providers, you should discuss that with the provider directly.

13. Use of AI and Chatbots

We may use limited artificial intelligence (AI), including chatbots on our website, to facilitate certain customer service activities, to enable marketing communications, and to provide product-related information. These tools are used exclusively for business-to-business marketing purposes and do not provide support for regulated medical devices, do not assist healthcare professionals in making decisions, and do not process personal health information. Healthcare providers who have support questions about regulated medical devices should use the Customer Portal or visit Customer Support for contact information and procedures.

14. Payment Information

If you purchase products or services directly from Topcon Healthcare, we may collect limited billing information such as:

  • Name, business address, and billing contact information
  • Transaction amount and service descriptions
  • Payment method metadata (e.g., method type, transaction references)

When customers opt to pay via credit card or automated methods, we process payments through trusted, PCI-DSS compliant third-party payment processing providers. These providers handle card data directly on our behalf. Topcon Healthcare does not receive, process, or store full card numbers or CVV codes on its systems; all payment processing is performed by our third-party providers.

15. Region-Specific Disclosures

Topcon Healthcare complies with applicable global privacy laws. Depending on your jurisdiction, you may have specific rights and disclosures under laws such as:

A. European Economic Area (EEA), United Kingdom, and Switzerland – GDPR / UK GDPR
If you are located in the EEA, UK, or Switzerland, your rights include:

  • Right to access and obtain a copy of your personal data
  • Right to correct inaccurate or incomplete data
  • Right to request deletion of your data (“right to be forgotten”)
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

Legal Basis for Processing:

  • Your consent (e.g. for marketing emails)
  • Contractual necessity (e.g. providing services)
  • Legitimate interests (e.g. business operations)
  • Legal obligations

B. United States – California (CCPA / CPRA)
If you are a California resident, you may have the right to:

  • Know what personal information we collect, use, and share
  • Access your personal data
  • Delete your data (subject to legal exceptions)
  • Correct inaccurate data
  • Opt out of the “sale” or “sharing” of personal data (we do not sell)
  • Limit use of sensitive personal information (if collected)
  • Non-discrimination for exercising rights

To exercise your rights, email [email protected] or visit our Do Not Sell My Personal Information page.
C. Canada – PIPEDA
If you are located in Canada, you have the right to:

  • Know how your data is used
  • Access your data
  • Correct inaccurate data
  • Challenge compliance through the Privacy Commissioner of Canada

D. Australia – APP (Australian Privacy Principles)
We adhere to the APPs, including:

  • Transparency about data collection and use
  • Limits on collection of sensitive data
  • Access and correction rights
  • Secure storage and disposal of personal information

E. Other Jurisdictions
We also comply with laws such as Brazil’s LGPD, Japan’s APPI, and Singapore’s PDPA, as applicable.

16. Changes to This Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or legal requirements. When we do, we will revise the ‘Last Updated’ date at the top of this page.

17. Contact Us

If you have any questions about this Privacy Notice or your personal data, you can contact us at:

Topcon Healthcare, Inc.
111 Bauer Dr, Oakland, NJ 07436
+1 201-599-5100
Email: [email protected]

Archived Privacy Policy – January 1, 2021 (previous version)