Privacy Policy
LeMaitre’s Global Privacy Policy
LEMAITRE VASCULAR, INC. PRIVACY NOTICE
Effective: July 2025
1. Introduction
This privacy notice describes how LeMaitre Vascular, Inc. and its subsidiaries and affiliates (collectively, “LeMaitre,” “we,” “us,” or “our”) collect, use, disclose, and otherwise process personal data about you (“personal data”).
This notice does not apply to data processing activities (1) specifically relating to current or former LeMaitre employees or applicants; (2) when you have been notified that an alternative notice applies (for example, when accessing third party websites or services, or our international affiliates who operate other websites); or (3) activities regulated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
2. How we collect Personal Data
LeMaitre collects your personal data in the following situations:
- Visiting our websites, using our mobile applications, or interacting with us on social media;
- Contacting customer services;
- Attending an event or participating in surveys; and
- Engaging in general business operations.
Personal data collected in these situations are collected directly from you (for example, forms, orders, surveys, events, customer‑support calls) or automatically via cookies, pixels, SDKs, server logs, and similar technologies (see “Cookies and Similar Technologies” section).
You are not obligated to provide us with your personal data unless it is necessary for compliance with laws and regulations. If you choose not to provide this information; however, we may be unable to offer certain services or respond to your requests.
LeMaitre may also collect personal data from third parties such as joint‑marketing partners, public databases, social‑media platforms, background‑check providers, and service providers.
3. Categories of Personal Data We Collect
| Category | Examples |
|---|---|
| Identification and contact information | First and last name; mailing address; telephone number; email address; social security number; national ID number; professional registration number |
| Professional information | Interests; qualifications; job title; job history; employer or affiliated hospital; certifications; affiliations, memberships, or network contacts |
| Device identifiers | Medical device serial number |
| Financial information | Bank account number; bank details; payment terms |
| Internet / network activity | IP address; browser type; referring site; date/time; pages viewed; device model and OS; search terms |
| Social media information | Social media username; profile picture; comments/posts |
| Non-precise geolocation | Approximate location (city, state, country) |
4. Purposes & Legal Bases for Processing
We use personal data to:
| Purpose | Legal Basis (GDPR) / Business or Commercial Purpose (US) |
|---|---|
| Respond to your inquiries and provide requested information about our products and services | Legitimate interests; performance of a contract |
| Provide product support and resolve product service issues | Performance of a contract; legal obligation (e.g., adverse‑event reporting) |
| Manage our business relationship with you or your employer / affiliated hospital | Legitimate interests; performance of a contract |
| Send promotional materials and monitor interest in our products | Consent (where required); legitimate interests |
| Manage, operate, maintain, and secure our Site and network | Legitimate interests |
| Comply with applicable laws, transparency and regulatory obligations | Legal obligation |
| Exercise our legal rights | Legal obligation |
| Protect the vital interests of you or another person | Vital interests |
5. Sensitive / Health Data
We do not intentionally collect sensitive personal data, such as precise geolocation, racial or ethnic origin, health information, or genetic or biometric data. To the extent that sensitive personal data is collected (for example, financial data or identification numbers of suppliers), we will obtain your consent where required. You can choose to withdraw or withhold your consent; however, we will not be able to perform certain tasks or provide you with certain services where your sensitive data is necessary.
6. Cookies & Similar Technologies
Our Site uses limited cookies solely to customize graphical elements and to generate aggregated usage statistics through Google Analytics.
A list of cookies we use is located here.
You can disable cookies entirely in your browser settings; however, some graphical elements may not display correctly.
7. Disclosures & Recipients of Personal Data
We disclose personal data for the purposes listed in § 5 to:
- Service providers / processors under written contracts;
- Affiliates and subsidiaries of LeMaitre Vascular, Inc.;
- Business partners when you participate in joint promotions;
- Professional advisers (lawyers, auditors, insurers);
- Authorities (courts, regulators) when legally required; and
- Successors in the event of a merger or acquisition.
We do not “sell” Personal Data for monetary consideration, but we may “share” certain online identifiers with advertising partners. Where required, we will provide a “Do Not Sell or Share My Personal Data” link.
8. International Transfers
We operate globally. When we transfer personal data outside your jurisdiction, we take administrative and technical measures to ensure adequate safeguards and protections are applied as provided for by applicable law. For more information regarding our safeguards, contact us.
9. Data Retention & De‑Identification
We retain personal data only for as long as necessary to:
- Fulfil the purposes in the “Purposes & Legal Bases for Processing” section
- Comply with legal, accounting, or reporting obligations;
- Establish or defend legal claims.
10. Security
We maintain physical, technical, and organizational safeguards aligned to NIST principles, including:
- Encryption in transit and at rest;
- Role‑based access controls and multi‑factor authentication;
- Regular penetration testing and vulnerability management;
- Vendor due diligence; and
- Incident‑response program with 72‑hour notification procedures (GDPR Art. 33).
No security controls are infallible; therefore, we encourage you to use strong passwords and to contact us immediately if you suspect any unauthorized activity.
11. Your Privacy Rights
Depending on your jurisdiction, you may have the right to:
- Access your personal data and know what personal data we have collected, processed, or disclosed about you;
- Correct inaccurate data;
- Delete data (“right to be forgotten”);
- Port data to another controller;
- Restrict or object to certain processing; and
- Withdraw consent you have previously provided us.
To exercise these rights, submit a request via our Privacy Request Portal or contact us via post, facsimile, or telephone listed under “How to Contact Us” below. We will verify your identity and respond within the timeframe required by law.
We may charge a reasonable fee in some geographies to process or respond to your request, for instance if the processing request is excessive, repetitive, or manifestly unfounded. If a fee is warranted, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
You may also lodge a complaint with your local data protection authority.
12. Children’s Privacy
Our Sites are not directed to children under 13 (or 16 where applicable). We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us using the information under “How to Contact Us” below so we can delete it. If we become aware that a child has provided us personal data with parental consent, we will take steps to delete such Personal Data as soon as possible.
13. Automated Decision Making & Profiling
We do not engage in automated decisions that produce legal or similarly significant effects without human review. We may use limited profiling for analytics or marketing, subject to “Your Privacy Rights”
14. Marketing Communications
You can opt out of marketing communications at any time by emailing info@lemaitre.com or using our online privacy request form (see “How to Contact Us”).
15. Links to Third‑Party Sites
Our Sites may contain links to external sites. We are not responsible for the privacy practices or the content of those sites. Please review their privacy notices.
16. Changes to This Notice
We may update this Notice from time to time. We will post the revised version with a new “effective” date and, where required, provide prominent notice or obtain your consent. Contact us for previous versions of our privacy notice.
17. How to Contact Us
If you have questions about this notice or our privacy practices, please contact:
Chief Compliance Officer
LeMaitre Vascular, Inc.
63 Second Avenue
Email: privacy@lemaitre.com
Tollfree (US): +1 781-221-2266
Fax (US): +1 781-425-504