NOP Connect Privacy Policy

TRANSMEDICS, INC.
Last updated:  May 2025 

PLEASE READ this privacy policy CAREFULLY BEFORE DOWNLOADING OR using the app (as defined below).  BY DOWNLOADING OR USING the app, YOU AGREE THAT YOU HAVE READ, UNDERSTAND AND AGREE TO this privacy policy AND OUR TERMS OF USE.  IF YOU DO NOT AGREE TO this privacy policy, do NOT ACCESS OR USE THE APP and delete it from your MOBILE DEVICE. your continued used of this app after we revise this policy means you accept those changes, so please check the policy periodically for updates.   

We at TransMedics, Inc. and our affiliates (“TransMedics,” “we,” “us,” or “our”) have created this Privacy Policy to describe how we collect, use, store, share, and disclose information about you that we collect through the applications that comprise TransMedics’ proprietary software, NOP Connect, a comprehensive, state-of-the-art technology platform designed to streamline and enhance the operations and logistics of TransMedics’ National OCS Program, including any website, browser, online implementations or versions and mobile applications.  NOP Connect is comprised of the external-facing application NOP Access, as well as the internal-facing applications NOP Live and NOP Nexus (each, an “App”, and together with the services provided by each app, the “Services).  

The Services are intended for use solely by (i) TransMedics’ employees and other authorized users of TransMedics (“TransMedics Users”) in connection with the communication, coordination, scheduling and provision of organ transplant services and other services provided on behalf of TransMedics (“TransMedics Services”); or (ii) employees and other authorized users of TransMedics’ customers (“Institution Users”) in connection with the receipt of TransMedics Services.  The App is intended only for use within the United States, and this Privacy Policy applies only to users within the United States. If you are outside of the United States, do not use or provide any information on this App.  

By accessing or using the Services, you consent to our collection, use, and sharing of your information in accordance with this Privacy Policy.  This Privacy Policy is not a contract and does not create any contractual rights or obligations. 

Visitors that are residents of California should also refer to our California Website Privacy Policy supplement below. 

The Information We Collect and Use

    1. Information You Provide to UsWe collect information when you share that information by using the Services, including any data or information about or identifying you, including your name, username, password, location, email address and other contact information and employer information (“End-User Data”).We collect organ procurement-related data, information, or material provided or submitted to the App by or on behalf of you or a hospital, health care provider or other person or entity (“Institution”) for whom you are an Insitution User in connection with your use of the Services that is not End-User Data, including but not limited to logistics-related data, including scheduling information, chat, voice messages, video calls and other communications, address and other location information of donor and/or recipient addresses, UNOS IDs and other organ identifying information, information related to the type, health or condition of the organ, clinical and organ performance data, and session files (i.e., operational device data) (“OPR Data”).To the extent your Institution has signed an Institution Agreement (as defined under the Terms of Use) with specific data privacy requirements related to OPR Data, such data will be handled in accordance with those requirements.
    2. Information Collected from Third Parties
      We may obtain information from other sources, including Institutions and other third parties, provided such Institution or third party is authorized to share such information with us, and use it as contemplated herein, including to provide the Services to and otherwise communicate with you.
    3. Information Collected Automatically
      We collect and store certain technical information about your use of the Services and store it in log files within the United States.  This information may include:  information such as your device Internet Protocol address, device name, operating system version, the configuration of the App when utilizing our Service, the time and date of your use of the Services, and other statistics.  This information is used to help us make or Services more useful for you.  With this data we learn about the number of visitors on our Services and the types of technology our visitors use.  Raw data logs are also used for security, fraud detection, and protecting our rights. We may collect certain geolocation data in connection consistent with the provision of our Services.We also use certain first-party and third-party cookies and similar technologies to enable the core operation of the App, and to perform analytics functions to detail the behavior patterns of users of the App.

 

Additional Purposes For Which We Collect and Use Information

In addition to the uses described above, we may use information that you provide or information we collect for the following purposes:  

      1. Providing the Services to you; 
      2. Communicating with you; 
      3. Business operations, including creating, improving and developing our products and Services; 
      4. Monitoring and analyzing trends, usage and activities in connection with our Services; 
      5. Conduct research and measurement activities; 
      6. Auditing interactions with you;  
      7. Preventing, investigating, or providing notice of fraud, malicious activity, unlawful or criminal activity, or unauthorized access to or use of our Services or data systems or to meet legal obligations; 
      8. Investigating and resolving disputes and security issues and enforcing our Terms of Use and other agreements;  
      9. Comply with applicable laws, including as required by judicial or administrative proceedings;  
      10. Carry out our obligations and enforce our rights arising from any contracts entered into between you and us; and 
      11. Any other lawful, legitimate business purpose.

How We May Disclose Your Information

We may disclose your information with third parties in the following ways:

    1. Our subsidiaries and affiliates. 
    2. Agents, Service Providers and Related Third Parties.  We may engage other companies and individuals to perform certain business-related functions on our behalf.  Examples may include providing technical assistance and customer service.  These other companies will have access to the information only as necessary to perform their functions and to the extent permitted by law. 
    3. To Institution Users.  We may disclose information to Institution Users to the extent necessary to perform the Services. 
    4. Business Transfers.  We may transfer your information, if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or control.  If another entity acquires us or any of our assets, information we have collected about you may be transferred to such entity.  In addition, if any bankruptcy or reorganization proceeding is brought by or against us, such information may be considered an asset of ours and may be sold or transferred to third parties.  
    5. Legal Requirements.  To the extent permitted by law, we may also disclose information: (i) when required by law, court order, or other government or law enforcement authority or regulatory agency; (ii) whenever we believe that disclosing information is necessary or advisable, for example, to protect the rights, property, or safety of TransMedics or others; or (iii) to enforce our rights arising from any contracts.
    6. At Your Request or With Your Consent.  We may disclose information to third parties to fulfill the purpose for which you provide it, or at your request, direction or authorization.  We may ask you from time to time to give us permission to share your information with other third parties not described in this section.

 

Third-Party Services and Websites

When you access or engage with a third-party service, application, or website, even when doing so through the App, you are entering that service, application, or website and governed by its policies.  Many third parties have their own privacy policies that differ from ours and it is your responsibility to review the privacy policy of all third-party websites. These entities and their servers may be located inside or outside the United States.  Except as otherwise provided herein, this Privacy Policy only covers our Services and does not cover any other third parties, as such you agree that we are not responsible or liable for any collection or use of your information by such third parties.

Security and Data Retention

TransMedics has implemented measures designed to help protect information about you from accidental or unlawful destruction, loss, alternation, or unauthorized disclosure or access.  Although TransMedics attempts to protect such information in our possession, no security system is perfect, and we cannot promise that your information will remain absolutely secure in all circumstances, and the safety and security also depends on you.The time-period for which we keep your information depends on the purposes for which we collected it.  The length of time we retain your information varies based on the purposes for which it was collected, and in some cases, we may keep it for such period of time as we deem necessary, to fulfill those and our internal business purposes, except as may be required under applicable law, court order or government regulations.  To request that your information be deleted, please use the contact information below.  We use commercially reasonable efforts to honor such requests. 

 

Do Not Track

Some internet browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference (the “DNT Signal”) to websites you visit indicating that you do not wish to be tracked. At this time, TransMedics does not currently respond to, monitor, recognize or honor any opt-out or do not track mechanisms, including general web browser “Do Not Track” settings and/or signals.

Note to Users

Please do not use the Services if you are not: 

  • Either (a) a TransMedics User; (b) an Institution User; or (c) an individual otherwise authorized in writing by TransMedics to use the App.   
  • A resident of the United States of America.  The App is not intended for use outside of the United States of America. 
  • At least 18 years old.  The App is not intended for or directed to children under 18 years old. No one under age 18 may provide any  information from children under 18. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this App. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at legalnotice@transmedics.com.  

 

Changes to This Privacy Policy

TransMedics may update this Privacy Policy from time to time, with or without notice to you.  We encourage you to review the Privacy Policy whenever you access the Services or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy.  Continued use of our Services, following notice of changes will indicate your acknowledgement of the changes and agreement to be bound by the terms and conditions of the changes.

How to Contact Us

If you have questions about this Privacy Policy or other privacy-related matters, you may contact us at:
Email legalnotices@transmedics.com
Physical Address: TransMedics, Inc.
200 Minuteman Road
Suite 302
Andover, MA 01810 

 

California Website Privacy Policy Supplement 

This California Website Privacy Policy supplements the Privacy Policy with respect to specific rights granted under the California Consumer Privacy Act of 2018, as amended (the “CCPA”) to natural person California residents and provides information regarding how such California residents can exercise their rights under the CCPA. This supplement is only relevant to you if you are a resident of California as determined in accordance with the CCPA. Information required to be disclosed to California residents under the CCPA regarding the collection of their personal information that is not set forth in this CCPA supplement is otherwise set forth in the Privacy Policy. 

Information this California Website Privacy Policy Applies to 

This California Website Privacy Policy applies solely to your interactions with us through the Services. If you provide personal information to use through another means you will receive a separate privacy notice and that notice will govern that personal information.  

 

The Information We Collect and Use 

The types of personal information we collect about you depends on the nature of your interaction with us. The categories of personal information we have collected from individuals on this Website over the last twelve (12) months include the following:  

 

Category  Examples  Collected 
A. Identifiers  Name, contact details and address (including physical address, email address and Internet Protocol address), and other identification (including social security number, passport number and driver’s license or state identification card number). 

 

 YES 
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))  Telephone number and other financial information. 

 

 YES 
C. Protected classification characteristics under California or federal law  Date of birth, citizenship and birthplace.  NO 
D. Commercial information  Account data and other information contained in any document provided by you to authorized service providers. 

 

 NO 
E. Biometric information  Imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns and voice recordings or keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contains identifying information. 

 

  NO 
F. Internet or other similar network activity  Use of our website, fund data room and investor reporting portal (e.g., cookies, browsing history and/or search history), as well as information you provide to us when you correspond with us in relation to inquiries. 

 

 YES 
G. Geolocation data  Physical location or movements.   YES 

(NOP Live only) 
H. Sensory data  Audio, electronic, visual, thermal, olfactory, or similar information. 

 

 NO 
I. Professional or employment-related information  Current or past job history or performance evaluations.  NO 
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))  Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.  NO 
K. Inferences drawn from other personal information  Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.  NO 
L. Sensitive Personal Information (see further information on use of sensitive personal information below)  Social security, driver’s license, state identification card, or passport numbers; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; union membership; genetic data; the contents of a consumer’s mail, email, and text messages unless you are the intended recipient of the communication; biometric information for the purpose of uniquely identifying a consumer; and personal information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation. 

 

 YES  

 

We do not knowingly collect or solicit personal information from anyone under the age of 18. 

 

We do not collect or use sensitive personal information other than:  

  1. To perform services, or provide goods, as would reasonably be expected by an average consumer who requests those goods or services; 
  2. As reasonably necessary and proportionate to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information;  
  3. As reasonably necessary and proportionate to resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for such actions;  
  4. For short-term, transient use (but not in a manner that discloses such information to another third party or is used to build a profile of you or otherwise alter your experience outside of your current interaction with us); 
  5. To perform services on behalf of our business;  
  6. To verify or maintain the quality or safety of a service or to improve, upgrade, or enhance such service or device; and 
  7. To collect or process sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about a consumer. 

 

Use of Your Personal Information  

We collect personal information for the business or commercial purposes and from the sources set forth in “The Information We Collect and Use” and “Additional Purposes For Which We Collect and Use Information” in the Privacy Policy above. We retain the categories of personal information set forth above in the “The Informaiton We Collect and Use” section of this California Website Privacy Policy only as long as is reasonably necessary for those purposes set forth above in Privacy Policy above, except as may be required under applicable law, court order or government regulations. 

 

Disclosure of Your Personal Information 

We do not share (i.e., disclose to a third party for the purpose of cross-context behavioral advertising) or sell (as such terms are defined in the CCPA) any of the personal information we collect about you to third parties.  

 

Your Rights Under the CCPA 

  1. Deletion Rights. You have the right to request that we delete any of your personal information that we retain, subject to certain exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations. We will notify you in writing if we cannot comply with a specific request and provide an explanation of the reasons. 
  2. Disclosure and Access Rights. You have the right to request that we disclose to you certain information regarding our collection, use, disclosure and sale of personal information specific to you. Such information includes:
    • the categories of personal information we collected about you; 
    • the categories of sources from which the personal information is collected; 
    • our business or commercial purpose for collecting such personal information; 
    • the categories of third parties to whom we disclose the personal information; 
    • the specific pieces of personal information we have collected about you; and 
    • whether we disclosed your personal information to a third party, and, if so, the categories of personal information that each recipient obtained.
  3. Correction Right. You have the right to request that we correct any inaccuracies in the personal information that we retain, subject to certain statutory exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations. We will notify you in writing if we cannot comply with a specific request and provide an explanation of the reasons.
  4. No Discrimination. We will not discriminate against you for exercising your rights under the CCPA, including by denying service, suggesting that you will receive, or charging, different rates for services or suggesting that you will receive, or providing, a different level or quality of service to you.
  5. How to Exercise Your Rights.  To exercise any of your rights under the CCPA, or to access this notice in an alternative format, please submit a request on your behalf using any of the methods set forth in below.  

 

For any requests relating to the exercise of your rights under the CCPA, or questions regarding our processing of your personal information, please submit or have your authorized representative submit a request to legalnotices@transmedics.com. 

We will contact you to confirm receipt of your request under the CCPA and request any additional information necessary to verify your request.  We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request further information or your investor portal access credentials, if applicable, in order to verify your request. You may designate an authorized agent to make a request under the CCPA on your behalf, provided that you provide a signed agreement verifying such authorized agent’s authority to make requests on your behalf, and we may verify such authorized person’s identity using the procedures above. If we request you verify your request and we do not receive your response, we will pause processing your request until such verification is received. 

 

WordPress Lightbox