Privacy policy

Mizuho OSI respects your privacy and commits to protecting it through our compliance with the practices explained in this Privacy Policy. Mizuho OSI does not sell your personal Information.

This Privacy Policy describes how we collect, use, maintain, protect and disclose the personal information we may collect from you or that you may provide when you visit our website, contact us via email, fax or phone, or any other method of communication such as social media. Please see the ‘Jurisdiction Specific Terms’ for additional information for individuals located in the European Union (“EU”) and the United Kingdom (“UK”).

Mizuho OSI collects and uses different types of personal information about you which includes:

your first and last name, address, e-mail, and phone number
personal information you provide when you send us feedback or contact us via email. We will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
Your email address if you sign up for our newsletter.
If you apply for a job with or work for us, we may collect your professional credentials and skills, educational and work history, LinkedIn profile page, personal website, authorization to work in the U.S., immigration status, criminal history, and other information that may be included on a resume or curriculum vitae as well as in a cover letter. This may also include diversity information that you voluntarily provide.
Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, or operating system and platform. Please see our separate Cookie Policy for further information. https://www.mizuhosi.com/cookie-policy

Sensitive Personal Information

Sensitive Personal Information is personal information, but which is considered more sensitive and includes, amongst other things, SSN, financial information, driver license numbers, biometric information, precise geolocation, and racial and ethnic origin.

Mizuho OSI may collect SPI such as –

SSN, driving license number and health related information when you apply to work with us
Any SPI you have provided the information as part of your communications with us.

How do we collect your data?

Mizuho OSI collects your personal information when you provide it to us. This could be when you contact us with a query, apply for a job with us, work for us or when you sign up to our newsletter.

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website. If you are resident within the UK or the EU you will be asked to consent to any cookies being used. Our Cookie Policy provides more detailed information on this processing.

What do we use your data for?

Mizuho OSI uses your personal information to respond to any questions you may have, to manage an ongoing relationship with you as a client, to process your applications to work with us, to manage the relationship with you if you are an employee, to provide you with services you have requested and to ensure the proper functioning of our website.

What rights do you have regarding your personal information?

Your California Privacy Rights

If you are a California resident you have the following rights under the California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act of 2020 which significantly amends and expands the CPPA:

Right to Access/Know any or all of the following information relating to your personal information that we have collected and disclosed in the last 12 months (upon verification of your identity) –

The specific personal information we have collected about you
- The categories of personal information we have collected about you
- The categories of sources of the personal information
- The categories of personal information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed
- The categories of personal information we have sold or shared and the categories of third parties to whom the information was sold/shared
- The business or commercial purposes for collecting, selling or sharing the personal information

Right to Request Deletion of Personal Information. You have the right to request the deletion of your Personal Information collected or maintained by us as a business.

Right to Opt-Out of the Sale of Personal Information. You have the right to opt-out of the sale of your Personal Information by us as a business however we do not sell personal information.

Right to Opt-In to personal information sales to third parties for consumers under the age of 16. However, we do not sell personal information of minor consumers.

Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA/CPRA.

Authorized Agent. You may designate an authorized agent to make a request under the CCPA on your behalf by us with a copy of your power-of-attorney document granting that right.

Financial Incentives. We do not provide any financial incentives tied to the collection, sale, or deletion of your Personal Data.

In addition to the rights mentioned above, the CPRA grants California residents with the following additional rights:

The right to opt out of sharing of personal information to third parties now or in the future
The right to request rectification/correction of inaccurate personal information, considering the nature and purposes of the processing of the information
The right to limit use and disclosure of sensitive personal information to that which is necessary to perform the services or provide the goods reasonably expected by an average consumer.

Please note that if exercising these rights limits our ability to process personal information (such as a deletion request) we may no longer be able to provide you with our products and services or engage with you in the same manner.

How to Exercise Your California Consumer Rights

To exercise any of your rights mentioned above, please submit a request by contacting us

on gdprdpo@mizuhosi.com or our toll-free number 1 888-899-0452. You can also click on the following link INCLUDE HERE LINK TO THE ‘DO NOT SELL OR SHARE MY PERSONAL INFORMATION’.

We will need to verify your identity before processing your request. In order to verify your identity, we will generally require sufficient information from you so that we can match it to the information we maintain about you in our systems. Sometimes we may need additional personal information from you to be able to identify you. We will notify you.

We may decline a request to exercise the right to know and/or right to deletion under the CCPA as well as your right to rectification particularly where we cannot verify your identity or locate your information in our systems or as permitted by law.

You may choose to designate an authorized agent to make a request under the CCPA on your behalf. No information will be disclosed until the authorized agent’s authority has been reviewed and verified. Once an authorized agent has submitted a request, we may require additional information (i.e., written authorization from you) to confirm the authorized agent’s authority.

Individuals who are dissatisfied with Mizuho’s handling of requests can, of course, file a complaint with the California Privacy Protection Agency California Privacy Protection Agency (CPPA).

Minors Under Age 16

Our services are intended for business use, and we do not expect them to be of any interest to minors. We do not intentionally collect any personal information of consumers below the age of 16. We do not sell the personal information of California consumers.

Retention of personal information

Mizuho OSI only retains personal information as long as is necessary and which is set out in our retention schedule. SPI will be kept in line with our retention periods such as, for example, when you apply to work with Mizuho we will keep that information for the time required by legal standing and our retention schedule.

Disclosures/Sharing/Selling

Mizuho OSI does not sell any personal information. We do not sell or share the personal information of consumers under 16 years of age.

We may share your personal information internally with our corporate group. We may also share with the following –

Business partners, suppliers, service providers, sub-contractors, and other organizations we use to support our business. We contractually require these third parties to keep that personal information confidential and use it only for the contracted purposes.

Third parties to market their products or services to you if you have consented to/not opted out of these disclosures. We contractually require these third parties to keep that personal information confidential and use it only for the contracted purposes.

To comply with any court order, law, or legal process, including responding to any government or regulatory request.

To enforce or apply our terms of use and other agreements.

To protect the rights, property, or safety of our business, our employees, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of cybersecurity, fraud protection, and credit risk reduction.

Data Security

The security of your personal information is very important to us. We use a number of physical, electronic, and administrative safeguards designed to protect your personal information.

Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on the Website.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

About this website

Contact form Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.

We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Newsletter

If you would like to receive Mizuho OSI’s newsletter, we require a valid email address as well as confirmation that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

JURISDICTION SPECIFIC TERMS

European Union and the United Kingdom

Role under the GDPR. For the purposes of the “GDPR” (i.e., the General Data Protection Regulation 2016/679 (“EU GDPR”) and the UK GDPR which supersedes the EU GDPR (“UK GDPR”)) in respect of the processing of your personal information processed in relation to this website, Mizuho OSI is the controller; a controller when we use your personal information for our own purposes, as set out in this Privacy Policy.

Personal data. For users in the EU and/or the UK, references to your “personal information” in this Privacy Policy should be understood to include a reference to your “personal data” (as defined in the EU GDPR and UK GDPR). Essentially, personal data is information about an individual, from which that individual is either directly identified or can be identified.

Legal bases for processing. In respect of each of the purposes for which we use your personal information, the EU GDPR and UK GDPR requires us to ensure that we have a “legal basis” for that use. Our legal bases for processing your personal information described in this Privacy Policy are listed below.

Where we need to perform a contract, we are about to enter into or have entered into with you (“Contractual Necessity”).
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (“Legitimate Interests”).
Where we need to comply with a legal or regulatory obligation (“Legal obligation”).
Where we have your specific consent to carry out the processing for the purpose in question (“Consent”).

We have set out below, in a table format, the legal bases we rely on in respect of the relevant purposes for which we use your personal information – for more information on these purposes, what they cover, and the data types involved, see ‘Types of Data We May Collect About You’ and ‘How We Use Your Personal Information’.

Purpose	Legal basis
Job Applications	Contract
Employment	Contract
Service delivery	Legitimate Interests
Service personalization	Legitimate Interests Consent
Interest-based advertising	Legitimate Interests Consent
Service analytics	Consent
Compliance with law and co-operation with authorities	Legal obligation
Protection and enforcement of rights	Compliance with Law Legitimate Interests
Further uses	The original legal basis relied upon, if the relevant further use is compatible with the initial purpose for which the personal information was collected. Consent, if the relevant further use is not compatible with the initial purpose for which the personal information was collected.

International Transfers and the EU-US Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework

Mizuho OSI complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the US Department of Commerce. This means that Mizuho OSI can transfer personal information from the EU and the UK to the U.S. without any further safeguards required.

Mizuho OSI has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) and the UK Extension to the EU-U.S. DPF with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the UK extension to the EU-U.S. DPF, the Principles shall govern. To learn more about the DPF program please visit https://www.dataprivacyframework.gov/

We may collect and transfer the following personal data from the EU and the UK:

your first and last name, address, e-mail, and phone number

personal data you provide when you send us feedback or contact us via email. We will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
Your email address if you sign up for our newsletter.
If you apply for a job and/or work for us, we may collect your professional credentials and skills, educational and work history, LinkedIn profile page, personal website, authorization to work in the EU/UK, immigration status, criminal history, and other information that may be included on a resume or curriculum vitae as well as in a cover letter. This may also include diversity information that you voluntarily provide.
Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, or operating system and platform. Please see our separate Cookie Policy for further information.

Mizuho OSI uses your personal information to respond to any questions you may have, to manage an ongoing relationship with you as a client, to process your applications to work with us, to manage our relationship with you as an employee, to provide you with services you have requested and to ensure the proper functioning of our website.

We are committed to complying with the DPF Principles in relation to all personal data which is received from the EU and, as applicable, the United Kingdom (and Gibraltar). We also commit to cooperate with any investigation by and comply with the advice of any competent EU supervisory authorities or the UK supervisory authority in relation to Human Resources data.

Selling/sharing personal information

Mizuho OSI does not sell any personal information. We do not sell or share the personal information of consumers under 16 years of age.

We may share your personal information internally with our corporate group. We may also share with the following –

Business partners, suppliers, service providers, sub-contractors, and other organizations we use to support our business. We contractually require these third parties to keep that personal information confidential and use it only for the contracted purposes.

Third parties to market their products or services to you if you have consented to/not opted out of these disclosures. We contractually require these third parties to keep that personal information confidential and use it only for the contracted purposes.

To comply with any court order, law, or legal process, including responding to any government or regulatory request.

To enforce or apply our terms of use and other agreements.

To protect the rights, property, or safety of our business, our employees, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of cybersecurity, fraud protection, and credit risk reduction.

If we need to transfer your personal information to a third-party controller in the U.S. we will ensure that there is a contract in place that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual. We will also ensure that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation. The contract shall provide that when such a determination is made the third-party controller ceases processing or takes other reasonable and appropriate steps to remediate. Further, Mizuho OSI is responsible for ensuring that the receiving organization processes personal information in a manner consistent with the EU-U.S. DPF principles and the UK Extension to the EU-US DPF Principles and will be liable if the agent/processor processes personal information in a manner inconsistent with the DPF principles unless the agent can show that it is not responsible for the event giving rise to the damage.

If we transfer personal data to a third party acting as an agent/processor, we will only transfer such data for limited and specified purposes and ensure that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles.

We may also need to disclose your personal data in response to lawful requests by public authorities including to meet national security or law enforcement requirements. We are responsible for any disclosures to third parties and we therefore have the correct arrangements in place to protect your personal data.

Independent Dispute Resolution

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Mizuho OSI commits to resolve DPF Principles-related complaints about our collection and use of your personal data.

EU and UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF should first contact Mizuho OSI at gdprdpo@mizuhosi.com

You can always submit a complaint directly to your local data protection authority (i.e., EU/EEA Member State data protection authority; UK Information Commissioner’s Office (ICO) or the Gibraltar Regulatory Authority (GRA). Your data protection authority may refer your complaint directly to the U.S. Department of Commerce’s International Trade Administration (ITA) on your behalf. If referred to the ITA, the DPF team will then work with the organization to seek to resolve your concern.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Mizuho OSI commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.

If your complaint is not resolved after following the recourse mechanisms described above, you may have the ability to invoke binding arbitration. Additional information is available here for EU/EEA and UK (and Gibraltar) individuals.

We are also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) who have jurisdiction over Mizuho OSI’s compliance with the EU-U.S. DPF and the UK extension to the EU-U.S. DPF. You may also be able to invoke binding arbitration in certain circumstances.

Your Rights. If you are in the EU or the UK, you have the following rights in relation to how we collect, use, and disclose personal information in our capacity as a controller-

Right to Access. You have the right to request access to your personal information held by us.
Right to Rectification. You have the right to request rectification of inaccurate personal information and, taking into account the purpose of processing, to ensure it is complete.
Right to Erasure (or “Right to be Forgotten”). You have the right to have your personal information erased or deleted in certain circumstances.
Right to Restrict Processing. You have the right to request restriction of processing of your personal information.
Right to Data Portability. You have the right to transfer your personal information to another supplier/organization, when possible.
Right to Object. You have the right to object to the processing of your personal information such as direct marketing.
Right Not to be Subject to Automated Decision-Making. You have the right not to be subject to automated decision-making, including profiling, which produces legal effects.

Under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, you can opt-out of having any personal data transferred to a third party or opt-out of the personal data being used for a different purpose for what it was collected for.

If we are transferring any sensitive personal data to a third party or using that type of personal data for a different purpose we will seek your consent before we do so.

If you would like to exercise any of your data protection rights or complain about the handling of your personal data you can make your request directly via our website https://www.mizuhosi.com/ Alternatively, you can contact us on gdprdpo@mizuhosi.com or 1 888-899-0452. You can also contact our EU representative directly on EUdataprivacy@mooreclear.com

Retention. We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. Our retention periods are documented in our Retention Schedule.

Complaints. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. Please see information above if you are complaining about the processing of your personal information under the Data Privacy Framework:

For users in the EU – the contact information for the data protection regulator in your place of residence can be found here: https://edpb.europa.eu/about-edpb/board/members_en

For users in the UK – the contact information for the UK data protection regulator is below:

The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow – Cheshire SK9 5AF
Tel. +44 303 123 1113
Website: https://ico.org.uk/make-a-complaint/

Privacy Policy Last Review –

January 2025

ProAxis^® Spinal Surgery Table

Hana^® Orthopedic Surgery Table

Trios^® Surgical Table System

Hana^® Distraction Pad

Levó^® Head Positioning System

Arm boards with Tempur-Pedic^®

Aquari^™ Immersion Simulation System

Patient Care Kits

Register for a Biomed Training Class Today

We have a solution to meet your needs

Innovating surgical tables since 1978