Privacy Policy

    about_sleep_institute SleepInstitute_about_mob_v2

    Last update: 11/2025

    Resmed Corp., its brands, affiliates and subsidiaries (“Resmed,” “we,” “our” or “us”), including but not limited to Resmed SaaS Holdings and its affiliates such as MatrixCare Inc. and Brightree LLC, is committed to protecting the privacy and security of your personal information in accordance with personal data protection regulations. This Privacy Policy (“Policy”) describes how Resmed collects, uses, discloses and processes the personal information described in this Policy, and the rights and choices individuals have regarding such personal data.

    By using our services or website, you agree that your personal data will be handled as described in this Policy. Your use of our services, and any dispute over privacy, is subject to this Policy and our Terms and Conditions available at Terms of use.

    Table of Contents

    1. Scope of this policy
    2. Personal information collected and how we may use it.
    3. Those responsible for the collection and use of your personal data at ResMed
    4. The retention period of your personal data
    5. Sharing of your personal data with third parties
    6. International Transfers
    7. Data security at ResMed
    8. Children privacy
    9. Your rights regarding ResMed’s use of your personal data
    10. Our use of cookies and other tracking mechanisms
    11. Changes to this policy
    12. Contact us


    1. Scope of this policy

    This privacy policy concerns the website you are currently visiting. This policy is current as of the effective date set forth above. We may change, update or modify this Policy from time to time, so please be sure to check back periodically. We will inform you if substantial changes are made to this Policy.

    If you use other ResMed products and services, your relationship with us will be governed by separate privacy notices for each of them. For example, a separate privacy notice may apply to job applicants or to employees and other workers in the context of our working relationship with them.

    For purposes of this Policy, “personal data” means information that identifies, describes or is reasonably capable of being associated with you or your household, “you” and “your” refer to the person using this website, and “we” and “our” refer to ResMed.


    2. Personal information collected and how we may use it.

    We collect personal data directly from you, automatically through your use of the services and from other third-party sources. To the extent permitted by applicable law, we may combine the information we collect from publicly available or third-party sources.

    Email marketing: when you wish to receive advice related to the treatment of sleep apnea and/or respiratory diseases, or information about our products and services, ResMed collects the following personal data:

    • Identification data: first name, last name, email address, audience (patient or healthcare professional), country of residence, etc.
    • Professional data (if healthcare professional): profession, company name, etc.

    The processing of your personal data for this purpose is justified by the consent you provide to ResMed either by clicking “Send” or by checking the box “I would like to receive additional information about ResMed’s products and services by email” on the contact form.

    You may consent or withdraw your consent to our use of your personal information for marketing at any time by following the instructions to unsubscribe included in each marketing-related email sent to you. If you opt-out of receiving marketing-related emails from us, we may still send you administrative messages relevant to any specific services you may have signed up for.

    Cookie Management: when you browse this website, ResMed collects certain personal data through cookies or similar technologies.

    If you would like to know more about the use of data collected through cookies or similar technologies, please consult Section 10 of this privacy policy.

    Automated Decision-Making: Currently, ResMed does not make decisions with legal or similarly significant effects solely through automated means without meaningful human review. Where we use automated decision-making processes that may materially impact you, we will: clearly inform you about the existence and purpose of such decisions, explain the logic involved in the decision-making process, describe the likely consequences of such processing, and allow you to request human intervention of express your point of view.


    3. Those responsible for the collection and use of your personal data at ResMed

    ResMed is the Data Controller (within the meaning of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC – “GDPR”) for the personal data concerning you that is collected through this Site and described in this Policy.

    Each European ResMed entity has appointed a Data Protection Officer (hereinafter referred to as the “DPO”), who advises and supports the Data Controller to ensure that your personal data is appropriately protected.

    DPO Contact Information: Fieldfisher (Brussels) LLP, privacy@resmed.eu, +35312243777.


    4. The retention period of your personal data

    We retain your personal data for as long as needed, or permitted, based on the reason why we obtained it (consistent with applicable law).

    When deciding how long to keep your information, we consider whether we are subject to any legal obligations (for example, any laws that require us to keep records for a certain period of time before we can delete them) or whether we have taken any legal positions (for example, issued any legal holds or otherwise need to preserve the information). Rather than delete your data, we may also de-identify it by removing identifying details. If we de-identify the data, we will not attempt to re-identify it.

    If you are located in the EU, ResMed will keep your email address for a period of 3 years from our last contact (you may also unsubscribe at any time via the unsubscribe link included in the marketing emails).

    The data collected through cookies or similar technologies will be stored in accordance with the retention periods set out in Section 10 of this privacy policy.


    5. Sharing of your personal data with third parties

    We do not sell or rent your personal data. We only share it as described in this Privacy Policy, and to the extent permitted by applicable law.

    We may share your personal data:

    • With any ResMed entity or branch, and any company owned or controlled by it;
    • With a potential buyer (and its agents and advisors) in connection with a proposed purchase, merger, or acquisition of part of our business, provided that we inform the buyer that they must only use your personal data for the purposes described in this Policy;
    • With our suppliers, service providers, and third-party partners who provide us with data processing services or who process personal data for the purposes described in this Policy.
    • We may also disclose aggregate or de-identified information about users with third parties for marketing, analytics, research and development (for example, data analytics, comparative analysis, and machine learning) or other purposes.

    This may include disclosures to third-party vendors and other service providers we use in connection with the services they provide to us including to assist us in areas such as email delivery, data hosting (cloud service providers), customer relationship management, quality management, website security, social media, and advertising.

    These processors are contractually required to protect your personal data and to use it only to provide the services that ResMed has initially requested them to provide. If we are bound by law, or:

    • To any competent law enforcement body, regulator, government agency, court, or other third party when we believe disclosure is necessary (i) under applicable laws or regulations, (ii) to establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
    • To our auditors, advisors, legal representatives, and similar agents in the context of the advisory services they provide us for legitimate business purposes and subject to a contractual prohibition on using personal data for other purposes;
    • To any other person where you have given your prior consent to the disclosure.


    6. International Transfers

    We may disclose your personal data to recipients located outside the jurisdiction in which it was collected, including to our related companies, service providers and partners in the following countries: United States, European Union member states, United Kingdom, Switzerland, Japan, Singapore, Australia and other jurisdictions where our global operations are located.  

    Before we disclose your personal data overseas, we take reasonable steps to ensure that the overseas recipient does handles your personal data in line with relevant privacy and security laws, including by: 

    • Conducting privacy impact assessments where required; 
    • Implementing contractual safeguards requiring the recipient to handle personal data accordance with the relevant privacy and security laws or substantially similar privacy standards;
    • If you are a EU resident, we rely on ResMed’s intra-group data transfer agreement to share your data with our group entities outside the EU/EEA. Or, under certain circumstances, as described in Resmed’s Data Privacy Framework Policy, Resmed relies on the EU-US Data Privacy Framework (the “DPF”), the UK Extension to the DPF, and the Swiss-U.S. Data Privacy Framework for data transfers from the EU, UK and Switzerland to the United States. In such circumstances, Resmed complies with the DPF, the UK Extension to the DPF, and the Swiss-U.S. Data Privacy Framework, as set out in Resmed’s Data Privacy Framework Policy.
    • Applying appropriate technical and organisational measures to protect the data. 

    Where we transfer personal data to our affiliates or third-party service providers located overseas, those entities may also be subject to foreign laws which could require disclosure of your personal data to government authorities in those countries. 

    When we use a third-party service provider or a provider located outside the EU/EEA, we ensure that the EU standard data protection clauses are in place with these third parties.

    By using our services, you acknowledge that your personal data may be disclosed to recipients in these countries for the purposes described in this Privacy Notice. 


    7. Data security at ResMed

    We use a variety of security and confidentiality measures to protect your data and to comply with applicable data protection laws.

    Despite the security measures we take, you should keep in mind that it is impossible to guarantee an absolute level of security for data transmitted over the Internet. If we receive confirmation that your personal data has been compromised, we will comply with the relevant legal provisions regarding data breach notification.


    8. Children privacy

    Our services are not intended for, or directed to, children, and we do not knowingly collect personal information from children under the age of 16.

    If you’ are under 16 years of age or otherwise considered a minor under the laws of your country of residence, please do not use or access our services at any time or in any manner. If we learn that we have received information directly from a child who is under the age of 16, we will delete such information from our systems.

    If you are a parent or legal guardian and become aware that your child has provided us with personal information without appropriate consent, please contact us by sending an email to privacy@resmed.com.


    9. Your rights regarding ResMed’s use of your personal data

    Depending on where you live, you may have certain rights regarding your personal data. These may include: 

    • Access – You can ask to see the personal data we hold about you. 
    • Correction – You can request that we correct inaccurate or incomplete information. 
    • Deletion – You can ask us to delete your personal data, where applicable. 
    • Portability – if you are a EU resident, you have the right to request that ResMed transfer your personal data to you or directly to another service provider.
    • Objection – You may object to the processing of your data in certain cases (e.g. direct marketing). 
    • Consent withdrawal – Where we rely on your consent, you may withdraw it at any time. 
    • Lodge a complaint – You may have the right to complain to a data protection authority. 
    • Right to non-discrimination. We will not discriminate against you for exercising any of the rights described in this section.
    • If you are a French resident, you may also establish directives regarding the retention, erasure, and disclosure of your personal data after your death.

    Exercise of certain rights may be limited in some circumstances, such as where honoring a request may restrict our ability to serve you. We reserve the right to verify the authenticity of your request before acting on it and any right to decline a request to the extent permitted by applicable law.

    Before responding to your request, we must first verify your identity. In some cases, we may request additional information to verify your identity or, where necessary, to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.

    You may designate someone as an authorized agent to submit requests and act on your behalf. Authorized agents will be required to provide proof of their authorization in their first communication with us. We may also require that the relevant consumer directly verify their identity and the authority of the authorized agent. We reserve the right to reject authorized agents who have not fulfilled the above requirements, automated requests where we have reason to believe the security of the requestor’s personal information may be at risk.

    In the US, some portions of the Privacy Rights section apply only to residents of particular states. In those instances, we have indicated that such language applies only to those residents.

    Additional California disclosures: shine the light. California’s “shine the light” law permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. At this time, we do not disclose personal information to third parties for their direct marketing purposes.

    Right to opt-out of sales and sharing. You may have the right to opt-out of the “sale” and “sharing” of your personal information, as those terms are defined under applicable laws. While we do not “sell” personal information to third parties in exchange for monetary compensation, we may “share” the following categories of personal information for purposes of cross-context behavioral advertising or targeted advertising, as those terms are defined under applicable laws: identifiers and internet or other electronic network activity information to third-party advertising networks, analytics providers and social networks for purposes of marketing and advertising for products and services we believe may be of interest to you. We do not sell or share sensitive personal information, nor do we sell or share any personal information about individuals who we know are under 16 years old.

    To opt-out from the “sharing” of personal information, see the Global Privacy Control section below and/or click “Do Not Sell or Share My personal information” on the bottom of the applicable website home page. Submitting an opt-out request will only opt you out of disclosures that are considered “sales” or “sharing,” but not out of other disclosures, such as to our service providers.

    Global Privacy Control. California, Colorado, Connecticut, Oregon and Texas recognize the universal opt-out signal known as Global Privacy Control (GPC). GPC is a proposed specification that allows you to make a single opt-out of the “sale” or “sharing” of your personal information to the extent that a particular website and browser are able to recognize the signal. At Resmed, we strive to honor the GPC as a valid request to opt-out of the sale or share of your personal information to the extent applicable.

    To turn on the GPC signal, you can download one of the supported browsers or extensions. You may visit https://globalprivacycontrol.org/#download for a list of the available browsers or extensions. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.

    How to exercise your rights

    To submit a request to exercise any of your rights under this notice, please:

    Exercise of certain rights may also be limited in some circumstances, such as where honoring a request may restrict our ability to serve you. We reserve the right to verify the authenticity of your request before acting on it and any right to decline a request to the extent permitted by applicable law.

    We will process your request to exercise your rights as quickly as possible and, in any case, inform you of any action taken following your request within one month of receiving it.

    If you are a EU resident, and you are not satisfied with our response, or if you identify a breach of specific local data protection laws, you have the right to lodge a complaint with the competent data protection authority in your country of residence, place of work, or the country where the violation is deemed to have occurred.

    If you are resident of certain US jurisdictions, and if we deny the request, you may appeal our decision by sending an email to privacy@resmed.com and we will respond to your request


    10. Our use of cookies and other tracking mechanisms

    We, and our service providers, use cookies, pixels, tags and other similar tracking mechanisms to automatically collect information about browsing activity, type of device and similar information within our services. We use this information to, for example, analyze and understand how you access, use and interact with us through our services, and to identify and resolve bugs and errors in our services and to assess, secure, protect, optimize and improve the performance of our services.


    10.1 Cookies

    Cookies are small text files created by the websites you visit and saved on your terminal, gathering a certain amount of data about your browsing history (e.g. date, time and number of visits, source of arrival and preferences). Some cookies allow us to make it easier for you to navigate our service, while others are used to enable and optimize certain service functions, support the security and performance of the service or allow us to track activity and usage data within our service.

    Persistent cookies (allow us to recognise you as a user and permit you to return to our password-protected websites without having to re-enter your login details) are stored on your terminal until they expire (maximum 13 months) or until you delete it them.
    Session cookies are deleted automatically when you quit your browser.
    We use different type of cookies.

    Strictly Necessary Cookies

    These cookies ensure the essential functionalities of the site and its correct operation. They cannot be deactivated from our systems. However, you can configure your browser to block them or be notified of their use. Some parts of the site may not function, where applicable.

    The use of these cookies by our site is based on our legitimate interest in order to ensure the security, technical operation and accessibility of the site and our different services.

    Performance cookies

    We use performance cookies to enable us to analyse page visits (number of visits, visitor activities and frequency of return), how you interact with our site, to find out more about your path between pages, to improve our website and to adapt it to your preferences. These cookies are used solely to improve the website’s performance and adapt the experience to your needs.

    The use of these cookies is based on your consent; if you opt out of these cookies, we will be unable to determine when you visited our site or your “clickstream” data on our site.

    Functionality cookies

    We use “functional” cookies to provide you with multimedia content and keep your information securely while you are logged in.

    Functional cookies allow us to save the information that has already been entered (such as the names of users and language choices) so as to offer you improved functionalities.  These cookies are not used to identify you personally and do not track your movements on other websites.

    Some of our service providers, such as Pendo™ (improvement to our platform) will host your pseudonymised data in the United States.

    The use of these cookies is based on your consent; if you opt out of these cookies, we will be unable to determine when you visited our site or your “clickstream” path on our site.


    10.2 Pixel tags

    Pixel tags (sometime called web beacons or clear GIFs) are tiny graphics with a unique identifier, similar in function to cookies. While cookies are stored locally on your device, pixel tags are embedded invisibly within web pages and online content. We may use these, in connection with our service to, among other things, track the activities of users, and help us manage content and compile usage statistics. We may also use these in our emails to let us know when they have been opened or forwarded so we can track response rates and gauge the effectiveness of our communications.


    10.3 Third-party tools

    We also use third-party tools, such as Google Analytics, which are operated by third-party companies. These third-party analytics companies may collect usage data (using cookies, pixels and similar tools) about our services to provide us with reports and metrics that help us evaluate usage of our services, improve our sites and enhance performance and user experiences. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/partners/. You can also download the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.


    10.4 How can you manage cookies?

    Storing cookies on your terminal involves obtaining your consent or our legitimate interest when the cookies are strictly necessary. Therefore, as soon as you come on to our site, an information banner tells you that we use this technology and by continuing to browse you agree to cookies being stored on your terminal.

    Deleting functionality cookies that are necessary for Resmed to provide content may prevent you from accessing certain site content or result in degraded operation.
    You can change your cookie preferences at any time by clicking on Cookie Settings.
    You also have the option of managing the use of cookies via your browser settings.
    The deletion of functional cookies, which are essential to the provision of content by Resmed, may prevent you from accessing some of the Site’s content or may impair its function.


    11. Changes to this policy

    The Policy is current as of the Effective Date set forth above. We may change, update or modify this Policy from time to time, so please be sure to check back periodically. We will post any updates to this Policy here. If we make any changes to this Policy that materially affect our practices regarding our use of the personal data we have previously collected from you, we will endeavor to provide you with notice.


    12. Contact us

    If you have any questions or concerns about this Policy, please contact us using the information below:

    Privacy Office
    ResMed
    Tel: +1 (800) 737 633
    Email: privacy@resmed.com

    Privacy|Terms of use |©2025 Resmed|All rights reserved