This Privacy Statement (“Statement”) describes the personal data that Nuance collects, how we use it, and when we share it, as we interact with you, deliver our products and services, and conduct our business operations.
This Statement applies to Nuance Communications, Inc., its affiliates and any wholly owned subsidiaries worldwide, referred to in this Statement as “Nuance.” When we refer to Nuance products, we mean all Nuance products and services.
For the purposes of applicable data privacy legislation, the Nuance affiliate or subsidiary responsible for the collection and use of your personal data is either the affiliate or subsidiary with which you contract or engage, or the affiliate or subsidiary located in the country in which you reside. If you wish to confirm the identity of the responsible Nuance affiliate, you may contact us by completing the Privacy Request webform.
Nuance collects personal data when we deliver our products, conduct marketing, and run our business operations. The personal data we collect varies based upon whether the data is collected (i) through our websites or applications, including www.nuance.com and shop.nuance.com and their local variations (“Sites”) or (ii) through our products and services, including but not limited to our software, support services, voice recognition technology, and medical information products (“Products”).
We may collect personal data directly in the following situations:
Through our Products, we may collect personal data directly in the following situations:
Nuance may collect personal data indirectly in certain situations, in particular:
Nuance and its partners use cookies and similar tracking tools to distinguish you from other users as described in our Cookie statement. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.
General Business Operations
We use contact information to market, sell, and service Nuance Products, subject to your consent where required by law. We allow recipients of marketing messages and collateral to opt out of receiving further communications from Nuance at any time without detriment.
We use your financial or payment information, and your contact details, to support, establish, and conduct customer relationships if you were to purchase a Nuance Product or service. For example, your data would be necessary for the performance of our terms of service with you (including, for example, completing purchase transactions, fulfillment of an order, order confirmations, responding to requests for information about products and services, and the provision of purchased products and services). If you fail to provide the personal data we need, we may be unable to complete your transaction.
We use personal data from employment applications where necessary to support our legitimate interest in processing your application and to contact you if future opportunities arise.
We use personal data of individuals associated with proposed resellers, co-development partners, and distributors to conduct reference and background checks before entering into a contract and as necessary for compliance with legal obligations to which we are subject.
Data Processed Within Our Products
We use the personal data that is processed within our Products, such as voice data within voice recognition products, medical data within medical data products, personal data processed in communications products, and any personal data contained within product usage data we collect, to deliver our Products sold to Nuance customers and for our legitimate interests and business purposes in tuning, maintaining, enhancing, and developing Products. A small percentage of audio recordings received by Nuance, which may include personal data, are reviewed by human reviewers and transcribed into text for Nuance’s product maintenance and improvement efforts. We never use this data, referred to as “Product Personal Data,” for marketing purposes; and we never sell or transfer your data to third parties for the third party’s own purposes.
We use aggregated, non-identifying, electronic data collected from use of our Sites and Products to operate, analyze, improve, and develop our Sites and Products. This information is not used to inform decisions about specific individuals; rather, it is processed to understand how different categories of users interact with our Sites and Products so that we can consistently provide our Products.
We do not sell your personal information.
We may share Personal Data in the following situations:
We may share personal data with our affiliates, co-development partners, subsidiaries, resellers, suppliers, sub-contractors, and distributors, and with vendors acting on our and their behalf, to service our customers and perform any contract we enter with you (including, for example, with resellers who support our management of potential clients and vendors who conduct transcription in connection with our products and services).
We may also share aggregated, anonymous, or non-identifiable electronic data with our affiliates, co-development partners and with vendors acting on our behalf.
We may share personal data derived from Site usage (excluding Product Personal Data), with analytics and search engine providers that assist us in the improvement of our Sites, subject to the cookie section of this Privacy Statement. Our Sites may use Google Analytics. The way Google collects and processes data when delivering Google Analytics is described here: www.google.com/policies/privacy/partners/.
We may share personal data from employment applications with vendors acting on our behalf who help us in recruitment, background check and human resources matters.
We may also share personal data to comply with law and legal process, to respond to governmental inquiries and lawful requests from by public authorities (including to meet national security or law enforcement requirements), and to protect life, property, or the security of Nuance or its customers. If Nuance enters any merger, acquisition, or asset sale of all or any part of its business, personal data held by Nuance may be transferred to a buyer or successor entity.
You can change your preferences to opt out of marketing communications at any time by completing the Privacy Request webform. Alternatively, please follow the opt-out instructions in the relevant communication. If you opt out, we will retain your email address to confirm that we do not send you further communications.
If you have submitted an employment application to Nuance or if your personal data has been collected by Nuance to review a proposed reseller or distributor relationship, you may contact us by completing the Privacy Request webform to request deletion of your data. We will respond to your request within a reasonable timeframe.
If you wish to access, correct, or request deletion your Product Personal Data, you may contact us by completing the Privacy Request webform. Nuance generally processes Product Personal Data on behalf of our healthcare, enterprise, and corporate customers. If you contact us, we may direct your inquiry to our customer on whose behalf the Product Personal Data is being processed. We will make reasonable efforts to delete your Product Personal Data upon your request within a reasonable timeframe. Nuance may refuse your request to access, request or delete Product Personal Data where entitled to do so under applicable law.
If you have submitted Product Personal Data to Nuance using your own user account which allows you to control your own data, you may delete the data you submitted by logging into your account and following the guidelines in the help system.
Nuance operates in many countries. We may transfer personal data across international borders and may process personal data in jurisdictions other than the location of original collection.
We may transfer personal data that we collect to other Nuance affiliates or other companies performing support functions on our behalf (each as described above) based in other countries including to the United States, India or the Philippines or other countries outside the European Economic Area or your country of residence and this personal data lawfully may be stored and/or processed in such countries.
Whether your personal data is processed within your country of residence or beyond, we will take steps to ensure that your data is subject to appropriate safeguards required of us under the Privacy Statement, applicable data protection laws, and appropriate legally recognized data transfer adequacy mechanisms. Personal data that is transferred outside your country of residence may be subject to lawful access by courts, law enforcement and other governmental authorities in accordance with the laws of the foreign jurisdiction.
Nuance has a range of privacy and security controls across its organizations to ensure compliance with the General Data Protection Regulation (GDPR), including, but not limited to:
Whenever Nuance transfers personal information beyond the country of origin, we will do so in accordance with applicable laws. In the context of its European operations, Nuance may transfer Personal Data abroad to other states in the European Economic Area or to third countries. Since its inception, Nuance has certified its compliance with the EU-U.S. Privacy Shield Framework as the primary mechanism for assuring GDPR-compliant data transfers to the United States. With the decision by the Court of Justice of the European Union in the Schrems II case, Nuance has evaluated the data transfers necessary for its multinational operations. In light of Schrems II, Nuance will ensure that importers of any Personal Data offer an adequate level of protection, whether through an adequacy decision or appropriate safeguard under Article 46.
To the extent Personal Data processed by Nuance would be transferred to a country outside the EEA not deemed to ensure an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of Personal Data, Nuance has in place requirements relating to such international data transfers. For example, where data is transferred: (i) between Nuance affiliates, this is done pursuant to an agreement based on the EU’s Data Export Contractual Clauses, and (ii) to third parties, Nuance uses standard contractual clauses designed to ensure those third parties respect the confidentiality of personal data and use it only in connection with provision of specific services and in compliance with applicable data privacy laws. The EU Standard Contractual Clauses can be viewed on the European Commission’s website here. https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en. As per the guidance of the European Data Protection Board, Nuance has implemented programs to review such data transfers and to employ additional safeguards when appropriate for the data processing required by law and our customer contracts.
Moreover, Nuance also continues to abide by its Privacy Shield certification, which is subject to oversight by the U.S. Federal Trade Commission. Privacy Shield continues to offer important benefits, including independent recourse mechanisms for data privacy and protection claims.
Nuance and its U.S. Subsidiaries participate in and have certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom and Switzerland to the United States. We are committed to subjecting all personal data received from European Union (EU) member countries, the United Kingdom, and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List.
Nuance and its U.S. Subsidiaries are responsible for the processing of personal data they receive, under each Privacy Shield Framework, and subsequently transfer to a third party acting as an agent on its and/or their behalf. Nuance and its U.S. Subsidiaries comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, the United Kingdom, and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Nuance and its U.S. Subsidiaries are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
For purposes of adherence to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, “U.S. Subsidiaries” means QuadraMed Quantim Corporation; J.A. Thomas & Associates, Inc.; Nuance Enterprise Solutions & Services Corporation; Nuance Healthcare Diagnostic Solutions, Inc.; Physician Technology Partners, LLC; and Nuance Transcription Services, Inc.
Although Nuance is certified to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, Nuance does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of Personal Data in light of the judgment of the Court of Justice of the EU in Case C-311/18. Please see Location of Processing and Cross Border Transfers for additional information about data transfers from the EU to the U.S.
We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received. Information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using current PCI-DSS standards. If Nuance has issued you a password, you are responsible for keeping the password confidential. If you have any questions about the security of your personal data, you can contact us for more information by completing the Privacy Request webform.
We retain personal data to the extent necessary to provide Products to our customers, employees, and prospective employees. Generally, we retain personal data for as long as you remain an active customer or user of our Sites and Services and for 3 years afterwards, or otherwise as required for our business operations or by applicable laws. Longer retention may be necessary under contractual terms with the data controller for whom we provide services, for fraud prevention, to identify technical problems, or to resolve legal proceedings. Images added to PowerShare are automatically deleted after 45 days. Children's data may be deleted promptly after we have processed it for our customer.
We may retain non-personally identifiable aggregate information beyond this time for research purposes and to help us improve and further develop our Products. You cannot be identified from aggregate information retained or used for these purposes. Any record of a stated objection by you to receiving marketing communications will be retained by us so that we respect your wishes by not contacting you further.
If a Nuance customer puts Nuance voice recognition Product technology in a customer product, Nuance may receive speech data from product users to provide voice recognition to the user. This is a function of how Nuance’s voice technology works. This means that if the user is under the age of 13, Nuance may receive personal data from children under the age of 13. It is the responsibility of the Nuance customer to obtain any consents required under applicable law, including under the Children’s Online Privacy Protection Act and relevant data protection laws, for the collection of such personal data.
Except as described in the preceding paragraph, Nuance does not knowingly collect personal data from children under the age of 13. Nuance has adopted a policy that Nuance will not provide hosted services to primarily child-directed websites and online services. No child under 13 should submit personal data to Nuance. If you become aware that a child under the age of 13 has submitted personal data to Nuance, please inform us by completing the Privacy Request webform and we will promptly delete the data.
You may have the right under applicable laws in certain circumstances to:
Nuance never sells or transfers your data to third parties for the third party’s marketing purposes. You can object to receiving further marketing from Nuance at any time without detriment.
Nuance partners with a third party to display advertising on our website or to manage our advertising on other sites. Our third-party partner may use cookies and similar tracking tools in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here [or if located in the European Union click here]. Please note you will continue to receive generic ads.
You can also exercise the rights listed above, or write to us with any complaints, at any time by contacting us, specifying the nature of your request, at:
Privacy Request webform. Alternatively, you may contact us at privacy@nuance.com or by mail (Worldwide) at:
Data Protection Officer or Chief Privacy Officer
Nuance Communications, Inc.
1 Wayside Road
Burlington MA 01803
USA
1-866-384-4277 (Issue Type is “Privacy”)
Or by contacting our representative in the EU at:
Data Protection Officer
Nuance Communications Ireland, Ltd
20 Merrion Road
Ballsbridge, Dublin 4
IRELAND
If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority.
If you are a California resident, as defined in the California Code of Regulations, you have rights under the California Consumer Privacy Act of 2018 ("the CCPA"). Below are the disclosures about your personal data and a description of your rights.
Categories of information we collect and disclose for a business purpose
We may collect the following categories of personal information, as defined in the CCPA, from you in connection with the products and services you have purchased from Nuance. In addition, during the past twelve months, we may have disclosed these categories of personal information for a business purpose:
According to California law, personal information does not include:
Other disclosures about your personal information
Your Rights and Choices
In addition to the above, the CCPA provides you with specific rights regarding your personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
We do not provide these access and data portability rights for B2B personal information.
Deletion Request Rights
You have the right to request that we delete your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
We do not provide these deletion rights for B2B personal information.
Non-discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Exercising Your Rights
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
You can also exercise the rights listed above, or write to us with any complaints, at any time by contacting us, specifying the nature of your request, at:
Privacy Request webform. Alternatively, you may contact us at privacy@nuance.com or by mail (Worldwide) at:
Data Protection Officer or Chief Privacy Officer
Nuance Communications, Inc.
1 Wayside Road
Burlington MA 01803
USA
1-866-384-4277 (Issue Type is “Privacy”)
This Privacy Statement does not cover Nuance’s collection of personal data from employees and contingent workers, which is described in a separate HR Privacy Statement made available to Nuance personnel.
We may update this Privacy Statement from time to time by publishing an updated version on Nuance's Sites. Each updated version will include the date the statement was last updated. Please review the latest version of this Privacy Statement periodically to keep current with Nuance’s use of personal data. If we make material changes in the way Nuance uses or shares personal data, we will publish notice on our Sites and notify you by email to tell you of the proposed change. Any such material changes will only apply to personal data collected after the revised Privacy Statement takes effect.
Updated: August 26, 2020.
Selecting a region changes the language and/or content on Nuance.com
Europe