PRIVACY STATEMENT
1. ABOUT TDSC
TDSC, Inc. (referred to herein as “TDSC”, “we”, “us” or “our”), a subsidiary of Henry Schein, Inc. (Nasdaq: HSIC) (“Henry Schein”) offers an e-commerce site with direct access to negotiated savings on dental supplies and small equipment for dentists.
Henry Schein, Inc. (Nasdaq: HSIC) (“Henry Schein”) is the world's largest provider of health care solutions to office-based dental and medical practitioners, as well as serving health care systems, management services organizations, dental laboratories, government and institutional health care clinics, and other alternate care sites. Headquartered in Melville, N.Y., Henry Schein has operations or affiliates in approximately 30 countries
Henry Schein operates through a centralized and automated distribution network, with a large selection of branded products and Henry Schein private-brand products. The company also offers its customers innovative technology solutions, including practice management software and e-commerce solutions, as well as a broad range of financial services.
You can find our contact details in the last section of this Privacy Statement.
2. OVERVIEW
At TDSC, your privacy is important to us. We process personal information in different contexts, and we do so by respecting your privacy, as part of our unwavering commitment to ethical and responsible practices and as required by law.
This Privacy Statement (“Statement”) sets forth the principles that govern our treatment of personal information across Henry Schein, Inc. and its controlled subsidiaries and affiliates operating in the United States (“Henry Schein or “TDSC””). All employees and those with whom we share personal information must adhere to this Statement.
TDSC is committed to protecting personal information that our employees, customers, prospects, suppliers, and vendors have entrusted to us. We collect and use personal information in order to perform our business functions and provide quality health care products and services to our customers.
This Statement applies to personal information in any format or medium, relating to employees, customers, vendors and others who do business with TDSC.
3. CATEGORIES OF PERSONAL INFORMATION WE COLLECT AND USE
We recognize personal information as any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. Depending on the context of your interactions with TDSC in, we may collect and use different types of personal information from current and prospective employees, contractors, current and prospective customers and vendors.
Our record retention schedule prescribes maximum retention periods of information for business, legal, or operational requirements. Generally, data in the categories below is retained between 6 and 10 years or as otherwise stated below.
Categories of Personal Information Collected | Examples | Collected YES/NO (Responses should be based on your data inventory responses) |
Total Retention Period |
A. Personal Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. | Yes | 10 years |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | Yes | 10 years |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | No | N/A |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Yes | 7 years |
E. Biometric information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | No | N/A |
F. Internet or other similar network activity | Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. | Yes | 7 years |
G. Geolocation data | Physical location or movements. | Yes | 7 years |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | No | N/A |
I. Professional or employment related information. | Current or past job history or performance evaluations. | Yes | 7 years |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | No | N/A |
K. Inferences drawn from other personal information. | Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | No | N/A |
L. Sensitive Information | Ethnicity/racial origin, health conditions or diagnoses, sexual orientation, citizenship status, genetic/biometric information, geolocation, financial information, social security and other forms of ID, religious beliefs. | Yes | 7 years |
4. COLLECTION AND USE OF INFORMATION
Information Collected Through Tracking Technologies. Types of Tracking Technologies We Use. TDSC may collect Usage Information using a variety of tracking technologies, such as cookies, web beacons, embedded scripts, browser fingerprinting, GPS, iBeacons, ETags, recognition technologies, and location-identifying technologies (collectively "Tracking Technologies"). Tracking Technologies may set, change, alter, or modify settings or configurations on your Device. A cookie (or "locally shared object") is a data file placed on your Device when you visit the Site that keeps a record of your use of the Site. This technology can make the Site more convenient for users in many ways, including by keeping users logged in even when they close the Site and remembering user preferences across separate visits. We may use Tracking Technologies for a variety of purposes, including when strictly necessary to allow you to use and access the Site, to assess the performance of the Site, to improve the Site's functionality, and to deliver relevant content to you, including serving our advertisements to you in advertising space provided on subsequent websites after you have visited our Site.
Tracking Technologies Choices and Consent. We obtain your consent to our collection of your Usage Information through using Tracking Technologies by providing you with transparent information in this Privacy Statement and providing you with the opportunity to make a choice to disable Cookies as set forth above. Please note that we are not required to obtain your consent to our use of Tracking Technologies identified above that are strictly necessary. We are giving you detailed notice of the Tracking Technologies and your limited choices regarding them so that your consent is meaningfully informed.
Do Not Track. Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. Do Not Track is a technology that enables users to opt out of tracking by websites they do not visit. Currently, we do not monitor or take any action with respect to Do Not Track technology. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.
Disabling Tracking Features. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers, and in some but not all instances can be blocked by selecting certain settings. Each browser you use will need to be set separately and different browsers offer different functionality and options in this regard. Please be aware that if you disable or remove these technologies, some parts of our Site may not work and that when you revisit this Site your ability to limit browser-based Tracking Technologies is subject to your browser settings and limitations.
5. CATEGORIES OF SOURCES OF PERSONAL INFORMATION
TDSC receives and uses various types of personal information in order to conduct our day to day business activities. We apply the data minimization principle in the collection and use of personal information with the aim to only collect information that is necessary and by fair means and providing notice and requiring consent when necessary.
We may collect categories of personal information listed above from the following categories of sources highlighted below:
- Third party vendors
- Recruitment or talent agencies
- Our distributors
- When you browse, or use our website, e-commerce services, or social media pages
- Our business partners (non-vendors)
- Joint marketing partnerships
- Publicly-available non-government and government data
- Contractors (e.g., consultants, agents and representatives)
- Covered individuals’ email accounts, chat logs, social media accounts
- Covered individuals’ devices
- Directly from covered individuals
- Other Company entities
- Third parties (e.g. data brokers)
Some of this data is collected in the following situations when:
- You apply for a position, or to do business, with our company
- We establish a contractual employment or commercial relationship
- You provide us with any type of service, as a vendor
- When we provide you with any type of service, product or support
- When you browse, or use our website, e-commerce services, or social media pages
6. BUSINESS USES AND PURPOSES FOR WHICH PERSONAL INFORMATION WAS COLLECTED
The purposes for which we collect and use your personal information may vary depending on the type of relationship you have with us, such as if you are one of our employees, customers, or a website user. The use of personal information for new purposes should be consistent with and meet privacy expectations described in this Statement, otherwise we will request your authorization.
Generally, we collect, use and disclose your personal information to provide you products and services and as otherwise related to the operation of our business. For more specific detail on our disclosures of personal information, see the next section “Sharing and Disclosures to Third Parties.” Subject to restrictions and obligations of applicable laws, TDSC and our vendors may use your personal information for some or all the following business purposes:
- Processing Interactions and Transactions
- Managing Interactions and Transactions
- Performing Services
- Research and Development
- Fulfilling regulatory requirements and Quality Assurance
- Security
- Debugging
In addition, we may collect, use and disclose your personal information for the following additional operational business purposes for which we are providing you notice as permitted by applicable law:
- Employees and candidates: if you apply for a job via our career center, we use your personal information to consider you for employment and to administer your account. If you have an employment or commercial relationship with TDSC, we use your personal information to develop our contractual relationship, to conduct performance evaluations and to comply with legal obligations, including tax and labor regulations.
- Customers: we use our customers’ information to maintain our commercial relationship, to ensure the proper operation of the day-to-day business, to comply with tax and other regulations, and to administer sales and marketing activities.
- Prospective customers: information from prospective customers are used to respond to their requests for information, products or services, and for marketing activities.
- Vendors and suppliers: if you have a business or professional relationship with TDSC, we will use your information to develop and conduct our business relationship with you, and to comply with tax and other regulations.
- Visitors of company facilities: some of our buildings have physical access controls and video surveillance systems for security purposes.
- Website and social media users: we collect personal information from visitors and users of our website and social media pages. We use the information to manage your account registration, to store your preferences and settings, to provide interest-based advertising, to conduct statistics and to analyze how you use our website and online services.
TDSC shall use personal information for purposes disclosed above. To the extent required by law, TDSC shall inform the individual if their personal information will be used for an additional purpose, and this disclosure shall occur prior to the data being so used, and the individual shall be given a mechanism to provide their consent.
As permitted by applicable law, we do not treat deidentified data or aggregate customer information as personal information and we reserve the right to convert, or permit others to convert, your personal information into deidentified data or aggregate consumer information. We have no obligation to re-identify such information to respond to your requests.
Our customers may engage service providers or subcontractors to enable them to perform services on our behalf. This sub-processing is, for purposes of clarity, an additional business purpose for which we are providing you notice.
In addition, we may collect, use and disclose your personal information as required or permitted by applicable law.
7. SHARING AND DISCLOSURES TO THIRD PARTIES
At times, Henry Schein engages third party contractors, service providers, and other vendors to help us accomplish our business objectives. When Henry Schein discloses personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. There are other circumstances where we are required by law to disclose personal information to third parties such as public authorities.
Disclosures for Business Purposes:
In the preceding twelve (12) months, TDSC may have disclosed the following categories of personal information for a business purpose:
A. Personal Identifiers;
B. Personal Information Records;
C. Commercial Information;
D. Internet Usage Information;
E. Professional or Employment Information;
F. Non-public Education Information; and
G. Inferences from Personal Information Collected.
Notwithstanding anything to the contrary in our other privacy notices, we restrict use of your personal information shared with our vendors for business purposes.
Sale:
In the preceding twelve (12) months, we may have sold your personal information (as the term “sold” is defined by the California Privacy Act). The personal information sold may include your:
A. Personal Identifiers;
B. Personal Information Records;
C. Commercial Information;
D. Internet Usage Information;
E. Professional or Employment Information;
F. Non-public Education Information; and
G. Inferences from Personal Information Collected.
We may disclose your personal information for a business purpose to the following categories of third parties:
- Our subsidiaries and affiliates
- Third parties to whom you authorize us to disclose your personal information in connection with products or services we provide to you
- B2B Customers
- Business Partners
- Customer Service Representatives
- Executive/Board of Directors
- External Agencies
- External Auditors
- Finance/Accounting Teams
- Internal Auditors
- Internal Employees on need to know basis
- Legal, Compliance and Regulatory-Quality Teams
- Operations/Maintenance Teams
- Public Authorities/ Government Bodies
- Sales/Marketing Teams, representatives or agents
- Service Providers and Vendors, such as for advertising or marketing purposes, internet service providers, data analytic providers, operating systems and platforms, and social networks
- Trade Unions/Work Councils
In the preceding twelve (12) months, TDSC may have disclosed personal information for the following business purposes:
- Processing Interactions and Transactions
- Managing Interactions and Transactions
- Performing Services
- Research and Development
- Fulfilling regulatory requirements and Quality Assurance
- Security
- Debugging
We engage with third party contractors, service providers and other vendors for certain services. If the engagement involves the transmission of personal information, TDSC directs the service provider to treat that data consistent with legal requirements. A contract to protect the personal information should be executed before any data is disclosed.
In certain circumstances, TDSC may be required to disclose personal information when required by law, when required to protect our legal rights, or in an emergency situation where the health or security of an individual is endangered.
We may also disclose personal information in the context of any sale or transaction involving all or a portion of the business.
8. OUR POLICY TOWARDS CHILDREN
Our services are not directed to children. If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, please contact us. If we become aware that a child has registered for a service and has provided us with personal information, we will delete such information from our files.
9. SECURITY
TDSC is committed to security, confidentiality and integrity of personal information in accordance with legal requirements. We take commercially reasonable precautions to keep personal information secure against unauthorized access and use and we periodically review our security measures. We are committed to processing your data in a secure manner and have put in place specific technical and organizational measures to prevent the personal information we hold from being accidentally or deliberately compromised.
TDSC uses DigiCert, Inc. for its sites’ security certificates. Please be aware that these protection tools do not protect information that is not collected through our website, such as information provided to us by e-mail.
We also conduct information risk assessments, we train our staff to understand the importance of protecting personal information, and we are responsibly managing access rights within the company. We include both physical security and IT security in our overall data security approach. We are diligent in selecting vendors that process personal information on our behalf so that they also ensure appropriate technical and organizational measures to protect the data.
TDSC makes reasonable efforts to notify individuals and regulatory authorities, as required by law, if we reasonably believe that personal information has been stolen, disclosed, altered or infringed by an unauthorized person.
We also endorse the concept of privacy by design which is an approach to projects that promotes privacy and data protection compliance from the outset. This means considering the privacy and security implications for any new project or process throughout its lifecycle.
10. YOUR DATA PROTECTION RIGHTS AND CHOICES
If you reside or otherwise find yourself in jurisdictions with data protection laws, TDSC is committed to supporting your rights granted by such applicable data protection laws. Otherwise, you can contact us at any time to discuss your privacy concerns.
Under certain circumstances, you may have the privacy rights described in this section. Any request you submit to us is subject to an identification and verification process. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information.
If you require this notice to be provided in a different format, please submit the request to TDSC by either:
- Calling us at: (888) 253-1223
- Visiting: 135 Duryea Road, Melville, NY 11747
If we cannot comply with a request, we will explain the reasons in our response. We will use personal information provided in a verifiable request only to verify your identity or authority to make the request and to track and document request responses.
We will make commercially reasonable efforts to identify personal information that we collect, process, store, disclose and otherwise use and to respond to your applicable privacy rights requests. In some cases, we may suggest that you receive the most recent or a summary of your personal information and give you the opportunity to elect whether you want the rest. We will typically not charge a fee to fully respond to your requests; provided, however, that we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded or overly burdensome. If we determine that the request warrants a fee, or that we may refuse it, we will give you notice explaining why we made that decision. You will be provided a cost estimate and the opportunity to accept such fees before we will charge you for responding to your request.
Pursuant to applicable data protection laws, your privacy rights may include the following:
Information Rights:
You may have the right to send us a request, no more than twice in a twelve-month period, for any of the following for the period that is 12 months prior to the request date:
- The categories of personal information we have collected about you.
- The categories of sources from which we collected your personal information.
- The business or commercial purposes for our collecting or selling your personal information.
- The categories of third parties to whom we have shared your personal information.
- The specific pieces of personal information we have collected about you.
- A list of the categories of personal information disclosed for a business purpose in the prior 12 months, or that no disclosure occurred.
- A list of the categories of personal information sold about you in the prior 12 months, or that no sale occurred. If we sold your personal information, we will explain:
- The categories of your personal information we have sold.
- The categories of third parties to which we sold personal information, by categories of personal information sold for each third party.
To make a request, email us at support@tdsc.com or call us at (888) 253-1223.
Do Not Sell My Personal Information.
To the extent TDSC sells your personal information as the term “sell” is defined under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information by us to third parties at any time. You may submit a request to opt-out by clicking Do Not Sell My Personal Information. You may also submit a request to opt-out by calling our toll-free number at (888) 253-1223, or emailing us at support@tdsc.com. If you choose to use the Global Privacy Control (GPC) browser signal, you will only be opted out of online sales or sharing Personal Information, and will need to turn it on for each browser you use.
We do not sell the personal information of an individual we know are under 16 unless we receive an opt-in from the individual who is between 13 and 16, or the parent or guardian of an individual younger than 13. Individuals who opt-in to personal information sales may opt-out at any time.
In the preceding twelve (12) months, we have not sold your personal information (as the term “sold” is defined by the California Privacy Rights Act).
Right to Limit Use and Disclosure of Sensitive Personal Information:
You may direct us to limit the use and disclosure of your Sensitive Personal Information to uses/disclosures that are reasonably necessary to provide our goods and services, or as needed: to ensure security and integrity; to prevent fraud or illegal activity; for physical safety; for short-term, transient use, including for non-personalized advertising; to perform services on behalf of the business; and to verify or maintain the quality or safety of a service or device owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance such services or devices. To limit our use of your Sensitive Personal Information, click on Do Not Sell My Personal Information on tdsc.com We participate in the IAB CCPA Compliance Framework for Publishers & Technology Companies (“IAB Framework”). This means that where you exercise your right to opt-out of the sale of your personal information by clicking Do Not Sell My Personal Information, to the extent we sell your personal information in order to deliver ads tailored to your interests, we will notify downstream participants of the IAB Framework that receive personal information about you to only use your personal information for those specific and limited purposes that are permitted under the IAB Framework.
Please note that the scope of the IAB Framework opt-out may only apply to personal information from the specific browser or device from which you opt-out. In addition, exercising your right to opt-out of the sale of your personal information does not mean that you will stop seeing ads or that you will stop seeing interest-based ads. To learn more about interest-based advertising across sites and additional opt-out choices, please see the “Analytics and Advertising” and “Your Rights and Choices” sections above and the links set forth therein. Where you opt-out of the sale of purposes of the CCPA, but do not opt-out of interest-based advertising more generally, you may continue to receive ads tailored to your interests based upon personal information not sold by us, sold to other IAB participants at least 90 days before you opted out, or sold by other sources from which you have not opted out. We are not responsible for any downstream participants’ compliance with the IAB Framework or the accuracy of their privacy policies or statements regarding their opt-out options or programs.
Obtaining Copies of Personal Information:
You may have the right to obtain a copy, no more than twice in a twelve-month period, of your personal information that we have collected and are maintaining. To make a request, email us at support@tdsc.com or call us at (888) 253-1223.
Delete:
Except to the extent we have a basis for retention under applicable law, you may request pursuant to applicable law that we delete your personal information that we have collected and are maintaining. Our retention rights include, without limitation, complete transactions and service you have requested or that are reasonably anticipated, for security purposes, for legitimate internal business purposes, including maintaining business records, to comply with law, to exercise or defend legal claims, and to cooperate with law enforcement. To make a request, email us at support@tdsc.com or call us at (888) 253-1223. We will not discriminate against you in a manner prohibited by applicable law because you exercise your privacy rights. You may have the right to exercise these rights via an authorized agent who meets the agency requirements of the applicable law.
11. LINKS TO OTHER SITES
Our site contains links to other websites. These sites are not covered by this Privacy Statement, and we are not responsible for the privacy practices or the content of these other sites.
12. CHANGES TO THIS NOTICE
We reserve the right to modify this Privacy Statement and related business practices at any time. We will duly inform you of any changes in the posted Privacy Statement.
The time stamp you see on the Statement will indicate the last date it was revised.
13. CONTACT INFORMATION
If you have any privacy concerns or questions about how your personal information is used, please feel free to contact us.
Henry Schein, Inc.
135 Duryea Road
Melville, NY 11747
Attn: Customer Service (W-150)/TDSC
Phone: (888) 253-1223
E-mail: support@tdsc.com
TDSC, Inc. will cooperate with inquiries made by the Federal Trade Commission or European regulatory authorities.
14. UNSUBSCRIBE
If you supply us with your street address, e-mail address, phone number or fax number, you may receive periodic mailings, calls or faxes from us with information about new products and services or upcoming events. If you do not wish to receive such mailings or calls, you may “opt out” by writing, calling, or e-mailing us at the addresses/number listed below:
Henry Schein, Inc.
135 Duryea Road
Melville, NY 11747
Attn: Customer Service (W-150)/TDSC Phone: (888) 253-1223
E-mail: support@tdsc.com
If you do not wish to receive such faxes from us, you may “opt-out” by writing, faxing, or calling us at the address/numbers listed below:
Henry Schein, Inc.
135 Duryea Road
Melville, NY 11747
Attn: Customer Service (W-150)/TDSC
Attn: Fax Desk
Phone: (888) 253-1223
Fax: 1-800-824-1347
Thank you for visiting our site, and for taking the time to read this Privacy Statement.
Effective 06-08-2023