Cook Group
Menu Search

Privacy statement

Effective April 2025

This website privacy statement is provided by Cook Group Incorporated (“the company”), including our affiliated companies and subsidiaries. It contains information about our practices for collecting, using, and safeguarding the information you provide to us through this website. Please also refer to:

Depending on your relationship with the company, additional privacy notices may apply to you and your personal information. For example:

Personal information

In order to access certain options, offers, or services on our site, you will be asked to provide relevant personal information, such as contact information for enrollment in a program or information about the service you are seeking. You always have the option of unsubscribing from our commercial programs at any time. Occasionally, we may invite you to participate in a survey or poll about our site content, services, or products. Your responses will be anonymous unless you choose to provide your contact details so that we can provide you with additional information regarding the survey or poll. We may also collect personal information about you from cookies and other automated tracking technologies when you interact with our website, through thirdparty vendors that provide services for us, adverse event reporting, and publicly available sources. 

Personal information we collect
We may collect and process the following types of personal information:

  • Identifiers, such as name, signatures, alias, online identifiers, internet protocol (IP) address, account name, physical characteristics or description.
  • Contact and financial information, including phone number, address, email address, financial information, medical information, health insurance information.
  • Commercial information, such as transaction information and purchase history.
  • Internet or other electronic network activity information, such as browsing history and interactions with our websites or advertisements.
  • Geolocation data, such as device location.
  • Audio, electronic, visual, olfactory and similar information, such as call and video recordings.
  • Professional or employment-related information, such as work history and prior employer.
  • Education information, as defined in the federal Family Educational Rights and Privacy Act, such as student records and directory information.
  • Purchase history, such as commercial information, including products or services purchased, obtained, or considered or other purchasing or commercial histories or tendencies.
  • Inferences drawn from any of the personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Processing your personal information
We may use the personal information we collect from you for the following reasons: 

  • Operate, manage, and maintain our business
  • Provide, develop, improve, repair, and maintain our products and services
  • Hire and manage our employees, as well as for related employment purposes
  • Personalize, advertise, and market our products and services
  • Conduct research, clinical studies, analytics, and data analysis
  • Conduct investigations
  • Maintain our facilities and infrastructure
  • Undertake quality and safety assurance measures
  • Conduct risk and security controls and monitoring
  • Detect and prevent fraud
  • Perform identity verification
  • Service accounts
  • Perform accounting, audit, and other internal functions, such as internal investigations
  • Comply with law, legal process, and internal policies
  • Fulfill contracts
  • Maintain records
  • Process orders and transactions and payment
  • Provide customer service
  • Maintain, process, or fulfill insurance and workers’ compensation claims
  • Provide analytic services
  • Exercise and defend legal claims
  • Otherwise accomplish our business purposes and objectives

We may also aggregate or deidentify your personal information so that it no longer can identify you. We may use this aggregated or deidentified information for any lawful purpose, and such information is no longer subject to this statement.  

Sharing your personal information

Consistent with applicable laws and requirements, as well as with the data protection notices that we provide in relation to various programs or projects, the personal information that you provide to us through this website may be combined with other information that we have about you from other sources, may be used by the company for marketing and promotional purposes, and/or may be shared with other companies within the Cook Group. We may also share some of it with third-party business partners who assist us with initiatives such as order fulfillment or improving our site. When we do share this information, we require those third parties to adopt measures to protect your information in a manner consistent with this statement. We may share your information with third parties to personalize, advertise, and market our products.

There may also be limited types of legal situations in which we are required to share some of your information, such as in the event of a transfer of ownership of the business, in connection with regulatory or legal matters, where required for safety and security, or as otherwise required or permitted by law. When we do share your information in such a situation, we limit the transfer to the information that is relevant under the circumstances and, to the extent possible, require the recipient to uphold an equivalent level of protection for the data.

Data Privacy Frameworks

As further described in Cook Group Incorporated’s Data Privacy Framework Notice, certain Cook Group companies have certified to and comply with one or all of the following data privacy frameworks, as set forth by the US Department of Commerce:

  • EU-US Data Privacy Framework
  • UK Extension to the EU-US Data Privacy Framework
  • Swiss-US Data Privacy Framework

These frameworks regard the processing of personal information received from the European Union and the United Kingdom in reliance on the EU-US Data Protection Framework and the UK Extension to the EU-US Data Privacy Framework, and the processing of personal data received from Switzerland in reliance on the Swiss-US Data Privacy Framework principles. The data privacy framework principles are: Notice; Choice (Consent); Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability.

If there is any conflict between the terms in this privacy statement and the EU-US Data Protection Framework Principles and/or the Swiss-US Data Protection Framework Principles, the Principles shall govern.

For more information on these data privacy frameworks or to view our certifications, please visit https://www.dataprivacyframework.gov/s/.

Legal basis for collection, use, and other processing

In certain jurisdictions, we are required to have a legal basis in order to process your personal information. The legal basis that applies will depend on your relationship to us and the types of services or products we are providing:

  • We may collect and use your personal information with your consent for a specific purpose identified in a notice given to you when we collect your personal information.
  • We may process your personal information in order to manage or satisfy our contractual relationships. For example, in some circumstances, the processing of your personal information is necessary to meet an obligation in a commercial, employment, or service contract.
  • We may process your personal information for our legitimate business interest. Where we rely on legitimate interests, we have conducted an assessment to ensure that our interests and yours are balanced.
  • We may need to collect and process your personal information to comply with our legal obligations.

We are committed to collecting and processing your personal information in a lawful and transparent manner. Please note that this section only applies to residents of jurisdictions where we are required to have a legal basis to process individuals’ personal information. It does not apply to residents of other jurisdictions, such as the US. 

International data transfers

As a global business, your information will be transferred and stored in the United States and other locations around the world. Cook has also put in place appropriate measures to comply with the international data transfer obligations that apply to our business. This includes, for example, relying on the EU Standard Contractual Clauses for situations that are not covered by our Data Privacy Framework, and putting in place an intra-company data transfer agreement that is aligned with those Clauses or other applicable laws.

Cookies and web tracking

We use cookies and other similar web technologies on our websites. Please read about our practices for using cookies and similar technologies, including those from third parties that we may use to advertise our products to you when you visit our or other non-affiliated websites in the future, by clicking on our cookies notice and disclosure statement.

Safeguarding your information

To be consistent with applicable laws, we have adopted reasonable and appropriate measures that are designed to safeguard the confidentiality of your information and protect it from loss, misuse, alteration, destruction, or unauthorized access. Please note that, despite our efforts, there is always some risk that your data will be improperly accessed, including, for example, during your transmission of the information to us. We kindly remind you to safeguard any passwords and user IDs that you may obtain for restricted sections of our sites and to contact us immediately if you believe they have been compromised.

If you need to update or correct your personal information profile, you may do so directly on our website or by contacting us at the address below.

Policies for children

This website is not intended to collect or maintain any information from children under the age of 13 (or any other higher age threshold for children required by applicable data protection law). If we learn that we collected any information from anyone under the relevant age, we will purge it immediately, except for responding to a question or inquiry on a one-time basis from the individual.

Individual rights

We take reasonable steps to ensure that your personal information on file with us is accurate and up-to-date. In that regard, we invite you to contact us to update your information, such as your email address if it changes, so that you can continue to receive the information that you have requested from us. As noted above, you always have the right to withdraw consent to our use of your data for any marketing purposes.

In accordance with applicable laws, you may also access or request correction of the information that we have retained about you, object to the processing of your data, request that your data be sent elsewhere, or request that we delete your information. Depending on the applicable law, certain exceptions and additional rights may apply to you, and Cook upholds them in accordance with the regional/local requirements, such as in relation to:  

  • the EU General Data Protection Regulation (GDPR) and the implementing laws in the EU member states where EU residents also have the right to contact their local supervisory authority; or 
  • the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), which provide certain rights to California residents. 

To exercise rights related to your personal information under applicable laws, you can submit a request using the contact methods provided below.

Linked sites

Our website contains links to third-party (“external”) websites, and, occasionally, we may purchase space on a social media or other third-party site, such as Facebook or Shopify, to provide information about our Company, our products, or other offerings. Cook Group Incorporated does not endorse or make any representations or warranties for the accuracy of content located on linked external websites, and we are not responsible for any linked external website’s privacy policies, content, products, data collection procedures, materials, software, business activities, etc. We strongly encourage you to read and review the website and other policies of those organizations. Where possible, and in accordance with applicable laws, we also post our own website privacy statement for website users who visit the pages that Cook Group Incorporated has included on those third-party sites.

Changes to this statement

We encourage you to review this statement periodically when you return to our site as we may update it from time to time to reflect changes to our practices, new requirements, and new security risks and safeguards. The changes become effective upon posting the new version of this statement, and those changes that relate to the use of personal information apply to information that is collected after posting.

Contact us

If you have any questions or if you have a complaint or claim about our data privacy practices, please contact us at the address below:

Chief Privacy Officer
Cook Group Incorporated
P.O. Box 1608
Bloomington, Indiana 47402-1608
USA

For EU/EEA/Switzerland countries:

European Data Protection Officer
Cook Medical
O’Halloran Road
National Technological Park
Co. Limerick
Ireland

For the Asia-Pacific region:

Data Protection Officer, APAC
Cook Asia Ltd.
Level 20, 28 Hennessy Road
Five Pacific Place, Wan Chai
Hong Kong