You are visiting a website that is not intended for your region

The page or information you have requested is intended for an audience outside the United States. By continuing to browse you confirm that you are a non-US resident requesting access to this page or information.

Switch to the US site

Select Your Country or Region


The EU General Data Protection Regulation (“GDPR”) comes into force on 25th May 2018 and brings with it the most significant changes to EU data protection law in two decades. The regulation harmonizes and establishes a minimum standard of data protection across the European Union. 

In essence, GDPR codifies the fundamental rights and freedoms of natural persons in the protection and processing of their personal data. Correspondingly, it requires data controllers and data processors implement appropriate security measures and safeguards for personal data processing. Expressly contemplating data processing in the digital age, GDPR provides individuals with greater transparency and control over the processing of their personal data. 

Our Commitment

At Getinge, we are committed to ensuring the security and protection of the personal information that we process. We have data protection teams committed to ongoing review and vigilance of all matters within the scope of GDPR so that a process of continual assessment, risk management and improvement is embedded in our organisation.

Our GDPR preparations have included a comprehensive review of relevant internal processes, procedures and documentation. Additionally, we have and continue to actively develop and implement data protection policies, procedures, controls and security measures for GDPR compliance. 

Policies & Procedures

Getinge has and continues to develop data protection policies and procedures addressing the requirements and standards of the GDPR including: 

Data Protection

Our main policy and manual for data protection has been overhauled to meet GDPR requirements. We have and continue to develop accountability and governance measures (including privacy by design) to raise awareness of and promote compliance with our data protection obligations and responsibilities.

Data Retention

We have and continue to update our retention policies and schedules in consideration of ‘data minimization’ and ‘storage limitation’ principles. 

Data Breaches

We have and continue to develop safeguards and security measures for identifying, assessing, investigating and reporting personal data breaches. 

International Data Transfers

To the extent that Getinge transfers personal information outside the EU/EEA, we have and continue to develop our policies and procedures for securing and maintaining the integrity of the data. When such data transfers involve external recipients, we request recipients verify that they have appropriate safeguards to protect the personal information and to comply with data subject rights and requests.

Data Subject Request

We provide a user friendly interface for requesting personal data correction, restricted processing, erasure as well as submitting data processing objections. Access the request form here.

Data Privacy Notice

Statement disclosing how Getinge uses, gathers and processes personal data from 3rd parties.

Legal Basis for Processing Personal Data

We assess and have a system for recording the legal basis for processing activities involving personal data.

Privacy Notice

Where applicable, we issue privacy notices informing individuals of the details surrounding the data processing activity and their rights and freedoms pursuant to GDPR.

Data Protection Impact Assessments

We have a system for facilitating data protection impact assessments.

Data Processor Agreements

Where applicable, we enter into data processing agreements. 

Data Subject Request

To request personal data access, correction, restricted processing or erasure or to submit data processing objections for legitimate purposes, please complete the form linked below.