References to “we”, “us” or “BW” in this statement mean Biosense Webster, A Division of Johnson & Johnson Medical N.V.. Our contact details can be found at the end of this Privacy Policy. References to “you” or “your” means healthcare professions (such as physicians) or other individuals using or accessing our Services (as defined below) (a “User”).

We are concerned about privacy issues and want you to be familiar with how we collect, use, and disclose personal data through CARTONET™, our cloud-based Software as a Service offering, its related Website or Web property (including, for example, a mobile Website or application) operated and controlled by us, or our CARTO® 3 System (collectively the “Services”), through which you may collect, review, analyze, share and otherwise use certain case data and related procedure data, along with video and image files, obtained during procedures performed using the CARTO® 3 System. This Privacy Policy describes our practices in connection with the personal data that we or our service providers collect through the Services.

Please read this Privacy Policy carefully so that you understand your rights in relation to your personal data, and how we collect, use and process your personal data. By providing personal data to us or by using and accessing the Services, you acknowledge that you have read this Privacy Policy.

Services are for Health Care Organisations (as defined below) only and are provided and administered to you by your Health Care Organisation, which contracts directly with BW. In these circumstances, you are a User of our Services and we will process your personal data on behalf of your Health Care Organisation. As we act on the instructions of and on behalf of your Health Care Organisation, BW is a data processor and your Health Care Organisation is a data controller for the purposes of the EU General Data Protection Regulation (“GDPR”). Please consult your Health Care Organisation for information on how they collect and process your personal data in relation to our Services.

Related Privacy Policies

To provide the Services, we leverage the Siemens Healthineers teamplay platform (“Siemens”), which operates on the Microsoft Azure Cloud.

Please review the privacy policy for the Siemens teamplay platform; and for the Microsoft Azure Cloud

Eligibility Requirements

The Services are only intended for use by Users in the European Economic Area (“EEA”) who have registered and have an account with Siemens and are employees or contractors of the health care organisation (the “Health Care Organisation”) that has agreed to and accepted Siemens’ terms and conditions as the “Institution” through the following link:, pursuant to a Subscription Agreement between the Health Care Organization and us. Any other person is not allowed to register with or use the Services. Please refer to our Terms and Conditions at for additional information about User eligibility.

Types of Information Stored and Processed in the Cloud

To provide the Services, certain information about you and your patients will be stored and processed in the cloud, including:

  • User Personal Data” which includes personal data about you, such as your name, e-mail address, name of your Health Care Organisation and details of the procedures you carry out including the date and time.
  • Patient Personal Data” which includes personal data of patients being treated by the User and/or Health Care Organisation, including name, ID, and sensitive personal data such as health data (medical scans and ultrasound images).

In certain circumstances, we will anonymise personal data for statistical research purposes.

How We Collect Information

Personal Data you provide to us

  • We collect User Personal Data when you: register with us; perform procedures using the CARTO® 3 System, input information into CARTONET™ or the CARTO® 3 System; request products, services or information from us; participate in public forums through the Services; and respond to customer surveys.

We will use the information you provide us to:

  • to provide you with the Services and other products and services you or your Health Care Organisation may request;
  • to respond to your or your Health Care Organisation’s inquiries and fulfil your or your Health Care Organisation’s requests, such as to send you or your Health Care Organisation documents you or your Health Care Organisation request or other service-related e-mail or text message alerts;
  • to send you or your Health Care Organisation important information regarding our relationship with you, your Health Care Organisation or regarding the Services, changes to our terms, conditions, and policies and/or other administrative information;
  • to create anonymised and aggregated data sets that may be used for a variety of functions, including research and statistical analysis.
  • to ensure consistency with applicable laws and choices and controls that may be available to you; to personalize content and experiences;
  • to optimize or improve the content, products, services and features of the Services; and
  • for our business purposes, such as data analysis, audits, developing new products, enhancing and improving our Services, identifying Services usage trends, personalizing your experience while using the Services by presenting and offering Services tailored to you, and determining the effectiveness of our promotional campaigns.

Technical usage information

  • As you navigate through and use the Services, certain information described underneath is collected using various technologies. We and our third party service providers collect and use information in a variety of ways, including:
    • Through your browser: Certain information is collected by most browsers, including your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system version, and Internet browser type and version. We collect similar information, such as your device type and identifier, if you access the Services through a mobile device.
    • IP Address: Your IP Address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP Address is identified and logged automatically in our server log files whenever a User uses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is done automatically by many web sites. We use IP Addresses for purposes such as calculating Services usage levels, helping diagnose server problems, and administering the Services.
    • Device Information: We may collect information about your mobile device, such as a unique device identifier.

We collect this information in order to administer our website, and for internal operations, in order to conduct troubleshooting, data analysis, testing, research, statistical and survey analysis, and to keep our website safe and secure.

How We Disclose Personal Data

We share your information with the following categories of recipients including:

  • if you are a User, we will share your personal data with your Health Care Organisation and with our third party service providers described below;
  • if you are a User, we will share your personal data with other Health Care Organisations using the Siemens platform;
  • to our affiliates for the purposes described in this Privacy Policy. A list of our affiliates is available at (click on the link for Form 10K, Exhibit 21, under “SEC Filings”).
  • to Microsoft Azure Cloud, our cloud storage providers, which store your personal data in the Netherlands to store the personal data you provide and for disaster recovery services;
  • to our third party partners with whom we offer a co-branded or co-marketed promotion;
  • to our third party service providers who provide services such as website hosting and moderating, mobile application hosting, data analysis, payment processing, order fulfilment, infrastructure provision, IT services, customer service, e-mail and direct mail delivery services, credit card processing, auditing services, and other services, in order to enable them to provide services, including without limitation, Siemens and the Microsoft Azure Cloud;
  • to a third party, including the prospective buyer, in the event of any reorganisation, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings);
  • to law enforcement agencies, public authorities or other organisations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to (a) to comply with legal process; (b) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (c) to enforce our terms and conditions, including investigation of any potential violation thereof; (d) to detect, prevent or otherwise address security, fraud or technical issues; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain; and


We only set strictly necessary cookies on our website. These cookies are necessary for the website to function and cannot be switched off in our systems.

Third Party Sites And Services

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any site or web property (including, without limitation, those of Siemens and the Microsoft Azure Cloud and any other applications) that is available through the Services or to which the Services contain a link. The availability of, or inclusion of a link to, any such site or property as provided through the Services does not imply endorsement of it by us or by our affiliates.


We use reasonable organizational, technical, and administrative measures to protect personal data under our control. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contacting Us” section below.

Your Rights and Complaints

If you are a User and have privacy related questions or concerns about your personal data including with regard to your rights to your personal data (such as rights to rectification, erasure, blocking, accessing your personal information, objection, restriction of processing, data portability, and the right not to be subject to automated decision making) please contact your Health Care Organisation. If you have any concerns about the processing of your personal data, you may contact us using the details at the end of this Privacy Policy, and you may also contact your Health Care Organisation. While we would always appreciate the chance to deal with your concerns before you approach an external regulator, you can also contact an EU data protection supervisory authority in any of the countries in which we are established and you are based, such as the Information Commissioner’s Office in the United Kingdom. You may lodge a complaint with a supervisory authority competent for your country or region. Please click for contact information for such authorities.

Retention Period

We retain personal data collected in connection with the Services for the period necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or allowed by law or to otherwise fulfil a legal obligation.

Please contact your Health Care Organisation for how long it retains your personal data.

Use Of The Services By Minors

The Services are not directed to individuals under the age of 18, and we request that these individuals not provide personal data through the Services.

Data Storage Locations and Cross-Border Transfers

If you are based in the European Economic Area (“EEA”), your personal data might be accessed by other BW companies within our corporate group which are based outside of the EEA. All transfers of personal data within the BW group are subject to adequate safeguards, in the form of the European Commission’s Standard Contractual Clauses (or “Model Clauses”). You may obtain a copy of these measures by contacting our data protection officer in accordance with the “Contacting Us” section below.


To opt-out of receiving communications relating to marketing, events or promotions from us, you can contact us at any time via the contact details below.

Updates To This Privacy Policy

We may change this Privacy Policy at any time. Please take a look at the “Last Updated” legend at the top of this page to see when this Privacy Policy was last revised. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on this website. Your use or access of the Services following any changes means that you acknowledge that you have read the terms and conditions of the revised Privacy Policy.

Contacting Us

If you have any questions about this Privacy Policy, please contact us:

Biosense Webster, A Division of Johnson & Johnson Medical N.V.

Leonardo da Vincilaan 15
1831 Diegem, Belgium

Tel: +32-2-7463-401
Fax: +32-2-7463-403

You may also contact our data protection officer responsible for your country or region, if applicable, at [email protected].

Important Information: Prior to use, refer to the “instructions for use” supplied with these devices for indications, contraindications, side effects, suggested procedure, warnings and precautions. As part of the Biosense Webster policy of continuous product development we reserve the right to change product specifications without prior notification.

Always verify catheter tip location using fluoroscopy or IC signals and consult the CARTO® System User Guide regarding recommendations for fluoroscopy use.* Catheter advancement should be done under fluoroscopic guidance. Do not use excessive force to advance or withdraw the catheter when resistance is encountered. Careful catheter manipulation must be performed in order to avoid cardiac damage, perforation, or tamponade.

*Sporton S, Earley M, Nathan A, and Schilling R, Electroanatomic versus fluoroscopic mapping for catheter ablation procedures: A prospective randomized study. Journal of Cardiovascular Electrophysiology 2004;15,3:310-315

THERMOCOOL SMARTTOUCH® SF Catheters are not approved by US FDA and are not available for sale in the US. These products may not be approved in countries outside the EU. Please check with your local regulatory agency for the status in your country.

Product availability may differ in each country. Please contact us to find out further information.

© Johnson & Johnson Medical NV/SA 2020. All rights reserved.
This site is published by Johnson & Johnson Medical NV/SA, which is solely responsible for its content.
This site is for visitors from Europe, Middle East and Africa.
The third party trademarks used herein are trademarks of their respective owners.