Committed to safeguarding your personal information

At Falck US, we are dedicated to protecting the personal information and health information entrusted to us by patients, customers, clients, and employees. Privacy is an essential part of the care and services we provide.

When we collect, use, or share information, we do so guided by respect for individual rights, compliance with applicable U.S. laws—including the California Consumer Privacy Act (CCPA/CPRA) and the Health Insurance Portability and Accountability Act (HIPAA)—and adherence to recognized information-security standards. We also design our digital experiences in alignment with the Americans with Disabilities Act (ADA) to ensure accessible and inclusive services.

What you can expect from us

We believe that privacy protection extends beyond legal requirements. At Falck, we care about people—and that same standard of care applies to their personal information.
Whenever we process personal or health information, you can expect us to follow these core principles:

We use information lawfully and responsibly

• We collect, use, and share information only as permitted by U.S. laws, including HIPAA and state privacy laws such as the CCPA/CPRA.
• For HIPAA-protected health information (PHI), we follow all required safeguards, minimum-necessary standards, and authorization requirements.

We are transparent about our practices

We clearly explain what information we collect, why we collect it, how we use it, and with whom it may be shared.
Our privacy notices describe your CCPA/CPRA rights—such as the right to know, delete, correct, and opt out of certain uses of your personal information.

We limit the information we collect

We only collect personal information that is necessary to provide services, meet legal obligations, or support essential business operations.
We retain information only as long as needed for those purposes.

We help maintain accuracy

We work to ensure that personal information is accurate and up to date.
We also provide individuals with ways to review and request corrections to their information, as required under HIPAA and CCPA/CPRA.

We protect information with strong security controls

We implement administrative, technical, and physical safeguards—such as encryption, access controls, and monitoring—to protect information from unauthorized access, misuse, or disclosure.

We take responsibility and cooperate with authorities

We maintain internal policies, training, incident-response processes, and audit programs to support compliance and continuous improvement.
We cooperate with regulators, partners, and customers in good faith.

We support accessibility for all users

We strive to ensure that our online services and privacy resources meet ADA accessibility requirements, enabling individuals of all abilities to understand and exercise their privacy rights.

What we expect from our suppliers

Suppliers, contractors, and business associates working with Falck US must follow the same high standards we set for ourselves. This includes:

• Entering into required agreements, such as Business Associate Agreements (BAAs) under HIPAA when handling PHI.
• Complying with U.S. federal and state privacy and security requirements, including CCPA/CPRA where applicable.
• Notifying Falck promptly and in good faith in the event of security incidents or data breaches.
• Following recognized information security frameworks, such as ISO 27001, NIST, or equivalent.
• Monitoring their own subcontractors and ensuring equivalent protections are in place.

Suppliers are expected to follow Falck’s Data Protection policies and relevant contractual obligations.

Our Principles for the Ethical Use of Data

Falck is becoming an increasingly data-driven organization and believes data can help improve healthcare and emergency services for the benefit of patients, customers, and communities.
To support responsible data use, Falck has adopted the following ethical principles:

• Purpose and usage: Human interests come first. Data must be used to benefit individuals and society—not solely for commercial purposes.
• Individual data control: Where applicable under U.S. law, individuals should have meaningful control over how their personal information is used.
• Transparency: We are committed to clear communication about how data is collected, used, and shared, including through privacy notices and policies.
• Accountability and governance: We work to minimize risks, prevent misuse, and address ethical considerations through oversight and continuous improvement.

Falck’s Data Ethics Committee, consisting of representatives from our business segments and global functions, provides guidance on data-ethics matters across the organization.

Where You Can Find More Information

Privacy Questions

If you have questions, comments, or concerns about privacy or your rights under HIPAA or state privacy laws such as the CCPA/CPRA, please contact:

Falck US Privacy Office: DPO@FALCK.COM
(You may request access, corrections, deletion, or opt-out rights where applicable.)

Data Ethics Questions

For inquiries related to our data ethics principles, contact:
DATAETHICS@FALCK.COM

Our Recognitions

Falck has earned independent certifications recognizing our information-security and privacy practices, including:

• ISO 27001 (Information Security Management)
• ISO 27701 or comparable privacy frameworks implemented within applicable business units
• Independent assurance reports for selected operations

These certifications demonstrate our commitment to maintaining strong privacy and security controls.