Effective April 1, 2021

Stallergenes Greer ("Stallergenes," "we" or "us") recognizes and respects the privacy rights of individuals with regard to their personal data.  This policy describes how we collect, use, share and secure your personal data and what choices and rights you may have regarding your personal data. It applies to personal data that we collect not only through our websites but also through other sources.  

Certain parts of this policy apply only to residents of California (see the section entitled “California Privacy Policy” below for more information).  If you have any questions about this policy or the personal data that we collect, please contact us as described under “Contact Information" at the end of this policy.

A. HOW DO WE GET YOUR PERSONAL DATA?

Directly from you.  You may give us personal data through our websites or through other direct interactions with us, for example, when you:

• contact us by email, phone or mail, ether using the addresses or numbers posted on our website or when you contact our employees directly;
• enter into a business transaction with us to provide goods or services;
• apply for employment with us or when you become an employee; or
• sign up and/or take part in one of our clinical research programs.

Automatically from your use of our website.  As you use our website or intranet, we may automatically collect Online Technical Data about your equipment, browsing patterns and of our website.  We collect this personal data by using cookies, and other similar technologies.  See “Cookies and Web Beacons” below for more information.

From third parties or publicly available sources.  We may receive personal data about you from various third parties and public sources, such as:

• online analytics providers such as Google Analytics and search information providers;
• providers of technical, payment and delivery services;
• recruiters, staffing agencies and employment background search firms;
• government, industry and professional directories;
• clinical sites, investigators, clinical research organizations and vendors conducting clinical research in which you enroll and/or participate.

B. WHAT TYPES OF PERSONAL DATA DO WE COLLECT?

We may collect the following types of personal data about you:

• Identity Data such as first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender and social security number.
• Contact Data such as billing address, delivery address, email address, telephone numbers and home address.
• Financial Data such as bank account, payment card details, and payroll data.
• Transaction Data such as details about payments to and from you.
• Online Technical Data such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website or intranet.
• Online Profile Data such as your username and password on our website and intranet.
• Online Usage Data such as information about how you use our website, intranet, products and services.
• Geolocation Data such as precise location data derived from GPS coordinates or telemetry data.
• Other Data such as any other personal data that you provide, submit or give us, including health, genetic and biometric data.

C. HOW DO WE USE YOUR PERSONAL DATA?

We may use your personal data to:

• fulfill your requests and answer your questions;
• process employment applications;
• manage your employment with us, including for payroll, disability-related purposes and benefits enrollment (note: we may also collect the personal data of your dependents for benefits enrollment purposes);
• perform contractual obligations and enforce contractual rights under agreements with you;
• improve our websites and intranet (for more information, see “Cookies and Web Beacons” below);
• conduct clinical trials of our products;
• comply with legal and regulatory requirements, including those related to clinical trial adverse events and patient safety; and
• for other purposes as authorized or requested by you.

We do not sell your personal data to other companies or organizations.

D. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Depending on the specific use(s) set forth above, we may share your personal data with the following groups and individuals:

• Affiliates:  our parent company and other affiliated companies.
• Service providers and business partners: third parties with whom we engage to provide services or products on our behalf (e.g., IT system administrative service companies, data storage companies, data analytics companies, contract research organizations that conduct clinical trials, travel planning companies, payroll and benefits service providers, banks and other payment facilitators, employment background check providers) or with whom we collaborate or partner with to research and develop products and services (e.g., industry and academic research collaborators).

We do not allow our third-party service providers or business partners to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

• Professional advisers: advisors (e.g., lawyers, bankers, auditors and insurers) who provide consultancy, banking, legal, compliance, insurance and accounting and payroll services.
• Government authorities:  IRS, FDA and other federal and state government agencies, regulators and authorities.
• Acquirors and successors:  third parties to whom we may seek to sell, transfer, or merge parts of our business or our assets, such as through a merger, consolidation, acquisition, reorganization, bankruptcy or dissolution. 

E. HOW DO WE PROTECT YOUR PERSONAL DATA?

We have put in place appropriate security measures to prevent your personal data from being lost and protect it from unauthorized access, use, alteration and disclosure.   We limit access to your personal data to our employees, agents, contractors and other third parties who have a business need to know your data.  They will only process your personal data in accordance with our instructions and they are subject to a duty of confidentiality.

F. COOKIES AND WEB BEACONS

Cookies are small data files that are automatically stored on your computer when you visit our website.  Cookies are used to track the pages of the websites you’ve visited and do not retain any information that will directly identify you such as your name, address or any financial information.  We may use cookies to enable you to use certain website features, store your preferences, recognize you when you return to our website, and help us understand how our websites and intranet are performing and being used.  Third-party analytic services, like Google Analytics, use their own cookies to collect and analyze browsing history and behavior, and make that analysis available to website owners like us.  

Most internet browsers automatically accept cookies, but if you do not wish to have cookies on your system, you can set your browser preferences to refuse them or to alert you when cookies are being sent.  In order to disable cookies, please consult your browser's “help” section for instructions.  If you choose to decline cookies, you may not be able to fully experience the features of our website.  To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.  To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout

Web beacons are small strings of code that are placed in a web page or in an email message. They are sometimes called “clear GIFs” (Graphics Interchange Format), "GIF tags", "Action tags", or “pixel tags”.  Web beacons are most often used in conjunction with cookies to track activity on our website.  When you visit a particular web page, web beacons notify us of your visit.  Since web beacons are used in combination with cookies, if you disable cookies the web beacons will only detect an anonymous website visit.  When used in an email, web beacons enable us to know whether you have received the email.

Please note that linked third-party websites may also use cookies. We cannot control the use of cookies by these third-party websites.  For example, when you link from this site to a third-party website, that website may have the ability to recognize that you have come from our site by using cookies.  If you have any questions about how third-party websites use cookies, you should contact such third parties directly.

G. HOW WE RESPOND TO DO NOT TRACK SIGNALS

Some web browsers may transmit “do-not-track” signals to websites with which the browser communicates. Websites linked to this Privacy Policy do not currently respond to these “do-not-track” signals.

H. CHILDREN’S PRIVACY

While in some instances we may collect personal data about children with the consent of a parent or guardian, such as for clinical trial-related activities, we do not otherwise knowingly solicit or collect data from children.  If a parent or guardian becomes aware that his or her child has provided us with personal data without the parent’s or guardian’s consent, he or she should contact us as described under “Contact Information" below.  We will take reasonable steps to delete such data from our database within a reasonable time.

I. LINKS TO OTHER SITES

For your convenience and information, we may provide links on our websites and intranet to other third-party websites that we do not operate or control.  By providing these links we are not endorsing the content, owner or operator of those sites.  When you visit other websites by clicking on a link, this policy no longer applies and your use of that site is subject to that site’s privacy policies.  After choosing to move to a third-party’s website, you will receive a notification that you are leaving our website.

J. PRIVACY POLICY UPDATES

We may update this policy from time to time.  If we make any changes, the updated Policy will be posted with a revised effective date.  You should check this policy periodically for changes. 

K. CALIFORNIA PRIVACY POLICY

If you reside in California, please read this section for additional disclosures about how we collect, use, and disclose information about you as well as your rights under the California Consumer Privacy Act (or “CCPA”) (California Civil Code Section 1798.100 et seq.).

INFORMATION WE COLLECT

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or device (“Personal Information" as defined by the CCPA).

CATEGORIES OF PERSONAL DATA THAT WE COLLECT AND SHARE

We have collected and shared the following categories of Personal Information within the last twelve (12) months:

We may use or disclose the personal information we collect for one or more of the business purposes described in "How Do We Use Your Personal Data?"

SOURCES OF PERSONAL INFORMATION

We obtain the Personal Information from the following categories of sources:

• Directly from you, your caregiver or agent
• Indirectly from you or your caregivers or agents (i.e., in the course of providing services)
• Directly and indirectly from activity on our websites (for example, from submissions through our websites or from website usage details collected automatically)
• From third parties in connection with the provision of services

NO SALE OF PERSONAL INFORMATION

In the last 12 months, Stallergenes Greer has not sold your Personal Information (including the Personal Information of minors under 16 years of age).

YOUR CALIFORNIA PRIVACY RIGHTS

A. SHINE THE LIGHT

California Civil Code Section 1798.83 permits California residents who are icustomers of Stallergenes Greer products to request certain information regarding our disclosure of their personal information (if any) to third parties for their direct marketing purposes. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. To make such a request, please contact us using our contact information listed in “How to Contact Us”).

Be sure to include your name and address. You can include your email address if you want to receive a response by email.  Otherwise, we will respond by postal mail within the time required by law.

B. CALIFORNIA CONSUMER PRIVACY ACT

The California Consumer Privacy Act (“CCPA”) provides consumers (i.e., California residents) with specific rights (listed below and subsequently referred to as "California Privacy Rights"), subject to some limitations and the verification of their identity, regarding their Personal Information:

1. Consumers have the right to request access to the specific pieces of personal information Stallergenes Greer has collected, disclosed or sold about them in the last 12 months, including the categories of information, sources and business purposes of collection, as well as the categories of third parties to whom Stallergenes Greer has disclosed or shared the personal information.
2. Consumers have the right to request deletion of their personal information (subject to certain exceptions).
3. Consumers have the right to opt-out of the sale of their personal information.
4. Consumers have the right to receive equal service and price and not be discriminated against for exercising their privacy rights under the CCPA.

In order for Stallergenes Greer to process a request for you to exercise your California Privacy Rights, Stallergenes Greer will verify your identity by asking you to provide certain personal information. This information may include a description of your relationship with Stallergenes Greer, your first and last name, email address, telephone number and postal address or other personal information that will allow us to verify your identity. If we are successful in verifying your identity, Stallergenes Greer will do its best to respond to your request as soon as possible, and, in any event, no later than 45 days after receiving your request. You may only make a request twice within a 12-month calendar year. If we cannot validate your identity, we will attempt to contact you to inform you of this issue.

Please submit your requests by contacting us at this toll-free number: 844-990-0002 (English Speaking) or 800-216-1288 (Spanish Speaking) or by Email at: DataPrivacy@stallergenesgreer.com.

You may designate an authorized agent to exercise your California Privacy Rights on your behalf in accordance with the CCPA. If you make a request through your authorized agent, we will require you to submit a written and signed statement that the agent is authorized to act on your behalf.

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

L.  CONTACT INFORMATION

If you have any questions about this Privacy Policy, you may contact us at:

Stallergenes Greer

639 Nuway Circle, NE

Lenoir, North Carolina 28645

Attn: US Legal Department

Email: DataPrivacy@stallergenesgreer.com