Effective April 1, 2021
Stallergenes Greer ("Stallergenes," "we" or "us") recognizes and respects the privacy rights of individuals with regard to their personal data. This policy describes how we collect, use, share and secure your personal data and what choices and rights you may have regarding your personal data. It applies to personal data that we collect not only through our websites but also through other sources.
A. HOW DO WE GET YOUR PERSONAL DATA?
Directly from you. You may give us personal data through our websites or through other direct interactions with us, for example, when you:
- contact us by email, phone or mail, ether using the addresses or numbers posted on our website or when you contact our employees directly;
- enter into a business transaction with us to provide goods or services;
- apply for employment with us or when you become an employee; or
- sign up and/or take part in one of our clinical research programs.
Automatically from your use of our website. As you use our website or intranet, we may automatically collect Online Technical Data about your equipment, browsing patterns and of our website. We collect this personal data by using cookies, and other similar technologies. See “Cookies and Web Beacons” below for more information.
From third parties or publicly available sources. We may receive personal data about you from various third parties and public sources, such as:
- online analytics providers such as Google Analytics and search information providers;
- providers of technical, payment and delivery services;
- recruiters, staffing agencies and employment background search firms;
- government, industry and professional directories;
- clinical sites, investigators, clinical research organizations and vendors conducting clinical research in which you enroll and/or participate.
B. WHAT TYPES OF PERSONAL DATA DO WE COLLECT?
We may collect the following types of personal data about you:
- Identity Data such as first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender and social security number.
- Contact Data such as billing address, delivery address, email address, telephone numbers and home address.
- Financial Data such as bank account, payment card details, and payroll data.
- Transaction Data such as details about payments to and from you.
- Online Technical Data such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website or intranet.
- Online Profile Data such as your username and password on our website and intranet.
- Online Usage Data such as information about how you use our website, intranet, products and services.
- Geolocation Data such as precise location data derived from GPS coordinates or telemetry data.
- Other Data such as any other personal data that you provide, submit or give us, including health, genetic and biometric data.
C. HOW DO WE USE YOUR PERSONAL DATA?
We may use your personal data to:
- fulfill your requests and answer your questions;
- process employment applications;
- manage your employment with us, including for payroll, disability-related purposes and benefits enrollment (note: we may also collect the personal data of your dependents for benefits enrollment purposes);
- perform contractual obligations and enforce contractual rights under agreements with you;
- improve our websites and intranet (for more information, see “Cookies and Web Beacons” below);
- conduct clinical trials of our products;
- comply with legal and regulatory requirements, including those related to clinical trial adverse events and patient safety; and
- for other purposes as authorized or requested by you.
We do not sell your personal data to other companies or organizations.
D. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
Depending on the specific use(s) set forth above, we may share your personal data with the following groups and individuals:
- Affiliates: our parent company and other affiliated companies.
- Service providers and business partners: third parties with whom we engage to provide services or products on our behalf (e.g., IT system administrative service companies, data storage companies, data analytics companies, contract research organizations that conduct clinical trials, travel planning companies, payroll and benefits service providers, banks and other payment facilitators, employment background check providers) or with whom we collaborate or partner with to research and develop products and services (e.g., industry and academic research collaborators).
We do not allow our third-party service providers or business partners to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
- Professional advisers: advisors (e.g., lawyers, bankers, auditors and insurers) who provide consultancy, banking, legal, compliance, insurance and accounting and payroll services.
- Government authorities: IRS, FDA and other federal and state government agencies, regulators and authorities.
- Acquirors and successors: third parties to whom we may seek to sell, transfer, or merge parts of our business or our assets, such as through a merger, consolidation, acquisition, reorganization, bankruptcy or dissolution.
E. HOW DO WE PROTECT YOUR PERSONAL DATA?
We have put in place appropriate security measures to prevent your personal data from being lost and protect it from unauthorized access, use, alteration and disclosure. We limit access to your personal data to our employees, agents, contractors and other third parties who have a business need to know your data. They will only process your personal data in accordance with our instructions and they are subject to a duty of confidentiality.
F. COOKIES AND WEB BEACONS
Most internet browsers automatically accept cookies, but if you do not wish to have cookies on your system, you can set your browser preferences to refuse them or to alert you when cookies are being sent. In order to disable cookies, please consult your browser's “help” section for instructions. If you choose to decline cookies, you may not be able to fully experience the features of our website. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout
Web beacons are small strings of code that are placed in a web page or in an email message. They are sometimes called “clear GIFs” (Graphics Interchange Format), "GIF tags", "Action tags", or “pixel tags”. Web beacons are most often used in conjunction with cookies to track activity on our website. When you visit a particular web page, web beacons notify us of your visit. Since web beacons are used in combination with cookies, if you disable cookies the web beacons will only detect an anonymous website visit. When used in an email, web beacons enable us to know whether you have received the email.
G. HOW WE RESPOND TO DO NOT TRACK SIGNALS
H. CHILDREN’S PRIVACY
While in some instances we may collect personal data about children with the consent of a parent or guardian, such as for clinical trial-related activities, we do not otherwise knowingly solicit or collect data from children. If a parent or guardian becomes aware that his or her child has provided us with personal data without the parent’s or guardian’s consent, he or she should contact us as described under “Contact Information" below. We will take reasonable steps to delete such data from our database within a reasonable time.
I. LINKS TO OTHER SITES
For your convenience and information, we may provide links on our websites and intranet to other third-party websites that we do not operate or control. By providing these links we are not endorsing the content, owner or operator of those sites. When you visit other websites by clicking on a link, this policy no longer applies and your use of that site is subject to that site’s privacy policies. After choosing to move to a third-party’s website, you will receive a notification that you are leaving our website.
We may update this policy from time to time. If we make any changes, the updated Policy will be posted with a revised effective date. You should check this policy periodically for changes.
If you reside in California, please read this section for additional disclosures about how we collect, use, and disclose information about you as well as your rights under the California Consumer Privacy Act (or “CCPA”) (California Civil Code Section 1798.100 et seq.).
INFORMATION WE COLLECT
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or device (“Personal Information" as defined by the CCPA).
CATEGORIES OF PERSONAL DATA THAT WE COLLECT AND SHARE
We have collected and shared the following categories of Personal Information within the last twelve (12) months:
Categories of Personal Information
Type of California Consumer
Type of Third Parties with Which the Personal Information is Shared
Identifiers such as first name, maiden name, last name, username or similar identifier, Internet Protocol address, email address, Social Security number, date of birth and gender or other similar identifiers
Employees; Job Applicants; Healthcare Professionals; Patients; Caregivers; clinical trial subjects; investigators; study staff
Vendors and service providers who help us provide these services; Government agencies (employee data)
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e) such as address, telephone number, passport number, driver’s license or state identification card number, bank account, and payroll data
Employees; Job Applicants; Healthcare Professionals; Patients; clinical trial subjects; caregivers
Vendors and service providers who help us provide these services; Government agencies (employee data)
Internet or other electronic network activities information such browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website or intranet, as well as information about how you use our website
Vendors and service providers who help us provide these services
Education or employment information of the professionals with whom we engage, including
current or past job history; level of education, institutions attended, level of study and degrees attained, areas of specialty, and certifications
Job Applicants; Employees; Healthcare Professionals; Investigators; Study Staff; Patients
Vendors and service providers who help us provide these services
Characteristics of protected classifications such as age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex, veteran or military status, and genetic information
Job Applicants; Employees; Clinical trial subjects; Investigators; Study Staff
Vendors and service providers who help us provide these services; Government agencies (employee data); Regulators such as the Food & Drug Administration
Biometric information such as physiological, biological or behavioral characteristics that can be used alone or in combination with each other to establish individual identity, including DNA, fingerprint, diagnostic or lab results, imagery of the face from which an identifier template can be extracted, and sleep, health, or exercise data that contain identifying information
Patients; Clinical trial subjects
Vendors and service providers who help us provide these services; Regulators such as Food & Drug Administration
Commercial information related to services, treatment or care, such as insurance information, and marketing and communications data, including your preferences in receiving marketing and communications from us and our third parties.
Healthcare Professionals; Patients
Whistleblowing information related to Identity, duties and contact details of the whistleblower; Facts reported; Information gathered as part of the process of verifying the reported facts;
- report on verification operations;
- whistleblowing follow-up,Login data
We may use or disclose the personal information we collect for one or more of the business purposes described in "How Do We Use Your Personal Data?"
SOURCES OF PERSONAL INFORMATION
We obtain the Personal Information from the following categories of sources:
- Directly from you, your caregiver or agent
- Indirectly from you or your caregivers or agents (i.e., in the course of providing services)
- Directly and indirectly from activity on our websites (for example, from submissions through our websites or from website usage details collected automatically)
- From third parties in connection with the provision of services
NO SALE OF PERSONAL INFORMATION
In the last 12 months, Stallergenes Greer has not sold your Personal Information (including the Personal Information of minors under 16 years of age).
YOUR CALIFORNIA PRIVACY RIGHTS
A. SHINE THE LIGHT
California Civil Code Section 1798.83 permits California residents who are icustomers of Stallergenes Greer products to request certain information regarding our disclosure of their personal information (if any) to third parties for their direct marketing purposes. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. To make such a request, please contact us using our contact information listed in “How to Contact Us”).
Be sure to include your name and address. You can include your email address if you want to receive a response by email. Otherwise, we will respond by postal mail within the time required by law.
B. CALIFORNIA CONSUMER PRIVACY ACT
The California Consumer Privacy Act (“CCPA”) provides consumers (i.e., California residents) with specific rights (listed below and subsequently referred to as "California Privacy Rights"), subject to some limitations and the verification of their identity, regarding their Personal Information:
- Consumers have the right to request access to the specific pieces of personal information Stallergenes Greer has collected, disclosed or sold about them in the last 12 months, including the categories of information, sources and business purposes of collection, as well as the categories of third parties to whom Stallergenes Greer has disclosed or shared the personal information.
- Consumers have the right to request deletion of their personal information (subject to certain exceptions).
- Consumers have the right to opt-out of the sale of their personal information.
- Consumers have the right to receive equal service and price and not be discriminated against for exercising their privacy rights under the CCPA.
In order for Stallergenes Greer to process a request for you to exercise your California Privacy Rights, Stallergenes Greer will verify your identity by asking you to provide certain personal information. This information may include a description of your relationship with Stallergenes Greer, your first and last name, email address, telephone number and postal address or other personal information that will allow us to verify your identity. If we are successful in verifying your identity, Stallergenes Greer will do its best to respond to your request as soon as possible, and, in any event, no later than 45 days after receiving your request. You may only make a request twice within a 12-month calendar year. If we cannot validate your identity, we will attempt to contact you to inform you of this issue.
Please submit your requests by contacting us at this toll-free number: 844-990-0002 (English Speaking) or 800-216-1288 (Spanish Speaking) or by Email at: DataPrivacy@stallergenesgreer.com.
You may designate an authorized agent to exercise your California Privacy Rights on your behalf in accordance with the CCPA. If you make a request through your authorized agent, we will require you to submit a written and signed statement that the agent is authorized to act on your behalf.
We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
L. CONTACT INFORMATION
639 Nuway Circle, NE
Lenoir, North Carolina 28645
Attn: US Legal Department