LEO PHARMA INC.
Last Updated on December 29, 2022
This Privacy Notice describes how LEO Pharma Inc. (“LEO” or “Company”) collects, uses, and shares your personal information through any LEO PHARMA INC. website (collectively, the “Websites”), offline, or otherwise in the course of the Company’s business (the “Services”). LEO is committed to maintaining the privacy and security of your personal information. Please carefully read this Privacy Notice.
This Privacy Notice also applies to information that we receive through third party websites or services when it is stated that such information will be subject to this Privacy Notice. Otherwise, this Privacy Notice does not apply to information collected from any third party (including our affiliates and subsidiaries).
Sources of Personal Information
We may obtain personal information from the following categories of sources:
- Directly from you. For example, from forms you complete online; from information you provide when you agree to take part in a LEO meeting, event or clinical study; from information you provide with regard to medical, safety or product quality information; or information you provide in relation to services for which you register or purchase.
- Indirectly from you. For example, by placing cookies on our Websites.
- From third-party service providers. For example, we obtain demographic data from a third-party service provider to use for marketing analytics. We may also obtain personal information from publicly available registers and third-party providers that specialize in the provision of personal and professional information about healthcare professionals who have agreed to have such data shared with pharmaceutical companies.
Personal Information We Collect
LEO collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). We may collect or obtain the following categories of personal information about healthcare professionals, patients, caregivers, website visitors or others who choose to share their personal information with us. Please see “How We Use Personal Information” for more information about why we collect the categories of information below.
|Category||Examples of Information We Collect|
Personal and Business
First and last name, postal address, phone number and email address(together “Contact Information”), age, gender. Insurance information.
|Patient medical condition, treatment and prescription details.
|Education Information||Academic background|
|Professional Credentials||License number, NPI number, professional or employment-related information,
areas of practice, professional affiliations.
|Financial Information||Social Security number, tax ID, bank account number, and other financial information.|
|Information you provide in your responses to surveys, when you participate
in market research activities, report a problem with the Websites,
receive customer support or otherwise correspond with us.
|Commercial Information||Preferences related to receiving our marketing communications and
other transactional data pertaining to our products.
|Internet or Other Similar Network Activity||Information about how Website visitors browse or search our Website, for our brand, or for our products, including Internet Protocol addresses and device identifiers. See Cookies and Other Technologies below.|
We do not collect:
- Biometric information.
- Profiles or inferences drawn from other personal information.
The “personal information” listed above does not include:
- Information that is lawfully made available from federal, state, or local government records.
- Consumer information that is deidentified or aggregated. LEO may use or disclose deidentified or aggregated information (that is no longer personally identifiable and cannot reasonably be re-identified) for any purpose. We may share this aggregate data with our parent, affiliates, agents, advertisers, manufacturers and business partners. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners and to other third parties for other lawful purposes.
- Medical information governed by the California Confidentiality of Medical Information Act or protected health information that is collected by a covered entity or business associate governed by the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act of 1996.
- Information covered by sector-specific privacy laws like the Fair Credit Reporting Act, Gramm-Leach-Bliley Act, California Financial Information Privacy Act, and Driver’s Privacy Protection Act of 1994.
- Information about current or former LEO job applicants, employees, owners, directors, officers, or contractors for employment. For more information regarding LEO job applicants, employees, owners, directors, officers, or contractors, please see the Company’s Employee Privacy Notice or job applicant privacy notice.
Cookies and Other Technologies
In an ongoing effort to improve the Websites and our Services, we automatically collect certain information when you visit the Websites and/or use the Services. We may automatically collect information using the following automatic data collection technologies:
- Cookies. A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. Such information includes without limitation, your IP address, Internet service provider, device identifier, browser type and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Websites you visit, number of links you click while on the Websites, search terms, operating system, website traffic and related statistics, keywords, key word searches and/or other data concerning your use of the Websites and/or the Services.
- Web beacons. Web beacons, also known as “clear gif” technology, are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web site users. Unlike cookies, which can be stored on a user’s computer hard drive, clear gifs are embedded invisibly on web pages and are about the size of the period at the end of this sentence. We may use web beacons to help us manage information on the Websites by tracking what information is effective.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). The information we collect automatically is statistical data and may not include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties.
You may disable or delete browser cookies through your browser settings. Cookies generally are easy to disable or delete, but the method varies between browsers. If you disable or delete cookies, or if you are running third-party software that intercepts or deletes cookies, please note that some parts of our Websites may not work properly.
If you have further questions regarding the specific information about you that we process or retain, as well as your choices regarding our collection and use practices, please contact us using the information listed below.
How We Use Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information.
- To provide, support, personalize, and develop our Websites, products, and services.
- To create, maintain, customize, and secure your account with us.
- To process your requests, , to confirm and communicate with you about appointments and products, and to prevent transactional fraud.
- To process grant applications.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Website experience and to deliver content and product and service offerings relevant to your interests.
- To help maintain the safety, security, and integrity of our Websites, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop, improve and promote our Websites, products, and services.
- To assist coordinating insurance coverage for LEO products.
- To communicate with you about patient assistance programs or other topics related to LEO products.
- To comply with applicable laws, respond to lawful requests from government authorities and as required by applicable law, court order, or governmental regulations;
- As described to you when collecting your personal information;
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our users is among the assets transferred; or
- Any other purpose consistent with consent that you may provide.
In addition to these purposes, we may collect and process personal information of healthcare professionals, for the following purposes:
- To administer and manage professional and scientific activities (e.g., clinical research; medical information requests; safety and product quality concerns; use of and access to our products; professional meetings; market research surveys; awarding of grants);
- To promote our products and services, including communicating with you by electronic mail;
- To create a professional profile to enable us to better communicate with you and address your questions or concerns; and
- To comply with financial transparency and reporting obligations.
Sharing of Personal Information With Third Parties
In the 12 months preceding the date of this Privacy Notice, we have shared personal information with the following categories of third parties:
- Service providers – we may engage companies and individuals to administer and provide services on our behalf (including, but not limited to, training, customer support, website hosting, email delivery and database management services, contract research organizations, congress and event organizers, shipping and fulfillment providers). These third parties use personal information as directed by us and in a manner consistent with this Privacy Notice. Under applicable law, we are permitted to disclose personal information to service providers in accordance with written contracts, which require our service providers not to retain, use, or disclose that personal information for any purpose other than for the specific purpose of performing services under the contracts, or as otherwise permitted by applicable law, within the context of the direct business relationship between us and the service providers.
- Affiliates – we may disclose your personal information to our affiliates or subsidiaries for purposes consistent with this Privacy Notice.
- Professional advisors – we may share your personal information to professional advisors such as lawyers, auditors and insurers, where necessary in the course of professional services that they render to us.
In addition, we may share personal information with government or law enforcement agencies or private parties as required by law or reasonably necessary to avoid harm. We also may share your personal information, at your request, to business partners that provide services selected by you.
Sales of Personal Information
We do not, and will not, sell your personal information, unless you give us your consent or direct us to do so.
Your Rights and Choices About Your Personal Information
Maintaining Accurate Information
LEO strives to keep your personal information accurate. We will provide you with access to your personal information, including making reasonable efforts to provide you with online access to your information for you to update in the event that any information we hold is inaccurate. You may also make a request to correct or update your personal information by contacting us directly (see Exercising Your Privacy Rights, below). To protect your privacy and security, we will also take reasonable steps to verify your identity before granting you access or enabling you to make updates or corrections.
Your California Privacy Rights
In addition to the right to correct inaccurate personal information, if you reside in California, you may also request that we take the following actions with regard to your personal information:
- Access/Right to Know - You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, including:
- The categories of personal information we collected about you and disclosed about you for a business purpose.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information. ).
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- Correct. You have the right to update or correct inaccuracies in your personal data.
- Deletion - You have the right to request that we delete personal information that we collected from you and retained.
- Transfer – Transfer a copy of specific pieces of your personal information that we have collected or used within the last 12 months to another entity.
- Limit Use and Disclosure of Sensitive Personal Information: You have the right to request that LEO Pharma limit the use and disclosure of your sensitive information.
Exercising Your Privacy Rights
You or your authorized agent may make a verifiable consumer request related to your personal information. You also may make a verifiable consumer request on behalf of your minor child.
To exercise your rights described above, please submit a verifiable consumer request to us by:
- Emailing us at firstname.lastname@example.org.
- Calling us on our toll-free number +1 877 494 4536.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
We may require additional information to verify and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will inform you of such decision, subject to legal restrictions.
Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will not discriminate against you for exercising any of your California privacy rights.
More About Your Privacy
Third-Party Disclosures for Direct Marketing
We do not disclose personal information to any third parties for their direct marketing purposes.
We take commercially reasonable steps to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.
Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the information that you supply will not be intercepted while being transmitted to and from us over the Internet. In particular, email sent to or from the Websites may not be secure, and you should therefore take special care in deciding what information you send to us via email. Therefore, you acknowledge and agree that we assume no liability regarding the theft, loss, alteration, or misuse of personal or other information or content, including, without limitation, such information that has been provided to third parties or other users, or with regards to the failure of a third party to abide by the agreement between us and such third party.
If you register on the Websites, we may send you certain notifications, advertisements, promotions, and other information, including but not limited to, service-related notices or notices regarding a change to any of our policies. You can opt-out of receiving certain communications from LEO, its successors, affiliated companies and/or its agents, including emails, postal mail, SMS, and phone calls relating to our products, Services, and programs, and/or disease awareness information. We may provide various ways to opt-out, which may include opt-out boxes on materials sent by regular mail and unsubscribe functions in emails. You cannot, however, opt-out of receiving transactional communications from LEO related to your account.
Changes to This Privacy Notice
This Privacy Notice is effective as of the date stated at the top of this Privacy Notice. We may change this Privacy Notice from time to time. Please be aware that, to the extent permitted by applicable law, our use of your information is governed by the Privacy Notice in effect at the time we collect the information. If you visit the Websites and/or use the Services after a change to this Privacy Notice is posted on the Websites, you will be bound by such change. Please refer back to this Privacy Notice on a regular basis.
Important Notices to Non-U.S. Residents
The Websites and the Services are operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to use the Websites, and/or the Services, you hereby irrevocably and unconditionally consent to such transfer, processing, and use in the United States.
As we are committed to protecting the privacy of children, we do not knowingly collect or sell personal information from anyone who is, to our knowledge, under the age of 16. If you are under the age of 16, please do not provide any personal information through the Websites, and/or the Services. LEO does not knowingly collect any personal information from children. Please do not allow children under the age of 16 to provide any personal information, ask questions, or submit information via the Websites. If you become aware that a child under 16 has provided personal information to LEO, please contact us as described in the “How to Contact Us” section, so that we can delete the information.
Retention of Information
We will retain your personal information for as long as is necessary to fulfill the purpose for which it was collected (or for any subsequent purpose that is compatible with the original purpose), for archival purposes, scientific research or statistical purposes, and/or to satisfy legal requirements. When determining the appropriate retention period for personal information, we take into account various criteria, such as the amount, nature, and sensitivity of the personal information; potential risk of harm from unauthorized use or disclosure; purposes for which we process your personal information; whether we can achieve those purposes through other means; and business operations and legal requirements. Because we maintain our Websites and Services to protect from accidental or malicious loss and destruction, residual copies of your personal information may be retained in our backup and archival systems for a limited period of time, after which the information will be automatically deleted or put beyond use where deletion is not possible.
How to Contact Us
If you have any questions regarding this Privacy Notice, please contact us in one of the following ways:
Or write to us at:
LEO Pharma Inc.
7 Giralda Farms – 2nd Floor
Madison, NJ 07940