Privacy and Cookies Policy

For the purposes of EU and Swiss data protection laws, the Data Controller (i.e., the company that is responsible for, and controls the processing of, your personal data) is Helsinn Healthcare SA, with legal address at Via Pian Scairolo, 9, 6912 Pazzallo- Lugano, Switzerland. To contact us please email: [email protected].

The Representative of the Data Controller established in the European Union is Helsinn Birex Pharmaceuticals LTD, with legal address in Damastown Mulhuddart – Dublin 15, Ireland.

You may contact the DPO sending an email to the following address: Helsinn-[email protected]

If you have questions about this Privacy and Cookies Policy, or would like more information about Helsinn’s privacy practices, please contact us at [email protected].

We may collect and process your personal data through the Website when you: (i) contact us using the Contact Us form; (ii) email us using the available links; (iii) submit any personal data through the About Us Section; (iv) submit a Research grant request; (v) submit an Early Access program request; (vi) submit an Educational grant request; (vii) submit a Clinical data sharing program request; (viii) fill in the form in the “Send a Report Online” section or by following the instructions in the “Send a Report by Telephone” section of the Ethicspoint platform; or (ix) apply for a job.

We collect and process personal data that you provide to us, such as when you fill out forms on the Website, only if needed and appropriate. The information may include, for example, your name and contact details (e-mail address, telephone number, mailing address etc.), business information, employment history, education history, qualifications, occupation, and areas of specialization.

We also collect personal data with reports of a possible adverse event associated with any of our products (meaning and including medicinal products, medical devices, and nutritional supplements) and to monitor the safety of our products. Although we generally avoid collecting special categories of personal information through our Website, in the instance of an adverse event report, we may need to collect certain personal data, such as your gender, date of birth and information about your health. Please consult our Pharmacovigilance Data Privacy Policy for additional information on how we process information provided through the “Report Adverse Events” link on our Website.

We can also collect personal data in the management of reports on violations of the Code of Conduct and Ethics, contractual obligations, company’s policies, and procedures, specifically, the Speak Up Policy and the compliance policies adopted by Helsinn on the matter of conflict of interest, anti-corruption, and non-retaliation. The personal data processed will be those of the reporting subject, including personal data relating to third parties, where applicable.

In addition, we automatically collect basic technical information from all visitors to the Website through our automatic data collection tools, which may include cookies and other commonly used technologies (e.g., web beacons). Please see the Section on COOKIES below for further information.

We may need to collect personal data for the performance of any current or prospective contractual relationship with you and where necessary for us to provide you with the requested services/information for the following purposes: (i) to contact you and respond to your requests and enquiries, encompassing collecting and responding to adverse events and product complaint reports; (ii) to process your requests including when you provide information regarding upcoming events and press releases or for collaboration and research purposes; (iii) to evaluate your requests submitted through the early access program request form,  the grant research request form, the educational grant request form, the clinical data sharing request form; (iv) for business administration, including statistical analysis; (v) to analyze  your visit to the Website and to assist you while you use the Website; (vi) to improve the Website by helping us understand who uses the Website; (vii) to provide important notices and updates, such as changes to our terms and policies, security alerts and administrative messages; and (viii) for fraud prevention and detection and investigations against illegal activities; (ix) to manage the reporting of actions or situations of misconduct (“Speak up”), anti-corruption and non-retaliation in the working context; and (x) to comply with applicable laws, regulations or codes of practice or demands or requests made by regulators, governments, courts and law enforcement authorities.

We will only collect personal data about you that is necessary for one or more of our legitimate business purposes or is required by law. Please note that, if you do not provide personal data, we may not be able to provide services or information to you or enter commercial engagements with you.

We may at times share your personal information with others and transfer it internationally. For example, we may share your personal data with trusted third parties, including, but not limited to: companies that provide us with technical support, data analytics, and hosting of the Website; our professional advisors, auditors and business partners; companies engaged to market and distribute Helsinn products; companies that assist with our personnel recruitment; and other third parties providing data processing services in support of our business operations.

Our affiliates (located in Ireland, Peoples Republic of China, and United States of America) may also have access to personal data that you provide us, including through or in connection with this Website for the purposes set out in this Privacy and Cookies Policy.

Additionally, we may share your personal data as required or permitted by law to comply with a subpoena or similar legal process or government request.

We may also transfer your personal data to a third party that acquires all or part of our assets or shares, or that succeeds us in carrying on all or a part of our business, whether by merger, acquisition, reorganisation or otherwise.

Please note that the servers used in the operation of the Website automatically identify a computer by its IP address. If we, in good faith, believe that disclosure is legally required or otherwise necessary to protect our rights and property, or the rights, property or safety of others, or determine that you have or are attempting to misuse or harm the Website, we may investigate and cooperate with appropriate law enforcement agencies to protect our rights or property.

Personal data collected from you, including via this Website, may be transferred to countries located in the European Economic Area (“EEA”), United Kingdom (“UK”) which provide a similar or as protective a level of protection to that provided by Switzerland. We will implement appropriate measures, in accordance with applicable data protection and privacy laws, to ensure that your personal data remains protected and secure when transferred outside of your home country.

If you are from the People’s Republic of China, when you provide your personal data by way of using the Website, you acknowledge that you knowingly transfer your own personal data across the border, where the data protection under relevant Chinese laws will not apply, but instead we will give you protection in accordance with this Privacy and Cookies Policy.

Individuals in EEA, UK and Switzerland have certain data subject rights which may be subject to limitations and/or restrictions. These rights may include the right to: (i) request access to and rectification or erasure of their personal data; (ii) obtain restriction of processing or to object to processing of their personal data; and (iii) the right to data portability. If you wish to exercise one of the above-mentioned rights, please send us your request via email to: [email protected]. Where provided or allowed by law, individuals may also have the right to lodge a complaint about the processing of their personal data with their local data protection authority.

The security of your personal data is important to us. We take appropriate steps, consistent with generally accepted industry standards, including technical, administrative and physical safeguards to protect the personal data submitted to us from loss, misuse and unauthorised access, disclosure, alteration and destruction. Regardless of the security measures in place, however, no transmission over the Internet is entirely secure. Accordingly, you should always use caution when transmitting personal data over the Internet. Please note that any transmission is at your own risk.

We will keep your personal data for the period required by law and where necessary for a legal or regulatory action involving Helsinn. Otherwise, we will store your personal data for as long as required for the purposes for which they were collected and in accordance with our internal data retention and storage procedures, which may change from time to time.

This website uses cookies. We use cookies to personalize content and ads, to provide social media features, and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners, who may combine it with other information you provide or collected from your use of their services.

Cookies are small text files that sites visited by users send to their terminals, where they are stored and then transmitted back to the same sites on the next visit. Cookies are used for different purposes, have different characteristics and can be used by the owner of the site you are visiting, or by third parties. For more information about cookies, please visit www.allaboutcookies.org.

Below is all the information about the cookies installed through this site and the necessary information on how to manage your preferences about them. Current regulations state that we may store cookies on your device if they are strictly necessary for the operation of this website. To install all other types of cookies and process personal data collected through them, we need your consent. Please note that if provided, your consent applies to the following domain: https://www.helsinn.com/

By clicking decline you refuse the use of cookies for which consent is required. This action implies that the default settings will remain in place and therefore that browsing will continue in the absence of cookies or other tracking tools other than technical ones. By clicking accept, you agree to the release of cookies. By clicking on cookie settings, you can customize your choices.

“Cookies” are a technology that allow websites to recognize and respond to you as an individual. They are used to help users navigate websites efficiently as well as to provide information to the owner of the website. To find out more about cookies generally, including how to manage, block and delete them, please visit www.allaboutcookies.org.

When you visit our Website, we may use a “cookie” or other similar tracking technology to improve your experience. The cookies we place may also collect information about your Internet Protocol (“IP”) address, or click stream data within our Website (i.e. the actions taken in connection with the Website). This information helps us improve the functionality of the Website.

We also use cookies provided by Google Analytics to help us measure how visitors use the Website. The information collected is used for a variety of purposes, including, site traffic reporting, unique visitor counts, and content optimization.

If you do not want to participate in this feature, you can opt-out of this website analysis tool by clicking: https://tools.google.com/dlpage/gaoptout.

You can set your web browser to manage cookies and accept or reject them. If you elect to block cookies, please note that you may not be able to take full advantage of the features and functions of the Website.

Tracking of users' online browsing can also be done with technologies similar to cookies. The following are some examples.

Localstorage: is a technology used to optimize browsing, which does not collect data on the preferences manifested by the user (e.g., stores a code that identifies the user's session after login, to avoid the user having to enter username and password on each profile page when accessing restricted areas.

Tracking pixel: "Tracking code" or "tracking code," is precisely a small portion of code that is released by some systems for the purpose of being implemented in others to track some data related to the user and his browsing session or e-mail opening, in a totally transparent way to the user himself. The data that is tracked can be as diverse as the day and time, geographic location, type of device adopted for browsing, up to and including in the most complex tracking pixels to monitor the value spent on a purchase order and other useful information for the marketing departments of the companies that use them.

Plugin: is a program that interacts with another program to expand or extend its original functionality. The most commonly used plugins are social network plugins, which allow e.g., the user to follow a social page or profile with one click, to indicate with one click that they liked a web content and to share it on their social network profile, etc.

Widget: is a graphical user interface component of a program, which is intended to make it easier for the user to interact with the program. The most commonly used widgets are social network widgets, which allow users to easily open social networks in a separate browser window. These services enable interactions with social networks, or other external platforms, directly from the pages of a site. Any interactions and information acquired by the site are subject to the privacy settings of the third party that created the aforementioned technologies. To receive detailed regarding the use of personal data processed when you use these technologies, please visit the websites of the third-party operators of the aforementioned technologies.

Remember that you can also manage your cookie preferences through your browser. If you do not know the type and version of browser you are using, click on "Help" in the browser window at the top, from which you can access all the information you need. If, on the other hand, you do know your browser, access the page dedicated to cookie management.  Users can, for example, find information on how to manage Cookies in some of the most popular browsers at the following addresses.

Mozilla Firefox https://support.mozilla.org/it/kb/Gestione%20dei%20cookie

Google Chrome https://support.google.com/chrome/answer/95647?hl=it

Internet Explorer/Microsoft Edge http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies

Safari https://support.apple.com/it-it/guide/safari/sfri11471/mac

Safari su iPhone, iPad, o iPod touch https://support.apple.com/it-it/HT201265

The Data Controller reserves the right to revise, update, add or delete any part of this policy at its discretion and at any time. In case of changes, the date of update will be indicated.

We recognize the importance of protecting the privacy of children. Our Website is neither intended for children nor is it designed to attract child users. Our Website, its content and our services are intended for users over the age of sixteen (16). We do not knowingly collect any personal data from children under age sixteen (16). When a user discloses personal data on the Website, the user is declaring to us that he or she is at least sixteen (16) years of age.

The Website may, from time to time, contain links to websites operated by third parties that may provide useful information to you. If you follow the link to any of these websites, please note that those sites may have their own privacy policies. Helsinn is not responsible for the privacy practices or the contents of such other websites. We suggest that you exercise caution and look at the privacy statement for each website you visit.

California residents have certain rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (“CCPA”), including the right to request access to and deletion of personal information held by businesses covered by the CCPA.  The purpose of this section of the Policy is to provide California residents a description of our practices regarding the collection, use, and disclosure of personal information and instructions for submitting CCPA data privacy requests.  Some of the personal information that we collect, use, and disclose may be exempt from the CCPA because it is regulated by other federal and state laws that apply to us.

If you are a California resident, to exercise your CCPA rights and submit your request, please complete the CCPA Request Form and either: mail it to Helsinn Therapeutics (U.S.), Inc., at 200 Wood Avenue South, Suite 100, Iselin, NJ 08830, attention Vice President, Legal, or send it via email to [email protected].  You can also contact us by telephone at 1-844-357-4664.

California Disclosures on Our Use of Personal Information

Your Rights
The CCPA provides you, as a California resident, specific rights subject to certain exceptions.

• The Right to Know. You have the right under the CCPA to request that we disclose what personal information we collect, use, disclose, and sell.  The process for exercising this right is described below under “How to Submit a Data Privacy Request.”


• The Right to Correct Inaccurate Personal Information. You have the right under the CCPA to request that we correct inaccurate personal information that we maintain about you.


• The Right to Delete. You have the right under the CCPA to request deletion of any personal information about you that we have collected from you. The process for exercising this right is described below under “How to Submit a Data Privacy Request.”


• The Right to Non-Discrimination. You have the right under the CCPA not to be discriminated against for exercising your rights.

Right to Know
Individuals whose personal information is covered by the CCPA have a right to request that Helsinn provide the following information:

• The categories of personal information that Helsinn has collected about you.


• The categories of sources from which Helsinn collected the personal information.


• The specific pieces of personal information Helsinn collected.

Individuals whose personal information is covered by the CCPA may also submit a request that Helsinn provide the following additional information: The categories of personal information that Helsinn has disclosed for a business purpose.

Our responses to any of these requests will cover the period following January 1, 2022.

Right to Delete
Individuals whose personal information is covered by the CCPA may also request deletion of that information.  Upon receiving and verifying such request, Helsinn will delete the personal information that we have collected about you, unless applicable law permits us or requires us that we retain the information.

Sales of Personal Information
We do not “sell” or “share” personal information as those terms are defined under the CCPA. Furthermore, we do not have actual knowledge that we “sell” the personal information of minors under age 16.

Since we do not “sell” or “share” personal information, we do not process user-enabled privacy controls, such as a browser plugin or privacy setting or other mechanism, to signal your choice to opt-out of the sale of your personal information.

Sensitive Personal Information

We do not use or disclose personal information that the CCPA has defined as sensitive personal information for marketing, and use such information only for purposes expressly permitted under the CCPA.

Right to Non-Discrimination
Helsinn will not discriminate against you because you exercise your rights under the CCPA. We will not deny you goods or services or charge you a different price or rate for goods or services if you exercise the privacy rights conferred by the CCPA.

Authorized Agents

If you are legally entitled to such rights, you may authorize an agent to submit a request on your behalf.  The authorized agent can be a natural person or a business entity that is registered with the California Secretary of State.  If you would like to authorize an agent to act on your behalf, you must: (1) provide the authorized agent written and signed permission to submit such request (including by granting the authorized agent power of attorney to submit requests on your behalf pursuant to California Probate Code) or (2) verify your own identity directly with us.

Verification

You will be required to verify your identity by providing us with certain personal data, depending on the nature of the information you require, which we will endeavor to match with information we maintain about you.  For further information about our agent verification process, please contact us at mail it to Helsinn Therapeutics (U.S.), Inc., at 170 Wood Avenue South, 5th Floor, Iselin, NJ 08830, attention Vice President, Legal, or send it via email to [email protected].  You can also contact us by telephone at 1-844-357-4664.For some requests, we may need to request additional personal information from to verify your identity. We may do this by contacting you by phone or email to verify your request.  Additionally, we require that you provide a declaration attesting to your identity, signed under penalty of perjury.

Shine the Light law
California’s “Shine the Light” law permits California residents to annually request and obtain information free of charge about what personal information is disclosed to third parties for direct marketing purposes in the preceding calendar year. We do not disclose your personal information to third parties for their own marketing purposes.