We process the information we collect from and about you in accordance with applicable data protection principles, including U.S. and applicable EU member state law. We understand the importance of your privacy and are committed to providing appropriate privacy protections to everyone we collect data from. This includes:
INFORMATION WE COLLECT AND HOW WE USE IT:
I. DATA RETENTION
Information We Collect: When you participate in Research, we collect certain information that, alone or in combination with other information, could be used to identify you, as described below.
Information You Provide Us: When you choose to enroll in Research, entities that conduct Research-related activities on our behalf, including providers of clinical trial operations services such as trial site personnel, investigators who provide you with investigational drugs, clinical research organizations such as laboratories that test your blood (“CROs”) and others (collectively, referred to as “Research Partners) collect information including your name, email address, address, and other contact information. Our Research Partners also collect demographic information, such as racial or ethnic origin, gender, age, religious or philosophical beliefs, or information specifying the participant’s sex life, and may also collect information concerning your medical or health conditions. Before this information is provided to us, it is de-identified to mask the identity of any individual Research participant.
How We Use Information Collected From Research Participants.
To conduct Research, including performing drug development research and Research-related activities such as reporting to industry regulators. For Research purposes, we either rely on reasons of public interest in the area of public health to process your information, or on the basis of consent.
As necessary for certain legitimate business interests, which include the following:
To carry out our business operations, including marketing and sales; responding to your requests; and tracking our interactions and meetings, such as when you contact us for information and support; providing you access to online services, applications, and platforms, and allowing you to manage your online accounts, where applicable; allow assessment of website traffic such as page-views; and establish and ensure ongoing qualification of select clinical trial vendor personnel providing services to us.
II. SITE USERS
Information We Collect: When you access and use our Sites, we collect the following types of information from and about you.
Information You Provide Us. We collect information that visitors to the Sites send to us electronically, for example when completing any “free text” boxes in our forms (such as on our “Information Request” or “Contact Us” page), or requesting information or subscribing to emailing lists. While the type of information we collect through these methods depends on the nature of your inquiry, it typically includes name and email address. If you have the opportunity to register on our Sites, we will also collect information such as a username and password.
Automatically Collected Data. When you use or interact with the Sites, the following information is automatically collected through cookies and similar tools and logged in our systems:
How We Use Information Collected from Visitors to our Sites.
As necessary for certain legitimate business interests, which include the following:
SHARING AND DISCLOSURE OF INFORMATION
We may share or disclose your information at your direction, such as when you authorize a third-party service to access your account. There are certain circumstances in which we may share your information with certain third parties without further notice to or authorization from you, unless required by the law, as set forth below:
To determine the appropriate retention period for your information, we will consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your information, the purposes for which we use your information, and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your local laws may permit you to request that we:
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests, to comply with a legal obligation, or where the information provided in connection with Research is necessary in the public interest. We may request you provide us with information necessary to confirm your identity before responding to your request as required or permitted by applicable law. If you would like further information in relation to your legal rights under applicable law, or would like to exercise those rights, please contact our Data Protection Officer using the information in the “Contact Information” section below at any time.
EUROPEAN UNION (EU) USERS
Data Controller. BridgeBio and the BridgeBio subsidiary or affiliate that offers the website you are using or that administers the Research in which you are participating are the data controllers for processing your information. To find out our contact details, please see the “Contact Us” section below.
If you are an individual in the EU, and would like to contact our Data Protection Officer on matters related to the processing of information, or otherwise exercise your rights in respect of your personal data (described below), please contact [email protected]. If you participate in Research conducted by QED Therapeutics or use the website at qedtxstg.wpengine.com, you can also contact QED at [email protected].
Legal basis for Processing. We will generally process your information based on the following legal bases:
CALIFORNIA PRIVACY DISCLOSURE
COLLECTION OF INFORMATION FROM CHILDREN
The Sites are intended for general audiences and not for children under the age of 13. If we become aware that we have collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 13 without legally-valid parental consent, we will take reasonable steps to delete it as soon as possible. We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.
LINKS TO OTHER WEBSITES
COOKIES, ONLINE ANALYTICS, AND ADVERTISING
Some cookies expire after a certain amount of time, or upon logging out (session cookies); others remain on your computer or terminal device for a longer period (persistent cookies). Our Sites use first party cookies (cookies set directly by us) as well as third party cookies (provided by our analytics and advertising providers).
On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings on the most popular browsers:
Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Sites and you may not be able to benefit from the full functionality of the Sites.
If you access the Sites on your mobile device, you may not be able to control tracking technologies through the settings.
Online Analytics. We may use third-party web and mobile application analytics services (such as those of Google Analytics) on our Sites to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.
INTERNATIONAL USERS AND DATA TRANSFERS
We have implemented a variety of technological and organizational procedures and measures to protect your information from unauthorized access, use and disclosure. However, please note that no method of Internet transmission can be completely secure.
You may contact us as follows: You may send an email to [email protected] or send mail to:
Attn: Privacy Officer
c/o BridgeBio Pharma, Inc.
42 Kipling Street
Palo Alto, CA 94301