Last Updated: March 1, 2022
2. PERSONAL INFORMATION WE COLLECT
We collect information that you provide to us, information we obtain automatically or through non-automatic methods provided that it is part of the data recording system when you use our Services, and information from other sources such as third-party services and organizations, as described below.
A. Information You Provide to Us Directly
We may collect the following personal information that you provide to us.
• Your Communications with Us. We may collect personal information, such as email address, phone number, or mailing address when you request information about our Services, apply for a job, or otherwise communicate with us.
We may collect personal information automatically when you use our Services:
• Automatic Data Collection. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, browser or device information, location information (including approximate location derived from IP address), and Internet service provider. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during and after using our Services, information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services.
• Cookies. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience.
• Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in our Services that collects information about engagement on our Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.
Our uses of these Technologies fall into the following general categories:
• Operationally Necessary. This includes Technologies that allow you access to our Services, applications, and tools that are required to identify irregular website behavior, prevent fraudulent activity and improve security or that allow you to make use of our functionality;
• Performance-Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how individuals use our Services (see Analytics below);
• Functionality-Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services.
See “Your Privacy Choices and Rights” below to understand your choices regarding these Technologies.
3. HOW WE USE YOUR INFORMATION
We use your information for a variety of business purposes, including to provide our Services, and for administrative purposes, as described below.
A. Provide Our Services
We use your information to fulfil our contract with you and provide you with our Services, such as processing applications if you apply for a job we post on our Services.
B. Administrative Purposes
We use your information for various administrative purposes, such as:
• Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
• Measuring interest and engagement in our Services;
• Improving, upgrading or enhancing our Services;
• Developing new products and Services;
• Ensuring internal quality control and safety;
• Authenticating and verifying individual identities, including requests to exercise your rights under this Notice;
• Debugging to identify and repair errors with our Services;
• Auditing relating to interactions, transactions and other compliance activities;
• Enforcing our agreements and policies; and
• Complying with our legal obligations.
C. Other Purposes
We also use your information for other purposes as requested by you or as permitted by applicable law.
• De-identified and Aggregated Information. We may use personal information and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, information about the device from which you access our Services, or other analyses we create.
4. HOW WE DISCLOSE YOUR INFORMATION
We disclose your information to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, as described below.
A. Disclosures to Provide our Services
The categories of third parties with whom we may share your information are described below.
• Service Providers. We may share your personal information with our third-party service providers who use that information to help us provide our Services. This includes service providers that provide us with IT support, hosting, payment processing, customer service, and related services.
• Business Partners. We may share your personal information with business partners to provide you with a product or service you have requested. We may also share your personal information to business partners with whom we jointly offer products or services.
• Affiliates. We may share your personal information with our company affiliates for our administrative purposes, including activities such as IT management, for them to provide services to you or support and supplement the Services we provide. We may also share your personal information (including but not limited to sensitive personal information) within the country or abroad to our affiliates, through an online system, within the framework of the objectives and principles mentioned above and our internal rules, and in accordance with the methods and conditions indicated in the Law.
• APIs/SDKs. We may use third-party Application Program Interfaces (“APIs”) and Software Development Kits (“SDKs”) as part of the functionality of our Services. For more information about our use of APIs and SDKs, please contact us as set forth in “Contact Us” below.
B. Disclosures to Protect Us or Others
We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.
C. Disclosure in the Event of Merger, Sale, or Other Asset Transfers
If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
5. OUR PRIVACY CHOICES AND RIGHTS
Your Privacy Choices. The privacy choices you may have about your personal information are determined by applicable law and are described below.
• Cookies and Interest-Based Advertising. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, our Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS and others.
Please note you must separately opt out in each browser and on each device.
Your Privacy Rights. In accordance with applicable law, you may have the right to:
• Access Personal Information about you, including: (i) confirming whether we are processing your personal information; (ii) obtaining access to or a copy of your personal information in a structured, commonly used, and machine readable format; and (iii) receiving an electronic copy of personal information that you have provided to us, or asking us to send that information to another company in a structured, commonly used, and machine readable format (the “right of data portability”);
• Request Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information;
• Request Deletion of your personal information;
• Request Restriction of or Object to our processing of your personal information including where the processing of your personal information is based on our legitimate interest or for direct marketing purposes] [and request compensation for the damage; and
• Withdraw your Consent to our processing of your personal information. Revoking your consent does not affect the lawfulness of any processing based on your consent before its revocation.
If you would like to exercise any of these rights, please contact us as set forth in “Contact Us” below or as otherwise instructed in the additional privacy notices provided at the time we collected your personal information. We will process such requests in accordance with applicable laws.
6. SECURITY OF YOUR INFORMATION
By using our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our Services, by mail or by sending an email to you.
In addition, we determine and implement systematic, clearly defined, manageable and sustainable policies and procedures for the security of your sensitive personal information.
Within the scope of your sensitive personal information stored in our electronic media or accessible in these environments;
(a) We protect your data using cryptographic methods,
(b) We keep cryptographic keys in secure and different environments,
(c) We securely log transaction records of all transactions performed on your data,
(d) We continuously monitor the security updates of the environments where your data is located, regularly conducts necessary security tests and records test results,
(e) In cases where your data is accessed via software, we fulfill the user authorizations of this software and regularly perform the security tests of these software and record the test results in question.
(f) We provide at least a two-step authentication system if remote access to your data is required.
We prevent unauthorized entry and exit in order to ensure the physical security of these environments by taking adequate safe precautions and routinely inspecting your personal information processed, stored and / or accessible in our physical environments.
7. RETENTION OF PERSONAL INFORMATION
8. OTHER PROVISIONS
9. Contact us
Creyon Bio, Inc.