Eidos Therapeutics and its contract research organization (“CRO”) Medpace, Inc. (“Medpace”) respect the privacy of individuals of all nationalities in the processing of their Personal Data, recognizing the fundamental rights to lawfulness, fairness, and transparency.
This policy applies to all information relating to any identified or identifiable natural person that we collect via our website. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (“Personal Data”).
For purposes of data protection laws, Eidos Therapeutics is the controller of your Personal Data. The GDPR Representative for Eidos Therapeutics is Pharm-Olam International Deutschland GmbH, and may be contacted DPO@pharm-olam.com.
Your web browser may be programmed to notify you when you are receiving a cookie, giving you the choice to accept it or not. You can also refuse all cookies by turning them off in your browser.
We may use third-party web analytics services on our website, such as those of Google Analytics. These service providers help us analyze how users use the website, including by noting the third-party website from which you arrive If you wish to prevent your data from being used by Google Analytics, Google has developed the Google Analytics Opt-Out Browser Add-On.
We may use information gathered from our website for a variety of purposes related to our business. This may include:
Personal Data collected from you during a clinical trial is generally used to test the safety and efficacy of experimental drugs and medical devices. If you are a participant in a clinical trial sponsored by Eidos Therapeutics and managed by Medpace, please review the informed consent form that you receive from your study doctor for more information about how your Personal Data will be used, shared, and protected.
We do not engage in automated decision-making using Personal Data.
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your Personal Data (as defined in such applicable laws). To the extent those laws apply, our legal grounds are as follows:
Your Personal Data may be shared with third parties to fulfill the purposes for which it was originally collected. Personal Data is transferred to third parties pursuant to contractual obligations consistent with applicable law and with this Privacy Policy. Recipients of Personal Data may be service providers, regulatory authorities, ethical committees, and third parties associated with the study, the Institution where the study takes place, or the CRO and its Affiliated companies. For more information on how we may share Personal Data collected during the clinical trial, please review the informed consent form that you receive from your study doctor.
We may also disclose Personal Data collected from website visitors among our companies and to our corporate affiliates who agree to treat it in accordance with this Privacy Policy.
We may also share your Personal Data in connection with, or during negotiations of, any merger, acquisition, sale of assets or any business, other change of control transaction or financing.
Finally, we may disclose your Personal Data if we believe it is required by applicable law, legal process or governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns. This includes sharing Personal Data with law enforcement officials, public health officials, other government authorities, or other third parties as necessary to enforce our Code of Conduct or other policies; to protect our rights or property; or the rights, safety, or property of others; or in the event of a claim or dispute relating to our business operations.
We do not sell or share user Personal Data with third parties for their direct marketing.
Your Personal Data may be transferred to a third country outside of the country where you are a resident, and that country’s data protection laws may not be as strong as in your country. Please be aware that any personal data you provide to us will be transferred to, processed, and stored in the United States. You consent to the transfer of your information, including personal information, to the United States as set forth in this Privacy Policy by visiting our site or submitting an inquiry to us. Transfers to these countries are made using appropriate safeguards as required in Article 46 of the GDPR (e.g., Standard Contractual Clauses) and in other applicable law. For more information on these safeguards, please contact us pursuant to Section 8 below.
Applicable data privacy law may provide you with rights regarding your Personal Data. Such rights may include:
Certain information may be exempt from such requests under applicable law. For example, the rights available to you as a clinical trial participant may be limited pursuant to an exception to the applicable data privacy law to preserve the integrity or scientific value of the clinical trial data that was collected.
If you are a clinical trial participant, you should first contact the study site at which you participated, or the Principal Investigator of the study, to enquire about your rights under applicable data privacy laws and the means available to exercise those rights. You may also contact us pursuant to Section 8 of this Privacy Policy. You will need to provide us with information sufficient to verify your identity before we can satisfy your request.
We use physical, electronic and organizational procedures to safeguard and secure your Personal Data. This includes encryption, firewalls, access controls, and other procedures designed to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. While we make reasonable efforts to protect the Personal Data we collect, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure, and as a result, we cannot guarantee the security of Personal Data you transmit to us.
Personal Data is restricted to authorized individuals, who only can access it on a "need to know" basis.
We may store some business records or clinical trial documents in hard copy (paper or disk) format, as required by law or regulation, or pursuant to the fulfilment of a legitimate business purpose. In this case, documents are retained for the minimum time necessary, and then securely destroyed. Long-term storage of hard copy documents may be carried out by a qualified third-party vendor.
We retain user Personal Data for as long as necessary for the purposes described above, or as required by law. We will retain different categories of Personal Data for different periods of time depending on the category of user to whom the Personal Data relates, the type of Personal Data, and the purposes for which we collected the Personal Data.
This website is not intended for, or designed to attract, children under the age of 16. No Personal Data should be submitted to us through the website by visitors who are less than 16 years old.
Our website may contain links to other websites and online services (“Linked Sites”). The fact that we link to a third party website or service is not an endorsement or representation of our affiliation with that third party, nor is it an endorsement of their privacy policies or practices. You acknowledge and agree that we are not responsible for the privacy practices of such Linked Sites, and this Privacy Policy does not apply to such Linked Sites. The operators of Linked Sites may collect information about you, and may use and disclose that information. We encourage you to review the privacy policies of the Linked Sites that you use.
If you are a California resident, California law requires us to provide you with additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout this Privacy Policy, we describe the specific pieces of personal information we collect, the sources of that information, and how we share it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, and email address); internet or other network or device activity (such as IP address); geolocation information (general location); and other information that identifies or can be reasonably associated with you. We collect the above categories of personal information directly from you and through your use of our website.
We or our service providers may collect the above categories of information for the following business or commercial purposes:
We may also use the above categories of personal information for compliance with applicable laws and regulations.
We describe our information sharing practices in this Privacy Policy. We may share certain categories of personal information with third parties for business purposes. For example, we may share any of the categories described above among our companies and with our corporate affiliates.
If you are a California resident, you may have certain rights. California law may permit you to request that we:
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law.
You may exercise your California consumer rights using the contact information in Section 8. You will be required to verify your identity before we fulfill your request. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization for the agent to act on your behalf. You will still need to verify your identity directly with us.
The CCPA sets forth certain obligations for businesses that “sell” Personal Data. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we do not believe we engage in such activity.
For more information about our privacy practices, or to exercise any rights you may have under applicable data privacy laws, please contact Eidos at dataprivacy@eidostx.com, and Medpace at privacy@medpace.com, by telephone at +1 (513) 579-9911 (Cincinnati local), +1 (800) 730-5779 (USA toll free) or by mail at 5375 Medpace Way, Cincinnati, Ohio 45227 United States of America, Attn: Data Protection Officer.
The GDPR Representative for Eidos Therapeutics is Pharm-Olam International Deutschland GmbH, and can be contacted via email: DPO@pharm-olam.com
We may occasionally update this notice. If we make material changes, we will notify users of the changes on our website, or through other means, such as email, as required by law. We encourage users to periodically review this notice for the latest information on our privacy practices. After such notice, use of our services by users in countries outside the European Union will be understood as consent to the updates to the extent permitted by law.