Welcome to the website of Autobahn Therapeutics, Inc. (“we”, “us” and/or “our”). This website is operated by us and has been created to provide information about our company and its products and services to the visitors of our online portals, including this website (“you”, “your”). This Privacy Statement describes our policy with respect to information including personally identifiable data (“Personal Data”) and other information about you, that we collect, use, disclose and store (together “process”), and explains the rights and choices available to individuals with respect to their information.
Autobahn may provide additional privacy notices to individuals at the time we collect their data (e.g. we provide a specific privacy notice to clinical trial participants about our privacy practices in connection with conducting clinical trials. This type of “in-time” notice will govern how we may process the information you provide at that time.
1. Information We Collect
1.1 Sources from which we receive Personal Data
- From Individuals directly
- Our websites, portals and mobile app profiles
- Healthcare professionals (HCP)
- Contract research organizations and clinical trial investigators (CRO)
- Government agencies or public records
- Third party service providers, data brokers or business partners
- Industry and patient groups and associations
- Social media or other public forums (e.g. adverse event reports or product quality complaints)
1.2 Individuals we collect Personal Data from
We collect personal information about the following types of individuals, and other individuals who interact directly with Autobahn or its service providers or business partners, including users of online portals.
When you interact with us through our online portals, we may collect Personal Data and other information from you, as further described below:
- Clinical trial participants and patients
- Participant family members
- Caregivers or advocates
- HCPs, trial staff and pharmacists
- Contractors and consultants
- Employees and job applicants
- Office visitors
1.3 Website and online portal information
When you interact with us through our online portals, we may collect Personal Data and other information from you, as further described below:
- Contact data and other Personal Data from you when you voluntarily provide such information, such as when you contact us with inquiries.
- Cookies and similar technologies: In operating this website, we may use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our website gives to your browser when you access the website. Cookies help provide additional functionality to the website and help us analyze website usage more accurately. For instance, our website may set a cookie on your browser that allows you to access the website without needing to remember and then enter a password more than once during a visit to the website.
- There are two primary types of cookies that are used, session cookies and persistent cookies. Session cookies are deleted automatically when you close your browser and persistent cookies remain on your device after the browser is closed (for example to remember your user preferences when you return to the site). Each cookie typically falls into one of several categories.
- Find out more about cookies by visiting www.aboutcookies.org or www.allaboutcookies.org.
- Cookies and similar technologies that may be used by our website
- Strictly necessary cookies: These cookies are essential in order to enable you to move around the Website and use its features. Without these cookies, services you have asked for (such as navigating between pages) cannot be provided.
- Performance cookies: We may make use of analytics cookies to analyze how our visitors use our website and to monitor website performance, including those by Google Analytics. This allows us to provide a quality experience by customizing our offering and quickly identifying and fixing any issues that arise (e,g. performance cookies might keep track of which pages are most popular, or to determine why some pages are receiving error messages. These cookies can also highlight articles or site services that may be of interest based on website usage.
- Consent or changing your preferences: We will obtain your consent before using cookies where required – except where they are necessary for the website to operate.
- We recommend that you leave cookies turned on because they allow you to take advantage of some of the website’s features.
- Social Media Data: We may process certain Personal Data in relation to your social media profile and the Website’s integration with such social media services. For further information, please see the section below entitled “Social Media”.
- Non-Identifiable Data: When you interact with us through online portals, we receive and store certain non-identifiable personal information, for example, the total number of visitors to our Website, and the domain names of our visitors’ Internet service providers. This information cannot be used to identify you and is not considered to be Personal Data by Privacy Laws.
1.4 Types of Personal Data we process
The types of personal information we collect and share depend on the nature of the relationship you have with Autobahn and the requirements of applicable laws. The types of personal information we collect include:
- Health and medical information (such as medical insurance details, physical and mental health conditions, family medical history, and medications an individual may take) in connection with managing clinical trials.
- Personal and business contact information and preferences (such as name, job title and employer name, email address, mailing address, phone number, and emergency contact information)
- Biographical and demographic information (such as date of birth, age, gender, marital status, and information regarding any parents or legal guardians)
- Professional credentials, educational and professional history, institutional and government affiliations, background checks, performance reviews, aptitude and personality assessments, languages spoken, and information of the type included on a resume.
- If you are a third party with whom we have a contractual relationship, such as a health care professional, we collect publicly available information related to your practice, such as license information, disciplinary history, and other due diligence related information
- Payment-related information we need to pay for professional services, such as consulting, individuals may provide to us (such as tax identification number and financial account information)
- Your photograph, social media handle or digital or electronic signature
- Publicly available information (such as comments describing support for and experience with Autobahn products)
- If you are a visitor to an Autobahn office location, we collect information through closed circuit television (CCTV)
- Other information you provide to us (e.g. market research surveys with Autobahn or its service providers)
2. How we use of your Personal Data and other information
We use the Personal Data you provide for the following purposes:
- Communicating with you about the products and services we offer, and responding to requests, inquiries, comments, and suggestions.
- Analyzing and enhancing our interactions including on our websites and mobile applications
- Operating, securing, and improving our business and the products and services we offer
- Tailoring the content we display and send you in our communications and on our websites and in mobile apps
- Staffing, facilitating, conducting and managing clinical trials
- Tracking and responding to safety and product quality concerns
- Facilitating, and arranging travel and other logistics for public health initiatives, symposia, conferences, and scientific, educational, community, and volunteer events, including those at Autobahn offices
- Facilitating academic and other research and studies
- If you are a third party with whom we have or are contemplating a contractual relationship, such as an HCP, we may collect publicly available information related to your practice, such as license information, disciplinary history, prior litigation and regulatory proceedings, and other due diligence related information
- Defining and managing appropriate patient engagement activities, and patient support programs
- Identifying, interacting, and engaging with health care professionals, including thought leaders and external experts
- Awarding scholarships and grants as well as attributing authorship to academic and promotional materials
- Complying with legal or regulatory requirements, judicial process, and our company policies (including due diligence and contracting activities)
- Protecting against, identifying, investigating, and responding to fraud, illegal activity (such as incidents of hacking or misuse of our websites and mobile applications), and claims and other liabilities, including by enforcing the terms and conditions that govern the services we provide
- Facilitating and improving our recruitment activities (such as processing employment applications, evaluating a job candidate for an employment activity, analyzing trends, and monitoring recruitment statistics)
3. Disclosure of your Personal Data and other information
- Agents, Consultants and Vendors: We, sometimes hire other companies to perform certain services to us on our behalf, that are critical to providing our products and services or conducting our research. Examples of such vendors include:
- Technology providers to maintain our systems, and host websites or online portals
- Data storage and analytics providers;
- provide us with legal advice and assistance;
- Contract research organizations that conduct clinical trials on our behalf
- Health care professionals, researchers, academics, and public health organizations
When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function and such data sharing is covered by a contract committing them to process your personal data in accordance with our policies and all applicable law.
- Others (including law enforcement): We may share Personal Data:
- if required to do so by law;
- to law enforcement authorities or regulators only based on an order of a competent court;
- to others, where we believe disclosure is necessary or appropriate to protect and defend our rights and property, act in urgent circumstances to protect the personal safety or protect against legal liability.
- Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
4. Electronic Marketing
Where legally permissible, we may send you electronic communications about Autobahn products and services, including via email. You may unsubscribe from receiving marketing or other commercial communications from Autobahn by following the instructions included in such electronic communications. However, even if you opt out of receiving these communications, we retain the right to send you nonmarketing communications (such as product safety information, or changes in website on mobile application terms).
5. Your privacy rights and choices
Individuals certain rights and choices regarding Autobahn’s processing of their personal information. We have appointed a data protection officer (“DPO”) as a point of contact for exercising these rights. Please see the Contact Us section for the DPO’s contact information. In some cases where your personal information is accessible through an online portal or platform, you may be able to directly exercise these rights by following the instructions on the portal or platform.
Please note that if the exercise of these rights limits our ability to process personal information, we may not be able to provide our products or services to individuals who exercise these rights, or to otherwise engage with such individuals going forward. In addition, your rights and choices may be limited in certain cases: for example, if you ask to delete information which we are required by law or have compelling legitimate interests to keep.
We reserve the right to verify the identity of the individual in connection with any requests regarding personal information to help ensure that we provide the information to individuals to whom the information pertains and allow only those individuals or their authorized representatives to exercise rights with respect to that information.
For information about the rights and choices users have with respect to cookies and online tracking, please see the section on Cookies in this Privacy Notice.
Individuals in the European Economic Area have the right to file a complaint with the supervisory authority of their member state.
5.1 Withdrawal of consent
Where you have provided consent to us to process your personal information, you may withdraw such consent by following the instructions in your informed consent form or, for unsubscribing to marketing emails you should use the options provided in any marketing literature sent by us or on our behalf.
5.2 Right of Access
You may request access to your personal data, and we will provide you with a copy of the personal we maintain about you, in a commonly used format. You may request to correct any errors in your personal data, and we will make such updates to the extent we are able to or are permitted to by law. If we must reject your request, we will notify you of the reasons for the rejection.
5.3 Objection to and deletion of personal information
To the extent provided by applicable law, you may object at any time on legitimate grounds to the processing of your personal data or request that we delete your personal data from our records. We will comply with such requests to the extent we are able to or are permitted to by law. If we must reject your request, we will notify you of the reasons for the rejection.
This website may contain links to other websites not operated or controlled by us (the “Third Party Websites”). The policies and procedures we described here do not apply to the Third Party websites. The links from this Website do not imply that we endorse or have reviewed the Third-Party Websites. We suggest contacting those sites directly for information on their privacy policies.
8. International data transfer
Specifically, we may transfer personal information from the European Economic Area (“EEA”) or the United Kingdom) to jurisdictions that the European Commission have not deemed to adequately safeguard personal information. Such transfers are conducted in accordance with Standard Contractual Clauses (SCC’s) published by the EU Commission, or pursuant to the consent of the individual to whom the personal data pertains, or as otherwise permitted by applicable EEA requirements, (e.g. where necessary for important reasons of public interest such as PV reporting).
9. Personal data processing in and from the EEA and UK
Autobahn is generally the data controller, either alone or jointly with research partners, with respect to the processing personal data in or from the EEA or UK.
9.1 Lawful basis for processing
Respective Privacy Laws provide for several legal bases on which we can process personal data and Autobahn relies on several of these depending on the purpose for which we collect the personal data.
In some cases, Autobahn has a Legitimate Interest to process personal data, such as to operate, evaluate and improve our business; to facilitate and manage clinical trials and other patient advocacy and engagement programs; to promote scholarly research; to support our recruitment activities; or to facilitate a sale of assets or merger or acquisition. We may also process personal data for protection against criminal offences and the maintenance of a safe workplace for staff.
In other cases, Autobahn processes personal information to fulfill our contracts with our employees and business partners, such as healthcare professionals or clinical investigators.
It may be also process personal data to establish, exercise or defend against fraud, illegal activity, and claims and other liabilities, including by enforcing the terms and conditions that govern the services we provide.
Autobahn’s processing of personal data may be necessary to comply with our legal obligations, and for reasons of public interest, such as pharmacovigilance and adverse event reporting.
If Autobahn relies on consent for the processing of your personal data, we will obtain such consent at the time we collect your personal information.
10. Social Media
Through our website or online portals, you can choose to interact with us or access certain social media websites and services that are owned and/or controlled by third parties collectively referred to as “Social Media”. When you access and use the Social Media Services, you will be sharing information (which will include Personal Data if you share such information) with those Social Media Services.
If you add Social Media accounts or log into our sites using your Social Media account:
- we will collect relevant information necessary to enable the Website to access that Social Media Service. However, you will provide authentication credentials such as User ID or password directly to such Social Media service and Autobahn shall have no access or visibility whatsoever;
- as part of such integration, the Social Media service may provide us with certain information that you have provided to such them, and if we process such information, we will do so in accordance with this Privacy Statement and if applicable, the policies of such Social Media services.
The manner in which Social Media process your information for their own purposes is governed by their policies and terms of service.
We maintain reasonable technical and administrative measures to protect the Personal Data from accidental or unlawful loss, misuse, or unauthorized access, disclosure, alteration, or destruction. However, no technical or organizational measures can guarantee full secure or error free personal data at all times. In particular, e-mails sent to or from our network may not be secure. Therefore, you should take special care in deciding what information you share with us via e-mail.
12. Third-Party websites and content
Autobahn may provide links to websites and other third-party content that is not owned or operated by us. The websites and third-party content to which we link may have separate privacy notices or policies. Autobahn is not responsible for the privacy practices of any entity that it does not own or control.
13. Data Retention
In general, we will store your Personal Data as long as is necessary to fulfil the purposes for which we collected it:
We will retain your personal data only for as long as necessary to fulfill the purpose(s) for which it was collected. Specific retention periods will differ depending on the purpose(s) for which it was collected, the nature of the information, contractual obligations related to data retention, and applicable legal or regulatory obligations. Upon expiry of a data retention term, we will destroy the personal data or render it unidentifiable (anonymize), in accordance with applicable law.
15. Contacting Us
9880 Campus Point Drive=
San Diego, CA 92121