1. Collection of Personal Information
1. Information We Collect From You
The types of Personal Information we may collect (directly from you or from third party sources) and our privacy practices depend on the nature of the relationship you have with Loxo and the requirements of applicable law. We endeavour to collect information only relevant for the purposes of Processing. Below are the legal bases and some of the ways we collect information and how we use it.
The Personal Information we collect (directly from you or from third party sources) from or abowww.google.com/policies/privacy/partners/ut current, prospective and former employees, customers, visitors and guests (collectively “Individuals”) includes information that may be deemed Personal Information, such as title, name, address, phone number, email address, user name, government identification (driver’s license, passport) and Internet Protocol address. We may also collect other information that is not Personal information, such as demographic information you choose to provide (e.g., your business or company information, professional experiences, educational background, nationality, ethnic origin, gender, interests, preferences and favorites) and answers to a security question and password.
In addition, if you participate in certain programs or services, we may collect information regarding your medications, medical history and other healthcare-related information, including, without limitation, Protected Health Information (collectively, “Health Information”), from Individuals or a third party. Any Health Information that is tied to an Individual’s Personal Information will be treated as Personal Information, provided that any Protected Health Information will be protected in accordance with the requirements of HIPAA.
Some of the ways that Loxo may collect your Personal Information include:
- Loxo may collect Personal Information from you through various channels, including the Websites, in surveys, during business or marketing events, and when delivering programs and services to you.
- When you use the Websites, Loxo may provide you with opportunities to sign up to receive specific information or services and may ask for your contact information (e.g. name, home address, home phone number or personal email address), so that we can send you specific information about our products, services and specific health conditions, with your consent.
- When you call Loxo or enroll in a program that Loxo offers, we may obtain your contact information, details of your health condition, and prescribing information relating to our products.
- Healthcare providers who provide you care (either directly or in consultation with your healthcare provider) may provide information about your health condition and treatment, as well as prescribing information relating to our products used in your treatment.
- Loxo is also obligated to collect certain Personal Information to comply with regulatory requirements, including information relating to any adverse effects you may have experienced when using our products.
- Loxo may indirectly collect information about your health condition, diagnosis, and treatment from your healthcare professional, but only where your healthcare professional has obtained your consent to disclose that information to us, as required by law.
- Loxo may collect various information from healthcare professionals as part of marketing activities to healthcare professionals, including first name, last name, age, gender, home address, home phone number, medical specialization, professional qualifications, license number and scientific society membership number.
- As you navigate the Sites, certain passive information may also be collected, including Internet Protocol addresses, cookies, and navigational data. This type of information is used for the purposes of gathering data to provide improved administration of our Websites, and to improve the quality of your experience when interacting with our Websites.
It is not necessary to provide any Personal Information to use Websites. You can visit much of our Websites without telling us who you are or submitting any Personal Information. However, in order to take advantage of certain features available through the Websites, it may be necessary to provide Personal Information. We may ask for some Personal Information when you send us a comment or question, request information through our site, or sign up to receive communications or services. This Personal Information may include your name, telephone number, e-mail address, and/or other information. If you do not want to give us any Personal Information, you can choose not to use these features of our Websites.
1.2 Other Ways We Collect Information
- Web Technologies. As you navigate the Websites, certain passive information may also be collected, including Internet Protocol addresses, cookies, navigational data, the name of the domain and host from which you access the Internet, the browser software you use and your operating system, the date and time you access our Websites, and the Internet address of the website from which you linked directly to our Websites. This type of information is used for the purposes of gathering data to provide improved administration of our Websites, and to improve the quality of your experience when interacting with our Websites.
- Cookies. Like many other websites, Loxo or its business partners may employ a cookie, or small piece of computer code that enables web servers to “identify” visitors, each time someone uses this site. A cookie is set in order to identify you; tailor the site to you; measure and research the effectiveness of our site’s features, offerings and advertisements; and authenticate users for registered services. Cookies can only access information that you have provided and cannot be accessed by other sites. You have the ability to delete cookie files from your hard drive at any time by clicking on the Privacy or History tab typically found on the Settings or Options menu in your internet browser. However, please be aware that cookies may be necessary to provide access to some of the content and features of the Loxo Websites.
- Pixel Tags. Loxo may use “pixel tags,” also known as “web beacons,” which are small graphic files that allow us to monitor the use of our Websites. A pixel tag can collect information such as the Internet Protocol (“IP”) address of the computer that downloaded the page on which the tag appears; the URL of the page on which the pixel tag appears; the time the page containing the pixel tag was viewed; the browser type and language; the device type; geographic location; and the identification number of any cookie on the computer previously placed by that server. When corresponding with you via HTML capable email, we or our third party-service providers may use “format sensing” technology, which allows pixel tags to let us know whether you received and opened our email.
- Analytics Information. We may also use Google Analytics and Google Analytics Demographics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on our Websites and to develop content. This analytics data is not tied to any Personal Information. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Loxo Websites by going to http://tools.google.com/dlpage/gaoptout.
- Site and App Log Data. Loxo may provide Websites and online resources that are specifically designed to be compatible and used on mobile devices. Loxo will collect certain information that your mobile device sends when you use such Websites or online resources, like a device identifier, user settings and the operating system of your device.
- Research/Survey Solicitations. From time to time, Loxo may perform research (online and offline) via surveys. We may engage third party-service providers to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve you by learning more about your needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Websites, various types of communications, advertising campaigns and/or promotional activities. If you participate in a survey, the information given will be used along with that of other study participants. We may share anonymous individual and aggregate data for research and analysis purposes.
- Information from Third Parties. While not currently, in the future, Loxo may collect information about you from third party sources to supplement information you provide. This supplemental information allows us to verify information that you have provided to Loxo and to enhance our ability to provide you with information about our business, products and services. Loxo’s agreements with these third party sources typically limit how Loxo may use this supplemental information.
- Social Media. While not currently, in the future, Loxo may collect Personal Information to enable you to use online social media resources offered either by Loxo or a third party. Generally, online social media resources are interactive tools that enable you to collaborate and share information with others. Social media resources include, but are not limited to, social networks, discussion boards, bulletin boards, blogs, wikis, and referral functions to share web site content and tools with a friend or colleague.
We may also enable you to use these social media resources to post or share Personal Information with others. When using social media resources, you should take into careful consideration what Personal Information you share with others.
2. Where Information Is Processed
Loxo Websites are maintained by Loxo in the United States, but the information may be accessible to our collaborators and service providers in other countries. Moreover, if you visit Loxo Websites from a country other than the United States, your communication with us will necessarily result in the transfer of information across international borders. Your use of Loxo Websites indicates your consent to the collection, storage, and processing of Personal Information in the United States and in any country to which we may transfer Personal Information in the course of our business operations. The laws of the United States may not provide the same level of data protection as the laws in your country.
3. Use and Disclosure of Personal Information
3.1 Use and Disclosure Generally
We use Personal Information for limited purposes. We use Personal Information to provide you with the information and services that you request. Also, we may use Personal Information in aggregate form to help us evaluate and modify existing services and to help us develop additional services that are likely to be of interest to visitors of this website. We will also use Personal Information to communicate with you about our relationship, and where permitted by law, to send you information about the company, our products or services, and other information we believe you may find of interest.
Loxo respects your privacy and understands its role in keeping Personal Information private. Accordingly, Loxo shares Personal Information only under limited circumstances. We may provide Personal Information to any affiliate entity of Loxo, our collaborators, and service providers we may engage to assist us. For example, we may provide Personal Information to an organization in order to deliver information you have requested, or to provide marketing materials on our behalf. We will also disclose information if we reasonably believe we are required to do so by law, regulation or other government authority request. We will also disclose information if we believe it is necessary to protect our company or our website visitors.
3.2 Specific Uses and Disclosures
- Providing Information and Services You Requested. Loxo may use the Personal Information about you to provide you information that you may request, e.g. information about a product or program we are offering. Loxo may also use your Personal Information to deliver a specific program or service to you, when you enroll to receive the program or service. Such use may include: (a) generally managing your information; (b) responding to questions, comments and requests; (c) providing access to certain areas and features of the Loxo Websites; and (d) permitting you to register for events or participate in webinars.
- Research and Development. Loxo may use your Personal Information to create non-identifiable information that we may use alone or in the aggregate with information obtained from other sources, in order to help us to optimally deliver our existing products and services or develop new products, processes and services.
- Service Providers. Loxo may share Personal Information with our service providers that we have retained to perform services on our behalf including (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; and (iv) customer service activities. Payment information will be used and shared only to effectuate your order and may be stored by a service provider for purposes of future orders.
Loxo endeavours to execute appropriate contracts with the service providers that prohibit them from using or sharing Personal Information except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements.
- Business Partners. Loxo may share Personal Information with our business partners and affiliates for our and our affiliates’ internal business purposes or to provide you with a product or service that you have requested. Loxo may also provide Personal Information to business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you. In such cases, our business partner’s name will appear, along with Loxo’s. Loxo requires our affiliates and business partners to agree in writing to maintain the confidentiality and security of Personal Information they maintain on our behalf and not to use it for any purpose other than the purpose for which Loxo provided them. With respect to onward transfers to agents under Privacy Shield, Privacy Shield requires that Loxo remain liable should its agents process Personal Information in a manner inconsistent with the Privacy Shield Principles.
- Information Disclosed for Our Protection and the Protection of Others. We may disclose information about you: (i) if we are required to do so by law, court order or legal process; (ii) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (iii) under the discovery process in litigation; (iv) to enforce Loxo policies or contracts; (v) to collect amounts owed to Loxo; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable.
In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the site. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.
- Pseudonymous Data. Loxo may use and share your anonymized or aggregated information within the Loxo group of companies or with Third Parties for public health, research, analytics and any other legally permissible purposes.
- Other Uses. Loxo may use your Personal Information for other purposes disclosed to you at the time you provide Personal Information or with your consent.
4. Sensitive Personal Information
Before disclosing Sensitive Personal Information (a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information is defined by law and includes identifiers such as, for example, race or ethnic origin; religious or philosophical beliefs; genetic and biometric data; information about one’s health or sex life; information relating to the commission of a criminal offense; financial account numbers; and government-issued identifiers) to a third party or processing Sensitive Personal Information for any purpose you have not authorized, Loxo will try to get your explicit consent (opt-in). Where your consent for the processing of Personal Information is otherwise required by law or contract, Loxo will comply with the law or contract.
5. Human Resources Data
Loxo collects Personal Information from current, prospective and former employees, their contact points in case of a medical emergency, and beneficiaries under any insurance policy (“Human Resources Data”). The Human Resources Data we collect may include title, name, address, phone number, email address, date of birth, passport number, driver’s license number, Social Security number or other government-issued identification number, financial information related to credit checks, bank details for payroll, information that may be recorded on a CV or application form, language abilities, contact information of third parties in case of an emergency and beneficiaries under any insurance policy. We may also collect Sensitive Human Resources Data such as details of health and disability, including mental health, medical leave, and maternity leave.
We acquire, hold, use and process Human Resources-related Personal Information for a variety of business purposes including:
- workflow management, assigning, managing and administering projects;
- Human Resources administration and communication;
- payroll and the provision of benefits;
- compensation, including bonuses and long-term incentive administration, stock plan administration, compensation analysis, including monitoring overtime and compliance with labor laws, and company recognition programs;
- job grading activities;
- performance and employee development management;
- organizational development and succession planning;
- benefits and personnel administration;
- absence management;
- helpdesk and IT support services;
- regulatory compliance;
- internal and/or external or governmental compliance investigations;
- internal or external audits;
- litigation evaluation, prosecution and defense;
- diversity and inclusion initiatives;
- restructuring and relocation;
- emergency contacts and services;
- Employee safety;
- compliance with statutory requirements;
- Processing of Employee expenses and travel charges; and
- acquisitions, divestitures and integrations
With regard to Personal Information that Loxo receives in connection with the employment relationship, Loxo will use such Personal Information only for employment-related purposes as described in this section. If Loxo intends to use this Personal Information for any other purpose, we will provide you with an opportunity to opt-out of such uses.
6. Opting-Out/Withdrawing Consent for use of Personal Information
We maintain telephone “do not call” lists and “do not mail” lists as mandated by law. We process requests to be placed on do not mail, do not phone and do not contact lists as required by law.
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Loxo does not recognize or respond to browser-initiated DNT signals. For information about “do-not-track”, visit http://www.allaboutdnt.org.
7. Collection and Use of Non-Personal Information
We may automatically collect information through this website that, alone, cannot be used to identify you (referred to as “non-personal information”). Examples of types of non-personal information that we may collect include web pages viewed, browser type, referring website, usage and browsing habits on the website and similar data. We may also aggregate information collected from our users (such as the number of users in a particular geographic location) in a manner which does not identify any one individual. We may use this non-personal information in aggregate form for product and service development, for market analysis, and to understand how to improve the quality of our websites. In doing so, we may provide it to third parties.
Loxo may use and share anonymized or aggregated information with third parties for public health, research, analytics and any other legally permissible purposes.
8. Updating Personal Information
9. Your Rights of Access, Rectification, Erasure and Restriction
We encourage you to update the information you provide to us, such as providing us with a new mailing or email address, a name change, or a change in the medical conditions that you have notified us about. This will help us continue to provide information to you that best meets your needs.
10. California Privacy Rights
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the Third Parties to whom we have disclosed Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties. Loxo does not share Personal Information with third parties for their own marketing purposes.
11. Data Retention
Loxo takes reasonable steps designed to protect Personal Information. Unfortunately, no data transmission over the Internet or storage of information can be guaranteed to be 100% secure. As a result, while Loxo strives to protect Personal Information, we cannot ensure or warrant the security of any information you transmit to Loxo, and you do so at your own risk. You are responsible for maintaining the secrecy of your own passwords. If you have reason to believe that your passwords or Personal Information is no longer secure, please promptly notify the Loxo helpdesk at 888-398-3778, or by email at firstname.lastname@example.org.
It is our policy not to collect, maintain, or process Personal Information from persons we know to be under 13 years of age. If you are the parent or guardian of a child under the age of 13 who you believe may have provided Personal Information to us, please contact us and we will promptly delete such information from our files.
14. Links to Other Sites
Some of our website features may contain links to third party websites or services that are not under our control. Such links do not constitute an endorsement of those third parties or the content displayed on their sites. We provide these links to you only as a convenience, and any information you provide to those third parties will be used as described by the third parties in their own privacy policies.
15. Redress/Compliance and Accountability