Privacy Policy

Privacy Policy


Loxo Oncology, Inc. (Loxo) is committed to maintaining your privacy and recognizes the importance of providing protection for any personally identifiable information that you choose to share with us (Personal Information). We have established this privacy policy (Privacy Policy) to inform you about our online and offline information practices, the kinds of information we may collect, how we intend to use and share that information, and how you can correct or change such information. 

This Privacy Policy applies to Personal Information that is Processed by Loxo in the course of our business, including, but not limited to, collected on websites (together with any and all future websites operated by or on behalf of Loxo, the “Websites”).  All individuals whose responsibilities include the Processing of Personal Information on behalf of Loxo are expected to protect that data by adherence to this Privacy Policy.  This Privacy Policy is intended to meet requirements globally, including those in North America, Europe, APAC, and other jurisdictions.

Please read this Privacy Policy carefully. If you do not agree to the terms of this Privacy Policy, please do not disclose any Personal Information to Loxo. Should you have any questions about this Privacy Policy or our data collection and use practices, please see our contact information below.

1. Collection of Personal Information

1. Information We Collect From You 

The types of Personal Information we may collect (directly from you or from third party sources) and our privacy practices depend on the nature of the relationship you have with Loxo and the requirements of applicable law.  We endeavour to collect information only relevant for the purposes of Processing.  Below are the legal bases and some of the ways we collect information and how we use it.

The Personal Information we collect (directly from you or from third party sources) from or abowww.google.com/policies/privacy/partners/ut current, prospective and former employees, customers, visitors and guests (collectively “Individuals”) includes information that may be deemed Personal Information, such as title, name, address, phone number, email address, user name, government identification (driver’s license, passport) and Internet Protocol address.  We may also collect other information that is not Personal information, such as demographic information you choose to provide (e.g., your business or company information, professional experiences, educational background, nationality, ethnic origin, gender, interests, preferences and favorites) and answers to a security question and password.  

In addition, if you participate in certain programs or services, we may collect information regarding your medications, medical history and other healthcare-related information, including, without limitation, Protected Health Information (collectively, “Health Information”), from Individuals or a third party. Any Health Information that is tied to an Individual’s Personal Information will be treated as Personal Information, provided that any Protected Health Information will be protected in accordance with the requirements of HIPAA.  

Some of the ways that Loxo may collect your Personal Information include:

  • Loxo may collect Personal Information from you through various channels, including the Websites, in surveys, during business or marketing events, and when delivering programs and services to you.
  • When you use the Websites, Loxo may provide you with opportunities to sign up to receive specific information or services and may ask for your contact information (e.g. name, home address, home phone number or personal email address), so that we can send you specific information about our products, services and specific health conditions, with your consent.
  • When you call Loxo or enroll in a program that Loxo offers, we may obtain your contact information, details of your health condition, and prescribing information relating to our products.
  • Healthcare providers who provide you care (either directly or in consultation with your healthcare provider) may provide information about your health condition and treatment, as well as prescribing information relating to our products used in your treatment.
  • Loxo is also obligated to collect certain Personal Information to comply with regulatory requirements, including information relating to any adverse effects you may have experienced when using our products.
  • Loxo may indirectly collect information about your health condition, diagnosis, and treatment from your healthcare professional, but only where your healthcare professional has obtained your consent to disclose that information to us, as required by law.
  • Loxo may collect various information from healthcare professionals as part of marketing activities to healthcare professionals, including first name, last name, age, gender, home address, home phone number, medical specialization, professional qualifications, license number and scientific society membership number.
  • As you navigate the Sites, certain passive information may also be collected, including Internet Protocol addresses, cookies, and navigational data.  This type of information is used for the purposes of gathering data to provide improved administration of our Websites, and to improve the quality of your experience when interacting with our Websites.

It is not necessary to provide any Personal Information to use Websites. You can visit much of our Websites without telling us who you are or submitting any Personal Information. However, in order to take advantage of certain features available through the Websites, it may be necessary to provide Personal Information. We may ask for some Personal Information when you send us a comment or question, request information through our site, or sign up to receive communications or services. This Personal Information may include your name, telephone number, e-mail address, and/or other information. If you do not want to give us any Personal Information, you can choose not to use these features of our Websites.

1.2 Other Ways We Collect Information

  • Web Technologies. As you navigate the Websites, certain passive information may also be collected, including Internet Protocol addresses, cookies, navigational data, the name of the domain and host from which you access the Internet, the browser software you use and your operating system, the date and time you access our Websites, and the Internet address of the website from which you linked directly to our Websites.  This type of information is used for the purposes of gathering data to provide improved administration of our Websites, and to improve the quality of your experience when interacting with our Websites.
     
  • Cookies. Like many other websites, Loxo or its business partners may employ a cookie, or small piece of computer code that enables web servers to “identify” visitors, each time someone uses this site.  A cookie is set in order to identify you; tailor the site to you; measure and research the effectiveness of our site’s features, offerings and advertisements; and authenticate users for registered services.  Cookies can only access information that you have provided and cannot be accessed by other sites.  You have the ability to delete cookie files from your hard drive at any time by clicking on the Privacy or History tab typically found on the Settings or Options menu in your internet browser.  However, please be aware that cookies may be necessary to provide access to some of the content and features of the Loxo Websites.
     
  • Pixel Tags. Loxo may use “pixel tags,” also known as “web beacons,” which are small graphic files that allow us to monitor the use of our Websites.  A pixel tag can collect information such as the Internet Protocol (“IP”) address of the computer that downloaded the page on which the tag appears; the URL of the page on which the pixel tag appears; the time the page containing the pixel tag was viewed; the browser type and language; the device type; geographic location; and the identification number of any cookie on the computer previously placed by that server.  When corresponding with you via HTML capable email, we or our third party-service providers may use “format sensing” technology, which allows pixel tags to let us know whether you received and opened our email.
     
  • Analytics Information. We may also use Google Analytics and Google Analytics Demographics and Interest Reporting to collect information regarding visitor behavior and visitor demographics on our Websites and to develop content.  This analytics data is not tied to any Personal Information.  For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Loxo Websites by going to http://tools.google.com/dlpage/gaoptout
     
  • Site and App Log Data. Loxo may provide Websites and online resources that are specifically designed to be compatible and used on mobile devices. Loxo will collect certain information that your mobile device sends when you use such Websites or online resources, like a device identifier, user settings and the operating system of your device.

    Mobile versions of Loxo’s Websites may require that you log in with an account.  In such cases, information about use of each mobile version of the Website may be associated with your user account.  In addition, Loxo may provide an application, widget or other tool that you can download and use on mobile or other computing devices.  Some of these tools may store information on those devices and may transmit Personal Information to Loxo to enable you to access a user account and to enable Loxo to track use of these tools.  Some of these tools may also allow you to email reports and other information from the tool.  Loxo may use personal or non-identifiable information transmitted to Loxo to enhance these tools, to develop new tools, for quality improvement and as otherwise described in this Privacy Policy or in other notices Loxo provides.
     
  • Research/Survey Solicitations. From time to time, Loxo may perform research (online and offline) via surveys.  We may engage third party-service providers to conduct such surveys on our behalf.  All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve you by learning more about your needs and the quality of the products and services we provide.  The survey responses may be utilized to determine the effectiveness of our Websites, various types of communications, advertising campaigns and/or promotional activities.  If you participate in a survey, the information given will be used along with that of other study participants.  We may share anonymous individual and aggregate data for research and analysis purposes. 
     
  • Information from Third Parties. While not currently, in the future, Loxo may collect information about you from third party sources to supplement information you provide.  This supplemental information allows us to verify information that you have provided to Loxo and to enhance our ability to provide you with information about our business, products and services.  Loxo’s agreements with these third party sources typically limit how Loxo may use this supplemental information.
     
  • Social Media. While not currently, in the future, Loxo may collect Personal Information to enable you to use online social media resources offered either by Loxo or a third party.  Generally, online social media resources are interactive tools that enable you to collaborate and share information with others.  Social media resources include, but are not limited to, social networks, discussion boards, bulletin boards, blogs, wikis, and referral functions to share web site content and tools with a friend or colleague.

    We may also enable you to use these social media resources to post or share Personal Information with others.  When using social media resources, you should take into careful consideration what Personal Information you share with others.

    If you use an online social media resource offered by a third party (“Third Party SMR”) through the Loxo Website, you acknowledge that Loxo may be able to access any information you make public through such Third Party SMR (such as your username, comments, posts and contacts) and other information your privacy settings on such Third Party SMR permit Loxo to access. Loxo will comply with the terms of this Privacy Policy and the privacy policies applicable to the social media resources it uses. 

2. Where Information Is Processed

 Loxo Websites are maintained by Loxo in the United States, but the information may be accessible to our collaborators and service providers in other countries. Moreover, if you visit Loxo Websites from a country other than the United States, your communication with us will necessarily result in the transfer of information across international borders. Your use of Loxo Websites indicates your consent to the collection, storage, and processing of Personal Information in the United States and in any country to which we may transfer Personal Information in the course of our business operations. The laws of the United States may not provide the same level of data protection as the laws in your country.

3. Use and Disclosure of Personal Information

3.1 Use and Disclosure Generally

We use Personal Information for limited purposes. We use Personal Information to provide you with the information and services that you request. Also, we may use Personal Information in aggregate form to help us evaluate and modify existing services and to help us develop additional services that are likely to be of interest to visitors of this website. We will also use Personal Information to communicate with you about our relationship, and where permitted by law, to send you information about the company, our products or services, and other information we believe you may find of interest.

Loxo respects your privacy and understands its role in keeping Personal Information private. Accordingly, Loxo shares Personal Information only under limited circumstances. We may provide Personal Information to any affiliate entity of Loxo, our collaborators, and service providers we may engage to assist us. For example, we may provide Personal Information to an organization in order to deliver information you have requested, or to provide marketing materials on our behalf. We will also disclose information if we reasonably believe we are required to do so by law, regulation or other government authority request. We will also disclose information if we believe it is necessary to protect our company or our website visitors.

3.2 Specific Uses and Disclosures

  • Providing Information and Services You Requested. Loxo may use the Personal Information about you to provide you information that you may request, e.g. information about a product or program we are offering. Loxo may also use your Personal Information to deliver a specific program or service to you, when you enroll to receive the program or service. Such use may include: (a) generally managing your information; (b) responding to questions, comments and requests; (c) providing access to certain areas and features of the Loxo Websites; and (d) permitting you to register for events or participate in webinars.
     
  • Marketing Products and Services. Individuals who provide us with Personal Information, or about whom we get Personal Information from third parties, may receive periodic emails, newsletters, mailings or phone calls from us with information on Loxo or our business partners’ products and services or upcoming special offers/events we believe may be of interest.  We offer the option to decline these communications at no cost to the individual by following the instructions in this Privacy Policy.
     
  • Research and Development.  Loxo may use your Personal Information to create non-identifiable information that we may use alone or in the aggregate with information obtained from other sources, in order to help us to optimally deliver our existing products and services or develop new products, processes and services.
     
  • Service Providers. Loxo may share Personal Information with our service providers that we have retained to perform services on our behalf including (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; and (iv) customer service activities. Payment information will be used and shared only to effectuate your order and may be stored by a service provider for purposes of future orders.

    Loxo endeavours to execute appropriate contracts with the service providers that prohibit them from using or sharing Personal Information except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements.
     
  • Business Partners. Loxo may share Personal Information with our business partners and affiliates for our and our affiliates’ internal business purposes or to provide you with a product or service that you have requested.  Loxo may also provide Personal Information to business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you.  In such cases, our business partner’s name will appear, along with Loxo’s.  Loxo requires our affiliates and business partners to agree in writing to maintain the confidentiality and security of Personal Information they maintain on our behalf and not to use it for any purpose other than the purpose for which Loxo provided them.  With respect to onward transfers to agents under Privacy Shield, Privacy Shield requires that Loxo remain liable should its agents process Personal Information in a manner inconsistent with the Privacy Shield Principles.

    Loxo endeavours to require third parties to which it discloses Personal Information to protect Personal Information using substantially-similar standards to those required by Loxo (and at least the same level of privacy protection as required by the Privacy Shield Principles for Privacy Shield Covered Data and this Privacy Policy). Loxo does not sell or otherwise disclose Personal Information about you, except as described in this Privacy Policy. Loxo also tries to require third parties to notify us if they make a determination they can no longer meet this obligation.
     
  • Information Disclosed for Our Protection and the Protection of Others. We may disclose information about you: (i) if we are required to do so by law, court order or legal process; (ii) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (iii) under the discovery process in litigation; (iv) to enforce Loxo policies or contracts; (v) to collect amounts owed to Loxo; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable.

    In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the site.  In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.
     
  • In Connection with Business Transactions. We reserve the right to disclose or transfer any information we have about you in the event of a proposed or actual purchase, any reorganization, sale, lease, merger, joint venture, assignment, amalgamation or any other type of acquisition, disposal or financing of all or any portion of our business or of any of the business assets or shares (including in connection with any bankruptcy or similar proceeding).  Should such an event occur, Loxo will endeavour to direct the transferee to use Personal Information in a manner that is consistent with this Privacy Policy.
     
  • Pseudonymous Data.  Loxo may use and share your anonymized or aggregated information within the Loxo group of companies or with Third Parties for public health, research, analytics and any other legally permissible purposes.
     
  • Other Uses. Loxo may use your Personal Information for other purposes disclosed to you at the time you provide Personal Information or with your consent.

4. Sensitive Personal Information

Before disclosing Sensitive Personal Information (a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections.  Sensitive Personal Information is defined by law and includes identifiers such as, for example, race or ethnic origin; religious or philosophical beliefs; genetic and biometric data; information about one’s health or sex life; information relating to the commission of a criminal offense; financial account numbers; and government-issued identifiers) to a third party or processing Sensitive Personal Information for any purpose you have not authorized, Loxo will try to get your explicit consent (opt-in).  Where your consent for the processing of Personal Information is otherwise required by law or contract, Loxo will comply with the law or contract.

5. Human Resources Data

Loxo collects Personal Information from current, prospective and former employees, their contact points in case of a medical emergency, and beneficiaries under any insurance policy (“Human Resources Data”).  The Human Resources Data we collect may include title, name, address, phone number, email address, date of birth, passport number, driver’s license number, Social Security number or other government-issued identification number, financial information related to credit checks, bank details for payroll, information that may be recorded on a CV or application form, language abilities, contact information of third parties in case of an emergency and beneficiaries under any insurance policy.  We may also collect Sensitive Human Resources Data such as details of health and disability, including mental health, medical leave, and maternity leave.  

We acquire, hold, use and process Human Resources-related Personal Information for a variety of business purposes including:

  • workflow management, assigning, managing and administering projects; 
  • Human Resources administration and communication; 
  • payroll and the provision of benefits; 
  • compensation, including bonuses and long-term incentive administration, stock plan administration, compensation analysis, including monitoring overtime and compliance with labor laws, and company recognition programs; 
  • job grading activities; 
  • performance and employee development management; 
  • organizational development and succession planning; 
  • benefits and personnel administration; 
  • absence management; 
  • helpdesk and IT support services; 
  • regulatory compliance; 
  • internal and/or external or governmental compliance investigations; 
  • internal or external audits; 
  • litigation evaluation, prosecution and defense; 
  • diversity and inclusion initiatives; 
  • restructuring and relocation; 
  • emergency contacts and services; 
  • Employee safety;
  • compliance with statutory requirements; 
  • Processing of Employee expenses and travel charges; and
  • acquisitions, divestitures and integrations 

With regard to Personal Information that Loxo receives in connection with the employment relationship, Loxo will use such Personal Information only for employment-related purposes as described in this section.  If Loxo intends to use this Personal Information for any other purpose, we will provide you with an opportunity to opt-out of such uses.  

6. Opting-Out/Withdrawing Consent for use of Personal Information

You have the right to opt out of certain uses and disclosures of Personal Information, as set out in this Privacy Policy. 

Where you have consented to Loxo’s processing of Personal Information, you may withdraw that consent at any time and opt out by following the instructions in this Privacy Policy.  Additionally, before we use Personal Information for any new purpose not originally authorized by you, we will provide information regarding the new purpose and give you the opportunity to opt out.  

An “Unsubscribe” button will be provided at the top or bottom of each email communication sent by Loxo so that you can opt-out.  However, we may continue to send transaction-related emails regarding products or services you have requested in response to such request. We may need to send you certain communications regarding Loxo programs and services and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Use or this Privacy Policy.

We maintain telephone “do not call” lists and “do not mail” lists as mandated by law.  We process requests to be placed on do not mail, do not phone and do not contact lists as required by law.

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers.  DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services.  Loxo does not recognize or respond to browser-initiated DNT signals.  For information about “do-not-track”, visit http://www.allaboutdnt.org.

7. Collection and Use of Non-Personal Information

We may automatically collect information through this website that, alone, cannot be used to identify you (referred to as “non-personal information”). Examples of types of non-personal information that we may collect include web pages viewed, browser type, referring website, usage and browsing habits on the website and similar data. We may also aggregate information collected from our users (such as the number of users in a particular geographic location) in a manner which does not identify any one individual. We may use this non-personal information in aggregate form for product and service development, for market analysis, and to understand how to improve the quality of our websites. In doing so, we may provide it to third parties.

Loxo may use and share anonymized or aggregated information with third parties for public health, research, analytics and any other legally permissible purposes.

8. Updating Personal Information

If you decide that you do not want Personal Information you provided used for the purposes described in this Privacy Policy, you may contact us at our mailing address below to request removal of the Personal Information you provided from our database. You may also contact us to correct or update any Personal Information you have provided us. You may also “opt out” of receiving emails and other communications from us by using the unsubscribe feature included in the emails we send.

9. Your Rights of Access, Rectification, Erasure and Restriction

We encourage you to update the information you provide to us, such as providing us with a new mailing or email address, a name change, or a change in the medical conditions that you have notified us about. This will help us continue to provide information to you that best meets your needs.

Where otherwise permitted by applicable law, you may use any of the methods set out in this Privacy Policy to request access to, receive (port), restrict processing, seek rectification or request erasure of Personal Information Loxo holds about you.  Such requests will be processed in line with local laws.  Although Loxo makes good faith efforts to provide individuals with access to Personal Information, there may be circumstances in which Loxo is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question or where it is commercially proprietary.  If Loxo determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries.  To protect your privacy, Loxo will take commercially reasonable steps to verify your identity before granting access to or making any changes to Personal Information.

10. California Privacy Rights

California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the Third Parties to whom we have disclosed Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties.  Loxo does not share Personal Information with third parties for their own marketing purposes.

11. Data Retention

Loxo retains Personal Information we receive as described in this Privacy Policy for as long as you use our site or as necessary to fulfill the purpose(s) for which the Personal Information was collected, including to provide our products and services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

12. Security

Loxo takes reasonable steps designed to protect Personal Information. Unfortunately, no data transmission over the Internet or storage of information can be guaranteed to be 100% secure.  As a result, while Loxo strives to protect Personal Information, we cannot ensure or warrant the security of any information you transmit to Loxo, and you do so at your own risk. You are responsible for maintaining the secrecy of your own passwords. If you have reason to believe that your passwords or Personal Information is no longer secure, please promptly notify the Loxo helpdesk at 888-398-3778, or by email at support@inscnet.com.

13. Minors

It is our policy not to collect, maintain, or process Personal Information from persons we know to be under 13 years of age. If you are the parent or guardian of a child under the age of 13 who you believe may have provided Personal Information to us, please contact us and we will promptly delete such information from our files.

14. Links to Other Sites

Some of our website features may contain links to third party websites or services that are not under our control. Such links do not constitute an endorsement of those third parties or the content displayed on their sites. We provide these links to you only as a convenience, and any information you provide to those third parties will be used as described by the third parties in their own privacy policies.

15. Redress/Compliance and Accountability

If you have questions regarding this Privacy Policy or you want to submit a request, please contact us at: Loxo Oncology, Inc., 281 Tresser Blvd, 9th Floor, Stamford, CT 06901.

Loxo will respond to your concerns and try to resolve any privacy issues in a timely manner.  If you are an EU citizen and feel that Loxo is not abiding by the terms of this Privacy Policy, please contact Loxo at the contact information provided above. If any request remains unresolved, you may contact the national data protection authority for your EU Member State.  

16. Updates to Privacy Policy

Loxo reserves the right to update this Privacy Policy from time to time. If we decide to change this Privacy Policy, we will post those changes at this site. You are encouraged to review this Privacy Policy regularly for any changes. Your continued use of this website will be subject to the then-current Privacy Policy. This Privacy Policy was last updated on April 12, 2018.

If you have questions regarding this Privacy Policy, please contact us at: Loxo Oncology, Inc., 281 Tresser Blvd, 9th Floor, Stamford, CT 06901.