IVERIC bio, Inc. (“we” or “IVERIC bio”) is committed to protecting your personal information. This privacy notice contains information about the personal information that we or our affiliates collect about you, how we use and share that information, the security measures we take to protect that information, your rights to that information, and how you can contact us about our privacy practices and your personal information held by us.
IVERIC bio may provide additional notices to individuals at the time when we collect or process your personal information. For example, we provide in the informed consent forms for our clinical trial participants information on the use of their personal data in conducting the clinical trial. This privacy notice is meant to supplement, but not limit, the information in those notices.
Our privacy notice is a disclosure, not a contract, and is not intended to create, extend, or modify any legal rights or obligations found under applicable privacy laws. We may amend this privacy notice at any time.
What Personal Information We Collect About You
We collect the types of personal information listed in the below table in a variety of ways, including: directly from you (including through the use of automatic tracking technologies), government entities, publicly available sources, service providers (including data analytics providers), advertising networks, social networks, and business or research partners or affiliates. The types of personal information we may collect and process include:
|Your name, phone number, email address, and postal address.
|Demographic information||Date of birth, gender, and race/ethnicity.
|Visual information||We may collect your photograph.
|Identification information||Driver license number, Social Security number, or other government-issued identification.
|Financial information||Tax identification number and bank account information.
|Health information||Diseases or conditions that you may have, medical history and records, diagnostic testing results, retina images and visual health information, treatment records, prescription information, payor and insurance information.
We generally do not collect this information directly and instead receive it from third parties such as our clinical trial sites and service providers. For example, we receive this information in the context of our access and reimbursement support services. Our practice is to only receive or process health information that has been deidentified or pseudonymized – in other words, where any personally identifiable information, including the name of the patient or clinical trial participant, is replaced with codes to limit the ability to identify the underlying individual.
|Employment information||Your title, employer name, industry type, professional and educational qualifications, and other industry affiliations.
|Commercial information||We collect information about the products or services in which you are or may be interested. We automatically collect this information from you using cookies and other web tracking technologies. We also work with third parties to collect this information, such as data analytics providers, social media networks, and marketing and advertising vendors.
|Internet or other similar network activity||We collect information on your interactions with the Website. This may include the site you came from before visiting our Website and the site you went to after leaving our Website. This also may include the duration of your browsing session, pages viewed on our Website, device ID, IP address, and other online identifiers.
We automatically collect this information from you using cookies and other web tracking technologies. We also rely on third parties like data analytics providers to collect this information on our Website.
|Social Media Information||Information that you make publicly available on social media platforms, such as your username and biography.
We may combine the personal information you provide with other information about you that we gather from other sources, including publicly available information on the Internet.
Why We Collect and Process Personal Information
We only collect and process your personal information for our legitimate business purposes and if permitted by applicable laws, which may vary depending on where you live and where we operate.
The purposes of processing personal information may include:
- Healthcare professional outreach and activities: for example, responding to inquiries for medical information, grants or staying updated on our programs and the disease areas we are pursuing
- Other outreach activities: for example, inviting individuals to our and industry events, and conducting outreach to business development counterparties and other members of the public
- Fulfilling our contractual obligations and responding to your requests: for example, paying service providers for the services they provide to us, or responding to your inquiries
- Recruitment and employment: for example, responding to applications from candidates for open positions and conducting background checks
- Complying with regulatory requirements and other applicable laws: for example, reporting any issues relating to drug safety to regulatory authorities, and complying with requirements relating to financial disclosures
- Maintenance of the Website and our operations: for example, maintaining, improving, and protecting our Website, including their functionality and any personalized features
- Developing new products or services: for example, analyzing our existing Website, products, or services in order to improve these offerings or developing new features, functionality, or new products or services
- Any other purposes that are relevant to the relationship between IVERIC bio and you
How We Process and Disclose Your Personal Information
We process and disclose personal information when reasonably necessary to pursue our legitimate business objectives and when required by law (for example, responding to subpoenas or requests from governmental authorities). If we are legally required to disclose any personal information, we will take reasonable steps to protect that personal information and limit disclosure to what is required.
We use service providers and other third parties to help us collect and process personal information on our behalf. These third parties include clinical trial sites, data management vendors, contract research organizations and contract development and manufacturing organizations, travel and payment processing vendors, communications vendors, and technology support vendors.
We may work with other vendors to assist with our marketing and advertising efforts, such as data analytics firms, social media networks, and other vendors that provide marketing or advertising services.
We may share your personal information with our business partners and collaborators in a manner consistent with this privacy notice and applicable law. We may also disclose personal information to our affiliates, and to our professional advisers, contractors, and agents on a need-to-know basis.
We may need to transfer your personal information in connection with a corporate reorganization, or acquisition or combination with another entity.
We aim to retain your personal information for no longer than as needed for the specific business purpose(s) for which it is collected. However, we and our processors may be required by law to retain certain personal information for a longer period. We or our processors may also need to retain personal information for accounting or insurance purposes, or to establish, defend against or respond to legal claims.
Security Measures To Protect Your Personal Information
We have implemented reasonable and industry-standard security measures to protect our physical and electronic systems from unauthorized access, use, alteration and disclosure of information under our control. We routinely test those measures and update them as needed to protect our information security systems. We generally require the same from our data processors.
However, even with those measures, we cannot guarantee that unauthorized access, use, alteration or disclosure of personal information will not occur. You should understand that your use of our Website is subject to the same limitation, and information submitted through our Websites may be compromised.
Your Rights to Your Personal Information
You may have certain rights to your personal information held by us in accordance with applicable law, which may depend on your place of residency. These may include your right to request the following:
- Access: the right to obtain additional information concerning our processing of your personal information, and to obtain a copy of your personal information held by us
- Correct: the right to request that we correct or update any inaccuracies or incompleteness in your personal information held by us
- Erase: in certain circumstances, the right to request that we delete all personal information about you held by us
- Restrict: in certain circumstances, the right to restrict our processing of your personal information, such as if we engage in “profiling” or certain “automated processing” of your personal information, or use your “sensitive” personal information for certain purposes
- Object: in certain circumstances, the right to object to us continuing to process your personal information
- Withdraw Consent: if we rely on your consent to process your personal information, you may withdraw the consent at any time. Withdrawing consent, however, does not affect the lawfulness of our processing your personal information before the consent was withdrawn (and we may continue to process your personal information after you withdraw your consent if we have a lawful basis to do so)
- Transfer: in certain circumstances, the right to request that we transfer a machine-readable copy of your personal information to you or a third party designated by you
- Opt Out of Marketing Communications: the right to request that we stop sending you any direct marketing communications. If so, we may continue to send you service-related and other non-marketing communications
- Opt Out of “Sales”: you have the right to request that we not “sell” your personal information, as that term is defined under applicable law
- Opt Out of Targeted Advertising : you have the right to request that we not conduct targeted advertising (sometimes referred to as internet-based advertising), which is a form of online advertising that serves you ads or other content based on your interests and online activities over time and across other sites, platforms, or online services.
See the “Contact Us” section below about how to request to exercise your rights. Your request will be forwarded to the most appropriate IVERIC bio team member. Depending on the nature of the request, you may be required to provide additional information (including as required to verify your identity). We will use reasonable efforts to comply with your request in a timely manner. Additionally, if you have concerns with how we handle your request, you may have the right to request an appeal of our determination. If you would like to request such an appeal, please see the “Contact Us” section below, and be sure to include information about your prior request so that we can appropriately review our prior decision.
Information for Clinical Trial Participants
As a biopharmaceutical company, one of our principal activities is sponsoring and conducting clinical trials of our product candidates. The purposes of these clinical trials are to evaluate those product candidates in humans to determine whether they are safe and effective treatments for the intended diseases. Clinical trials are subject to stringent oversight by regulatory authorities such as the U.S. Food and Drug Administration (FDA) and the European Medicines Agency (EMA). However, this Privacy notice does not apply to these activities. Please refer to your informed consent form for more detailed information about our processing of your personal information in conducting the clinical trial.
Information for Current and Prospective Employees and Contractors
If you are a current employee, please refer to the employee handbook and other IVERIC bio policies for additional information on how we may use or process your personal information. If you are a prospective or past employee or contractor, please contact us for a copy of the privacy notice by following the instructions below.
Our Website is not intended or designed for children or minors under the age of 18. We do not have any actual knowledge that individuals under the age of 18 use the Website. If you believe that we might have collected any personal information about a child or minor under the age of 18, please contact us so that we may delete it.
Cookies and Tracking Technologies
Cookies are small data files that are placed on your device by websites you visit. These and similar tracking tools, such as pixels, web beacons, and tags are used widely to make websites work more efficiently, including to enhance user experience, as well as to provide information about website visitors to website owners. Our Website uses essential, functional, analytical, and marketing and advertising cookies to enhance the website experience for visitors.
Most web browsers allow some control of cookies through browser settings. Please keep in mind that if you set your browser to reject cookies, your user experience when visiting websites may be affected. Our websites do not currently respond to “Do Not Track” browser settings.
For more information about cookies, including how to manage and delete them, please visit www.allaboutcookies.org.
Information for Residents of the European Economic Area and the United Kingdom
For personal data subject to the General Data Protection Regulation (GDPR), we will not collect or process that information unless we have a lawful basis to do so under the GDPR. The principal lawful bases that we rely on include:
- Legitimate interests: We process your personal data in connection with meeting our legitimate business objectives (such as those listed in the above bullets) or those of a third party. We balance those interests against any risks to your rights from our data processing activities and do not pursue any data processing where the potential harm to your rights outweighs our legitimate interests.
- Performance of a contract: We process personal data to the extent necessary to perform under a contract with you or your organization, or if requested by you or your organization to enter into a contract with us.
- Legal obligation: We may need to process personal data to comply with a law or legal process to which we are subject.
- Consent: If we rely on consent as a lawful basis for processing your personal data we will obtain your consent before processing your personal data for one or more specific purposes. You are free to withdraw your consent at any time.
Cross Border Transfers
IVERIC bio is headquartered in the United States and we use service providers across the world. As part of our data processing activities, we may transfer your personal information across borders, including into countries whose laws protecting personal information may not be as robust as your home country’s laws. We endeavor to take reasonable steps to have adequate safeguards in place to protect your personal information when it is transferred across borders.
If we transfer any personal data from the European Economic Area to third countries not deemed by the European Commission to have an adequate level of personal data protection, we will use adequate safeguards or other lawful means to make the transfer in accordance with applicable privacy laws. Currently, we and our processors generally rely on European Commission-approved standard contractual clauses for these types of transfers.
If you have any questions about this privacy notice or the personal information we collect or process about you, or to exercise any of your rights to your personal information, please contact us at:
Attn: Legal Department – Privacy
Email is the best option to reach us and we endeavor to acknowledge and respond to your email promptly. If you wish to reach us via mail, our address is below.
IVERIC bio, Inc.
8 Sylvan Way
Parsippany, NJ 07054
Attn: Legal Department – Privacy
If you are a citizen or resident of the European Union or the United Kingdom, in lieu of contacting us, you may contact our GDPR Article 27 & UK Representative, DataRep (formerly DPR Group). For more information, please click here. You are also entitled to contact the supervisory authority in the country in which you live if you have any concerns about our processing of your personal data.
Changes to this Privacy Notice
We may modify or update this privacy notice from time to time by posting the updates on this page. If there are material changes, we may place a prominent notice on this page or on our websites’ homepages and/or may contact you via email.
Updated July 2023