LAST UPDATED ON: JANUARY 2, 2022
Day One Biopharmaceuticals (“Day One,” “our,” “we” or “us”) respects your privacy and we want you to be familiar with how we collect, use, share, or otherwise process, your personal information. This Privacy Notice explains what kind personal information we may collect when you visit our website(s) or interact with Day One online, through email, participation in our programs or services or engage in other business interactions with Day One. This Notice also describes the reasons we collect your personal information and how we use it and provides additional details about Day One’s privacy practices.
Your Personal Information
“Personal information” is information that identifies or relates to an individual. This includes information that both directly and indirectly identifies you. Examples of personal information that directly identifies you includes your name, your email or postal address, and your telephone number. Examples of personal information that may indirectly identify you include your age, IP address or other online identifiers, internet or electronic network activity information, etc.
We use your personal information for the purposes outlined in this Privacy Notice, and for purposes which are reasonably compatible with the ones described in this Privacy Notice. We may also use your personal information if we have a legal right or obligation to do so.
Collecting and Using your Personal Information
When you visit our Website we may collect personal information directly or indirectly from you. The type of personal information we collect depends on the nature of your interactions with Day One and our Website. For example, we may collect:
- Contact Information: First and last name, address, telephone number, email address, and other contact information you choose to provide to us
- Demographic Information: Age, date of birth, location
- Professional Information: Professional affiliations, specialty, NPI
- Information collected through tracking technologies: IP address or other online identifiers
We may use this information to:
- Respond to questions on recruitment to our clinical trials or refer you to specific organizations that may provide information on how to participate in clinical trials
- Address questions related to products in development, or in market
- Deliver requested information on resources available related to the therapeutic areas or other medical or scientific areas that Day One provides
- Provide marketing information relating to products in development or as marketed by Day One, its affiliates or licensees
- To fulfill our obligations to you under an applicable contract or to conduct business with you
- To provide support-related activities, such as customer service
- Analyze use of our Website, or to enhance or develop new features for our website
- To send you promotional materials, such as our newsletter, with your consent
- Conduct other legitimate business activities, as allowed by applicable law
Sensitive Personal information
In course of offering our services, and with your explicit consent, we may also collect and process personal information that is of a sensitive nature, including, for example:
- Information related to your health and medical condition(s)
- Medical treatments, medications, and test results
- Information about your insurance
We may use this information, as necessary, to:
- Provide and manage clinical research opportunities, patient support programs and other Day One Services
- Process and manage safety and quality concerns
- Conduct other legitimate business activities, as allowed by applicable law
We will only process Sensitive Personal Information when we have your express consent, or another legal basis.
Day One will also use your personal information when necessary to comply with applicable law, respond to legitimate requests from government authorities, including authorities that may be outside of your country of residence, to protect or defend our legal interests, and if necessary, to protect the safety of our employees and other stakeholders.
Other Information We Collect
When you visit or interact with Day One through our Website we may collect information that does not directly identify you but allows us to understand how you interact with our Website. This information may include information about the device and software you use to interact with Day One, such as your:
- IP address
- Web browser type
- Operating system version
- Device identifiers
We may use this information to:
- Optimize and personalize your interactions with our Website
- Operate and improve our Website
- Maintain and secure our Website
- Enforce our Terms of Service, or other legal rights
Cookies, Web Server Data, & Other Technologies
Cookies, or similar technologies, may provide us the following information:
- The type of web browser software you use
- The name of the domain from which you access the Internet (including client and server IP addresses, usernames, ports, queries, or other status-related information)
- The Internet address of the website from which you linked directly to our Website
- The date and time you access our Website
- Which pages you have visited on our Website
How to manage or disable cookies in your browser
In most cases we will not be able to identify you directly from the information we collect using these technologies. Or you may choose to disable cookies through your browser. If you do so, you may be unable to access or utilize certain parts of our website, or your experience may be altered.
Communicating with You
We may contact you periodically by email, for example, if you have opted in to receive emails from us, to provide information regarding programs, services and content that may be of interest to you. In addition, some of the features on our Website allow you to communicate with us using an online form. If your communication requests a response from us, we will send you a response via email. You can opt out of these communications by clicking on the “unsubscribe” button at the bottom of promotional email communications, as applicable.
Information we share with third parties
We may disclose your personal information as described in this Privacy Notice or under specific circumstances, including:
- When we have your express permission to do so
- When it is reasonably necessary for our legitimate interests in conducting business, such as in the event a merger, acquisition, or sale
- To protect our legal rights and property
- To comply with the law, including a court order or legal process
- To protect someone’s health, safety, or welfare
We may also disclose your personal information to third-party vendors, suppliers (“Service Providers”), or other individuals or companies with which we have contracted to provide services, for purposes such as:
- Providing and improving our Website and service offerings
- Storing your personal information
- Providing customer service-related activities
- Sending email or other communications
When we share personal information with Service Providers, we require that they use your information only for the purposes we’ve authorized, and for the limited reasons explained in this Privacy Notice. We also enter into agreements with these Service Providers to require them to protect your personal information appropriately.
Retaining your information
We will retain your personal information for the time-period required or allowed by applicable law. Otherwise, we keep your personal information for as long as reasonably necessary to serve the purpose(s) for which it was collected.
International transfers of information
Your personal information may be stored and processed in any country where we have facilities or in which we engage Service Providers. We will only transfer your personal information where we have established a legal basis, but you should not use this Website if you do not want your personal information potentially transferred, or otherwise processed, in countries outside of your country of residence, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information.
If you are located in the EEA, your Personal Data may be transferred to our affiliates or service providers in non-EEA countries that are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures to protect your personal information, such as standard contractual clauses adopted by the European Commission.
Exercising your rights
You may contact us at firstname.lastname@example.org to request access to the personal information we have collected about you, or to update or correct personal information that you have provided to us.
You may have the right to request access to, or deletion of, your personal information under law (e.g., California Consumer Privacy Act, or the EU’s General Data Protection Regulation). These rights apply in certain circumstances. This means that we may be unable (e.g., due to legal requirements) or not obligated to satisfy your request.
In some cases, we may need to collect additional information from you in order to verify your identity before providing you access to or deleting your information, such as a government-issued identification. Day One will not discriminate against you for exercising your rights, but we may not be able to provide you with services or programs that you have requested if we are not able to use your information.
If you have provided permission to Day One to process your personal information, you have the right to withdraw your consent for such processing at any time by contacting us at email@example.com. Please note that you can always unsubscribe from receiving emails by using the ‘Unsubscribe’-link provided in the emails you receive from us.
How we safeguard your information
Day One takes reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. In particular:
- We encrypt many of our services using SSL (a method of encrypting some types of information sent over the Internet) and multifactor authorization
While we have implemented technical, physical, and administrative controls to safeguard your personal information, there is always some risk involved when sending information over the Internet. Day One cannot guarantee the security of the Internet, transmissions or email sent using our Website or other services.
California Privacy Rights
California entitles California residents who have an established business relationship with Day One the right to request information regarding our disclosure of certain personal information to third parties for their direct marketing purposes. To make a request for such information, you may contact us using the information in the “How to Contact Us” section below.
California Consumer Privacy Act (CCPA) entitles California residents to certain rights with regard to their Personal Information. Those rights have been incorporated into this Privacy Notice.
We do not sell personal information.
Changes to this Privacy Notice
Day One may update or make changes to this Privacy Notice from time to time, at our discretion. We encourage you to visit this page periodically and to review our most current Privacy Notice and applicable effective date.
How to contact us
If you have questions or comments about this Privacy Notice, please contact firstname.lastname@example.org.