Privacy Policy

Global Blood Therapeutics GmbH and its parent and affiliate companies (collectively, “GBT”, “we”, “us”, or “our”) as controller of your data is committed to respect your privacy. This privacy notice (“Privacy Notice”) explains our practices regarding the collection, use and disclosure of information that you may provide to us through your use of https://eu.scdsilentdamage.com/ (“Site”). 

This Privacy Notice describes the types of information we gather from people visiting and interacting with our Site (“you” or “users”), and describes how we collect, use, transfer, secure, disclose and otherwise process personal information and explain the rights and choices available to users with respect to their personal information, and in connection with this website or websites which post or link to this Privacy Notice, our products and services, and our online and offline activities and communications. This Privacy Notice does not cover other services that we may offer or provide and does not cover information we receive from third parties.

This Privacy Notice is incorporated into, and is part of, our Terms of Use available at https://eu.scdsilentdamage.com/ which govern your access to the Site and your use of the Site, unless you have entered into a separate written agreement with us.  If you have entered into a separate written agreement with us, that separate written agreement shall control, and only those terms within this Privacy Notice that do not conflict with such separate written agreement shall apply.

If you have any questions regarding this Privacy Notice, please contact us at contact@gbtondemand.com.

By accessing the Site, you agree to be bound by this Privacy Notice. If you do not agree to the terms of this Privacy Notice, please do not use the Site.  Each time you use the Site, the current version of this Privacy Notice will apply. Accordingly, when you use the Site, you should check the date of this Privacy Notice (which appears at the bottom) and review any changes since you last reviewed the Privacy Notice.

We also provide useful information for persons located in the European Union, United Kingdom and Switzerland.

Table of Contents

Personal Information We Collect

Whose Personal Information We Collect

We collect personal information about the registered users of this website.

How We Collect Personal Information

Our vendor West End Studios Ltd, acting as data processor for GBT, collects personal information directly from the users and hosts the data in its physical servers (certified ISO 27001) located in the United Kingdom.

Types of Personal Information We Collect

The types of personal information we collect and share depend on the nature of the relationship you have with GBT and the requirements of applicable laws. We may collect:

  • Contact information and preferences (such as name, job title and employer name, email address, mailing address, phone number, and emergency contact information)
  • Engagement data, such as information about the programs and activities in which you have participated
  • Publicly available information, including information posted on or collected from our social media channels (such as comments describing support for and experience with GBT products)
  • Correspondence and other information you provide to us (such as in emails, on phone calls, in market research surveys, or in other correspondence with GBT or our service providers or business partners)
    • Device data that is collected automatically (such as IP Address, your device’s operating system, your Internet service provider and location, browser type and language, your unique device ID (persistent/non-persistent), and the website you visited before browsing to our website)
    • Online activity data that is collected automatically (such as information about the website content you access and information about the date, time and duration of your visit)

This information may be collected by us or our service providers to understand which webpages you accessed and which content you viewed and to compile statistics about usage of our website.

We may combine other publicly available information, such as information related to the organization for which you work, with the personal information that you provide to us.

How We Use Personal Information

To operate and improve our websites, including to:

  • Operate, maintain, administer and improve the website
  • Provide support and maintenance for our websites
  • Respond to your service-related requests, questions and feedback
  • To host invitation-only webinars and other on-line events addressed to healthcare professionals;

To communicate with you, including to:

  • Provide you with health-, or product-related, media or other materials
  • Send you copies of our press releases or other information
  • Send you surveys or other marketing communications
  • Support public health initiatives, symposia, conferences, and scientific, educational and volunteer events

Promote our product(s) and provide disease-state education

To comply with law, as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention, and safety, where we may use personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern our websites, products and services; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

To comply with regulatory monitoring and reporting obligations, as we believe necessary or appropriate, such as those related to adverse events, product complaints, patient safety, and financial disclosures.

With your consent, where we specifically ask for consent to collect, use or share personal information for an identified purpose, such as when required by law.  

To create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect, by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes.

Use of “Cookies”

What are cookies?

Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser and allows the website or a third-party to recognize you and make your next visit easier and the website more useful to you.

Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser.

Like most websites, our Site uses “cookies,” but only cookies that are necessary to perform basic functions and operate features of our Site. Those cookies are technical and allow you to browse a website, platform or app, and use the various options or services on it (e.g., control traffic, identify data or session, access restricted access sections or content, etc.).

You have choices with respect to cookies. The cookies used by this Site can be found at the site of our platform provider and are listed here.

By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject all cookies you may be unable to use some features of our Site. You can learn more about cookies and how they work at www.allaboutcookies.org. You can always disable cookies through your browser settings.

How We Share Personal Information

We do not share personal information with third parties without consent, except in the following circumstances or as described in this Privacy Notice:

Affiliates.  We may share personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Notice.

Service providers.  We may employ third party companies and individuals to perform services on our behalf, including:

  • Data storage and analytics
  • Technology services and support (including email and web hosting providers, marketing and advertising technology providers, email and text communications providers, mobile app developers)
  • Event planning and travel organizations that help facilitate GBT programs

These third parties may use your information only as directed by GBT and in a manner consistent with this Privacy Notice, and are prohibited from using or disclosing your information for any other purpose.

Business partners and other professionals and organizations.  We may disclose personal information to partners with whom we jointly develop products or services, in connection with the development and promotion of such products or services. We will ask for your consent before disclosing your information with our business partners where required by applicable law. We may also share personal information with health care professionals, researchers, academics, public health organizations, and publishers for purposes consistent with this Privacy Notice.

For compliance, fraud prevention and safety.  We may share personal information for the compliance, fraud prevention and safety purposes described above.

Business transfers.  We may sell, transfer or otherwise share some or all of our business or assets, including personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

Update your information.  If you become aware that the personal information we maintain about you is inaccurate, incomplete, misleading, irrelevant or out of date, you may contact us at gbt.dpo@mydata-trust.info.

Marketing communications.  You may opt out of marketing-related emails by clicking the “Unsubscribe” link at the bottom of each such email, or by sending an email with the subject line “Unsubscribe” to gbt.dpo@mydata-trust.info.You may continue to receive service-related and other non-marketing emails.

Choosing not to share personal information.  Where we are required by law to collect personal information, or where we need personal information in order to provide you with our products or services, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our products or services and may need to terminate our relationship with you. We will tell you what information you must provide to us by designating it as required when we request the information or through other appropriate means.

Security

We take the security of your Personal Information very seriously.  We ensure the security of Personal Information in order to protect it from unauthorized access, unlawful processing or disclosure or accidental loss, modification or destruction. To this end, we use reasonable administrative, physical, and technical safeguards to secure the Personal Information you share with us. Despite these safeguards and our additional efforts to secure your information, we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third-parties will not be able to defeat our security and improperly collect, access, steal, or modify your Personal Information.

Other Sites and Services

We may provide links to other websites and online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.

Notice for European, UK and Swiss Users

Personal information.  References to “personal information” in this Privacy Notice are equivalent to “personal data” governed by the General Data Protection Regulation n° 2016/679 (“GDPR”), the United Kingdom General Data Protection Regulation, as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 (“UK GDPR”), and the Swiss Federal Act on Data Protection (collectively “Data Protection Laws”).

Controller and Representative.  Global Blood Therapeutics GMbH is the controller of your personal information for purposes of the Data Protection Laws.

GBT’s EU and UK representative is MyData-Trust and can be reached at: gbt.dpr@mydata-trust.info.

You can also contact the Data Protection Officer of GBT at gbt.dpo@mydata-trust.info.

Legal bases for processing.  We use your personal information only as permitted by law. Our legal bases for processing the personal information described in this Privacy Notice are as follows:

  • Legal compliance.  We may need to collect, use, and otherwise process your personal information to comply with our legal obligations, such as regulatory monitoring and reporting obligations.
  • Legitimate interests.  We may process your personal information where we have a legitimate interest in doing so, provided that our interests are not outweighed by any potential impact of the processing on you, or your fundamental rights and freedoms.
  • Contract.  We may need to process your personal information to perform a contract with you or to take steps that you have requested prior to entering into the contract.
  • Necessity.  We may need to process your personal information to protect your vital interests, or those of another person.
  • Consent.  In some cases, we may rely on your consent to process your personal information. Where we rely on your consent, you have the right to withdraw it at any time in the manner indicated when we requested the consent or by contacting us at gbt.dpo@mydata-trust.info.

Use for new purposes.  We may use your personal information for reasons not described in this Privacy Notice where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an incompatible purpose, we will notify you, explain the applicable legal basis and ask for your consent if required.

Categories of personal data. All categories of personal data collected via the Site and processed by us are described in this Privacy Notice.

Recipients of your personal information. We use various service providers to manage our Site.  Our service providers change from time to time.  Note that our service providers have entered into contracts with us that restrict what they can do with your personal data. If you would like specific information about our service providers who have received your information, please contact us at and we will provide that information to you.

Retention.  We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, for how long we informed you we would retain it, or for as long as required by law. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

As a rule, we will retain your personal information for one (1) year from your most recent use of the Site.

When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

International Data Transfers. Your personal information shall be collected by our data processor West End Studios Ltd and stored in its physical servers located in the United Kingdom where privacy laws are considered adequate by the European commission.

If we transfer your personal information out of the European Union, United Kingdom or Switzerland to a country not deemed by the European Commission to provide an adequate level of protection to your personal information, the transfer will be performed in accordance with the Data Protection Laws defined above. In order to do so, we take appropriate steps by implementing reasonable additional measures to protect your personal data (e.g., EU Commission standard contractual clauses). We also enter into contracts with our data processors that require them to treat personal data in a manner that is consistent with this Privacy Notice.

You may contact our DPO if you want further information on the specific mechanism(s) used by us when transferring your personal information out of the European Union, United Kingdom or Switzerland.

Your rights for European and UK users.  GDPR and UK GDPR give you certain rights regarding your personal information. If you are located within the European Union and the United Kingdom, you may ask us to take the following actions in relation to your personal information that we hold:

  • Provide you with information about our processing of your personal information and give you access to your personal information;
  • Update, complete or correct inaccuracies in your personal information;
  • Delete your personal information;
  • Transfer a machine-readable copy of your personal information to you or to another controller of your choice;
  • Restrict the processing of your personal information;
  • Object, on the ground relating to your particular situation, to the processing of your personal data;
  • Withdraw your consent. If you have provided us your consent for a particular process, you have the right to withdraw your consent

Please note that these rights will be assessed on a case by case analysis by the DPO of GBT.

Your rights for Swiss users. The Swiss Federal Act on Data Protection gives you certain rights regarding your personal information. If you are located within Switzerland, you may ask us to take the following actions in relation to your personal information that we hold:

  • Provide you with information about our processing of your personal information and give you access to your personal information;
  • Update, complete or correct inaccuracies in your personal information;
  • Delete your personal information;
  • Transfer a machine-readable copy of your personal information to you or to another controller of your choice;
  • Restrict the processing of your personal information;
  • Object, on the ground relating to your particular situation, to the processing of your personal data.

Please note that these rights will be assessed on a case by case analysis by the DPO of GBT.

If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the Data Protection Authority in the member state of your habitual residence, of your place of work, or where an alleged infringement took place. If you are in the European Union, you can find your Data Protection Authority here. If you are in the United Kingdom, the Information Commissioner’s Office can be reached here. If you are in Switzerland, please check here.

This Privacy Notice only applies to personal data collected via the Site. If you have provided personal data through some means other than through our Site (for example, in connection with a clinical study sponsored by GBT in Europe), you will have received a separate notice concerning your personal data.  Please refer to that notice first if you have any concerns about our processing of your personal data, as that notice will contain important information and a designated contact person for concerns.

You may always contact us as set forth in the “Contact Us” section of this Privacy Notice.

Changes to this Privacy Notice

We reserve the right to modify this Privacy Notice at any time. If we make material changes to this Privacy Notice, we will notify you by updating the date of this Privacy Notice and posting it on our websites. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if we have your contact information).

This Privacy Notice was last updated 07/07/2021

Contact Us

Please direct any questions or comments about this Privacy Notice or privacy practices to gbt.dpo@mydata-trust.info.

You may also write to us via postal mail at: Global Blood Therapeutics GmbH, c/o Prisma Treuhand & Revisions AG, Bahnhofstrasse 20, CH- 6300 Zug, Switzerland.