OncoSec Medical Incorporated (collectively “OncoSec,” We” or “Our”) are committed to respecting your privacy. Because facts about a person’s demographic, health, health interests, and health care are private and sensitive, we know that you may have concerns about sharing information with us. This Privacy Statement (“Statement”) is designed to answer your important questions about privacy, whether you are a consumer looking for health information, or a health care provider mining the experience of OncoSec to refine your expertise in meeting the needs of your patients.
If you are a consumer, you’ll want to know how we use the information you provide if you register with us as a site user or when you participate in activities on our site, and how we protect this information from unauthorized use or disclosure.
If you are a health care professional, you’ll want to know what steps we take to protect the sensitive data you may choose to share with us, and how we use information you provide about yourself and your professional services.
We urge all users of our sites to read this Privacy Statement to learn more about the policies and practices that we have developed to safeguard personal and health information, and to better understand our relationships with the third parties who may have access to this information.
I. Information We Collect:
We have access to the following categories of information regarding you and your visit to our website. Only some of these categories of information identify you directly, but each category offers some information about your interests and activities that could be used to make inferences about you. The next section of this Statement describes how OncoSec uses the information we collect.
Information That You Voluntarily Provide
Site Registration.We have constructed this website so that you may visit us and review information about the services we offer without revealing your identity or volunteering any personally identifying information. If you register to use the website’s features and services, either as a consumer or a health care professional, we will collect “personally identifying information” from you. Personally identifying information is information such as name, address, telephone number, and e-mail address that could be used to contact you. When this information is combined with any information on your health or medical status (pursuant to all applicable laws), we refer to the resulting information as “health-related personal information.” If you are a health care professional or an institutional health care provider, it is your responsibility to obtain your patient’s authorization and consent to provide his or her health-related personal information to OncoSec through our websites. By submitting any such information, you represent and warrant that you have obtained your patient’s authorization to do so.
Interactive Services. If you choose to participate in our interactive services such as questionnaires and surveys, you may disclose health-related information as well as personal facts that could be used to identify you or your family members. Providers who use our benchmarking services and quality of care assessments may choose to disclose facts about their practice and patients that are extremely sensitive, personal data. We do not request or require you to disclose personally identifying information in these forums, but apart from warning you to be prudent in your statements, we do not have the ability to keep you from disclosing private facts.
Correspondence with OncoSec. You may use our site to ask questions or report problems regarding our products to healthcare professionals hired by OncoSec to address consumers’ and health care professionals’ questions regarding use of our products. If you communicate with or request information from OncoSec personnel, they will have your e-mail address as well as whatever health-related and/or personal facts you chose to include in your e-mail. If you are reporting a product experience, we may ask you for specific facts, including patient initials, age, and gender, and prescribing physician. U.S. regulations require us to collect patient-identifiable information in order to file reports with the U.S. Food and Drug Administration regarding the safety of our products.
Information That Is Routinely Collected By Our Site Technology:
IP Address.We record the Internet Protocol (“IP”) address of your computer when you visit our site. Without more, the IP address does not identify you personally, but it is what allows us to maintain communications with your computer as you move about our site.
Cookies. We also collect information about your use of our site through cookies and similar technology. A “cookie” is a unique numeric code that we transfer to your computer so that we can keep track of your interests and preferences and recognize you as a return visitor to our site. Cookie technology allows us to collect “clickstream” data, which is not personally identifying information, but which reflects your activities on the site, including your interest in certain health care conditions. A cookie does not collect or keep your name or other personal identifying information, but when you revisit our site, the cookie allows us to bring you the content and features likely to be of greatest interest to you based on your previous activities on our site.
II. We Use Your Information
Whether you are a consumer or a health care professional, we use the information about your use of the services and activities on our website to monitor user traffic patterns and try to analyze what our users prefer so that we can design better services for you. The personally identifying information and health-related personal information that you provide may be used to create customized offers, information, and services tailored to your interests and preferences.
Personally Identifying Information. You do not have to register to use most of the information and services available for consumers on our websites. If you choose to register, we will use the personally identifying information you give us to send you an e-mail confirming your registration with our site and to respond to questions from you. Upon your request, we may also, from time to time, send you e-mail with special promotions or newsletters with information that we think may be of interest to you.
Health-Related Information. If you choose to participate in our interactive services, we will collect the information you choose to disclose and analyze it to discover new facts that could help us better understand how our products are used in coping with the diseases for which they are marketed.
We may offer interactive services such as health questionnaires and care management tools that ask you to furnish health-related information about you, your family members, or, if you are a healthcare provider, your patients. The information you disclose and provide in interactive services may be linked (pursuant to all applicable laws) with the personally identifying information you may choose to provide elsewhere on our site to provide us with personally identifying information about your health and health care. We may combine your health-related information with that from other site users to create summary data that we will use for our business purposes, including research to improve our products and analyses that may help us better market our products.
If you submit health-related information through our website to participate in a clinical trial, we may use that information to assess whether you qualify for enrolment in the trial, to contact you about potential participation in the trial, and to provide you with additional information about the trial. If you are a healthcare provider and you submit health-related information about a patient in order for them to participate in a clinical trial, that information will be maintained in accordance with this Privacy Statement.
If we determine that your patient is eligible for the trial, we will use the information you submit to contact you about your patient’s potential participation in the trial and to provide you with additional information.
Product Reports.If you contact OncoSec regarding your experience in using one of our products, we may use the information you provide in submitting reports to the U.S. Food and Drug Administration, and as otherwise required of us by law. We also may use the information to contact the prescribing physician to follow up regarding an unexpected event involving use of our product.
IP Address.In addition to using the IP address of your computer to maintain communications with your computer as you move about our site, we also may use your IP address to personalize content provided on the website. We retain IP addresses, and we retain them together with personally identifying information.
Law Enforcement.In certain limited circumstances, OncoSec may be called upon to release your personal information in response to a court order, subpoena, search warrant, law, or regulation. We plan to fully cooperate in responding to such requests, taking appropriate measures to ensure that the requester understands the sensitive nature of the health-related personal information that they may receive. We also reserve the right to cooperate with law enforcement authorities in investigating and prosecuting users who violate our rules or engage in behavior that is illegal or harmful to other websites.
III. Our Relationship to Third Parties
We may use third parties to provide services and information on our site and we may provide some co-branded services in partnership with others. We also may use third parties to analyze data collected on our site. We will not disclose your personally identifying information or health-related personal information to anyone other than OncoSec employees and those third parties with whom we have a business relationship. If we allow a third party contractor to have access to your personally identifying information, we will not authorize them to take it or use it for any purpose that is not consistent with this Statement.
We pledge that we will never sell or disclose any personally identifying information or health-related personal information you provide on our site to an unrelated third party without your express permission, except as explained below:
- Cookies.We do not allow other sites or third parties to use our cookies for their own purposes or to place their own cookies on your computer when you access services through our site.
- Vendors and Suppliers.We have relationships with different vendors and suppliers who help us design and maintain our systems and our computer security, respond to e-mail and customer inquiries, analyze our data and create special promotions. We will not authorize our vendors and suppliers to use our personally identifiable information for any purpose not related to OncoSec’s business operation.
- Co-branded Sites.We may partner with other companies to provide you with content or services on a joint or “co-branded” basis. At a co-branded site you will see both the OncoSec logo and the logo of the co-branded partner displayed on your screen. To access the services available on a co-branded site you may have to complete a new on-line registration form, and this registration information may be shared with OncoSec’s co-branded partners. You should read the individual privacy policies of our co-branded partners, as these may differ in some respects from ours. Reading these policies will help you to make an informed decision about whether to provide your information to a given site. Remember, you can always opt-out of sharing your information with a partner site by choosing not to use the service or content provided by the co-branded site.
Other Important Information About Our Relationship With Third Parties
IV. Our Children’s Policy
OncoSec’s website content and services are intended for adult users over the age of 13. Our site is not designed to attract child users. If we learn that an under-13 user has volunteered personal or health-related information on our site, or that a provider has volunteered information about a patient who is identified as younger than 13, we will delete such information from our active databases in accordance with our deletion policy, which is described in the section on Your Privacy Choices.
V. Your Privacy Choices
When you access any interactive tool or service on OncoSec’s website, you will be asked to affirmatively choose (“opt-in”) to provide the requested information. You may always choose not to provide the requested information.
- Receive E-mail.When you register with our site, you will be given the option of requesting to receive e-mail with information we think you might find useful, including promotions, announcements of new services and products, and newsletters on particular health topics. If you decide, at any later time, that you no longer wish to receive these e-mails you may unsubscribe from our e-mail list by emailing email@example.com and entering “unsubscribe” in the subject heading.
- Accept Cookies. Your browser software can be set to reject all cookies, but if you reject our cookies, certain of the functions and conveniences of our site may not work properly. Cookies and similar technologies are how we ensure that we can promptly retrieve and deliver the information to you when you use our site
- Correct/Update Personal Information. You may correct or update the personal and/or health-related personal information you previously provided to the website at any time, by sending an email to firstname.lastname@example.org.
- Remove Personal Information.You may request removal of previously provided personal and/or health-related personal information at any time, by sending an email to email@example.com. Please read about our deletion policy below.
- *Deletion Policy. The information that you provide OncoSec is stored on servers that are operated and maintained by OncoSec and/or third parties under contract with OncoSec. Website users should be aware that it is not technologically possible to remove from our servers each and every record of the information you have provided to OncoSec. The need to back-up our systems to protect information from inadvertent loss means that a copy of information about you or your health-related interests may exist in a non-erasable form that will be difficult or impossible for us to locate. Nevertheless, we promise that upon receiving your request, OncoSec will delete all personal and/or health-related personal information stored in the databases OncoSec actively uses for research and daily business activities, or stored in other readily searchable media. In addition, we will use commercially reasonable efforts not to disclose any personal information stored in a non-erasable format after receiving your request for removal, except as required by law.
Please be aware that OncoSec may not comply with a consumer’s request to amend or remove information that was provided to OncoSec by a health care professional or a consumer regarding an adverse drug event.
- Communicate with OncoSec by E-mail.At our website, consumers and providers may communicate with our staff to learn more about our products and services. We also offer interactive tools that enable consumers and health care professionals to submit customized e-mail requests for information about diseases and therapies. Please be aware of the limits on the confidentiality of these e-mail communications. We will not disclose personally identifiable information that we receive in e-mail, but all e-mail transmissions are vulnerable to unauthorized interception. In addition, we remind you that e-mail sent or received through an employer’s computer or computer system is not confidential and may be the legal property of the employer.
VI. Our Security Measures
We want your and your patient’s personal information to remain as secure as reasonably possible. Our success at improving our products and services depends upon your or your patient’s willingness to share information about your or your patient’s personal health and health care with OncoSec.
Data Security. We use encryption practices to help insure the integrity and privacy of some of the personal and health related personal information you provide to us. As an added security precaution, all personal and/or health related personal information is kept physically behind firewalls that prevent intruders from gaining access. Although we will make reasonable efforts to protect personal and/or health-related personal information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk that an unauthorized third party could intercept an internet transmission, or that someone will find a way to thwart our security systems.
VII. Changes in Our Privacy Statement
We will only use personal information in the manner described in the Privacy Statement in effect when the information was collected from you. However, we reserve the right to change the terms of this Privacy Statement at any time by posting revisions to our site. If at any point, we decide to use personally identifiable information or personal health-related personal information in a manner different from that stated at the time it was collected, we will notify users by e-mail to the extent that we have your e-mail address. You will be given the choice at that time to “opt-in” for any additional uses or disclosures of your personally identifiable information or personal health-related personal information that you made available to us prior to the change in our Statement.
VIII. Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents who are individual consumers of OncoSec Medical Inc. products to request certain information regarding its disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write to:
OncoSec Medical Inc.
11494 Sorrento Valley Road
San Diego, California
Be sure to include your name, address, and email address if you want to receive a response by email. Otherwise, we will respond by postal mail within the time required by law.
Effective Date: January 4, 2011