Privacy - Sentynl Therapeutics, Inc.

Sentynl Privacy Statement

Effective Date: May 18, 2020

Sentynl Therapeutics, Inc. (“Sentynl,” “We” or “Our”) are committed to respecting your privacy. This Privacy Statement is intended to answer your important questions about our privacy practices, whether you are looking for health information or are mining the experience of Sentynl to refine your expertise in meeting the needs of your patients.

This Privacy Statement applies to all Sentynl online or digital services activities, including, but not limited to www.Sentynl.com (the “Site”), our other websites, any mobile applications (“Apps”) and digital services on or to which it is posted or linked (collectively, the “Services”).

Please carefully read this Privacy Statement to learn more about how we may collect, use, disclose and store information provided and the steps we take to help protect the often sensitive information provided from unauthorized use or disclosure. When you submit information to or through the Services, you consent to the collection, processing and retention of your information as described in this Privacy Statement.

This Privacy Statement is incorporated into and made a part of our Terms of Service. If you have not done so already, please also review Sentynl’s Terms of Service. The Terms of Service contain provisions that limit Sentynl’s liability to users of the Services.

IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY STATEMENT, THEN PLEASE DO NOT USE ANY OF THE SERVICES.

Please note that this Privacy Statement does not apply to information collected through third-party websites or services that you may access through the Services.

Sentynl is a United States company with primary operations in San Diego County, California (Sentynl’s headquarters). Sentynl may process personal information in global databases that can be accessed by authorized Sentynl personnel worldwide. Transfers of personal information to Sentynl are made in accordance with applicable privacy laws. Regardless of where your personal information is collected or processed, Sentynl maintains appropriate administrative, technical and physical safeguards to protect information about you.

I. INFORMATION WE COLLECT

When you use the Services, we may collect Personal Information and Usage Data.

In this Privacy Statement, “Personal Information” means information associated with or used to identify or contact a specific person. Personal Information includes: (1) contact data (such as e-mail address, telephone number and employer); (2) demographic data (such as gender, date of birth and zip code); and (3) certain Usage Data (defined below).

Certain subsets of Personal Information, such as information about health or medical status (pursuant to all applicable laws) and Location Data (defined below), are characterized as sensitive (collectively, “Sensitive Personal Information”) and may be subject to stricter regulation and consent requirements than other information. Before providing it to us, we urge you to carefully consider whether to disclose your Sensitive Personal Information. If you do provide Sensitive Personal Information to us, you consent to its use and disclosure for the purposes and in the manner described in this Privacy Statement.

“Usage Data” is information about an individual’s activity on or through the Services that, by itself, does not identify the individual, such as browser type, operating system and webpages visited.

We do not consider Usage Data as Personal Information because Usage Data by itself usually does not identify an individual.

If different types of Usage Data and Personal Information are linked together and, once linked, identify an individual person, Usage Data in such limited scenarios may be considered Personal Information.

II. HOW INFORMATION IS COLLECTED AND USED

Sentynl may collect and use information to operate the Services, including:

Information That You Voluntarily Provide When Using the Services. We collect and use the Personal Information that you voluntarily provide to us through the Services. You may use certain Services without registering or identifying yourself but, if you do not register, you may not have access to all of the Services. If you choose to register, we may use the Personal Information you provide to confirm your registration and to respond to requests from you. Upon your request, we may also use the Personal Information to send you special promotions or newsletters with information that may interest you.

If you are a healthcare professional or an institutional healthcare provider (collectively, “Providers”), you are responsible for obtaining any legally required authorization, consent or other permission from your patients prior to providing their Personal Information to Sentynl through the Services. By submitting any Personal or other Information about a patient, you represent and warrant to Sentynl that you have obtained all required permissions to do so.

Through Your Use of Interactive Services. If you choose to participate in our questionnaires and surveys and other interactive Services, we will collect the information, including health-related information and other Sensitive Personal Information that you share to help us better understand how Sentynl products are used in coping with the diseases for which they are marketed.

The information you provide through interactive Services may be combined (subject to all applicable laws) with the Personal Information provided elsewhere in or through the Services. We may combine your and others’ Personal Information to create summary data that we will use for our business purposes, such as research to improve our products and analyses that may help us better market our products.

If you submit health-related Personal Information through the Services to participate in a clinical trial, we may use your Personal Information to assess whether you qualify for enrollment in the trial, to contact you about potential participation in the trial, and to provide you with additional information about the trial.

You may provide information to be published or displayed (“Posted”) on public areas of the Services (collectively, “User Contributions”). Your User Contributions are Posted and made available publicly at your own risk. Sentynl does not control the actions of third parties with access to your User Contributions. If you are a Provider and submit Personal Information about a study subject related to his or her participation in a clinical trial, that Personal Information will be processed in accordance with this Privacy Statement. If we determine that the potential study subject is eligible for the trial, we will use the information to contact you about his or her potential participation in the trial and to provide you with additional information.

When you Correspond with Sentynl about Sentynl Products. If you contact Sentynl or use the Services to ask questions or report problems regarding your experience in using one of our products, we may use the information you provide in submitting reports to the U.S. Food and Drug Administration and as otherwise required of us by law. We also may use the information to contact the prescribing physician to follow up regarding an event involving use of our product.

Through Data Collection Tools. Sentynl may also automatically collect information about use of the Services through data collection tools, such as web beacons and cookies.

A “web beacon” is an image and/or piece of code that enables us to monitor user activity and website traffic to derive insights. A “cookie” is a randomly-generated unique numeric code stored in the user’s web browser settings or computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires), as well as the randomly generated unique numeric code.

We may use the information collected through data collection tools to monitor usage patterns, store information about user preferences and to improve the Services. For example, your Personal Information may be used to create customized offers, information and services tailored to your interests and preferences. We may track your activities over time and across third-party websites, apps or other online services to display advertisements on third-party websites. If you do not want us to use your information in this way, please see “Your Privacy Choices” below. For more information about our digital advertising practices, please see “Digital Advertising” below.

When you Use a Mobile Application. When you use an App, we may use data collection tools to collect information about your use of and interaction with the App, such as operating system type, browser type, domain and other system settings, search queries, and the time zone in which the mobile device or tablet is located, metadata and other information associated with other files stored on your device.

We also may collect information about the location of the mobile device or tablet used to access the Services (“Location Data”). Location Data includes: (i) the location of the mobile device or tablet derived from GPS or WiFi use; (ii) the IP address of the mobile device or tablet or internet service used to access the Services; and (iii) other information made available by a user or others that indicates the current or prior location of the user, such as geotag information in photographs.

We will inform you if a specific App or service collects precise Location Data. If you do not want us to collect Location Data from your device, please delete the App or disable the location settings on your device or tablet. Note, however, that disabling the location setting may affect your ability to access and use that App.

When you Connect with Social Media though the Services: Certain Services may link with social media platforms and social media plug-ins (e.g., the Facebook “Like” button, “Share to Twitter” button) (collectively, “Social Media”). When accessing the Services through a Facebook or other Social Media account, Sentynl may (depending on the applicable user privacy settings) automatically have access to information provided to or through the Social Media platform. Sentynl may collect and use this information for the purposes described in this Privacy Statement or at the time the information was collected.

Through Service Providers: Third parties that assist us with our business operations also may collect and use information (including Personal Information and Usage Data) through the Services and also may share the collected information with us. For example, our vendors may collect and share information with us to analyze use of the Services, to help us detect and prevent fraud and to improve user experience.

III. HOW INFORMATION IS SHARED AND DISCLOSED

We may share and disclose information as described at the time information is collected and as follows:

To Perform Services. We may use third parties to perform services requested or functions initiated by users. In addition, we may disclose Personal Information to identify a user in connection with communications sent through the Services. We also may offer users the opportunity to share information with friends and other users through the Services.

With Sentynl’s Third Party Contractors. We may share information, including Personal Information, with our service providers to perform the functions for which we engage them, such as data analysis, system design and maintenance, customer services and for marketing and promotions.

With Co-branding Partners. We may partner with other companies to provide you with content or services on a joint or “co-branded” basis. When websites or services are co-branded, you will see both the Sentynl logo and the logo of our co-branding partner. When you register for a co-branded website or service, your registration information may be shared with one or more of Sentynl’s co-branding partners. You may avoid sharing your information with Sentynl’s partners on co-branded sites or service by choosing not to use them. Each co-branding partner will have its own privacy policy and its privacy practices may differ from this Privacy Statement.

Social Media Plugins. When you use the Services, Social Media operators can place a cookie on your computer to recognize individuals who have previously visited the Services. If you are logged into a Social Media account while using the Services, the social plugins allow that Social Media to receive information that you have accessed and used the Services. The social plugins also allow the Social Media operator to share information about your activities in or through the Services with other Social Media users. For example, Facebook Social Plugins allows Facebook to show your Likes and comments on our pages to your Facebook friends. Facebook Social Plugins also allows you to see your friends’ Facebook activity through the Services. Sentynl does not control any of the content from the Social Media plugins. For more information about Social Media plugins, please refer to the privacy statements and other legal notices of the Social Media platform.

Legal Requirements. In certain circumstances, Sentynl may release your Personal Information in response to a court order, subpoena, search warrant, regulation, binding order of a data protection agency, governmental request or other legal or regulatory process. Sentynl may disclose information if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Sentynl and our customers or others.

Corporate Changes. We may transfer information, including your Personal Information, in connection with a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by Sentynl or any affiliated company (in each case, whether in whole or in part). When one of these events occurs, Sentynl will use reasonable efforts to notify users before information is transferred or becomes subject to different privacy practices.

IV. LINKS TO OTHER WEBSITES/SERVICES.

A link to a third-party website or digital service does not mean that Sentynl endorses it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and not this Privacy Statement. We encourage you to carefully read the privacy policy or statement and other legal notices of each website or service that you visit.

V. OUR CHILDREN’S POLICY

The Services are not intended for use by children. If you are under the age of majority in your place of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the Children’s Online Privacy Protection Act (COPPA), if we learn that a child under age 13 has provided Personal Information to or through the Services without first receiving his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services and subsequently we will dispose of such Personal Information in accordance with this Privacy Statement.

If you believe Sentynl may have any information from or about a child under age 13, please contact our Compliance Office using the contact information at the end of this Privacy Notice.

VI. YOUR PRIVACY CHOICES

Sentynl aims to provide you with choices regarding the Personal Information you provide to us. This section describes mechanisms that we offer you to control certain uses and disclosures of your information.

When you access any interactive Service, you will be asked to affirmatively choose (“opt in“) to provide the requested information. You may always choose not to provide the requested information but then you may not be able to use the Service as intended.

Correct/Update Personal Information. You may correct or update the Personal Information you previously provided to Sentynl, by completing the form located at https://sentynl.com/preferences.

Receive Marketing Communications. When you register for the Services, you may request to receive email containing information about Sentynl that we think you might find useful, including promotions, announcements of new services and products, and newsletters on particular health topics. If you decide, at any time, that you no longer wish to receive these emails you may unsubscribe from our email list by completing the form located at https://sentynl.com/preferences.

Accept and Reject Cookies. Your browser software can be set to reject all cookies, but if you reject our cookies, certain of the functions and conveniences of the Services may not work properly. To learn more about cookies, please check your browser’s help or similar feature or visit allaboutcookies.org.

How We Respond to Browser “Do Not Track” Signals. Some web browsers incorporate a “do-not-track” or similar feature that signals to websites with which the browser communicates that a visitor does not want to have his/her online activity tracked. If a digital service that responds to a particular DNT signal receives the DNT signal, the browser can block that digital service from collecting certain Personal Information about the browser’s user. As of the Effective Date not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, Sentynl along with many other digital service operators do not currently respond to DNT signals. For more information about DNT signals, visit allaboutdnt.com.

IMPORTANT NOTE: Sentynl cannot comply with a consumer’s request to amend or remove information that was provided to Sentynl by a healthcare professional or a consumer regarding an adverse drug event.

VII. HOW INFORMATION IS RETAINED AND SECURED

We retain information as long as it is necessary and relevant for our operations. In addition, we retain Personal Information to comply with applicable law, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Service, and other actions permitted by law. When your Personal Information is no longer needed for Sentynl’s business purposes, we dispose of it subject to applicable law.

We employ security measures intended to help protect the security of all information submitted through the Services. The security of information transmitted through the internet cannot, however, be guaranteed. We are not responsible for any interception or interruption of any communications or for changes to or losses of data through the internet. Users of the Services are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of the Services. Any access to the Services through your user ID and password will be treated as authorized by you. To help protect your Personal Information, we may suspend your use of all or part of the Services, without notice, if Sentynl suspects or detects any breach of security. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.

VIII. CHANGES TO THIS PRIVACY STATEMENT

Sentynl reserves the right to change the terms of this Privacy Statement. If we make any material changes to this Privacy Statement, we will notify you in advance through the Services. If we decide to use Personal Information in a manner that is materially different from the uses described in this Privacy Statement or otherwise disclosed to you, you will have the choice to allow or disallow any additional uses or disclosures of your Personal Information. We will not make retroactive changes that reduce your privacy rights unless we are legally required to do so. Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Privacy Statement. The amended Privacy Statement supersedes all previous versions.

IX. YOUR CALIFORNIA PRIVACY RIGHTS

This PRIVACY NOTICE FOR CALIFORNIA RESIDENTS supplements the information contained in the Privacy Statement of Sentynl Therapeutics, Inc. (“Sentynl”) and its subsidiaries (collectively, “we,” “us,” or “our”) and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.

Information We Collect
Sentynl does not interact directly with consumers except when contacted by a consumer, such as in an adverse event notification. We may however contract with vendors whose databases may include consumer information.

The information we collect may identify, relate to, describe, reference, or be reasonably capable of associating with, or could reasonably be linked directly or indirectly with a particular consumer or household (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	NO
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	NO
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, or application.	YES
G. Geolocation data.	Physical location or movements.	NO
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	NO
I. Professional or employment-related information.	Current or past job history or performance evaluations.	YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	NO

We obtain the categories of personal information listed above from the following categories of sources:

Directly and indirectly from activity on our website (www.sentynl.com). For example, from submissions through our website portal or website usage details collected automatically. Also from information collected from the Careers, Contact and Safety sections of our website.
From third-parties that interact with us in connection with the services we perform.

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following business purposes:

To provide you with information that you request from us.
To improve our website and present its contents to you.
For testing, research, analysis and product development.
As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

Category A: Identifiers.
Category B: California Customer Records personal information categories.
Category I: Professional or employment-related information.

We disclose your personal information for a business purpose to the following categories of third parties:

Our affiliates.
Service providers.
Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.

In the preceding twelve (12) months, we have not sold any personal information.

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

The categories of personal information we collected about you.

The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you (also called a data portability request).
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

Calling us at 877-767-2656.
By filling out a contact form on our web site by clicking here.
Write to us at: Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.

Sentynl Therapeutics, Inc.
Attn. Chief Compliance Officer
420 Stevens Ave., Suite 200
Solana Beach, CA 92075

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The following details must be on the verifiable request:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email or through a notice on our website homepage.

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 877-767-2656
By filling out a contact form on our web site by clicking here.
Write to us at:

Sentynl Therapeutics, Inc.
Chief Compliance Officer
420 Stevens Ave., Suite 200
Solana Beach, CA 92075