Privacy Policy

This Privacy Policy describes the privacy practices of PepGen, Inc. and our subsidiaries and affiliates (collectively, “PepGen”, “we”, “us”, or “our”) and how we handle personal information that we collect through our website — http://www.pepgen.com, through any other website that we own or control and which posts this Privacy Policy, and through other interactions and correspondence with you. PepGen may provide additional or supplemental privacy notices to individuals for specific products or services that we offer at the time we collect personal information, for example, in connection with our clinical trials.  These supplemental privacy policies govern how we may process your information in the context of the specific product or service.

We provide important information for individuals located in the European Union, European Economic Area and United Kingdom (collectively, “Europe” or “European”) below.

You can download a printable copy of this Privacy Policy here.

 

Table of Contents:

Personally Identifiable Information

How We Use Your Personally Identifiable Information

Non-Personally Identifiable Information

Use of IP Addresses

Cookies

Sharing Personally Identifiable Information with Third Parties

Your Choices

Link to Other Websites

Security

International Data Transfer

Children

Changes

How to Contact Us

Notice to European Users

 

Personally Identifiable Information:

 

PepGen collects personally identifiable information (i.e., information from which you can be identified, such as name, address, telephone number or e-mail address) only when it is asked for and/or you voluntarily submit it to us on this website.

 

How We Use Your Personally Identifiable Information:

 

We may use the information to respond to your requests, improve our level of service and the content of our website; provide you with tips, helpful information, product news and updates; notify you of new PepGen products and services; and for our own internal purposes.

 

Non-Personally Identifiable Information:

 

PepGen also collects non-personally identifiable information in aggregate form to track data such as the total number of visits to our website, the number of visitors to each page of our website and the domain names of our visitors’ internet service providers. We use this information, which remains in aggregate, non-personally identifiable form, to understand how our visitors use our website so that we may improve our website and the services we offer.

 

Use of IP Addresses:

 

An Internet Protocol (IP) address is a set of numbers that is automatically assigned to your computer whenever you log on to your internet service provider or through your organization’s local area network (LAN) or wide area network (WAN). Web servers automatically identify your computer by the IP address assigned to it during your session online.

 

PepGen or third-party companies acting on behalf of PepGen may collect IP addresses for the purposes of systems administration and to audit the use of our website. We do not ordinarily link a user’s IP address to personally identifiable information of that user, which means each user’s session will be logged, but the user remains anonymous to us. However, we may use IP addresses to identify users of our website when we feel it is necessary to enforce compliance with the website’s terms of use, or to protect our service, website or other users.

 

Cookies:

 

This website uses a technology called “cookies.” A cookie is a small text file that is placed on your hard disk by a web page server. Cookies help provide additional functionality to the website or help us analyze usage of the website more accurately. For instance, our server may set a cookie that keeps you from having to enter a password more than once during a visit to the website. In all cases in which cookies are used, we will not collect personally identifiable information without your explicit permission. The only personally identifiable information PepGen collects is the information you voluntarily provide.

 

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies, or receive a warning before a cookie is stored, if you prefer. Please refer to your internet browser’s instructions or help screen to learn more about these functions. If you choose to decline cookies, you may not be able to fully experience the interactive features of this website or any other websites that you visit.

 

Sharing Personally Identifiable Information with Third Parties:

 

PepGen will not sell or rent personally identifiable information to any third party for any purpose. Sometimes selected third parties are used by PepGen to provide us with support services (such as hosting, information technology, payment processors, customer support, email delivey, and website analytics services) in connection with our website and such parties may, from time to time, have access to your information to enable them to provide those services to PepGen. We may share your personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.  We may share your personal information with business transferees, such as acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, PepGen or our affiliates (including, in connection with a bankruptcy or similar proceedings).

 

Your Choices:

 

You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at info@pepgen.com.

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

We may need to collect personal information to provide certain services.  If you do not provide the information we identify as required or mandatory or later request that we delete it, we may not be able to provide those services.

 

 

This website may provide links to other PepGen and third-party websites as a service to our users. The privacy statement described here does not apply to those websites. Please ensure you check the legal and privacy statement posted on each website you link to.

 

Security:

 

We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, no security measures are failsafe and we cannot guarantee the security of your personal information.

 

International Data Transfer:

 

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

 

Children:

 

The Service is not intended for use by children under 16 years of age. If we learn that we have collected personal information through the Service from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it.

 

Changes:

 

We may occasionally update this legal and privacy statement. We encourage you to periodically review this legal and privacy statement to stay informed about how we are helping to protect the personal information we collect. Your continued use of our website constitutes your agreement to the terms and conditions for use of our website, our privacy statement and any updates.

 

How to Contact Us:

 

You can reach us by email at info@pepgen.com or at the following mailing address:

 

200 Berkeley St
18th Floor
Boston, MA 02116

 

Notice to European Users:

 

The information provided in this “Notice to European Users” section applies only to individuals in Europe.

 

Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

 

Controller, [Representative][, and Data Protection Officer].  PepGen, Inc. is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.

[The contact information for our representative in Europe is: [_________]]

 

[We have appointed a Data Protection Officer, whose contact information is: [_________]]

 

Legal bases for processing.  We use your personal information only as permitted by law. Our legal bases for processing the personal information described in this Privacy Policy are described in the table below.

 

Processing Purpose Legal basis
To respond to your requests This activity constitutes our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To improve our level of service and the content of our website This activity constitutes our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To provide you with tips, helpful information, product news and updates This activity constitutes our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To notify you of new PepGen products and services This activity constitutes our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
For systems administration This activity constitutes our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To audit the use of our website, enforce compliance with the website’s terms of use, or to protect our service, website or other users This activity constitutes our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
·  To manage our recruiting and process employment applications

·  For compliance, fraud prevention and safety

·  To create anonymous data

These activities constitute our legitimate interests.  We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with law Processing is necessary to comply with our legal obligations.
With your consent Processing is based on your consent.  Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consented.

 

Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it.  If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

 

Sensitive personal information.  We ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through our website, or otherwise to us.  If you provide us with any sensitive personal information to us when you visit our website, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our website.

 

Automated Decision-Making and Profiling.  [We do not use automated decision-making and/or profiling in regard to your personal information OR We may use automated decision-making and/or profiling in regard to your personal information for some services and products, for example [Insert relevant examples,  such as automatic refusal of an online credit application or being automatically rejected when applying for a job through an online platform, logic used and consequences for the user].  You can request a manual review of the accuracy of an automated decision that you are unhappy with or limit or object to such automated decision-making and/or profiling by contacting us at [insert contact email address]].

 

Retention.  We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.  If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

 

Your rights.  European data protection laws give you certain rights regarding your personal information.  If you are located within the European Union, you may ask us to take the following actions in relation to your personal information that we hold:

 

  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct. Update or correct inaccuracies in your personal information.
  • Delete. Delete your personal information.
  • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict. Restrict the processing of your personal information.
  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.

 

You may submit these requests by email to info@pepgen.com or our postal address provided above.  We may request specific information from you to help us confirm your identity and process your request.  Applicable law may require or permit us to decline your request.  If we decline your request, we will tell you why, subject to legal restrictions.  If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.  You can find your data protection regulator here.

 

Cross-Border Data Transfer.  If we transfer your personal information out of Europe to a country not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be performed:

  • Pursuant to the recipient’s compliance with standard contractual clauses or Binding Corporate Rules
  • Pursuant to the consent of the individual to whom the personal information pertains
  • As otherwise permitted by applicable European requirements.

You may contact us if you want further information on the specific mechanism used by us when transferring your personal information out of Europe.