ㅤ

Privacy policy

Last Updated: August 2023

Almirall, LLC (“Almirall,” “we,” or “us”), a company belonging to Almirall Group, respects your privacy and recognizes the need for appropriate protection and management information you may share with us. The purpose of this Privacy Statement (“Statement”) is to inform you how we may use information collected from you on the web properties that link to this statement (“Sites”) and the choices you have regarding our use of, and your ability to review and correct, the information collected. Because we may revise our privacy policies from time to time, you should periodically visit this page to review this Statement.

Please note that some of the information you provide to us may be considered Protected Health Information (“PHI”). In instances where we are handling your PHI, we will comply with the applicable requirements of applicable to your data, including when we process safety information (pharmacovigilance) or conduct safety assessments or required safety reporting.

For more information about how we process the information, please navigate to the ADDITIONAL PRIVACY INFORMATION FOR U.S. Residents section below.

I. HOW WE COLLECT INFORMATION

The ways that we collect information from you are discussed further below. We may also collect your information through in person meetings or phone calls with our representatives.

INFORMATION YOU VOLUNTARILY PROVIDE:

There may be times when we ask you to provide certain information about yourself through different forms available in the Site or when communicating with one of the representatives. Identifiers like your name, address, telephone number, and e-mail address, (“Personal Information”), such as when you report an adverse event, ask for information on our products, subscribe to our email alerts, ask for information regarding media or investors relations, give us feedback, express interest in our events or otherwise communicate with us.

Whether or not to provide such Personal Information is completely your own choice; we collect only the Personal Information that you provide to us. In some instances, you may also provide us with certain Commercial Information, such as credit card or payment information, such as when you sign up for the Almirall Advantage patient co pay card. In other instances, you may provide us with your medical data, such as when you participate in studies involving our products.

INFORMATION WE COLLECT FROM YOUR INTERACTION WITH THE SITES:

As you navigate around the Sites, certain information can be passively collected (that is, gathered without your actively providing the information), using various technologies. We and our third-party service providers passively collect information in a variety of ways, including the following:

Cookies

To enable us to provide customized and personalized services, we may use cookies to store and sometimes track information about your interaction with the Sites. A cookie is a small amount of data that is sent to your browser from a Web server and stored on your computer. Cookies allow us to collect information such as browser type, time spent on the Sites, pages visited, and language preferences. If you choose to furnish the Sites with Personal Information (such as your e-mail address), that information could be linked to the data stored in the cookie. You can refuse to accept these cookies by following your browser's instructions; however, if you do not accept them, you may experience some inconvenience in your use of the Sites.

Through your browser

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: browser type and browser version, operating system used, deferrer URL, host name of the accessing computer, time of the server request and IP address.

Google Analytics

We use third party cookies provided by Google Analytics to assist us in better understanding our website visitors. These cookies collect IP address and usage data, such as the length of time a user spends on a page, the pages a user visits, and the websites a user visits before and after visiting our website. Based on this information, Google Analytics compiles Aggregate Data about website traffic and interactions, which we use to offer better user experiences and tools in the future. For more information on Google Analytics, visit https://support.google.com/analytics.

These data are not combined with other data sources.

II. HOW WE USE THE INFORMATION WE COLLECT

We use the information we automatically receive from your Web browser to see which pages you visit within the Sites for various business purposes, including:

Providing you with information we believe you may find of interest by emailing or mailing you, if you decide to subscribe to our emails alerts;
Recognizing your computer or device, which makes your use of the Sites easier and makes the Sites display properly on your device;
Gathering statistical information about your usage of the Sites in order to continually improve design and functionality, understand how individuals use the Sites;
Resolving questions regarding the Sites; and Communicating with our investors and shareholders.

Almirall may further process you Personal Information for:

In furtherance of our commercial purposes, including enabling commercial transactions, providing our products and services to you, marketing, and advertising;
Conducting research and generally improving our products and services;
Performing internal business operations, such as account servicing and analytics;
As required by law, such as to comply with a subpoena or other legal process, or to comply with government reporting obligations;
To protect our rights, the integrity of the services, or your safety or the safety of others, or to detect, prevent, or respond to fraud, intellectual property infringement, violations of our Terms of Use, violations of law, or other misuse of the services.

In some instances, you may provide us with additional Personal Information, including medical data, such as when you ask questions about our products, including when we process safety information (pharmacovigilance) or conduct safety assessments or required safety reporting, participate in a clinical trial, or use our products for medical treatment. In those instances, we will use your medical data for the following purposes:

Responding to your medical questions regarding our products;
Conducting clinical trials;
Conducting safety assessments and required safety reporting.

The information you provide during communications with our representatives may be used by us and our event partners to communicate with you about our upcoming events and/or other events we think may be of interest to you.

The information we collect will be limited to that information necessary to conduct follow up and maintain in compliance of our safety reporting obligations.

III. HOW WE SHARE YOUR INFORMATION

We will not sell, share, or otherwise distribute your Personal Information except as provided herein.

Third Parties

We may occasionally transfer your Personal Information to third parties who act on our behalf, or in connection with our business, for further processing in accordance with the purposes for which the data was originally collected. Where disclosure of Personal Information to a third party is likely or necessary, further explanation may be provided, where appropriate, at such collection points as to the intended use of the data.

We may also share your name and email address with our event partners who may later communicate with you about our events and other events that may interest you.

Almirall Affiliates:

We may transmit your Personal Information to our affiliates outside the United States (“Almirall Affiliates”), such as parent company or subsidiaries, for storage purposes only. All such transmissions remain on the systems of Almirall Affiliates and are not shared with outside parties.

Business Transactions

If we, or any portion of our assets, are acquired or we undergo another transaction in our business, your information may be transferred to the acquiring company or other entity surviving such transaction.

Law Enforcement

We may report to law enforcement agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe may aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your information to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies, or the release of your information may protect the rights, property, or safety of us or another person.

Legal Process

Subject to applicable law, we may disclose information about you (i) if we are required to do so by law, regulation or legal process, such as a subpoena; (ii) in response to requests by government entities, such as law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to prevent physical, financial or other harm, injury or loss; or (iv) in connection with an investigation of suspected or actual unlawful activity.

We may also use the information to investigate security breaches or cooperate with authorities pursuant to a legal matter.

Sale or Sharing Personal Information

Like most companies, we allow certain third-party advertising partners to place tracking technology such as cookies and pixels on our websites. This technology allows these advertising partners to receive information about your activities on our website, which is then associated with your browser or device. These companies may use this data to serve you more relevant ads as you browse the internet.

In certain instances, we may aggregate and/or de-identify your data and use it for any purpose, including product and service development and improvement activities. To the extent we deidentify any data originally based on information, we will maintain and use such data only in deidentified form and will not attempt to reidentify the data.

IV. THIRD PARTIES AND LINKS TO THIRD PARTY SITES

This Policy only addresses your interaction with us on our Sites. Our Sites may contain content that is supplied by a third party, and those third parties may collect usage information and your device identifier when pages from the website are served to you. We are not responsible for the data collection and privacy practices employed by any of these third parties or their services and they may be tracking you across multiple sites and may be sharing the results of that tracking with us and/or others. These third-party owners may have their own terms of service, privacy policies or other policies and ask you to agree to the same. Be sure to review any available policies before submitting personally identifiable information to a third-party application or otherwise interacting with it and exercise caution in connection with these applications. We have no control over, and cannot and do not assume responsibility for, the content, privacy policies or practices of such websites or the companies that own them.

V. SECURITY

We seek to use reasonable administrative, technical, and physical safeguards designed to protect Personal Information under our control. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable and, therefore, we cannot guarantee that your information will remain secure.

VI. CHILDREN

Protecting the privacy of children is especially important. Our Sites are not directed to children under 16 years of age and we do not provide services to children, or knowingly collect or solicit personal information from children under 16 years of age. If we learn that Personal Information has been collected on the Sites from persons under 16 years of age, we will take the appropriate steps to delete this information.

VII. CHANGES TO THIS STATEMENT

We may, in our sole discretion, update this Privacy Policy periodically. We will post the updated version on our websites and indicate at the top of the Privacy Policy when it was last updated. We will provide additional notice if required by applicable law.

VIII. QUESTIONS OR COMMENTS

If you have any questions or comments about our Privacy Policy, or if you wish to review and correct any personally identifiable information held by us please contact us at: dataprivacyus@almirall.com or 101 Lindenwood Dr., Suite 400 , Malvern, PA 19355.

IX. ADDITIONAL PRIVACY INFORMATION FOR U.S. Residents

Collection and Disclosures of Information in the Last 12 Months

Information collected	3rd parties who may receive the information	Categories of 3rd parties with whom information may be sold or shared
Personal and online identifiers such as a real name, Internet Protocol address and email address	Affiliates Internet service providers Software and data storage service providers	Third party cookie and tracking tool providers Advertising and marketing partners
Information contained in customer records	Affiliates Software and data storage service providers Government entities	Advertising and marketing partners
Protected classification characteristics	Affiliates Software and data storage service providers	N/A
Commercial information	Affiliates Software and data storage service providers	Advertising and marketing partners
Internet activity information, including, but not limited to, information regarding a consumer’s interaction with an internet website application, or advertisement	Affiliates Software and data storage service providers Internet service providers	Third party cookie and tracking tool providers. Advertising and marketing partners
Professional or employment information	Affiliates Software and data storage service providers	Advertising and marketing partners
Geolocation data	Affiliates Software and data storage service providers	Third party cookie and tracking tool providers. Advertising and marketing partners
Sensitive data, including health data, precise geolocation data, and data concerning racial / ethnic origins	Affiliates Scientific advisors Software and data storage service providers Government entities	N/A

We process and disclose the information we collect for the following purposes:

In furtherance of our commercial purposes, including enabling commercial transactions, providing our products and services to you, marketing, and advertising;
Conducting research and generally improving our products and services;
Performing internal business operations, such as account servicing, reviewing and assessing job applications, and analytics;
As required by law, such as to comply with a subpoena or other legal process, or to comply with government reporting obligations;
To protect our rights, the integrity of the services, or your safety or the safety of others, or (b) to detect, prevent, or respond to fraud, intellectual property infringement, violations of our Terms of Use, violations of law, or other misuse of the services;
To affiliates, service providers, advisors, and other third parties to the extent reasonably necessary to proceed with the negotiation or completion of a merger, acquisition, bankruptcy, or sale of all or a portion of our assets.

We disclose the categories of information listed in the table above to third parties in exchange for valuable consideration, such as receiving insights or services. Such disclosures may be considered “sales” under state privacy laws. We also disclose the categories of information listed in the table above to facilitate cross-contextual behavioral advertising, which may be considered “sharing” or “targeted advertising” under state privacy laws. We do not knowingly sell or share information related to individuals under 16 years of age. To opt out of such disclosures, click here.

Sensitive Data

We only use sensitive personal information for purposes permitted under the CCPA.

Data Retention

We retain information for so long as necessary to provide the requested goods or services, ensure the security and integrity of our Services, comply with our legal obligations, and otherwise fulfill the purposes for which the information was collected.

Access to Specific Information and Data Portability Rights

You have the right to request that Almirall disclose certain information to you about our collection and use of your information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, Correction, and Deletion Rights), we will disclose to you:

The categories of information we collected about you.
The categories of sources for the information we collected about you.
Our business or commercial purpose for collecting or selling that information.
The categories of third parties with whom we share that information.
The specific pieces of information we collected about you (also called a data portability request).
If we sold or disclosed your information for a business purpose, two separate lists disclosing:
- sales, identifying the information categories that each category of recipient purchased;
- and disclosures for a business purpose, identifying the information categories that each category of recipient obtained.

Correction Request Rights:

You have the right to request that we correct any inaccurate information that we maintain about you, taking into account the nature of the information and the purposes of the processing of the information. Once we receive and confirm your verifiable consumer request, we will use commercially reasonably efforts to correct the inaccurate information.

Deletion Request Rights:

You have the right to request that Almirall delete any of your information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, Correction, and Deletion Rights), we will delete (and direct our service providers and contractors to delete) your information from our records, unless an exception applies. We will also notify all third parties to whom we have sold or shared your information to delete it to the extent required by law.

Exercising Access, Data Portability, Correction, and Deletion Rights

To exercise the access, data portability, correction and deletion rights described above, please submit a verifiable consumer request to us by any of the following methods:

Filling out the Data Subject Rights Request Form
Emailing us at dataprivacyus@almirall.com
Telephone: 1-844-366-3782
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with information if we cannot verify your identity or authority to make the request and confirm the information relates to you.
Making a verifiable consumer request does not require you to create an account with us.
We will only use information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Sales, Sharing, and Targeted Advertising Opt-Out Rights

You have the right to direct us to not sell, share, or use your information for targeted advertising purposes at any time (the “Right to Opt-Out”). While applicable local law may also provide a right to opt out of our use of personal information for profiling in furtherance of decisions with legal or similarly significant effects, we do not currently use your personal information for this purpose.

To exercise the Right to Opt-Out, you (or your authorized representative) may submit a request to us at: Do Not Sell or Share My Personal Information.

Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize sales or sharing. However, you may change your mind and opt back in to sales, sharing, or use for targeted advertising at any time by contacting Almirall, LLC at the email address or phone number provided in this notice.

You do not need to create an account with us to exercise your Right to Opt-Out. We will only use information provided in an opt-out request to review and comply with the request.

You may also exercise the Right to Opt-Out by enabling the following opt-out preference signals:

Global Privacy Control (GPC): this signal applies to browser-based opt-out preference signals that can communicate your request to opt-out of the sale or sharing of your information, or the use of your personal information for targeted advertising via web tracking technologies. Please note that some browsers may not natively support GPC functionality, or, if such functionality is supported by a particular browser, it may not be turned on by default. Because GPC signals are processed at the browser level, you will need to enable the signal separately for each browser or device you use to ensure that we recognize the signal. Please consult your browser’s settings or your browser’s informational website for more information on how your browser may support GPC functionality. For more information about how the Global Privacy Control works, visit their website here.

Non-Discrimination.

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Appeals

Should we deny your request, you may have the right to appeal under state privacy law. You may appeal denials of your requests by emailing us at dataprivacyus@almirall.com.

X. CALIFORNIA’S SHINE THE LIGHT LAW:

As referenced in this policy, we do not share your Personal Information with third parties for those third parties’ direct marketing purposes. California Civil Code Section 1798.83 permits California residents who have supplied Personal Information, as defined in the statute, to us to, under certain circumstances, request and obtain certain information regarding disclosure, of Personal Information to third parties for their direct marketing purposes. With any questions about the foregoing, please email us at dataprivacyus@almirall.com.

Select your Almirall