- Information We Collect
- Personal Data You Provide Us
- Automatically Collected Data
- How We Use Site Personal Data
- Sharing and Disclosure of Information
- Data Retention
- Update Your Information
- California Privacy Disclosure
- European Union (EU) Users
- Children in the US
- Links to Other Websites
- Other Terms and Conditions
- International Users
- Contact Us
such as your name, email address, address, and contact information that, alone or in combination with other information, could be used to identify you (“Personal Data“).
“Contact Us” page), requesting information or subscribing to emailing lists. While the type of data we collect depends on the nature of the inquiry, it typically includes name and email
- Log Data: Information (“log data”) that your browser automatically sends whenever you visit the Site. Log data includes your IP address (so we understand which country you are connecting from when you visit the Site), browser type and settings, the date and time of your request, and how you interacted with the Site.
- Device Information: Includes type of device you are using, operating system, settings, unique device identifiers, network information and other device-specific information. Information collected may depend on the type of device you use and its settings.
- Usage Information: Information about how you use our Site, such as the types of content that you view or engage with, the features you use, the actions you take, the other users you interact with and the time, frequency and duration of your activities.
- To authenticate users and provide access to the Site;
- To respond to your inquiries and fulfill your requests for products, services, and information;
- To provide you with further information about ESPERION and its products through advertising across multiple channels including but not limited to email, direct mail, digital advertising, SMS, telephone, and other advertising channels;
- To provide, maintain and improve the content and functionality of the Site. For example, we regularly fix bugs or user experience issues that may be tied to particular user
- If you ask us to delete your data and we are required to fulfill your request, to keep basic data to identify you and prevent further unwanted processing;
- To prevent fraud or criminal activity, misuse of our products or services, and ensure the security of our IT systems, architecture and networks; and
- To (a) comply with legal obligations and legal process; (b) respond to requests from public and government authorities including public and government authorities outside your
affiliates, you or others; and (f) allow us to pursue available remedies or limit the damages that we may sustain, as required or permitted by the law.
For individuals in the European Union (“EU“), please see the “European Union (EU) Users” section below for information on what we mean by legitimate interests and your rights.
identify you. Personal Data includes demographic information, such as racial or ethnic origin, gender, age, religious or philosophical beliefs, or information specifying the participant’s sex
life, and may include medical or health conditions. For purposes of this Policy, Personal Data collected by our Research Partners will be de-identified before it is provided to us to mask the
identity of any individual data subject. Personal Data will also be provided to our Research Partners including the investigators who are providing you with the investigational drugs,
clinical laboratories who test your blood, and the site where the trial is being conducted. Our Research Partners’ use of Personal Data is governed by our contracts with them and the Research
work with any Research Partner unless the Research Partner agrees to use your Personal Data only for the purposes described in this Policy and to provide a level of protection for your Personal
Data similar to that described in this Policy. If Personal Data that could allow us to identify you are transferred to us, it is our policy to delete the information as soon as it is identified.
activities such as reporting to industry regulators.
- To send administrative information to you, for example, information regarding the
Research trial, changes to, or termination of the Research; and
- To (a) comply with legal obligations and legal process; (b) respond to requests from
public and government authorities including public and government authorities outside your
country of residence; (c) enforce our Terms and Conditions Agreement; (d) protect our operations or
those of any of our affiliates; (e) protect our rights, privacy, safety or property, and/or
that of our affiliates, you or others; and (f) allow us to pursue available remedies or limit
the damages that we may sustain, as required or permitted by the law.
As a participant in Research, you may instruct Us to discontinue collecting data from you at any
time. However, in order to safeguard the validity of the Research and comply with regulatory
obligations related to clinical trials, your research data cannot be deleted even if you decided
to stop participating in the Research.
authorize a third-party service to access your account or when you voluntarily share information
or content via the Services.
There are certain circumstances in which we may share your Personal Data with certain third
parties without further notice to you, unless required by the law, as set forth below:
- Vendors, Service Providers, and Research Partners: To assist us in conducting Research and to perform certain Research services and functions, including providers of clinical trial operations services such as trial site personnel, investigators, clinical research organizations (“CROs”), and others conducting Research-related activities on our behalf (“Research Partners“);
providers of administrative services such as email communication (including appointment reminders, investment information you request through the Site) and Site support services; to assist us in providing information to you about ESPERION and its products; to assist us in meeting business operations needs and to perform certain services and functions; and analytics (for more details on the third parties that place cookies through the Site, please see
the “Cookies” section below). For example, we use Google Analytics to understand how our Site is used, and Media Temple for hosting. Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.
- Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be transferred to a successor or affiliate as part of that transaction along with other assets.
- Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect and defend our rights or property, (c) act in urgent circumstances to protect the personal safety of users of the Site or
the App, or the public, or (d) protect against legal liability.
For individuals located in the European Union, ESPERION may be liable for Personal Data that is transferred to third parties if such third parties process Personal Data in a matter inconsistent with the Privacy Shield Principles. Please see the “European Union (EU) Users” section below for more information.
as required by law (e.g. for regulatory reporting including to government entities who may oversee the safety and efficacy of Research, legal, tax, accounting or other purposes),
whichever is the longer. For Personal Data collected as part of Research, unless otherwise required in order for us to comply with industry regulations or law, we will only retain your
Personal Data for at least two years after our drug candidate has been approved by regulators, or at least two years after an application for approval has been withdrawn.
To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your
Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
systems, you may contact us. We will address your request as required by applicable law. In the event you wish to correct or change your Personal Data as a Research participant, please contact
the site or Privacy Representative. You may also request that we update your Personal Data by contacting us at email@example.com.
describe how we do so.
User (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and
Norway). This section applies to Personal Data collected from Site Users, Research Participants,
and Research Partners in the EU who may provide Personal Data to us.
Data Controller. ESPERION is the data controller for
processing Personal Data provided to us through your interactions with the Site or with us directly and your participation in Research.
To find out our contact details, please see the “Contact Us” section below, which also provides
the contact details of our representative in the EU for purposes of the General Data Protection
If you are an individual in the EU, you can also contact Achieved Compliance Advocacy, Ltd., who
has been appointed as ESPERION’s representative in the EU pursuant to Article 27 of the General
Data Protection Regulation on matters related to the processing of Personal Data. If you want to
raise a question to ESPERION, or otherwise exercise your rights in respect of your personal data
(described below), please contact Esperion@GDPRrepresentative.eu.
ESPERION complies with the EU-U.S. Privacy Shield framework (“Framework”) as set forth by the
U.S. Department of Commerce regarding the transfer of Personal Data from the EU and the United
Kingdom. ESPERION has certified that it adheres to the Privacy Shield Principles of Notice,
Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation,
Access, and Recourse, Enforcement and Liability (“Privacy Shield Principles”). If there is any
Privacy Shield Principles shall govern. To learn more about the Framework and to view our
certification page, please visit http://www.privacyshield.gov.
Please note that ESPERION’s adherence to the Framework does not apply to the transfer of anonymized Research data.
Your Rights. Subject to applicable EU law, you may have the
following rights in relation to your Personal Data that we hold about you, depending upon whether the Personal Data was collected for
Research purposes or through use of our Site, and depending upon the EU member state in which
- Right of Access: If you ask us, we will confirm
whether we are processing your Personal Data and, if so, provide you with a copy of all Personal Data you are lawfully entitled to
receive along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
- Right to Rectification: If your Personal Data is
inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will
tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we
will also tell you with whom we shared your Personal Data so you can contact them directly.
- Right to Erasure: You may ask us to delete or remove
your Personal Data, such as where you withdraw your consent, where applicable. If we shared your data with others, we will
tell them about the erasure where possible. If you ask us, and where possible and lawful to do so,
we will also tell you with whom we shared your Personal Data with so you can contact them
directly. However, due to the public interest in the availability of clinical trial data, this
right may not apply to Personal Data collected during Research.
- Right to Restrict Processing: You may ask us to
restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the
data or object to us processing it (please read below for information on your right to object). We will
tell you before we lift any restriction on processing. If we shared your Personal Data with
others, we will tell them about the restriction where possible. If you ask us, and where possible
and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact
them directly. If you are a clinical trial Research participant, you may not be able to restrict the processing of Personal Data.
- Right to Data Portability: You have the right to
obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our
contract with you, and that is processed by us by automated means. We will give you your Personal
Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
However, this right may not apply to Personal Data from Research participants.
- Right to Object: You may ask us at any time to stop
processing your Personal Data, and we will do so:
- If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing or
- If we are processing your Personal Data for direct marketing.
- Right to Lodge a Complaint with the Data Protection Authority:
If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to
the data protection authority that is authorized to hear those concerns.
information on how to contact us to exercise your
ESPERION will work to resolve any complaints or concerns regarding the collection, use, retention, or processing of Personal Data as well as requests to withdraw consent regarding collection, use, retention, or processing of Personal Data. Individuals with inquiries or complaints regarding this Policy should first contact ESPERION using the information provided in the “Contact Us”
section below. Should complaints or concerns not be properly addressed by ESPERION, matters can be brought to the independent recourse mechanism, as described below.
ESPERION has further committed to refer unresolved Privacy Shield complaints to JAMS, an
independent third party alternative dispute resolution provider located in the U.S. If you
have an unresolved privacy or data use concern that we have not addressed appropriately, or in a
timely manner, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield
for more information or to file a complaint. The services of JAMS are provided at no cost to you.
If your complaint is not resolved through these channels, under certain conditions a binding
arbitration option may be available before a Privacy Shield Panel. For additional
information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission
with respect to Personal Data received or transferred pursuant to the Framework.
describes when we process your Personal Data for our legitimate interests, what these interests are
and your rights. We will not use your Personal Data for activities where the impact on you
overrides our interests, unless we have your consent or those activities are otherwise required or
permitted to by law.
subjects who are children who are under the age of 16. ESPERION does not knowingly collect Personal Data from children who are under
16. If you have reason to believe that a child under the age of 16 has provided Personal Data to
ESPERION through the Site please contact us and we will endeavor to delete that information
from our databases.
The Site is not directed to children who are under the age of 13. ESPERION does not knowingly collect Personal Data from children who are under 13. If you have reason to believe that a child under the age of 13 has provided Personal Data to ESPERION through the Site please contact us and we will endeavor to delete that information from our databases.
Site may contain links to other websites not operated or controlled by ESPERION (“Third Party Sites“), including social media services such as Twitter, YouTube, Vimeo, or
LinkedIn (“Social Media Services“). The information that you share with Third Party Sites will be
governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy
Policy. We do not own, control or operate such linked sites, and we are not responsible for the
privacy policies or practices of such linked sites. By providing these links, we do not imply
that we endorse or have reviewed these sites. Privacy policies and practices for such linked
privacy policies of such linked sites before disclosing personal information on Third Party
you to use the Site during future visits and gather usage data on our Site.
What Are Cookies. A “cookie” is a piece of information sent to
unambiguous acknowledgement of your consent, you agree to such use.
Some cookies expire after a certain amount of time, or upon logging out (session cookies);
others remain on your computer or terminal device for a longer period (persistent cookies). Our
Site uses first party cookies (cookies set directly by ESPERION) as well as third party cookies,
as described below. For more details on cookies please visit All About Cookies.
Type of Cookies Used. The Site uses the technologies described below.
We also use a cookie to record when a user has agreed to the cookie consent banner.
Who Serves The Technology: ESPERION (PHPSESSID)
Opt Out: Because these cookies are strictly necessary to deliver the Site, users cannot refuse them.
Who Serves The Technology: Google Analytics
Opt Out: Users may download and install an opt-out add-on for their web browsers.
Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the full functionality of the Site.
If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.
You may contact us as follows: You may send an email to firstname.lastname@example.org or send mail to:
ESPERION Therapeutics, Inc.
Attention: Privacy Officer
3891 Ranchero Drive
Ann Arbor, MI 48108