Last updated: February 15, 2024
X4 Pharmaceuticals, Inc. and its subsidiaries (“X4”, “we”, “us”, or “our”) recognize the importance of protecting your privacy. This Policy describes how X4 collects, uses, discloses or otherwise processes Personal Information in connection with this Website and any of our other websites, mobile applications, or online services that link to this Privacy Policy (collectively referred to as the “Sites”). If you do not agree with the terms of this Privacy Policy or the Terms of Use, or other terms and conditions on our Sites, then do not use our Sites.
Personal Information We Collect
Information you choose to provide to us. We may collect and store Personal Information that you provide voluntarily when using the Sites or otherwise share with us. This includes:
- Personal and Business Contact information, such as your first name and last name, postal address, email address, phone number, job title, and employer name;
- Professional credentials, such as educational and work history, institutional affiliations and other information of the type that would be included on a resume or curriculum vitae;
- Profile information, such as your username and password, industry, interests and preferences;
- Feedback and correspondence, such as information you provide when you contact us with questions, report a problem with the Sites, receive customer support, respond to online surveys or otherwise correspond with us;
- Transaction information, such as details about programs, events or other activities you register for through the Sites;
- Usage information, such as information about how you use the Sites and interact with us; and
- Marketing information, such as your preferences for receiving marketing communications.
Any communications relating to clinical trials should be made through the communication channels described in the applicable informed consent, patient information sheet or other instructions provided to clinical trial participants.
Information we collect automatically. We may automatically collect Personal Information about you when you visit any page on the Sites such as site usage information and information about your computer or mobile device. For example, we may record visitors’ host, domain name, pages visited, length of user session, browser type and/or IP address. We collect this information about you using cookies. Please refer to the section entitled Cookies and Similar Technologies below for more details.
How We Use Your Personal Information
We may use your Personal Information for the following purposes:
To operate our Sites. We may use your Personal Information to:
- Operate, maintain, administer and improve our Sites;
- Process and manage registrations you make through our Sites;
- Provide information about our research and development;
- Communicate with you regarding our programs, events, or activities for which you may have registered, including by sending you technical notices, updates, security alerts, and support and administrative messages;
- Understand your needs and interests, and personalize your experience with our Sites;
- Provide support and maintenance for our Sites; and
- Respond to your service-related requests, questions and feedback.
To send you marketing and promotional communications. We may send you X4-related marketing communications, as permitted by applicable law. You will have the ability to opt out of our marketing and promotional communications as described in the Opt-Out of Marketing section below.
To comply with law. We use your Personal Information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal processes, such as to respond to requests from government authorities.
With your consent. We may use or share your Personal Information with your consent, such as when you consent to let us post your testimonials or endorsements on our Sites, you instruct us to take a specific action with respect to your Personal Information, or you opt into third party marketing communications.
To create anonymous, aggregated or de-identified data. We may create anonymous, aggregated or de-identified data from your Personal Information. We may use this data and share it with third parties for our lawful business purposes, including to analyze and improve the Sites and promote our business.
For compliance, fraud prevention and safety. We may use your Personal Information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern use of our Sites; (b) protect our rights, privacy, safety or property; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
How We Disclose Your Personal Information
We may disclose your Personal Information to certain third parties in the following circumstances:
- Affiliates. We may disclose your Personal Information to our subsidiaries and corporate affiliates for purposes consistent with the Privacy Policy.
- Services Providers. We may share your Personal Information with third parties that provide services on our behalf (such as hosting, analytics, email delivery, marketing, and database management services). These third parties use Personal Information as directed by us and in a manner consistent with this Privacy Policy.
- Professional advisors. We may also disclose Personal Information collected on the Sites to professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
- Business transfers. We may also disclose your Personal Information to acquirers and other relevant participants in business transactions (or negotiations of or due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, X4 (including, in connection with a bankruptcy or similar proceedings), in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.
- Compliance with Laws and Law Enforcement; Protection and Safety. We may also disclose Personal Information collected on the Sites, in accordance with applicable law, to assert or defend our rights and property, to prevent harm to others, to collect a debt, or in response to legal processes such as subpoenas. We may also provide (or reserve the right to provide) Personal Information to credit reporting agencies and to cooperate with law enforcement authorities and other governmental authorities consistent with applicable laws.
Your Rights
In this section, we describe the rights and choices available to all users.
Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of each such email, or by contacting us. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
Do Not Track. Although our Sites currently do not have a mechanism to recognize the various web browser Do Not Track signals, we do offer you choices to manage your preferences as described in the sections above. To learn more about browser tracking signals and Do Not Track please visit: http://www.allaboutdnt.org.
Links To Third Party Sites
This Sites may contain links to other third-party websites. X4 does not control the privacy policies or practices of these third-party websites. You should review those policies before providing any information. X4 is not responsible for the content or practices of any linked third-party websites, and we provide these links solely for the convenience and information of our visitors.
Security
X4 uses reasonable administrative, physical, and technical safeguards designed to protect the Personal Information we collect. However, security risk is inherent in all internet and information technologies, and we cannot guarantee complete security of your Personal Information. Any email or other communication purporting to be from one of our Sites asking you to provide sensitive information (including medical information) via email, should be treated as unauthorized and suspicious and should be reported to us immediately by emailing at dataprivacy@x4pharma.com
International Data Transfer
We are headquartered in the United States and we may use service providers that operate in other countries. Your Personal Information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country. We will process and transfer your Personal Information in accordance with applicable law and this Privacy Policy regardless of where your Personal Information is stored or accessed. Our third-party service providers are contractually bound to treat Personal Information in a manner that is consistent with this Policy and applicable data protection laws.
Children
This Sites are not directed at children and we do not knowingly collect Personal Information from children under the age of 16. If we learn that we have received Personal Information from a child under the age of 16, we will immediately delete it from our databases, systems and applications. If you learn that your child has provided us with Personal Information without your consent, you may contact us at dataprivacy@X4pharma.com.
Residents of the European Economic Area, the United Kingdom or Switzerland
If you reside in the European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland, we are required to inform you of the legal bases of our processing of your Personal Information on our Sites, which are described in the table below.