Privacy Policy

PRAXIS PRECISION MEDICINES INC.

PRIVACY POLICY


Last Updated: January 29, 2021

This Privacy Policy (“Privacy Policy”) describes the data protection practices of Praxis Precision Medicines Inc. and any affiliates (collectively, “Praxis,” “we,” “our,” or “us”), including when you visit the Praxis website that links to this Privacy Policy (www.praxismedicines.com) (our “Site”) or otherwise provide data to Praxis. We refer to the Site and other services provided by Praxis together in this Privacy Policy as the “Services.” 

This Privacy Policy does not apply to information collected by us offline or through any other means, including on any other website or online service operated by us or third parties.

Please read this Privacy Policy carefully to understand our policies and practices regarding your Personal Information. By accessing the Site or Services, you agree to this Privacy Policy. If you do not agree with our policies and practices described herein, then do not use the Site or Services. Praxis is not a healthcare provider, and communications sent to our Site cannot replace the relationship you have with a physician or another healthcare practitioner.

The date the Privacy Policy was last updated is listed above. The Privacy Policy may change from time to time. Your continued use of the Site or Services after we made changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates. This Privacy Policy is incorporated into and subject to our Terms of Use.

THE INFORMATION WE COLLECT AND THE SOURCES OF SUCH INFORMATION

We collect information about you when you voluntarily provide it to us, when you access the Site and use our Services, or if other sources provide it to us, as further described below.  We obtain information about you through the means discussed below when you use the Site. Please note that we need certain types of information, so that we can provide the Services to you. If you do not provide us with such information, or ask us to delete it, you may no longer be able to access or use part or all of our Services.

  1. Information You Provide to Us

We collect a variety of information that you provide directly to us. The specific types of information we collect will depend upon the Services you use, how you use the Site or Services, and the information you choose to provide. 

PRAXIS DOES NOT COLLECT PROTECTED HEALTH INFORMATION (“PHI”) OF OUR USERS.  THUS, IF YOU CHOOSE TO SHARE ANY PHI THROUGH THE CONTACT US SECTION OR BY E-MAIL, YOU UNDERSTAND AND ACCEPT THAT ANY SUCH PERSONAL INFORMATION YOU SHARE MAY NOT REMAIN CONFIDENTIAL OR SECURE AND YOU RELEASE PRAXIS FROM ANY RESPONSIBILITY REGARDING THE CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL INFORMATION. 

The types of data we collect directly from you include, without limitation:

  • Personal and contact details (e.g., first name, last name, date of birth, email address, postal address or telephone number),
  • Information about your customer service and maintenance interactions with us
  • Demographic information such as your gender and age
  • Any other information you choose to directly provide to us via comments or in connection with your use of the Site or Services.
  1. Information We Collect Through Automated Means

Our Site. When you use our Site, we collect and analyze information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the Services, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services, error logs, and other similar information.

Location Information. When you use the Services, we and our service providers may automatically collect general location information (e.g., IP address, city/state and or postal code associated with an IP address) from your computer or mobile device. This information allows us to enable access to content that varies based on a user’s general location (e.g., to provide you with accurate sales tax information and to deliver content customized to your location).

Our Use of Cookies and Similar Online Tools. To collect the information discussed in this Section, we and our service providers use web server logs, cookies, tags, beacons, SDKs, tracking pixels, and other similar tracking technologies. We use these technologies to offer you a more tailored experience and gather information that helps us optimize our services. 

  • A web server log is a file where website activity is stored.
  • An SDK is a set of tools and/or code that we embed in our Apps and software to allow third parties to collect information about how users interact with the Services.
  • A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer/device; (ii) store your preferences and settings; (iii) understand the parts of the Services you have visited and used; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform searches and analytics; and (vi) assist with security and administrative functions.
  • Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in the Site, online ads and/or email that are designed to: (1) collect usage information like ad impressions or clicks and email open rates; (2) measure popularity of the Services and associated advertising; and (3) access user cookies.

As we adopt additional technologies, we may also gather information through other methods.

  1. Information We Collect From Social Media and Other Content Platforms

When you “like” or “follow” us on LinkedIn or other social media sites, as applicable, we may collect some information from you including your name, email address, and any comments or content you post relevant to us. We also collect your information if you sign up for one of our promotions or submit information to us through social media sites.

  1. Information We Receive From Other Sources

We work closely with third parties (including but not limited to, third party intermediaries, such as vendors, physicians, medical professionals, or pharmacies with whom we partner to provide you with the Services as well as their respective health care service providers, sub-contractors in technical, advertising networks, analytics providers, and search information providers). Such third parties will sometimes provide us with additional information about you. 

PURPOSES FOR HOW WE USE YOUR INFORMATION

In connection with providing to you the Services, we may use your information for our business purposes to:

  • Carry out, improve, and manage the Services 
  • Engage in internal research to understand the effectiveness of our Services, improve our Services, and better understand our user base. If we publish or provide the results of this research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified.
  • Communicate with you about the Site or Services, your use of the Services, or your inquiries related to the Services or Praxis and send you communications to meet your needs.
  • Communicate with you about Praxis, inquiries related to the Praxis team, opportunities with the Praxis team or careers with Praxis and respond to your communications to meet your inquiries.
  • Communicate with you by email, postal mail, or phone about surveys, promotions, special events or our products and Services and those of our subsidiaries, affiliates, and parent companies and any of their related businesses and those of our third-party partners.
  • Provide you with technical support and customer service.
  • Verify your identity and administer your account, including processing your payments and fulfilling your orders.
  • Ensure that content from our Services is presented in the most effective manner for you and for your computer or device, allow you to participate in interactive features of our Services (when you choose to do so), and as part of our efforts to keep our Services safe and secure.
  • Measure or understand the effectiveness of advertising and content we serve to you and others, and to deliver and customize relevant advertising and content to you.
  • Help us better understand your interests and needs, such as by engaging in analysis and research regarding use of the Services.
  • Comply in good faith with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others.
  • Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others.

Combined Information. For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use and share such combined information in accordance with this Privacy Policy.

Aggregate/De-Identified Data. We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors. 

HOW WE SHARE AND DISCLOSE YOUR INFORMATION

We may share your information for our business purposes in the following ways:

  • Affiliates and Subsidiaries. We may share information we collect within any Praxis member or group (i.e., our subsidiaries and affiliates, including our ultimate holding company and its subsidiaries) to deliver products and services to you, ensure a consistent level of service across our products and services, and enhance our products, services, and your customer experience.
  • Service Providers. We provide access to or share your information with select third parties who use the information to perform services on our behalf. They provide a variety of services to us, including billing, sales, marketing, consulting, advertising, analytics, research, customer service, shipping and fulfillment, data storage, IT and security, fraud prevention, payment processing, and auditing and legal services. These entities may also include health care organizations, pharmacies, and other third parties we use to support our business or in connection with the administration and support of the Services. These third parties are contractually obligated to maintain the confidentiality of your personal information consistent with the terms of this Privacy Policy and to comply with the applicable data protection laws.   
  • Protection of Praxis and Others. By using the Services, you acknowledge and agree that we may access, retain and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process (e.g. a subpoena or court order); (b) enforce our Terms of Use, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of Praxis, its agents and affiliates, its users and/or the public. This includes exchanging information with other companies and organizations for fraud protection, and spam/malware prevention, and similar purposes.
  • Business Transfers. As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions, (including in contemplation of such transactions) user information may be among the transferred assets. If a portion or all of our assets are sold or transferred to a third-party, customer information (including your email address) would likely be one of the transferred business assets. If such transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions.
  • Consent. We may also disclose your information in other ways you direct us to and when we have your consent.
  • Aggregate/De-Identified Information. We reserve the right to create Aggregate/De-Identified Data from the information we collect, including Personal Data, through the Services and our sharing of such Aggregate/De-Identified Data is in our discretion.
  • Other. We may also use your data in other ways described herein, and as otherwise permitted or required by applicable laws.

YOUR MARKETING CHOICES

You may instruct us not to use your contact information, to contact you by email, postal mail, or phone regarding products, services, promotions and special events that might appeal to your interests by contacting us at [email protected] or at the address listed below. In commercial email messages, you can also opt out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Privacy Policy or as permitted or required by applicable law. For example, you may not opt out of certain operational emails, such as those reflecting our relationship or transactions with you.

THIRD PARTY SERVICES AND NOTICE ABOUT HEALTH INFORMATION

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices, including data privacy and security process and standards of any third parties using the Services, the manufacturer of your mobile device and other IT hardware and software, and any other third-party mobile application, website, or service to which our Services may contain a link. These third parties may at times gather information from or about you. Once you leave Praxis’s Site, we have no control over the privacy practices of these third parties. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party website or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third parties prior to sharing any information.

HOW WE PROTECT YOUR INFORMATION

Praxis takes a variety of technical and organizational security measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, no method of transmission over the internet, and no means of electronic or physical storage, is absolutely secure. As such, you acknowledge and accept that we cannot guarantee the security of your information transmitted to, through, or on our Services or via the internet and that any such transmission is at your own risk.

YOUR RIGHTS AS A VISITOR FROM THE EUROPEAN ECONOMIC AREA (EEA)

If you are a European resident, our legal basis for collecting and using your personal data or information is to do so with your consent; where we need the personal data or information for performance of a contract, or where the collection and use is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect the personal information in question. If we collected your personal data or information with your consent, you may withdraw your consent at any time. 

You also have the right to:

  • Access your personal data or information;
  • Delete, or request deletion of, your personal data or information;
  • Object to or restrict processing of your personal information; 
  • Request portability of your personal information;
  • Complain to your local data protection authority at any time;
  • Object to automated decision making; and
  • Update or amend your personal data or information.

To withdraw consent or exercise these rights, please contact us as described in the “Contacting Us” Section below.

Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

If we ask you to provide personal data to us to comply with a legal requirement or enter into a contract, we will inform you of this and let you know whether providing us with your personal data is required and if not, the consequences of not sharing your personal data with us.  

Similarly, if we collect and use your personal information in reliance on our or a third party’s legitimate interests and those interests are not already listed above (see “How We Share and Disclose Information” Section), we will let you know what those legitimate interests are.

DATA STORAGE & PROCESSING (International Transfers)

Your personal information may be stored on servers in the United States and may also be stored or processed in other countries by our service providers, if and to the extent compliant with law.  You understand and agree that We may collect, use, disclose, and otherwise process the information you provide as described in this Privacy Statement even if you are from an area outside the United States.  Your personal information may be disclosed in response to inquiries or requests from government authorities or to respond to judicial process in the United States. We will retain your personal information for as long as it is needed to provide you with the Services, or to fulfill any legal or contractual obligations we may have.

If you are a resident of the EEA: Your personal information may be transferred to and processed in the United States, which has data protection laws that are different than those in your country and may not be as protective.

GDPR ARTICLE 27 COMPLIANCE

VeraSafe Ireland Ltd. is our designated representative in the European Union. All communications, inquiries or requests surrounding your information rights or complaints under European Union General Data Protection Regulation (European commission Regulation 2016/679 or “GDPR”) can be addressed to the attention of VeraSafe with copy to the email in the “Contacting Us” Section below. VeraSafe should only be contacted on matters related to the processing of personal data of EU data subjects.

To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative or via telephone at: +420 228 881 031.

RETENTION OF YOUR INFORMATION

We keep your information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.

REVISIONS TO OUR PRIVACY POLICY

We reserve the right to change this Privacy Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Privacy Policy accessible through the Services, so you should review it periodically. You are responsible for periodically monitoring and reviewing any updates to the Privacy Policy. If we make a material change to the Privacy Policy, we will provide you with appropriate notice in accordance with legal requirements. Your continued use of our Site or Apps after such amendments (and notice, where applicable) will be deemed your acknowledgment of these changes to this Privacy Policy.

CONTACTING US

Praxis is committed to resolving questions or concerns about your privacy and our collection or use of your information.  If you have a specific question or concern about your privacy rights with respect to your information you can contact us by emailing us at [email protected]

If you feel Praxis has breached your health information privacy rights, you are also entitled to file a complaint under HIPAA with the U.S. Department of Health and Human Services.

If you have any questions about this Privacy Policy or Praxis’s privacy practices, please contact us at:

Praxis Precision Medicines Inc.
One Broadway, 16th Floor
Cambridge, MA 02142
[email protected]