Information You Provide. We and our service providers may collect any information that you provide when you use the Online Services or otherwise interact with us, including when you contact us with questions or requests for information or submit information to participate in a study or research initiative or use social media to interact with us, or to share something from our Online Services with others. The information that you provide us may include, but is not limited to:
(a) your name, phone number, email address, physical address, and other contact information;
(b) symptoms, diagnoses, and other information to help assess the prevalence, impact, and progression of certain medical conditions, and/or your eligibility, or that of someone for whom you provide care, for participation in a study or research initiative; and
(c) other information you provide when you contact us, including any health-related information.
Information Automatically Collected. We and our authorized service providers may automatically collect certain technical information over time and across different websites about your use of the Online Services, such as your Internet Protocol address or other device identifier, browser type, operating system, the pages you view on the Online Services, the pages you view immediately before and after you access the Online Services, your movement between different Rhythm websites, and the search terms you enter on the Online Services. This information allows us to recognize you and personalize your experience, and to improve the Online Services and the services and information we provide. We and our service providers may collect this information using “cookies,” which are small text files that the Online Services save on your computer using your web browser, or similar technologies. Please see “Your Choices,” below, for more information.
Information We Receive From Third Parties. We may combine the information we collect from you with information that we receive about you from other sources, such as public databases, providers of demographic information, joint marketing partners, social media platforms, and other third parties.
Recruitment and Job Applications. You may provide us with personal information, such as that contained on a resume or a curriculum vitae, in connection with a job application or inquiry. We may use this information throughout Rhythm for the purpose of employment consideration or your inquiry. We may keep your information on file for future consideration.
OF COLLECTED INFORMATION
There are different legal bases we may rely on to use your personal information. These may include where the use of your personal information may be necessary to perform a contract that you have with us, where we have obtained your consent to use personal information, and where the use of personal information may be in our legitimate interests, among other legal bases permitted by applicable law.
Where required by applicable law, we will ask for your explicit consent to collect information considered to be sensitive personal information (such as health information ). You may withdraw your consent at any time by contacting us at the details below.
with these legal bases, we may use the information we collect for a
number of purposes, including to:
• Administer patient support programs;
• Provide you with products, services, or information you request;
• Provide you with information about the Online Services or required notices;
• Respond to your inquiries;
• Deliver marketing communications, promotional materials, or advertisements that may be of interest to you;
• Administer participation in special events, programs, offers, surveys, and other market research;
• Customize your experience when using the Online Services, such as by providing interactive or personalized elements and providing you with content based on your interests;
• Improve our websites, patient support programs, and other products and services and/or develop new products or services;
• Perform quality control activities, conduct data analyses, and develop references for other users and/or health care providers to better understand symptoms or conditions;
• Generate and analyze aggregate traffic patterns throughout the Online Services;
• Diagnose website technical problems;
• Protect our, your, or others’ rights and property;
• Protect someone’s health, safety, or welfare;
• Comply with a law or regulation, court order, or other legal process;
As noted above, we may use your personal information for marketing purposes, but we will not rent, sell, or share your personal information for third parties to directly market to you for their own purposes, unless we have your permission or as otherwise permitted by applicable law. See the “Your Choices” section below for information about your choices related to marketing.
We may use aggregate or de-identified information (i.e., information that does not personally identify you) for any purpose, except where prohibited by law.
OF COLLECTED INFORMATION
Service Providers. We may share your information with third parties that provide services to us in connection with our business operations and that have agreed to keep the information confidential.
Other Parts of Our Business and Our Business Partners. We may share your information with other parts or departments at Rhythm or with our business partners for events or activities that we provide jointly, such as a research study. In such cases, our business partners are limited to using your information for the purposes of the joint event or activity.
Mergers, Acquisitions and Bankruptcy. If Rhythm should ever file for bankruptcy or merge with another company, or if Rhythm should decide to buy, sell, or reorganize some part or all of its business, Rhythm may disclose your information to prospective or actual purchasers. It is Rhythm’s practice to seek appropriate protection for information disclosed in these types of transactions.
Aggregate and De-Identified Information. We may disclose aggregate or de-identified information for any purpose, except where prohibited by law.
Rhythm takes reasonable steps to keep personal information up-to-date for the purposes for which the information was collected. If you wish to inquire about, make changes to, or request deletion of the personal information we have collected about you, please submit a request to firstname.lastname@example.org.
Marketing. If you no longer wish to receive marketing communications from us, please submit a request to email@example.com or using the unsubscribe mechanism in our promotional emails. Please note that you may not opt-out of receiving non-promotional, administrative messages, including messages relating to your account, technical notices, transactional confirmations, safety information, or other Online Services-related emails.
Google Analytics. We may use third-party web analytics services on the Online Services, including Google Analytics. The analytics providers that administer these services use technologies such as cookies, web beacons, and log files to collect information to help us analyze how visitors use our Online Services and improve the overall performance and user experience of the Online Services. These analytics providers may also collect information about your use of other websites over time, if those other websites also use the same analytics providers. To learn more about how Google Analytics uses your information and what choices you have, please visit https://www.google.com/policies/privacy/partners/.
Do Not Track. Some browsers may transmit “do-not-track” signals to websites with which the browser communicates. Our websites do not currently respond to these “do-not-track” signals or other mechanisms that provide a method to opt out of the collection of information across websites and over time.
COLLECTION AND USE
By using the Online Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Online Services.
TO THIRD-PARTY SITES
The Online Services may contain links to third-party sites. Please be aware that Rhythm is not responsible for and cannot control the privacy practices of these other sites. We encourage you to read the privacy policies for these other sites prior to using such sites, as they may differ from ours.
Under Age 13
The Online Services are not directed to, nor do we knowingly collect information from, children under the age of 13 without verifiable parental consent. This does not affect health information about minors that a healthcare professional or caregiver using the Online Services may provide in connection with our services directed to those individuals. If we learn that a child under the age of 13 has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware that your child or any child under your care has provided us with information without your consent, please contact us at the contact information listed below.
Minors under 18 years of age may have the personal information that they provide to us online deleted by contacting us at the contact information listed below, requesting deletion. Please note that, while we make reasonable efforts to comply with such requests, deletion of your personal information does not ensure complete and comprehensive removal of that data from all systems.
DATA TRANSFERS AND PROCESSING
To the extent that personal information is transferred out of the country where a user or other individual whose information is provided to us over the Online Services lives, such as to our affiliates, business partners, and service providers in other countries, there may be different standards that apply to how personal information may be used and protected. Rhythm has put in place appropriate safeguards in accordance with applicable legal requirements to ensure that data is adequately safeguarded and protected irrespective of the country. For more information on the appropriate safeguards in place, please contact us at the details below.
CALIFORNIA PRIVACY RIGHTS
Effective Date: September 24, 2018