Privacy Policy and Privacy Shield Policy

Privacy Policy and Privacy Shield Policy

Privacy Policy

Magenta Collection

Magenta respects the privacy of visitors to our website. You may visit our website without telling us anything about yourself. If you contact us and choose to provide personally identifiable information, such as your name, address, telephone number or e-mail address, we will use that information and may share it with other companies and/or individuals (e.g., our partners, consultants, and service providers) for the purpose for which you submitted it to us, such as to respond to your inquiry or to provide you with information that you requested. We will not send unsolicited messages to users of our website who indicate they do not wish to receive such messages. If you do not wish to receive unsolicited email messages from us, please contact us at info@magentatx.com.

From time to time, our website may be configured to collect domain information. This data enables us to become more familiar with which users visit our site, how often they visit and what parts of the site they visit most often. Magenta uses this information to improve our website. No personally identifiable information is gathered in this process. This information is collected automatically and requires no action on your part.

Cookies

Periodically, some pages on this website may use “cookies,” which are small files that the site places on your hard drive for identification purposes. These files are used for site registration and customization the next time you visit us. You should note that cookies cannot read data off of your hard drive. Your web browser may allow you to be notified when you are receiving a cookie, giving you the choice to accept it or not. You can also refuse all cookies by turning them off in your browser. By not accepting cookies, some pages may not fully function and you may not be able to access certain information on this website.

Storage and Transfer of Information

Magenta, or in some cases third party companies and/or individuals that work with or for us, may store the personally identifiable data collected via this site in an electronic database. Magenta and these third parties may also exchange such data with each other or with you over the Internet or over intranet systems to process the data, send information to you in response to your request, or otherwise carrying out the purposes described above. We may also release your personally identifiable data in response to a court order, subpoena, search warrant, or applicable law or regulation. In such circumstances we will take appropriate measures to ensure that the requester understands the sensitive nature of the personally identifying information that they may receive.

While Magenta makes reasonable efforts to protect the personally identifiable data collected through its website, please be aware that there is always some risk involved when submitting data over the Internet. We cannot guarantee that our website is 100% safe from illegal tampering or “hacking.” Any data transmitted over the Internet may be at risk.

Children’s Policy

This website is not intended for, or designed to attract, children under the age of 13. As noted above, we do not collect personally identifiable information unless you provided it to us – including an individual’s age.

Updating Your Information

If you wish to stop receiving e-mails or other communications from us, or if you have submitted personally identifiable information through our website and would like that information deleted from our records, please notify us at info@magentatx.com. Please note that we reserve the right not to remove or amend information provided to us regarding an adverse drug event or any information that we are otherwise required to retain by law or regulation.

Links to Third Party Websites

As a convenience to our visitors, this website may contain links to other sites that we believe may offer useful information. As stated in more detail in the Terms of Use for our website, the terms of usage and other conditions of use posted on those sites, and not the policies and procedures we described here, apply to those sites. Your linking to any other websites is at your own risk, and you are responsible for learning about and complying with the terms of usage and other conditions posted on those websites.

Privacy Policy Updates

Magenta may, at any time, revise this Privacy Policy by updating this posting. Data will be handled in accordance with the policy in effect at the time the data is collected.

For Additional Information

If you have any questions about this Privacy Policy, the practices of this website, or your dealings with this website, please contact info@magentatx.com.

_______________________________________________________________________________

Magenta Therapeutics, Inc. Privacy Shield Policy

Effective March 9, 2018

This Privacy Shield Policy (“Policy”) applies to Personal Data that Magenta Therapeutics, Inc. (“Magenta”) transfers from the EU and Switzerland to the U.S. in accordance with the EU – U.S. Privacy Shield and the Swiss – U.S. Privacy Shield.

Scope:

Magenta complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the processing of personal data transferred from the EU and Switzerland to the U.S. (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway). Magenta has certified that it adheres to the Privacy Shield Privacy Principles (described below). If there is any conflict between the policies in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.

DEFINITIONS

Capitalized terms in this Policy have the following meanings:

“Personal Data” is any information that can be used to identify an individual that is received from the EU or Switzerland, and is recorded in any form. Personal Data does not include anonymous information, namely information which does not relate to an identified or identifiable individual or to Personal Data rendered anonymous in such a manner that an individual is not or no longer identifiable.

Processing” of personal data means any operation or set of operations which is performed upon personal data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.

Sensitive Data” means Personal Data specifying an individual’s medical or health condition, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of an individual.

Website” means the Magenta website https://www.magentatx.com/.

TYPES OF PERSONAL DATA COLLECTED

We may collect Personal Data relating to clinical research participants, study investigators and their staff, medical and healthcare professionals, pharmaceutical industry experts and opinion leaders, vendors, contractors, consultants, and business partners.

We also collect data from individuals who visit or engage with the Website (including contact information such as name, address and e-mail address, phone number and any other information that individuals voluntarily submit through the Website, for example in connection with an inquiry). When an individual visits the Website, we also automatically collect information through cookies and similar technologies. This information includes the browser or operating system used to access the Internet, IP address, the date and time certain pages on the Website may have been viewed.

PURPOSES OF DATA PROCESSING

The Personal Data that we may collect is used for the following purposes.

PRIVACY SHIELD PRINCIPLES

  1. Notice: This Policy provides notice of the Personal Data collected and transferred under the Privacy Shield, including its use, and handling, and how you may exercise your Privacy Shield rights. It also provides information about other Privacy Shield Principles that are set forth below.
  2. Choice: You may tell us not to use (“opt out”) your Personal Data (i) for disclosure to third parties, except to a third party that is acting as an agent to perform tasks on our behalf and under our instructions as described in the “Accountability for Onward Transfers” paragraph below; or (ii) for a purpose that is materially different from the purpose for which it was originally collected or that you authorized. We will obtain your affirmative express consent (opt in) before disclosing any Sensitive Data to a third party or using any Sensitive Data for a purpose other than the purpose for which it was originally collected or that you authorized. To exercise your opt out preferences, please contact the following email address: privacy@magentatx.com. You can also opt out of the use of your Personal Data for direct marketing purposes by following the instructions in any direct marketing message you may have received (e.g., by replying with unsubscribe in the subject line, or via an unsubscribe link included in such messages). You may opt out of having cookies and similar technologies set on your browser by managing the settings on your web browser to delete all cookies and disallow further acceptance of cookies. For more information, refer to your browser’s technical information. Disabling cookies for the Website may limit your ability to use the Website.
  3. Accountability for Onward Transfers: We may disclose Personal Data to third-party contractors, service providers and other businesses involved in the normal operations of our business to assist us in meeting business operations needs and to perform certain services and functions on our behalf and under our instructions. These contractors include analysts or consultants, providers of hosting services, contract research organizations (CROs) or other businesses that are involved in clinical study management and drug development as is commonly done in our industry to assist us in meeting business operation needs. These parties may access, process or store Personal Data in the course of performing their duties to us and pursuant to our instructions. Magenta may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer to third-party service providers if they process Personal Data in a manner inconsistent with the Privacy Shield Principles and we are responsible if they do so and for the harm caused. In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements or to comply with a law, rule, order, or regulation. We may also disclose Personal Data to other corporate entities in case of a corporate sale (including sale of assets), merger, reorganization, financing due diligence, dissolution or similar event.
  4. Security: We maintain reasonable and appropriate security measures to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration or destruction in light of the risks inherent in processing this information. For example, electronically stored Personal Data is stored on a secure network with firewall protection, and access to Magenta’s electronic information systems requires user authentication via password or similar means. Magenta also employs access restrictions, limiting the scope of employees who have access to Personal Data. Further, Magenta uses secure encryption technology to protect certain categories of Personal Data. Despite these precautions, no data security safeguards guarantee 100% security all of the time
  5. Data Integrity and Purpose Limitation: We will take reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete and current for as long as long as we retain it. We will also retain Personal Data only for as long as it serves a purpose of the data processing.
  6. Access: You have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. Please address your requests to the following email address: privacy@magentatx.com. We will make good faith efforts to accommodate these requests within a reasonable time frame.
  7. Recourse, Enforcement, Liability: In compliance with the Privacy Shield Principles, Magenta commits to resolve complaints about our processing your Personal Data. Individuals in the EU and Switzerland with inquiries or complaints regarding this Policy should first contact Magenta at the following email address: privacy @magentatx.com. or by mail at:

Magenta Therapeutics

Attn:  Legal Department

50 Hampshire Street, 8th Floor

Cambridge, MA 02139

Magenta has further committed to refer unresolved Privacy Shield complaints to the JAMS Privacy Shield Dispute Resolution Program, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.

If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Magenta is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) with respect to Personal Data received or transferred pursuant to the Privacy Shield.

CHANGES TO THIS POLICY

This Policy may be amended from time to time, consistent with the Privacy Shield Principles and applicable data protection and privacy laws. We will post all changes to this Policy on this page and will indicate at the top of the page the modified Policy’s effective date. We will notify you if we make changes that materially affect the way we handle Personal Data previously collected, and we will allow you to choose whether Personal Data may be used in any materially different manner.