Committed to babies and their health
Clinically proven to improve health outcomes of critically ill preemies
Committed to scientific and clinical research in breast milk
Prolact Product Safety

Privacy Policy

Effective as of January 14, 2019.

Prolacta Bioscience, Inc. is a life sciences company that develops specialty formulations made from human milk for the nutritional needs of premature infants in nenonatal intensive care units (NICU).

This “Privacy Policy” describes the privacy practices of Prolacta Bioscience, Inc. and our subsidiaries and affiliates (collectively, “Prolacta”, “we”, “us”, or “our”). This Privacy Policy describes how we collect, use, disclose and otherwise process personal information in connection with the website(s) and mobile app(s) on which we post or link to this Privacy Policy (the “Sites”) and our products and services (together with the Sites, the “Services”), and explains the rights and choices available to individuals with respect to their information.

Prolacta may provide additional privacy notices to individuals at the time we collect their data. For example, we provide a specific privacy notice to clinical trial participants that describes our privacy practices in connection with conducting clinical trials. This type of an “in-time” notice will govern how we may process the information you provide at that time. For example, our privacy practices in connection with clinical trials are governed by applicable clinical trial protocol(s).

 

Individuals located in Europe should be sure to read the important information provided here.

Personal Information We Collect
How We Use Your Personal Information
How We Share your Personal Information
Additional Program Terms
Your Choices
Security
Children
International Data Transfer
Other Sites and Services
Changes to this Privacy Policy
Contact Us
Notice to European Users

Personal Information We Collect

Whose personal information we collect

We collect personal information about the following types of individuals: clinical trial participants, patients, patient family members, donors, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists, users of our Sites, and other individuals who interact directly with Prolacta or our service providers or business partners.

How we collect personal information

We collect personal information:

  • Directly from individuals
  • Through the Sites
  • From healthcare professionals
  • From hospitals, clinics and other healthcare providers
  • From contract research organizations and clinical trial investigators
  • From government agencies or public records
  • From third-party service providers, data brokers, or business partners
  • From industry and patient groups and associations
  • From social media or other public forums (including adverse event information or product quality complaints)

Types of personal information we collect

The types of personal information we collect and share depend on the nature of the relationship you have with us and the requirements of applicable laws. We may collect:

  • Health and medical information (such as medical insurance details, information about physical and mental health conditions and diagnoses, treatments for medical conditions, genetic information, family medical history, and medications an individual may take, including the dosage, timing, and frequency) we collect in connection with managing clinical trials, conducting research, operating Prolacta-affiliated donor milk programs, providing patient support programs, managing compassionate use and expanded access programs, and tracking adverse event reports
  • Personal and business contact information and preferences (such as name, job title, employer name, email address, mailing address, phone number, and emergency contact information)
  • Biographical and demographic information (such as date of birth, age, gender, marital status, and information regarding any parents or legal guardians, or donors)
  • Payment-related information we need to process donor compensation and reimbursements
  • Payment-related information we need to pay for professional services, such as participation in an advisory council, that individuals may provide to us (such as tax identification number and financial account information)
  • Professional credentials, educational and professional history, and institutional affiliations
  • If you are a health care professional, we collect information about the programs and activities in which you have participated, your prescribing of our products, and the agreements you have executed with us
  • Your social media handle or digital or electronic signature
  • Publicly available information (such as comments describing support for and experience with Prolacta products)
  • Other information you provide to us (such as through donor applications, in emails, on phone calls, or in other correspondence with us or our service providers or business partners)

We may combine other publicly available information, such as information related to the organization for which you work, with the personal information that you provide through the Services.

Information automatically collected

We may automatically log information about you and your computer or mobile device when you access our websites. For example, we may log your computer or mobile device operating system name and version, manufacturer and model, browser type, browser language, screen resolution, IP address, the website you visited before browsing to our websites, pages you viewed, how long you spent on a page, access times, and information about your use of and actions on our websites. We collect this information about you using cookies. Please refer to our Cookie Policy for more details.

Do Not Track signals

Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We do not currently respond to do not track signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.

How We Use Your Personal Information

We use your personal information for the following purposes and as otherwise described to you in this Privacy Policy or at the time of collection:

To operate the Sites

If you use our Sites, we use your personal information to:

  • Operate, maintain, administer, and improve the Sites
  • Better understand your needs and interests, and personalize your experience with the Sites
  • Provide support and maintenance for the Sites
  • Respond to your service-related requests, questions, and feedback

To perform and administer clinical trials, research, and product-improvement activities

We may use your personal information when necessary to facilitate our clinical trials, research, studies, and related activities that support product improvement, including to:

  • Staff and manage clinical trials, including by recruiting investigators and participants
  • Track and respond to safety and product quality concerns (including product recalls)
  • Support public health initiatives, symposia, conferences, and scientific, educational, and volunteer events
  • Define and manage appropriate patient engagement activities and patient support programs (including to provide co-pay and other financial assistance where available)
  • Identify and engage thought leaders and external experts
  • Award grants
  • Attribute authorship to academic and promotional materials

To provide the Services

We use your personal information as necessary to provide Prolacta Services, including to:

  • Manage access to our products
  • Pay for services that physicians, researchers and other individuals may provide to us
  • Operate a Prolacta-affiliated donor milk program, including by recruiting donors

To communicate with you

We may send you surveys, promotions or other marketing communications, but you may opt out of receiving them as described in the Opt out of marketing section below.

To comply with law

We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

To comply with regulatory monitoring and reporting obligations

We use your personal information as we believe necessary or appropriate to comply with regulatory monitoring and reporting obligations, such as those related to adverse events, product complaints, patient safety, and financial disclosures.

With your consent

In some cases we may ask for your consent to collect, use or share your personal information, such as when required by law or our agreements with third parties.

To create anonymous data for analytics

We may create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes.

For compliance, fraud prevention, and safety

We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern our websites, products, and services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

How We Share your Personal Information

Affiliates

We may disclose your personal information to our subsidiaries and corporate affiliates for purposes consistent with this Privacy Policy.

Service providers

We may employ third-party companies and individuals to perform services on our behalf, including:

  • Contract research organizations that conduct clinical trials
  • Data storage and analytics companies
  • Customer service (including our medical information line and customer resource center) and patient support providers (including for product quality and adverse event reporting, patient co-pay assistance, adherence programs, etc.)
  • Product recall administration
  • Technology services and support (including email and web hosting providers, marketing and advertising technology providers, email and text communications providers, mobile app developers)
  • Event planning and travel organizations that help facilitate Prolacta programs
  • Payment, shipping and fulfillment service providers

These third parties may use your information only as directed by Prolacta and in a manner consistent with this Privacy Policy, and are prohibited from using or disclosing your information for any other purpose.

Healthcare providers and healthcare professionals and organizations

We may disclose your information to healthcare providers in connection with developing our nutritional formulations for premature or other identified infants. We may also share your personal information with healthcare professionals, researchers, institutions, academics, public health organizations, and publishers for purposes consistent with this Privacy Policy.

Business partners and other professionals and organizations

We may disclose your personal information to partners with whom we jointly develop products or services, in connection with the development and promotion of such products or services. We will ask for your consent before disclosing your information with our business partners where required by applicable law.

Internal professional advisors

We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services that they render to us.

Compliance with laws and law enforcement, protection, and safety

We may disclose your personal information to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our websites, products, and services; (d) protect our rights, privacy, safety, or property, as well as that of you or others; and (e) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity.

Business transfers

We may sell, transfer, or otherwise share some or all of our business or assets, including your personal information, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganization, sale of assets, or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Additional Program Terms

In some situations, Prolacta may have a separate agreement or relationship with you with respect to a specific type of processing of your data, such as if you participate in a special program (including donor milk programs), activity, event, or clinical trial. These situations will be governed by specific terms, privacy notices, or consent forms that provide additional information about how we will use your information. We will honor these additional terms with respect to your information and thus, strongly recommend you review the additional terms prior to participating in any programs.

Your Choices

Access and changes to your personal information

To request access to the personal information we maintain about you, or if you become aware that the personal information we maintain about you is inaccurate, incomplete, misleading or out of date, you may contact us at privacy@prolacta.com

Opt out of marketing

You may opt out of marketing-related emails by clicking the “Unsubscribe” link at the bottom of each such email or by completing the following Opt-Out form. You may continue to receive service-related and other non-marketing emails.

Testimonials

If you gave us consent to post a testimonial on our websites, but wish to update or delete it, please contact us at marketing@prolacta.com.

Choosing not to share your personal information

Where we are required by law to collect your personal information, or where we need your personal information in order to provide you with our Services, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our Services and may need to terminate our relationship with you. We will tell you what information you must provide to us by designating it as required when we request the information or through other appropriate means.

Security

The security of your personal information important to us. We take a number of organizational, technical, and physical measures designed to protect the personal information we collect, both during transmission and once we receive it. However, no security safeguards are completely secure and we cannot guarantee the security of your information.

Children

We do not knowingly collect personal information from children under age 13 in the United States through our Sites. If we learn that we have collected personal information directly from a child under the age of 13 through our Sites, we will delete that information as soon as practicable.

International Data Transfers

Prolacta is headquartered in the United States and has affiliates and service providers in other countries. Your personal information may be transferred to the United States or other locations outside of your state, province, country, or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.

Individuals in Europe should read the important information provided here about transfer of personal information outside of the European Economic Area.

Other Sites and Services

For your convenience and information, we may provide links to websites and other third-party content that is not owned or operated by Prolacta. These links are not an endorsement, authorization, or representation that we are affiliated with that third party. We do not exercise control over third-party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy we will notify you by email or through the Sites as required.

Contact Us

If you have any questions or concerns about our Privacy Policy or privacy practices, please contact us at:

Prolacta Bioscience, Inc.
1800 Highland Avenue
Duarte, CA 91010
Attention: CIO/Privacy
privacy@prolacta.com

Notice to European Users

Controller

Prolacta is the controller of your personal information covered by this Privacy Policy. See the Contact Us section above for contact details. Prolacta’s EU representative can be reached at marketing@prolacta.com.

Legal bases for processing

The legal bases for our processing of your personal information are described in the table below.

Processing purpose

Legal basis

To provide our products and services

Where we have a contract governing this processing purpose, the processing is necessary to perform that contract or to take steps that you have requested prior to entering into the contract.

In other cases, these processing activities are necessary to protect your, or another person’s, vital interests.

To perform and administer clinical trials, research, and product-improvement activities

Where we have a contract governing this processing purpose, the processing is necessary is perform that contract or to take steps that you have requested prior to entering into the contract.

Where we process sensitive personal data in connection with this processing purpose, the processing is necessary for scientific research, historical research, or statistical purposes.

In all other cases, these processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

To operate our websites
To communicate with you
To create anonymous data for analytics
For compliance, fraud prevention, and safety

These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law).

To comply with regulatory monitoring and reporting obligations
To comply with law

Processing is necessary to comply with our legal obligations.

With your consent

Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated when we requested the consent or by contacting us.

Use for new purposes

We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

Your rights

European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

  • Opt-out. Stop sending you direct marketing communications. You may continue to receive service-related and other non-marketing emails.
  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct. Update or correct inaccuracies in your personal information.
  • Delete. Delete your personal information.
  • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict. Restrict the processing of your personal information.
  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information.

You can submit these requests by email to privacy@prolacta.com or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.

Cross-Border Data Transfer

Whenever we transfer your personal information out of the European Economic Area (“EEA”) to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on safeguards that allow us to conduct the transfer in accordance with the EEA’s data protection laws.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Prolacta complies with the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Prolacta has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Prolacta may transfer your personal information to third parties as described in this Privacy Policy. Prolacta maintains contracts with its third party service providers restricting their access, use and disclosure of personal information in compliance with our Privacy Shield obligations. Prolacta may be liable if these third parties fail to meet those obligations and we are responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Prolacta commits to resolve complaints about our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Policy should first contact Prolacta at privacy@prolacta.com Prolacta has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you. If neither Prolacta nor JAMS resolves your complaint, you may have the ability to engage in binding arbitration through the Privacy Shield Panel. Additional information on the arbitration process is available on the Privacy Shield website at www.privacyshield.gov.

Prolacta may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. The Federal Trade Commission has jurisdiction over Prolacta’s compliance with the Privacy Shield. Prolacta’s commitments under the Privacy Principles are subject to the investigatory and enforcement powers of the Federal Trade Commission.

Follow Us!