Privacy Policy and Notice of Information Practices

Effective Date: June 23, 2017

Gritstone Oncology, Inc. (“Gritstone,” “we,” “us” or “our”) respects the privacy of visitors to our websites and online services and values the confidence of our customers, partners, patients and employees.

This Privacy Policy and Notice of Information Practices (“Privacy Notice”) sets forth Gritstone’s practices regarding the collection, use and disclosure of information that you may provide through the website(s) that we operate, and that link to this Privacy Notice (“Website”). This Privacy Notice applies only to the Website and does not apply to information that we collect offline. Please read the entire Privacy Notice before using our Website. By using the Website, you agree to abide by the terms of this Privacy Notice.

Collection of Information

We may ask you for some or all of the following types of information when you access various content or features of the Website or submit content, or directly contact us:

  • Contact information, such as name, email address, postal address and telephone number;
  • Job applications, including resumes, cover letters and references;
  • Search queries; and
  • Correspondence and other information that you send to us.

We also may collect certain information automatically when you visit the Website, including:

  • Your Internet Protocol (IP) address, which is the number automatically assigned to your computer whenever you access the Internet and that can sometimes be used to derive your general geographic area;
  • Other unique identifiers, including mobile device identification numbers;
  • Your browser type and operating system;
  •  Sites you visited before and after visiting the Sites;
  • Pages you view and links you click on within the Sites;
  • Information collected through cookies, web beacons and other technologies;
  • Information about your interactions with email messages, such as the links clicked on and whether the messages were received, opened or forwarded; and
  • Standard Server Log Information.

 

We may use cookies, pixel tags and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. By using the Website, you consent to our use of cookies and similar technologies. You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. However, if you choose to reject cookies, you may not be able to use certain online products, services or features on the Website.

Response to “Do Not Track” Signals

Some Internet browsers include the ability to transmit “Do Not Track” signals. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, we currently do not take action in response to these signals.

Use of Information

We may use information that we collect through the Website for a variety of purposes, including to:

  • Operate and improve our Website, products, information and services;
  • Understand you and your preferences to enhance your experience and enjoyment using our Website, products and services;
  • Process employment applications;
  • Respond to your comments and questions and provide customer service;
  • Provide and deliver products, information and services you request;
  • Send you related information, including confirmations, invoices, technical notices, updates, security alerts and support and administrative messages;
  • Communicate with you about upcoming events and news about products, information and services offered by Gritstone and our selected partners;
  • Link or combine with other personal information we get from third parties, to help understand your needs and provide you with better service;
  • Protect, investigate and deter against fraudulent, unauthorized or illegal activity; and
  • As otherwise described to you at the point of collection or pursuant to your consent.
     

 Sharing of Information

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

  • Corporate Parents and Affiliates. We may share your information with affiliated entities for a variety of purposes, including business, operational and marketing purposes.
  • Service Providers. We may share your information with service providers that perform certain functions or services on our behalf (such as to host the Website, manage databases, perform analyses or send communications for us).
  • Other Parties When Required by Law or as Necessary to Protect the Website. We may disclose your information to third parties in order to: protect the legal rights, safety and security of Gritstone, affiliates and the users of our Website; enforce our Terms of Use prevent fraud (or for risk management purposes); and comply with or respond to law enforcement or legal process or a request for cooperation by a government entity, whether or not legally required.
  • In Connection with a Transfer of Assets. If we sell all or part of our business, or make a sale or transfer of assets, or are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may transfer your information to one or more third parties as part of that transaction.
  • Other Parties with Your Express or Implied Consent. We may share information about you with third parties when you consent to such sharing.
  • Aggregate Information. We may disclose to third parties information that does not describe or identify individual users, such as aggregate website usage data or demographic reports.

In addition, we may allow third parties to place and read their own cookies, web beacons and similar technologies to collect information through the Website. For example, our third-party service providers may use these technologies to collect information that helps us with traffic measurement, research and analytics. Please note that you may need to take additional steps beyond changing your browser settings to refuse or disable some of these technologies. If you choose to refuse, disable or delete these technologies, some of the functionality of the Website may no longer be available to you. You understand that when you use the Website, these analytics providers may collect information related to your use of the Website.

Security

We maintain a variety of security procedures to help protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of the information you provide through the Website. However, no data transmission over the Internet or stored on a server can be guaranteed to be 100% secure. As a result, while we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and cannot be responsible for the theft, destruction or inadvertent disclosure of your information.

Children’s Privacy

Gritstone respects the privacy of children, and we are committed to complying with the Children’s Online Privacy Protection Act (COPPA). The Website does not knowingly collect, use or disclose personal information from children under the age of 13 without prior parental consent, except as permitted by COPPA. By providing your consent, you agree that we may collect, use and disclose your child’s personal information consistent with this Privacy Notice.

Your Choices Regarding Your Personal Data

If you receive emails or other communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the email you receive or by contacting us directly at our contact information below. If you opt out, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations. You may also request changes or updates to your personal information by sending a request at our contact information below.

Users Outside the United States

By using the Website, you consent to the collection, storage, processing and transfer of your information in and to the United States, or other countries and territories, pursuant to the laws of the United States.

Links to Third-Party Content

As a convenience to our visitors, the Website may link to a number of sites, services and other content that are operated and maintained by third parties. These third parties operate independently from us, and we do not control their privacy practices. Such links do not constitute an endorsement by Gritstone of the content or the persons or entities associated therewith. This Privacy Notice does not apply to third-party content. We encourage you to review the privacy policies of any third party to whom you provide information.

Social Networking Services

Gritstone may work with certain third-party social media providers to offer you their social networking services through our Website. For example, you can use third-party social networking services, including but not limited to Facebook, Twitter and others to share information about your experience on our Website with your friends and followers on those social networking services. These social networking services may be able to collect information about you, including your activity on our Website. These third-party social networking services also may notify your friends, both on our Website and on the social networking services themselves, that you are a user of our Website or about your use of our Website, in accordance with applicable law and their own privacy policies. If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services.

Policy Updates

This Privacy Notice may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security best practices evolve. We display an effective date on the policy in the upper left corner of this Privacy Policy so that it will be easier for you to know when there has been a change. If we make any material change to this Privacy Notice regarding use or disclosure of personal information, we will provide advance notice through the Website. Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice.

Contact Us

If you have any questions about this Privacy Notice, you may contact us at:

Gritstone Oncology, Inc.
Attn: Compliance Dept.
5858 Horton St., Ste. 210
Emeryville, CA 94608
(510) 871-6100