PRIVACY POLICY

AVEXIS, INC.
Last Updated:

This privacy policy ("Policy") describes how AveXis, Inc. and its related companies ("Company") collect, use and share personal information in connection with Company's websites and mobile applications that display this Privacy Policy (including www.avexis.com) (any, a "Site"). This Policy does not apply to websites or mobile applications that post a different privacy policy.

You must be 18 years old to use this Site. The Site is not directed at children under the age of 13 and Company does not knowingly allow anyone under the age of 13 to provide any personally-identifying information to Company. If you are under 13, please do not attempt to use the Site or provide any information about yourself.

WHAT WE COLLECT

In connection with the Site, we collect information about you in a range of ways:

Information You Give Us. You may voluntarily submit to us a variety of information, including your‎ personal and business contact information (such as first and last name, email address, and phone number), government issued identifier, financial information, medical or health information that you choose to provide to us (such as information about your medical conditions or treatments), age, gender, marital status, biometric information, commercial information (such as transaction information and purchase history), electronic information (such as audio, video or similar information), and information provided in connection with a job application (such as work experience, education, salary, languages spoken, and other details an applicant may choose to provide). Healthcare professionals may also provide information about their work and research (such as specialty, state of practice, and professional affiliations). Additionally, you may choose to select an option to describe the type of user you are, such as a healthcare practitioner, employee of an advocacy organization, or caregiver.

Information We Collect From Others. We may collect information about you from other sources. For example, we may collect information on healthcare professionals from organizers of professional conferences. We may add this to information we collect via this Site. We may also collect information from marketing partners, public databases, providers of demographic data, publications, professional organizations, social media platforms, people with whom you are connected on social media platforms, caregivers, companies and other third parties that help us screen and onboard individuals for hiring purposes, and other third parties.

Information Automatically Collected. We, our service providers, and business partners may collect information about the use of our Site by automated means, including via cookies, web beacons, and other technologies. For example, when visiting our Site, we may collect information about your IP address, geolocation data, device operating system type, browser type, browser language, the website that referred you to our Site (if any), and information about how you use the Site, such as pages you viewed or aspects of our mobile application that you use, how you navigate between pages on our website or screens in our mobile app, how long you spent on a page or within any portion of our mobile application, access times and actions you take on our Site.

A "cookie" is a small data file stored on your device by a website that may uniquely identify your browser or be used to store information or settings in your browser. We may use both session cookies (which expire once you fully close your web browser) and persistent cookies (which stay on your device until you delete them or they expire) to provide you with a more personal and interactive experience on our Site. A “web beacon,” also known as an Internet tag, pixel tag, or clear GIF, is used to transmit information back to a web server. We, our service providers, and business partners may collect information about your online activities over time and across third-party websites and mobile apps when you use our Site. This type of information is collected to make the Site more useful to you and to tailor the experience with us to meet your special interests and needs.

Because there is not yet a consensus on how companies should respond to web browser-based do-not-track ("DNT") mechanisms, we do not respond to web browser-based DNT signals at this time.

USE OF PERSONAL INFORMATION

We may use your personal information as follows:

  • To operate, manage, and maintain our business.
  • To provide our products and services.
  • To respond to comments and questions and provide customer service.
  • To send information including confirmations, technical notices, updates, security alerts, and support and administrative messages.
  • To communicate about upcoming events and other news about products and services offered by us and our selected partners.
  • To tailor the content we display to you in our communications, and in connection with your use of the Site.
  • Analyze and enhance our communications and strategies (including by identifying when emails sent to you have been received and read).
  • Process employment applications, as described in the "Careers" section below.
  • To be shared with technical support providers only to the extent such information is necessary for trouble shooting.
  • To identify, investigate, and respond claims and other liabilities, including by enforcing the terms and conditions that govern the use of the Site.
  • To otherwise accomplish our business purposes and objectives. Our business purposes and objectives include, for example, in addition to the above, developing, improving, repairing, and maintaining our products and services; personalizing, advertising, and marketing our products and services; conducting research, analytics, and data analysis; maintaining our facilities and infrastructure; undertaking quality and safety assurance measures; conducting risk and security controls and monitoring; detecting and preventing fraud; performing identity verification; performing accounting, audit, and other internal functions, such as internal investigations; complying with law, legal process, and internal policies; maintaining records; and exercising and defending legal claims.

We may also aggregate and/or de-identify any information that we collect in connection with the Site, such that the information no longer identifies any specific individual. We may use, disclose, and otherwise process such information for our own legitimate business purposes – including historical and statistical analysis and business planning – without restriction.

SHARING OF PERSONAL INFORMATION

We may share personal information as follows:

  • We may share personal information with your consent. For example, you may request that we share your personal information with third parties for their own marketing uses. Those uses will be subject to the third parties' privacy practices.
  • We may share personal information with our affiliates and subsidiaries, for the purposes described in this Policy.
  • We may transfer the personal information we maintain in the event we sell or transfer all of or a part of our business or assets, such as via a merger, financing, acquisition, or bankruptcy transaction or proceeding. If we engage in such a sale or transfer, we will, where required by law, make reasonable efforts to direct the recipient to use your personal information in a manner that is consistent with this Policy.
  • We may share personal information for legal, protection, and safety purposes.
    • We may share information to comply with legal requirements.
    • We may share information to respond to lawful requests and legal processes.
    • We may share information to protect the rights and property of AveXis, Inc., our agents, customers, and others. This includes identifying, investigating, and responding to fraud, illegal activity (such as incidents of hacking or misuse of the Site), and claims and other liabilities, such as by enforcing our agreements, policies, and terms of use.
    • We may share personal information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person.

We may share personal information with our service providers that perform services on our behalf. We do not authorize our service providers to use or share your personal information for their own purposes.

We may also share aggregated and/or anonymized data with others for their own uses.

CAREERS

If you submit your information in connection with job opportunities at AveXis via the Site, we will use and disclose the information to process your application (including to contact you and/or your references and former employers, if appropriate), to monitor recruitment statistics, and to comply with government reporting requirements. We also retain statistical information about applicants to help inform our recruitment activities.

INFORMATION CHOICES AND CHANGES

Our marketing emails tell you how to "opt-out." If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you.

You may send requests about personal information to us via the information specified in the “Contact Information” section below. You can request to change contact choices, opt-out of our sharing with others, and update your personal information.

You can typically remove and reject cookies from our Site with your browser settings. Many browsers are set to accept cookies until you change your settings. If you remove or reject our cookies, it could affect how our Site works for you.

Some of the business partners that may collect information about your activities on our Sites may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior for purposes of targeted advertising. For example, you may opt out of receiving targeted advertising through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. European users may opt out of receiving targeted advertising through members of the European Interactive Digital Advertising Alliance by clicking here, selecting your country, and then clicking “Choices” (or similarly-titled link). Mobile application users may opt out of receiving targeted advertising in mobile apps through members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here, and selecting the user’s choices. Please note that we may also work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked to above.

INTERNATIONAL DATA TRANSFERS

We may transfer your personal information to countries other than the country in which the data was originally collected for the purposes described in this Policy. For example, if you are located outside of the United States, we typically transfer your personal information to the United States, where AveXis is headquartered. The countries to which we transfer personal information may not have the same data protection laws as the country in which you initially provided the personal information.

HOW WE PROTECT PERSONAL INFORMATION

AveXis maintains administrative, technical, and physical safeguards designed to protect the personal information we maintain against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. However, we cannot guarantee that the measures we maintain will ensure the security of the personal information.

LINKS TO WEBSITES, MOBILE APPLICATIONS, AND THIRD-PARTY CONTENT

For your convenience and information, we may provide links to websites, mobile applications, and other third-party content that is not owned or operated by AveXis. The websites, mobile applications, and third-party content to which we link may have separate privacy notices or policies. AveXis is not responsible for the privacy practices of any entity that it does not own or control.

CONTACT INFORMATION. We welcome your comments or questions about this Policy. You may also contact us at our address:

AveXis, Inc.
2275 Half Day Road, Suite 160
Bannockburn, Illinois 60015

Additional State-Specific Information for United States Residents
Some states (including but not limited to California, Nevada and Texas), have state specific rights for their residents. Click here to learn more about those state specific rights.

COOKIES

What is a Cookie?

Cookies are small text files that are sent to your computer when you visit a website. Cookies on Novartis Group/AveXis Inc. company (Novartis) web sites do lots of different jobs, like letting you navigate between pages efficiently, storing your preferences and generally improving your experience of a website.

The EU Directive 2009/136/EC states that we can store cookies on your machine if they are essential to the operation of this site, but that for all others we need your permission to do so.

Novartis sites may use some non-essential cookies. We do not do this to track individual users or to identify them, but to gain useful knowledge about how the sites are used so that we can keep improving them for our users. Without the knowledge we gain from the systems that use these cookies we would not be able to provide the service we do.

The types of cookies we use

If you decide to set the language, font-size or specific version of the site (e.g. high-contrast), we use “user interface customization cookies”. Once set, you do not need to specify your preferences again on another visit to the site.

If you use parts of the site that require registration to access content, we will place an “authentication cookie” on your computer. This allows you to leave and return to these parts of the site without re-authenticating yourself.

If you have Adobe Flash installed on your computer (most computers do) and you use video players, we store a “flash cookie” on your computer. These cookies are used to store data needed to play back video or audio content and store the user’s preferences.

Novartis likes to understand how visitors use our websites by using web analytics services. They count the number of visitors and tell us things about the visitors’ behavior overall – such as identifying the search engine keywords that lead the user to the site, the typical length of stay on the site or the average number of pages a user views. For this purpose we place a “first party analytics cookie” on your computer.

We may also use services such as Google Analytics to track web statistics. In this case, Google will place a “3rd party cookie” on your computer. This is also the case when we use Google Maps.

Any data collected by using these cookies will be stored and managed by Novartis or one of its trusted affiliates in countries Novartis operates in.

For more information or how to contact Novartis, please refer to the Novartis Data Privacy Policy.

How to control cookies

If you don’t want to receive cookies, you can modify your browser so that it notifies you when cookies are sent to it or you can refuse cookies altogether. You can also delete cookies that have already been set.

If you wish to restrict or block web browser cookies which are set on your device then you can do this through your browser settings; the Help function within your browser should tell you how. Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of desktop browsers. However, if you do not accept our cookies, you may not be able to use all functionalities of your browser software or our website.

CHANGES TO THIS PRIVACY POLICY. We may change this privacy policy. If we make any changes, we will change the Last Updated date above and notify you of changes that are deemed material under applicable legal requirements by providing notification as required by applicable law.