Effective as of April 26, 2022.
We provide important information for individuals located in the European Union, European Economic Area, and United Kingdom (collectively, “Europe” or “European”) below in the “Notice to European Users” section.
Personal information we collect
How we use your personal information
How we share your personal information
Other sites and services
International data transfers
How to contact us
Notice to European Users
PERSONAL INFORMATION WE COLLECT
Information you provide to us. Personal information you may provide to us through the Service or otherwise may include:
- Contact details, such as your first and last name, and email address.
- Communications that we exchange with you, including when you contact us with questions, feedback, or otherwise.
- Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with them.
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:
- Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state, or geographic area.
- Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.
Cookies and similar technologies. Like many online services, we use the following technologies:
- Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
- Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
HOW WE USE YOUR PERSONAL INFORMATION
Service delivery. We use your personal information to:
- provide, operate, and improve the Service and our business;
- provide information about our products and services;
- communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
- understand your needs and interests, and personalize your experience with the Service and our communications; and
- provide support for the Service and respond to your requests, questions, and feedback.
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this aggregated, de-identified or other anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
Marketing. We, our service providers, and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:
- Direct marketing. We may send you Gamida-related direct marketing communications as permitted by law, including by email. You may opt-out of our marketing communications as described in the “Opt-out of marketing communications” section below.
Comply with law. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal processes, such as to respond to subpoenas or requests from government authorities.
Consent. In some cases, we may specifically ask for your consent to collect, use, or share your personal information, such as when required by law.
Compliance and protection. We may use your personal information to:
- protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);
- audit our internal processes for compliance with legal and contractual requirements and internal policies;
- enforce the terms and conditions that govern the Service; and
- prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.
HOW WE SHARE YOUR PERSONAL INFORMATION
Service providers. Companies and individuals that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology, payment processors, professional advisors, customer support, email delivery, and website analytics services).
Professional advisors. We may disclose your personal information to professional advisors such as lawyers, bankers, auditors, and insurers where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale, or other disposition of all or any portion of the business or assets of, or equity interests in, Gamida or our affiliates (including in connection with a bankruptcy or similar proceedings).
Please keep in mind that whenever you voluntarily make your personal information available for viewing by third parties or the public on or through our Service, that information can be seen, collected, and used by others. We are not responsible for any use of such information by others.
You have the following choices with respect to your personal information.
Opt-out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email. You may continue to receive service-related and other non-marketing emails.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit www.allaboutdnt.com.
OTHER SITES AND SERVICES
The Service may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.
We employ a number of technical, organizational, and physical safeguards designed to protect the personal information we collect. However, no security measures are failsafe, and we cannot guarantee the security of your personal information.
INTERNATIONAL DATA TRANSFER
We are headquartered in Israel and may use service providers that operate in other countries. Your personal information may be transferred to Israel or other locations where privacy laws may not be as protective as those in your state, province, or country.
The Service is not intended for use by children under 18 years of age. If we learn that we have collected personal information through the Service from a child under 18 without the consent of the child’s parent or guardian as required by law, we will delete it.
HOW TO CONTACT US
Gamida Cell Inc.
Address: 116 Huntington Ave, 7th Floor, Boston, MA 02116
Telephone: +1 617-892-9080
NOTICE TO EUROPEAN USERS
The information provided in this “Notice to European Users” section applies only to individuals in Europe.
Details regarding each processing purpose listed below are provided in the section above titled “How we use your personal information”
|Service delivery||Processing is necessary to perform the contract governing our provision of our Service or to take steps that you request prior to signing up for the Service. If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing the Service you access and request.|
|Research and development|
Compliance and protection
Marketing and advertising
|These activities constitute our legitimate interests. We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).|
|Compliance with law||Processing is necessary to comply with our legal obligations.|
|Consent||Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the services.|
Sensitive personal information. We ask that you not provide us with any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Service, or otherwise to us.
Retention. We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
When we no longer require the personal information we have collected about you, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.
Your rights. European data protection laws give you certain rights regarding your personal information. If you are located in Europe, you may ask us to take the following actions in relation to your personal information that we hold:
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by email to firstname.lastname@example.org or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Cross-border data transfer.
If we transfer your personal information from Europe to another country such that we are required under to apply appropriate safeguards to your personal information under European data protection laws, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.