Information We Collect
We collect personal data that you provide us, such as your contact information (e.g., name, address, telephone number, e-mail address), health information if, for example, you come to a Site that is informational or designed for sharing of information with others having a certain health condition, and professional qualifications and education history if for example, you seek employment with us. Whether or not to provide such information is completely your own choice. But if you choose not to provide the information, you may be unable to access certain services, offers, and content on our Site or complete a transaction with us.
In general, you can visit many of our Web pages without telling us who you are. However, we collect certain information automatically, including the Internet domain address from which people visit us and information about how our visitors navigate the Site. We may use tools such as cookies, described below, to collect such information.
How We Use Information We Collect
- Identification and authentication: We use your identification information to verify your identity when you communicate with us and to secure your personal data. It is in our legitimate business interests to authenticate the identity of our Site users.
- Improving our Site: We use the information we automatically receive from your Web browser to see which pages you visit within our Site. We can then develop statistics that are helpful to understanding how this Site is used by our visitors. This statistical data is interpreted by Zogenix in its continuing effort to present the Site content that visitors are seeking in a format they find most helpful. It is in our legitimate business interests to use the information provided to us for this purpose, so we can understand any issues with our Site and improve them.
- Improving our products and services: We may use your personal data for internal research purposes. It is in our legitimate business interests to improve our products and services.
- Communicating with you: We may use your personal data when we communicate with you, for example if you provide us your contact information or ask us questions It is in our legitimate business interests to be able to provide you with appropriate responses, provide you with product related information or to communicate with you regarding business activities.
- Exercising our rights: We may use your personal information to exercise our legal rights where it is necessary to do so, for example to detect, prevent and respond to fraud claims, intellectual property infringement claims or violations of law or misuse of the Site.
- Complying with our obligations: we may process your personal data to comply with our legal or regulatory requirements, where this is required by law.
Disclosures to Third Parties
Zogenix discloses your personal data to third parties who act for or on behalf of Zogenix, or in connection with the business of Zogenix, for further processing in accordance with the purposes for which the data was originally collected. We may disclose your personal data to legal authorities in connection with investigating security breaches or cooperating with authorities pursuant to a legal matter. We may also share information in association with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company, or we sell, liquidate, or transfer all or a portion of our assets.
Disclosures Outside of Your Home Country
We may transmit information to another country that may not provide the same legal protections for the personal data as your home country. See the Zogenix, Inc. EU-U.S. Privacy Shield Policy below for further information about the transfers of personal data from the UK and EU to the U.S. We also put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements governing cross-border data transfers where required to provide adequate protections for your personal data. For more information on the appropriate safeguards in place please contact us at the contact information set forth below.
This Site contains links to other sites. Please be advised that Zogenix is not responsible for the privacy practices of non-Zogenix sites. We encourage you to review the privacy statements of any Web sites that you visit through a link on this Site.
In order to respect the privacy of children online, we do not knowingly collect, maintain, or process personal data submitted by children under the age of 13. If you have a child under the age of 13 who you believe may have provided information to us, please e-mail us at firstname.lastname@example.org and we shall expeditiously delete it.
We retain your information for as long as needed for the purpose collected, including for our data retention policy (which sets forth data retention periods required or permitted by applicable law). We will also retain your personal data for longer if needed for our legal obligations and the need to retain records in order to resolve disputes, enforce our agreements, and investigate or defend against potential legal claims.
You may have certain rights regarding the personal data we hold about you, subject to local law. These may include the rights to access, correct, delete, restrict or object to our use of, or receive a portable copy in a usable electronic format of your personal data. Where the processing of your personal data is based on your consent, you may have the right to withdraw your consent (without affecting the lawfulness of processing based on your consent before its withdrawal).
Questions and Comments
Zogenix, Inc. and/or Zogenix International Ltd. is, where applicable law requires one, the data controller responsible for the personal data we collect and process about you.
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to make a complaint to the data protection authority of your country of residence.
Zogenix, Inc. / EU-US Privacy Shield Policy
This Privacy Shield Policy applies to all personal data of residents of the European Union collected by Zogenix, Inc. The personal data we collect includes the Employee personal data described below as well as certain information including names, email addresses, mailing and billing addresses and telephone and fax numbers collected from customers, potential customers and end users of our products and services for sales, marketing, order fulfilment and order delivery purposes. Additionally, in our section on Online Information we also discuss information we collect online. Zogenix, Inc. will not deviate from this Policy even if applicable national laws are less stringent than this Policy.
Zogenix, Inc. is a trans-national business headquartered in the United States. Our management structure and business processes cross borders. Some of our technological systems and databases are shared between our US, European and other international offices. This means that our customer data, employee data, and Site user data is transferred across borders.
Zogenix, Inc. and each of its subsidiaries that may from time to time handle personal data collected from individuals located within European Union member countries . Zogenix, Inc. complies with the EU-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, onward transfer and retention of personal information from European Union member countries . Zogenix, Inc. has certified to the Department of Commerce that it adheres to the EU-US Privacy Shield Principles of:
- Accountability for onward transfer
- Data integrity and purposes limitation
- Recourse, enforcement and liability
Zogenix, Inc. is under the jurisdiction as well as the investigatory and enforcement powers of the US Federal Trade Commission for the purposes of the EU-US Privacy Shield Framework.
Excluding our Employee personal data which is discussed below, we collect, process and use personal data only as a part of our business relationship with customers, including contract and billing administration; product and service delivery; fulfilling our business obligations to our customers and resellers; communicating with customers and potential customers about marketing and technical information concerning our products and services; notifying our customers and potential customers regarding product launches and important events related to Zogenix, Inc.; and other related business activities of which customers are informed at the time personal data is collected or as soon thereafter as practicable. Zogenix, Inc. only collects personal data about individuals when such individuals specifically provide such information to us on a voluntary basis or while requesting information on our products or services. We disclose personal data to our agents, resellers and business partners or to protect and defend the rights or property of Zogenix, Inc. We must reply to lawful requests from public authorities, including to meet national security or law enforcement requirements, for disclosure of personal data.
Zogenix, Inc. does not sell, lease or rent personal data to third parties.
We collect Employee personal data from prospective and present Employees only for legitimate business purposes, including (1) the management and operations of our company, its functions and activities, (2) Employee communications, including Employee surveys, (3) maintaining a global directory, (4) carrying out obligations under employment contracts and employment, tax and benefits laws, and in connection with other working relationships or arrangements, (5) development and training programs, (6) recruiting and hiring job applicants, (7) assessing qualifications and performance, (8) performing background checks and verifying references where applicable, (9) managing Employee performance, (10) determining Employee compensation or payment, (11) managing the Employee termination process, and (12) other general human resources purposes. Our European Union Employees at the time of their employment are notified in detail how their personal data will be used. Employee personal data on health, performance evaluations and disciplinary actions and other sensitive Employee matters, whether it is stored manually or electronically, is accessible by other Zogenix, Inc. Employees only if necessary with respect to legitimate human resource functions or issues. Zogenix, Inc. will obtain affirmative consent from an Employee before using such Employee’s personal data for any purpose other than described above. Employees may decline to provide this consent, and Employees may withdraw their consent at any time.
For legitimate human resources purposes, Employees may choose to voluntarily disclose personal data about family members. If our Employees choose to do this, their family member’s personal data shall be treated, for the purposes of this Policy, the same as an Employee’s personal data. Employee personal data is never sold, leased or rented to any third party. Employee personal data will never be disclosed to third parties except as follows: (1) to those retained by Zogenix, Inc. as agents for the purposes set forth in the paragraph above, (2) where required pursuant to an applicable law, government or judicial order, law or regulation, or to protect the rights or property of Zogenix, Inc. (3) where authorised in writing by the Employee, and (4) where the Employee voluntarily provides personal data and the context makes it clear such information will be provided to a third party.
Where personal data is transferred from the EU to the US in the context of the employment relationship, we will cooperate in investigations by and comply with the advice of the competent EU Authorities.
We will always give you an opportunity to choose opt-out before your personal data is (1) disclosed to a third party commercial entity (other than a Zogenix, Inc. agent doing work at our direction), or (2) to be used for a purpose that is materially different than that for which it was originally collected or subsequently authorized by you. Although we do not ever anticipate providing sensitive personal data such as Employee health information, to a non-agent third party or using it for a purpose other than that for which it was collected, we will never do so without first allowing the individual involved to affirmatively and expressly consent (opt-in) to such transfer or use. The only exception to this choice for both sensitive and non-sensitive personal data would be where we are required to disclose your personal data pursuant to government or judicial order, law or regulation to meet national security or law enforcement requirements.
At a minimum, you will always be able to opt-out from receiving marketing materials from Zogenix, Inc. If we determine that applicable national law requires that more stringent requirements (opt-in) be applied before you receive marketing material or other communications from us, we will implement the same.
Accountability for Onward Transfer
We will not transfer personal data originating in the EU to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your personal data as required by the Principles of the EU-US Privacy Shield Framework. We will only transfer data to our agents, resellers or third-party service providers (such as accountants, attorneys, consultants and other service providers) who need the information in order to provide services or to perform activities on behalf of Zogenix, Inc., including in connection with the delivery of services or products, Zogenix’s management, or legal responsibilities. We acknowledge our liability for such data transfers to third parties.
To protect personal data collected and stored by Zogenix, Inc., we have in place reasonable and appropriate technical and operational security measures to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction.
Data Integrity and Purpose Limitation
We will only collect and retain personal data which is relevant to the purposes for which the information is collected, and we will not use it in a way that is incompatible with such purposes unless such use has been subsequently authorised by you. We will take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete and current. We may occasionally contact you to determine that your data is still accurate and current.
You have the right to access personal data relating to you. If you wish to access, amend, or confirm that Zogenix, Inc. has personal data relating to you, or if you wish to correct or delete your personal data if it is inaccurate, please notify us at email@example.com or at (510) 550-8300. We will respond to your request within a reasonable time.
Employees may review their personal files and any personal data concerning them by emailing firstname.lastname@example.org
Recourse, Enforcement and Liability
Since we are committed to protecting your privacy as set forth in this Policy, if you think we are not in compliance with our Policy, or if you have any question or if you wish to take any other action concerning this Policy or your personal data, we encourage you to contact us at email@example.com or call us at (510) 550-8300. We will investigate your complaint, take appropriate action and report back to you within 45 days.
If the personal data in question was transferred from the EU to the United States, and you are not satisfied with our response, Zogenix, Inc. has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities (DPAs) to resolve disputes pursuant to the EU-US Privacy Shield Principles. A resident of the European Union (EU) whose enquiry has not been satisfactorily addressed may contact the EU DPAs panel or individual EU DPAs using the information provided at http://ec.europa.eu/justice/data-protection/bodies/authorities/third-countries/index_en.htm to resolve disputes pursuant to the EU-US Privacy Shield Principles.
Zogenix, Inc. commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship.
Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
The services of the EU DPAs panel are provided at no cost to you.
Limitation on Application of Principles
Adherence by Zogenix, Inc. to these EU-US Privacy Shield Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; (c) to the extent expressly permitted by an applicable law, rule or regulation; and (d) to the extent that Zogenix, Inc. has limited or no control over the actions of the individuals who have provided information.
Questions or comments regarding this Policy should be submitted to Zogenix, Inc. by email to: firstname.lastname@example.org or by mail to: Zogenix, Inc., 5959 Horton Street, Fifth Floor, Emeryville, California, 94608 USA.
Effective Date: May 2019