Last Updated 11/11/2021
For your convenience, this Site may contain links to a number of other websites. The privacy policies and procedures described here do not apply to those sites; we suggest contacting those sites directly for information on their data collection and distribution policies. Any reference to a linked site or any specific third party product or service by name does not constitute or imply its endorsement by us, and you assume all risk with respect to its use.
We may collect, use, store and transfer the following Personal Information to provide the Services and improve our Site.
The data we collect and process. You may give us Personal Information by visiting or interacting with the Site, filling in forms on the Site, interacting with us as part of our Services, or by corresponding with us by phone, email, in person, or otherwise. This Personal Information may include the following data:
- personal information you provide when you interact with the Site or as part of the Services. The personal information you give us may include your name, title, company, mailing address, email address, phone number, password, resume information, feedback and any other information you choose to provide to us;
- technical data such as your internet protocol (IP) address, your login data, the web page you visited before visiting our Site, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Site;
- usage data which tells us how you use our Site;
- marketing and communication data which tells us your preference in receiving marketing from us and our third parties and your communication preferences; and
- sensitive personal data such as your race or ethnicity, your political opinions, religious beliefs, membership in a trade union, physical or mental health condition, sexual orientation, or criminal offenses.
Please note that we do not ask for any sensitive personal information and request that you omit any such information in any communications with us. If you send us sensitive personal information, we will delete it unless you provide your specific consent to having us include it your account, as it will be processed with the rest of your personal information.
Purposes for which we will use your data
We will only use your Personal Information when the law allows us to. Most commonly, we will use your Personal Information in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
- Where you have provided your consent.
The ways we plan to use your Personal Information are as follows:
- Site. We collect feedback in order to improve our Site and our Services.
- Usage. We also use your data, especially usage data and technical data (such as Site visits, page interaction information, and search history), to evaluate and improve our Site and our Services.
- Cookies and other technologies. Cookies and other technologies. We use technologies like cookies to provide, improve, protect, and promote our Site and our Services. Alector currently does not respond to Do Not Track requests.
- Marketing. We also use your data to provide you with information about goods or services we feel may interest you. If you do not want us to use your data in this way, select the `unsubscribe’ link in any email communication from us.
Sharing your data
We may share Personal Information as discussed below, but we won’t sell it to advertisers or third parties.
Others working for Alector. Alector uses trusted third parties (i.e., IT services, analytics services, etc.) to help us provide, improve, protect, and promote our Site and our Services. These third parties will access your Personal Information only to perform tasks on our behalf, and we’ll remain responsible for their handling of your Personal Information per our instructions.
Other applications and third-party links. The Site may include links to third party websites, plug ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our Site, we encourage you to read the privacy policies of every website you visit. Please remember that their use of your personal information will be governed by their privacy policies and terms.
Protecting your data
We review the Personal Information we hold on a regular basis to ensure it is being lawfully processed. We only process Personal Information where we have a legal basis for doing so. Such legal bases may include:
- Execution of a contract. We need your Personal Information to operate our Site, provide our Services to you, respond to your enquiries, or otherwise perform the contract we have entered or are about to enter with you.
- Compliance with a legal obligation. We are required or allowed to collect and use your Personal Information in order to comply with applicable local laws
- Legitimate Interest. We or a third party have a legitimate interest in processing your Personal Information. For example, we may have a legitimate interest in collecting and using your Personal Information to conduct business analytics or improve our Site or Services. We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights.
- You have consented to the collection and use of your Personal Information.
Before transferring Personal Information to any third party (e.g., partners and back-office support), we establish that there is a legal reason for making the transfer, which may include your consent.
We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have implemented measures and procedures that adequately protect the privacy of individuals and ensure that data protection is integral to all processing activities. This includes implementing measures which may include:
- Data minimization (e.g. not keeping data for longer than is necessary);
- Cybersecurity; and
- A data security policy.
We maintain administrative, technical, and physical safeguards that are intended to appropriately protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. However, because no information system can be 100% secure, we cannot guarantee the absolute security of your Personal Information.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent. You can also choose to turn off all cookies via your browser settings. As with all websites, if you turn cookies off, some of our Services may not function properly.
Your rights – individuals in the European Union
If you are an individual in the European Union/UK, you have certain rights in some circumstances with respect to the access, correction, restriction, and erasure of your Personal Information stored by us at any time. You can ask about exercising any of these rights at any time by contacting us at firstname.lastname@example.org. Depending upon the circumstances, your rights include the following:
- Accessing your Personal Information. Upon request, we shall provide any information relating to your Personal Information and our processing of your Personal Information in a concise, transparent, intelligible, and easily accessible form using clear and plain language. The information shall be provided in writing or by other means, including, where appropriate, by electronic means within 30 days of a written request.
- Correcting your Personal Information. You have the right to ask us to rectify any inaccurate or incomplete Personal Information stored by us.
- Erasing your Personal Information. You can ask us to erase your Personal Information stored by us. If we receive a legally actionable request to erase your Personal Information, we will ask you if you want your Personal Information to be removed entirely or if you want to be kept on a list of individuals who do not want to be contacted in the future (for a specified period or otherwise). We cannot keep a record of individuals whose Personal Information we have erased so you may be contacted again by us, should we come into possession of your Personal Information at a later date.
If we have given your Personal Information to any third parties, we will tell those third parties that Alector has received a request to rectify or erase your Personal Information, unless this proves impossible or involves a disproportionate effort. Those third parties should also rectify or erase the personal data they hold about you – however, Alector will not be in a position to audit those third parties to ensure that the rectification or erasure has occurred.
Restricting the use of your Personal Information. We only process your Personal Information where we have the legal basis for doing so. You have the right to ask us to suspend or otherwise restrict the processing of your Personal Information where we are relying on our “legitimate interests” to process it and:
- You challenge the accuracy of the Personal Information;
- The processing is unlawful but you do not want us to erase it;
- We no longer need the Personal Information for the purposes of the processing, but you want us to hold it as you need it to establish, exercise, or defend legal claims; or
- You have objected to our use of your Personal Information, but we need to verify whether we have legitimate grounds to use it.
If we have given the Personal Information to any third parties, we will tell those third parties that we have received a request to restrict the use of your Personal Information, unless this proves impossible or involves a disproportionate effort.
Withdrawing your consent. Where we are relying on consent to process your Personal Information (for example consent to receive marketing) you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.
You have the right to lodge a complaint about our handling of your Personal Information with the supervisory authority in your EU/UK country of residence. However, before doing so we request that you contact us at (415) 231-5660 to see if we can resolve your complaint to your satisfaction.
Your rights – individuals outside the European Union
Accessing Account Information. We will provide you with the means to ensure that Personal Information stored by us is correct and current. You may review this information by contacting us by sending an email to email@example.com.
A Record of Data Transfer. Alector will provide the right to request and receive, once a year and free of charge, information about third parties to whom we have disclosed certain types of Personal Information (if any) about you for our direct marketing purposes in the prior calendar year, and a description of the categories of Personal Information shared. To make such a request, please send an email to firstname.lastname@example.org and please include the phrase “Personal Information Privacy Request” in the subject line, the domain name of the website you are inquiring about, along with your name, address and email address. At our option, we may respond to such requests by providing instructions about how our users can exercise their options to prevent our disclosure of Personal Information to third parties for their direct marketing purposes.