Last Reviewed: August 10, 2020
Last Updated: August 10, 2020
Veru Inc. and its subsidiaries, including The Female Health Company Ltd., The Female Health Company (UK) Plc, the Female Health Company Malaysia SDN.BHD and Aspen Park Pharmaceuticals, Inc. (the “Company” “us” “we” or “our“) is a biopharmaceutical and medical device company which: (1) develops and commercializes novel medicines for the prostate care continuum and urology specialty pharmaceuticals; and (2) manufactures, markets, promotes, distributes and/or sells the FC2 female/internal condom and Preboost/Roman Swipes, medicated individual wipes for the prevention of premature ejaculation.
2. Third-Party Websites
We are active on social media pages, such as Facebook, LinkedIn and Twitter, and we may integrate social media widgets or features on the Site. These social media companies may recognize you and collect information about your visit to the Site, and they may set a cookie or employ other tracking technologies. Your interactions with those features are governed by the privacy policies of those companies.
3. What Personal Information We Collect and How We Collect It
(a) Information We Collect
Certain features on the Site enable you to provide us with certain personal information that we may use to contact or identify you. This information may include, but is not limited to:
- Identifiers such as first and last name; email address, phone number, mailing address, IP address, and online identifiers;
- Protected classification characteristics under state or federal (United States) law such as: race, sex, age, marital status, sexual orientation, insurance information, and prescription information;
- Biometric information such as behavioral characteristics, activity and patterns used to extract health data;
- Preferences (including emotional or romantic orientation);
- Financial information;
- Certain medical information to comply with pharmacovigilance, reporting to regulatory authorities, and for other legal or regulatory requirements.
- Company name and position or title;
- Other commercial information (e.g., records of products purchased from us);
- Internet activity (e.g., information on your interactions with the Site);
- Geolocation data;
- Demographic information;
- Professional or employment related information such as previous employment history;
- Education information;
- Information that we may collect from you offline in connection with business-related interactions with you, such as if you provide information to us at an industry event, business meeting, or contact us by telephone; and
- Any other form or category of personal information which you directly submit to us in any manner, including but not limited to in emails or survey responses.
(b) How We Collect Information
We may collect the categories of personal information listed above from the following categories of sources:
(i) From You
We collect personal information from you in the following ways:
- Directly from you when you:
- Inquire about our services and offerings;
- Contact us through the “Contact Us” link on the Site;
- Sign up for “Investor Alerts” on the Site;
- Create an account on the Site;
- Sign up for email updates;
- Place an order on the Site;
- Return an item or make an exchange or otherwise communicate directly with us about any of our products and/or services;
- Enter a contest;
- Participate in a survey, promotion or event;
- Apply for a job at the Company;
- Enter into a contract with us; or
- Otherwise submit personal information or materials or content containing personal information to us, including but not limited to, via a submission on the Site or via an email or phone call to us.
- Indirectly from you:
- By observing your actions on the Site;
- When you have opted into marketing via third-party programs;
- Via social media platforms;
- From your employer, principal, authorized representative or agent enters into a contract with us; or
- When you are referred to us through a marketing promotion.
If you contact us through electronic communication, including by email, we typically retain the email in our file servers and collect any contact information you provide so that we can reply to you. Your email also contains metafiles that may contain IP addresses, domain names, and other standard file information and this information may be retained electronically on our servers or in routine back-up files.
If you browse the Site, regardless of whether you create a user account, or otherwise interact with the Site, we log your IP address (the internet address of your computer) to tell us which parts of the Site you visit and how long you spend there. We may also track the state and/or country you are accessing the internet from, the date and time you visited and the type of computer, operating system and web browser you are using. We may also obtain additional information about you from other sources, including from our suppliers, service providers, public databases, social media and other third parties. For instance, we may use information obtained from third parties to confirm your contact or financial information, to verify licenses or obtain other information.
We utilize third party companies and analytics to help us market, sell, and provide information about our products and services; and we provide your personal information to these third party companies to assist us in conducting business with you. We may use web analytics tools provided by service providers, including, but not limited to, Google Analytics, which is a third party service that transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We may use reports provided by Google Analytics or other similar service providers, to help us understand the Site’s traffic, and web page usage. For more information concerning Google Analytics and how it collects and processes data please see “How Google Uses Data When You Use Our Partners Web Sites or Apps” located at www.google.com/policies/privacy/partners. We may use the information provided by these tools to improve our services and our online advertisements. These tools place session and persistent cookies in your browser to identify you as a unique user the next time you visit the Site. Each cookie cannot be used by anyone other than the service provider (e.g. Google Analytics).
(iv) Other Sources
To the extent permitted by applicable data protection laws, we may also receive personal information or draw inferences about you from other sources. These may include commercially available sources, such as public databases, data aggregators, advertising networks, internet service providers, data analytics providers, social networks, and data brokers. If applicable data protection law requires it, we will obtain your consent before using your personal information for our business purposes.
4. Purposes for Use of Personal Information
We may process, use, sell or disclose the personal information we collect for one or more of the following business purposes:
- Respond to your questions and requests;
- Improve customer service;
- Obtain and make payments;
- Process and track your order;
- Send you email updates;
- Create, maintain, customize, and secure your account with us;
- Provide the products and services you request;
- Identify your product and services preferences;
- Promoting our business and products, including but not limited to providing testimonials;
- Personalize your experience on the Site and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads;
- Provide information concerning products and services you have purchased and products and services that may be of interest to you;
- Help maintain the safety, security, and integrity of the Site, products and services, databases and other technology assets, and business;
- Engage in other activities in the normal course of running a biopharmaceutical company;
- Protecting rights and interests of the Company; and
- To fulfill regulatory and legal requirements.
We may also use your personal information for any other purpose with your consent.
5. How We Share Personal Information
We may disclose your personal information to a third party for a business purpose, or sell your personal information, subject to applicable rights you may have by operation of applicable law.
We may share your personal information with the following categories of third parties:
- Service providers who have been retained to perform services on our behalf to help with proposed or actual business activities, including without limitation, contractors, insurers, physicians, medical providers, email and SMS vendors, hosting and development companies, fulfillment companies, common carriers and payment processors, to help us market our products and services, process orders, deliver products, perform market research, promotions management and otherwise assist us in running our business.
- Data aggregators and data analysis firms.
- Other Parties: We may share information with third parties such as third party marketing companies, for business purposes subject to applicable data protection laws.
- Aggregate Information: We may share aggregate information, such as demographic and usage statistics, with other organizations.
We may also disclose information about you (i) if we are required to do so by law, court order or legal process; (ii) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (iii) under the discovery process in litigation or arbitration; (iv) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with the prevention of or the investigation or prosecution into suspected or actual illegal activity; or (v) if in good faith we believe that disclosure is otherwise necessary or advisable. In addition, from time to time, server logs may be reviewed by third party forensic investigators and other technology professionals for security purposes – e.g., to detect unauthorized activity on the Site. In such cases, server log data containing IP addresses may also be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.
We may take personal information and aggregate data so that it is no longer identifiable. We may use this information to enhance the features of the Site and services. We may also sell or license this aggregated information to third parties or publish the information. We will take reasonable precautions to ensure that such aggregated information does not contain any confidential or otherwise identifiable data that could be used to identify its source.
6. How We Secure Personal Information
We maintain commercially reasonable procedures and technology designed to prevent the unauthorized access of your information that you provide to us. We maintain reasonable technical, administrative and organizational security measures in place to protect the loss, misuse or alteration of information under our control. However, we cannot guarantee that unauthorized third parties will never be able to defeat those security measures.
If you believe your information has been accessed in an unauthorized manner, please contact us immediately as provided in Section 13, Contact Us.
7. How We Retain of Personal Information
8. Changes and Updates to this Policy
9. Governing Law
10. Rights for Individuals Located in the European Economic Area
This Section 10 applies exclusively to visitors and users of the Site who are located in the European Economic Area (“Data Subjects“).
(b) Rights of Data Subjects
If you are a Data Subject, you have the following rights:
- The right to request copies of your personal information. If you require more than one copy, we may charge you a reasonable fee.
- The right to request that we correct any personal information that you believe is inaccurate, or complete any personal information which you believe is incomplete.
- The right to request that we erase your personal information, under certain circumstances.
- The right to request that we restrict the processing of your personal information, under certain circumstances.
- The right to object to our processing of your personal information, under certain circumstances.
- The right to request we transfer data that we have collected to you or directly to another organization, under certain circumstances.
- The right to withdraw your consent, explicit or otherwise, at any time. If we rely on your consent as the legal basis for our processing of your personal information, we will refrain from processing your data.
If you are a Data Subject and would like to exercise any of these rights, please contact us as provided in Section 13, Contact Us.
(c) Transfer of Personal Information
11. Notice for California Residents
(a) Scope; Definitions
This Section 11 applies exclusively to individuals who are residents of the state of California (as defined in Cal. Civ. Code § 1798.140(g)) (“Consumers“). As used in this Section 11, the term “you” shall only refer to a Consumer.
For purposes of this Section 11, “personal information” does not include any information which is excluded from the CCPA’s scope, including but not limited to: (i) health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or (ii) personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA) or the Gramm-Leach-Bliley Act (GLBA).
If you are a Consumer, the California Consumer Privacy Act (“CCPA”) provides you with certain rights regarding your personal information. This Section 11 includes additional notices with respect to and describes those rights and provides you with additional information regarding our practices regarding the collection, use, disclosure, and sale of personal information.
This Section 11 discloses the categories of personal information we collect from you, the sources of such personal information and the purposes for use of such personal information.
(b) Information We Collect; Sources of Information; Business Purposes
In the preceding twelve (12) months, we have collected the following categories of personal information described in Cal. Civ. Code § 1798.140(o)(1) from Consumers:
||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
|C. Protected classification characteristics under California or federal law.
||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
|D. Commercial information.
||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
|E. Biometric information.
||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
|F. Internet or other similar network activity.
||Browsing history, search history, information on a Consumer’s interaction with a website, application, or advertisement.
|G. Geolocation data.
||Physical location or movements.
|H. Sensory data.
||Audio, electronic, visual, thermal, olfactory, or similar information.
|I. Professional or employment-related information.
||Current or past job history or performance evaluations.
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
|K. Inferences drawn from other personal information.
||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We obtain the categories of personal information listed above from the sources identified in Subsection 3(b), How We Collect Information. We collect and use personal information for the business purposes identified in Section 4, Purposes for Use of Personal Information.
(c) Sharing Personal Information
(i) Disclosures of Personal Information for a Business Purpose
We may disclose your personal information to a third party for a business purpose.
In the preceding twelve (12) months, the Company has disclosed the following categories of personal information for a business purpose:
|Personal Information Category
||Category or Categories of Third Parties
|Category A: Identifiers.
||Marketing Service Providers
|Category B: California Customer Records personal information categories.
||Marketing Service Providers
|Category C: Protected classification characteristics under California or federal (United States) law.
||Marketing Service Providers
|Category D: Commercial information.
||Marketing Service Providers
|Category E: Biometric information.
|Category F: Internet or other similar network activity.
||Marketing Service Providers
|Category G: Geolocation data.
||Marketing Service Providers
|Category H: Professional or employment-related information.
||Marketing Service Providers
|Category I: Non-public education information.
||Marketing Service Providers
|Category J: Inferences drawn from other personal information.
||Marketing Service Providers
(ii) Sales of Personal Information
In the preceding twelve (12) months, we have not sold personal information:
(d) Notice of Right to Know About Personal Information Collected, Disclosed, or Sold
You have the right to request that the Company disclose certain information (the “Right to Know“) to you about the Company’s collection, use, disclosure, of your personal information over the past twelve (12) months (a “Request to Know“).
Once the Company receives and verifies your Request to Know (see Subsection 11(f), Exercising Access, Data Portability and Deletion Rights), the Company will disclose to you each of the following items which you include in your Request to Know:
- The categories of personal information the Company has collected about you;
- The categories of sources for the personal information the Company has collected about You;
- The Company’s business or commercial purpose for collecting or selling that personal information;
- The categories of third parties with whom the Company has shared that personal information;
- The specific pieces of personal information the Company has collected about you; (if delivered by mail, a “Data Access Request,” and, if delivered to you electronically in a portable format, a “Data Portability Request“);
- If the Company has sold or disclosed your personal information for a business purpose, two separate lists disclosing: sales, identifying the personal information categories that each category of recipient purchased; and disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
To submit a Request to Know, Data Access Request, or Data Portability Request see Subsection 11(f), Exercising Access, Data Portability and Deletion Rights.
(e) Notice of Right to Request Deletion of Personal Information
You have the right to request that the Company delete any of your personal information that the Company has collected from you or has maintained or retained, subject to certain exceptions (a “Request to Delete“). Under certain exceptions, we may deny your right to Request to Delete. We may deny your Request to Delete if the information is necessary for us or our service providers to:
- Complete the transaction for which the personal information was collected, or to provide a good or service that you have requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Identify security breaches, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another Consumer to exercise their free speech rights, or exercise another right provided for by law.
- Enable solely internal uses that are reasonably aligned with Consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
To submit a Request to Delete, see Subsection 11(f), Exercising Access, Data Portability and Deletion Rights.
(f) Exercising Access, Data Portability and Deletion Rights
To exercise the access, data portability, and deletion rights described in Subsections 11(d), Notice of Right to Know about Personal Information Collected, Disclosed, or Sold, and 11(e), Notice of Right to Request Deletion of Personal Information, please submit a verifiable consumer request to us by either:
Only you or your Authorized Agent (as defined below) may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child who is a Consumer.
You may only make a Request to Know, Data Access Request, or Data Portability Request twice within a twelve (12) month period. Your Request to Know, Data Access Request, or Data Portability Request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative of such person, which may include:
- Information which the Company already maintains; or
- If the Company cannot verify your identity based on information already maintained by the Company, such information that the Company or its representatives request from you.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. [However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.]
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
For instructions on exercising your right to opt-out of the sale of your personal information, see Subsection 11(g), Right to Opt-Out.
(g) Right to Opt-Out
You have the right to direct us to not sell your personal information at any time (the “Right to Opt-Out“). We do not sell the personal information of Consumers we actually know are less than 16 years of age. Consumers who opt-in to personal information sales may opt-out of future sales at any time.
To exercise the Right to Opt-Out (make a “Request to Opt-Out“), you (or your authorized representative) may submit a a Request to Opt-Out by contacting us by any of the methods listed in Subsection 11(f), Exercising Access, Data Portability and Deletion Rights. We will act upon a Request to Opt-Out as soon as feasibly possible, but no later than fifteen (15) days after receiving the Request to Opt-Out.
Once you make a Request to Opt-Out, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back in to personal information sales at any time by emailing us at firstname.lastname@example.org
You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to review and comply with your Request to Opt-Out.
(h) Notice of Right to Non-Discrimination for the Exercise of CCPA Rights
You have the right to not receive discriminatory treatment for your exercise of privacy rights under the CCPA, by, for example, being denied goods or services or being charged different prices for goods or services because of your exercise of CCPA rights.
(i) Authorized Agent
You may authorize another person (an “Authorized Agent”) to exercise any of your rights under the CCPA and this Section 11. To designate an Authorized Agent to make a request with the Company, (i) provide the authorized agent signed permission to submit a request under this Section 11 with the Company, (ii) confirm with the Company that you provided the Authorize Agent permission to submit the request by submitting such signed permission to us by email at email@example.com. Please note that you may be required to verify your identity prior before your confirmation of permission for the Authorized Agent is effective under this Section 11.
(j) Shine the Light
California’s “Shine the Light” law (Cal. Civ. Code § 1798.83) permits Consumers to request certain information regarding the Company’s disclosure of personal information to third parties for their direct marketing purposes.
We do not knowingly collect personal information from children under the age of 16 through the Site. Children are not encouraged to use the Site and we request that children under the age of 16 not submit any personal information to the Site. Since information regarding children under the age of 16 is not collected through the Site, we do not sell the personal information of individuals we actually know are less than 16 years of age.
13. Contact Us
However, if you are a Data Subject and feel we have not resolved a privacy concern related to personal information processed or transferred by the Company, you have the right to submit a complaint to a supervisory authority.