Effective date: August 15, 2019

Abeona Therapeutics Inc ("us", "we", or "our") operates the https://abeonatherapeutics.com website and any other websites, mobile applications, or digital services that link to this Policy (each and collectively, the "Services").

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data.

We use your data to provide and improve the Services. By using the Services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from https://abeonatherapeutics.com

Definitions

Personal Data: Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data: Usage Data is data collected automatically either generated by the use of the Services or from the Services infrastructure itself (for example, the duration of a page visit).

Cookies: Cookies are small pieces of data stored on your device (computer or mobile device).

Data Controller: Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.

Data Processors (or Service Providers): Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.  We may use the services of various Service Providers in order to process your data more effectively.

Data Subject (or User). Data Subject is any living individual who is using our Services and is the subject of Personal Data.

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Certain of our Services allow you to submit your Personal Data to us. For example, you may subscribe to our mailing list or newsletter, or create an online account. We may use the information you provide to send you requested information, respond to your inquiry, improve our websites, verify your relationship with us, and take other actions that may be necessary to respond to your request. Personal Data may include, but is not limited to your name, address, telephone number, email address, and other information in combination with such identifiers. This information may be submitted by you, or collected from you during your use of the Services, and may include:

  • Contact Information. We collect this information in order to be able to communicate with you. This information may include your name, mailing address, telephone number, email address, job title, age, and other information you provide on our website. Where we solicit this information, we will explain how the information you provide is to be used. It is your choice as to whether to provide your Personal Data.
  • Interests and Preferences. This information helps us understand your interest in our products and services so that we can best serve you. This information may include contact and product preferences, languages, marketing preferences and demographic data. Where we solicit this information, we will explain how the information you provide is to be used. This information may be collected as part of the information we collect automatically or pursuant to your consent.
  • Interaction History. This information helps us fulfill services you have requested and to understand your interests and preferences. This includes how you interact with us and use our websites, your correspondence with us, and any purchase history or customer account information. Where you have purchased or requested a product or service from us, we use this information in order to perform our agreement with you. This information may be collected automatically, for our legitimate business interests.
  • Automatically Collected Information. Our Services also collect other basic information about you which does not directly identify you but which may correspond with you or a particular device. We use this information to learn more about how our websites and online resources are used and to otherwise improve and administer the site. We may collect Personal Data on your visit to our websites through cookies, IP information, or other data provided by your web browser or device, including IP Address, geographic location, browser type, browser version, resources you have accessed, the time and date of your visit, time spent on the website, and similar information. Further information concerning automatic information collection on our Sites can be found below, in the section titled “Cookies and Other Tracking Technologies.” We collect this information automatically for our legitimate business interests.

Where permitted by law, we may combine Personal Data you provide with other information you’ve provided to us through our Services, or with offline records and information provided to us by third parties. We use this consolidated information to improve our website and online resources, enhance our marketing activities, better design our offerings, and facilitate other business functions.

Cookies and Other Tracking Technologies:

We use cookies and similar tracking technologies to track the activity on our Services and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Services.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.

Social Plugins. The Services may use social plugins (e.g., the Facebook “Like” button) to enable you to easily share information with others. When you visit our Services, the operator of the social plugin may be able to place a cookie on your computer, enabling that operator to recognize individuals who have previously visited our Services. If you have previously logged into the associated social media website (e.g., Facebook) before browsing on our website, the social plugin allows that social media website to receive information about your visit to particular pages on our website. The social plugin may collect this information for any such visitors who have logged into social networks, whether or not they specifically interact with the plugin on our websites (e.g., by clicking “Like” or “Share”). The social plugin may also allow the social media website to share information about your activities on our Services with other users of their social media website. For further details about the information shared via a particular social media plugin, you should refer to that social media site’s privacy statement.

Notice regarding “Do Not Track”: Certain web browsers and other programs may be used to signal your preferences about the collection of information about your online activities. Our Services do not currently respond to such signals.

Other Information About Managing Cookies. The Digital Advertising Alliance maintains a Website where consumers can opt out from receiving interest-based advertising from some or all of the network advertising companies participating in the program (www.AboutAds.info/choices/). This opt-out applies only to the Digital Advertising Alliance network and will not affect the delivery of ads outside that network.

Google Analytics.  Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.  You can opt-out of having made your activity on the Services available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

Uses and Disclosures of Data

We use and disclose the collected data for various purposes:

  • To provide and maintain our Services
  • To notify you about changes to our Services
  • To allow you to participate in interactive features of our Services when you choose to do so
  • To provide customer support, respond to your inquiry, or take an action you request
  • To gather and analyze information so that we can improve our Services
  • To monitor the usage of our Services
  • To verify your relationship with us
  • To provide you with information, including information about our products, services, or other offerings, that may be of interest to you
  • To detect, prevent and address technical issues
  • As necessary to identify, contact, or bring a legal action against someone who may be causing injury to or interference with our rights and property or those of any other person or in a situation that involves threats to another person
  • To comply with a legal obligation

When we disclose your data, we may disclose information to third parties under the following circumstances:

  • We may disclose your Personal Data to third parties who provide us with various business services, including monitoring and maintaining our websites and preparing communications and mailings. We may also share your Personal Data with our affiliates, in compliance with applicable laws.
  • In addition, we may disclose your Personal Data to third parties in special cases, including when we have a reason to believe that such disclosure is necessary to identify, contact, or bring a legal action against someone who may be causing injury to or interference with our rights and property or those of any other person. We may also disclose your Personal Data when we believe the law requires it and in any situation that involves threats to any person’s physical safety.
  • If all or part of our company is merged into another entity, the information we have about you may be transferred to a third party as part of that transaction. The acquiring entity will be required to use the Personal Data that is transferred only in a manner that is consistent with this notice.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it, including:

  • Compliance with applicable laws or performance of a contract: In specific circumstances, we may need to process your information to comply with a relevant law/regulation or to fulfill our obligations under a contract to which you are subject. Where we process your information to meet our legal obligations, you will likely not be permitted to object to this processing activity, but you will usually have the right to access or review this information unless it would impede our legal obligations. Where we are processing to fulfill our contract obligations under a contract where you are a party, you might not be able to object to this processing, or if you do choose to opt-out or object to our processing, it may impact our ability to perform a contractual obligation that you are owed.
  • Our legitimate interest: We may process your information based on our legitimate interests in communicating with you and managing our interactions with you regarding our products, services, and education opportunities. In addition to the other rights you may have described below, you have the right to object to such processing of your information. You can register your objection by contacting us as described above.
  • Your consent: In some cases, at the point at which you provide information, we may ask you for your consent to collect and process your information. If you choose to provide us with your consent, you may later withdraw your consent (or opt-out) by contacting us as described in the “how do you contact us” section below. Please note that if you withdraw your consent it will not affect any processing of your information that has already occurred. Where we process your information based on consent, we will provide more detailed information to you at the time when we obtain your consent.

We will retain your Personal Data for the duration of your relationship with us, and for a period of time following the termination of that relationship as necessary fulfill the purposes described in this Privacy Policy.

Transfer of Data:

Your information, including Personal Data, may be transferred to - and maintained on - computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Consent to this Privacy Policy, as evidenced by providing your use of the Services, represents your agreement to that transfer.

Data Security:

We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy. However, no transmission over the internet is completely secure, and you should take care before sharing Personal Data with us. We also take steps to prevent the transfer of your Personal Data to an organization or a country unless there are adequate controls in place governing the security of your data and other personal information.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We will take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

You have the right to be informed what Personal Data we hold about you. This Privacy Policy is intended to provide this information.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.
  • Please note that we may ask you to verify your identity before responding to such requests.
  • You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Your California Privacy Rights

California law permits California residents to request certain information regarding our disclosure of personally identifiable information to third parties for their direct marketing purposes. To make such a request, please contact us at the information provided below. Be sure to include your name and address. If you would like a response via email, please include an email address. Otherwise, we will respond by postal mail within the time required by law.

Links to Other Sites

Our Services may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children's Privacy

Our Services are not intended for use by anyone under the age of 18, and we do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Services, prior to the change becoming effective, and update the "effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective as of the effective date shown when posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: info@abeonatherapeutics.com or by mail:

Abeona Therapeutics Inc.
Attention: General Counsel
1330 Avenue of the Americas
33rd Floor
New York, NY 10019