Privacy Policy

This Privacy Policy (“Privacy Policy”) describes how Mirador Therapeutics, Inc. and our subsidiaries and affiliates (collectively, “Mirador,” “us,” “we,” or “our”) collect, use and share your personal information in connection with our website at https://miradortx.com/ and any other websites or online platforms we operate that link to this Privacy Policy (collectively, the “Site”), our social media profiles, our email communications, and our related services and offerings (collectively, the “Platform”), and the choices that you have with respect to your personal information.

We reserve the right, at any time, to modify this Privacy Policy. If we make revisions that change the way we collect, use, or share personal information, we will post those changes in this Privacy Policy. You should review this Privacy Policy periodically so that you keep up to date on our most current policies and practices. We will note the effective date of the latest version of our Privacy Policy at the bottom of this Privacy Policy. Your use of the Platform constitutes your acceptance of the latest version of this Privacy Policy.

1.      COLLECTION OF PERSONAL INFORMATION

Personal Information You Provide to Us. We collect and process personal information for different purposes:

• When you contact us for general inquiries, to subscribe to our email alerts or for information about our clinical trials. If you submit an inquiry through our website, send us an email or call us directly, we collect personal information from you such as your name, email address, phone number and the reason for your communication. We use this information to respond to your inquiry or provide you with the information that you are looking for when you navigate our website. We also collect any marketing preferences you may provide relating to our communications, such as if you unsubscribe to our email communications.
• Clinical trials. We do not collect personal information directly from the subjects that participate in our clinical trials. Subject personal information is collected by the sites that manage the trials that we sponsor. The subject data that we obtain from the sites is pseudonymized, meaning that a subject’s identifiable personal information is replaced with a code that we cannot link back to that individual. In general, any personal information we collect in connection with our clinical trials is addressed in the applicable informed consent form or other privacy notice provided separately.
• Clinical trial site staff and investigators. We collect personal information from these individuals to review their credentials and ensure they are qualified to perform the work related to the clinical trial.
• When you attend symposia or conferences where we participate. We may collect your contact information as well as your qualifications. We use this information to answer any questions you may have about Mirador and to keep track of the number of visitors to Mirador’s booth.

Unless we specifically request it, we ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership).

Personal Information Collected Automatically. We, our service providers, and our business partners may automatically log or collect information about you, your computer or mobile device, and your activity over time on our Platform and other sites and online services, including:

• Device data, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, unique identifiers, the website you visited before browsing to our website, and general location information such as city, state or geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.

Like many online services, the Platform uses cookies and similar technologies to facilitate automatic data collection, which may include:

• Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
• Web beacons, also known as pixel tags or clear GIFs, which are typically used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked, typically to compile statistics about usage of websites and the success of marketing campaigns.
• Local storage, which is used to save data on a visitor’s device. We may use data from local storage to, for example, turn on web navigation, store multimedia preferences, customize what we show you based on your past interactions with our Platform, remember your preferences, or measure ad effectiveness.

Personal Information from Third Parties. We may obtain personal information about you from third parties, such as the organization you work for, public sources (such as social media profiles), event sponsors, and our other business partners. We may also obtain de-identified, limited data sets of personal information from third party collaborators and scientific partners for use in our internal research and development efforts pursuant to written agreements containing appropriate safeguards for the protection of such personal information as required by applicable law.

Referrals. You may have the opportunity to refer colleagues or other contacts to us and share their contact information with us. Please do not refer someone to us or share their contact information with us unless you have their permission to do so.

2.      USE OF PERSONAL INFORMATION

We may use your personal information for various purposes, including the uses described below and as otherwise described in this Privacy Policy or at the time of collection.

To Provide the Platform and Operate Our Business. We use personal information to provide the Platform and operate our business, including to:

• operate and the deliver the Platform;
• provide you with the content, features, products, or services that you request;
• engage with investors and potential investors;
• communicate with you about the Platform and our business (including by sending announcements, updates, security alerts, or support and administrative messages);
• understand your interests, personalize your experience on the Platform, and deliver information about our clinical trials and other updates or news relevant to your interests;
• contact you by phone, email, or other form of communication.

Research and Development. We use personal information to understand and analyze the usage trends and preferences of our users to make our Platform and other offerings better, diagnose technical issues, and develop new features and functionality. We may also use personal information for use in internal research and development of our therapeutic product candidates and/or diagnostic tools. As part of these activities, we may create aggregated, de- identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Platform and promote our business.

To Comply with Laws and Regulations. We use personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

For Compliance, Fraud Prevention, and Protection. We may use your personal information for compliance, fraud prevention, safety, and protection purposes, including to:

• perform compliance activities related to the Platform;
• maintain the safety, security, and integrity of our Platform, products and services, business, databases, and other technology assets;
• protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements and internal policies;
• enforce the terms and conditions that govern the Platform; and
• prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

With Your Consent. In some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.

3.      DISCLOSURE OF PERSONAL INFORMATION

We may disclose your personal information with the entities and individuals listed below, and as otherwise described in this Privacy Policy or at the point of collection.

Related Companies. We may share your personal information with companies that are affiliated with us (that is, that control, are controlled by, or are under common control with us), including affiliates and subsidiaries.

Service Providers. We may share personal information with third parties and individuals who perform functions on our behalf and help us run our business. For example, we may employ third-party companies and individuals to perform services on our behalf, including but not limited to:

• Contract research organizations that conduct clinical trials;
• Data storage and analytics providers;
• Technology services and support (including email and web hosting providers, marketing and advertising technology providers, analytics providers, database management vendors, hosting vendors, and email communications providers);

Healthcare Professionals and Organizations. We may share your personal information with health care professionals, researchers, institutions, academics, public health organizations, and publishers for purposes consistent with this Privacy Policy.

Business Transaction Participants. We may disclose your personal information to third parties in connection with any business transaction (or potential transaction) involving a merger, acquisition, sale of shares or assets, financing, acquisition, consolidation, reorganization, divestiture, or dissolution of all or a portion of our business (including in connection with a bankruptcy or similar proceedings).

Law Enforcement, Government Authorities, and Others. Under certain circumstances, we may be required to disclose your personal information to law enforcement, government authorities, and other parties if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). We may also disclose your personal information in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend the rights or property of Mirador or our partners, investors, or other parties, prevent or investigate possible wrongdoing in connection with the Platform and our services, protect the personal safety of users of the Platform or the public, protect against legal liability, and for the other compliance and protection purposes described in the section above titled “USE OF PERSONAL INFORMATION.”

Professional Advisors. We may disclose your personal information to our professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

4.      SECURITY OF PERSONAL INFORMATION

No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from the risks presented by unauthorized access or acquisition, we cannot guarantee the security of your personal information.

5.      YOUR CHOICES

Access, Update, or Delete Your Personal Information. If you would like to access, update, or delete the personal information that we have collected about you, please contact us using the information at the bottom of this Privacy Policy.

Opt-out of Marketing Communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email you have received from us, or by contacting us using the contact information at the bottom of this Privacy Policy. You may continue to receive service-related and other non-marketing emails.

Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Platform and our Site may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Declining to Provide Information. We need to collect personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services.

6.      INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

Mirador is headquartered in the United States of America. If you are from a country outside of the United States of America with laws governing data collection, use, and disclosure that may differ from U.S. law and you provide personal information to us, please note that any personal information that you provide to us may be transferred to the United States of America. By providing your personal information, where applicable law permits, you hereby specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein or in any applicable terms of service. European users may view the section below titled “Notice to European Users” for additional information about data transfers.

7.      OTHER SITES AND SERVICES

Our Platform may contain links to websites, mobile applications or other online services operated by third parties. When you click on a link to any other website, mobile application or online service, you will leave our Platform and go to another site, and another entity may collect personal information or anonymous data from you. In addition, our content may be included on other online services that are not associated with us. We have no control over, do not review, and are not responsible for, these third party online services or for their content or actions. Other online services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of other online services that you visit or use. The links to third party online services are for your convenience and do not signify our endorsement of, or affiliation with, any third party or its services.

8.      CHILDREN

Our Platform is not intended for use by minors under the age of 18. If we learn that we have collected personal information of a minor under 18 without the consent of the child’s parent or guardian as required by law, we will delete it as soon as possible. If you believe that we might have any personal information collected online from a minor under 18, please contact us using the contact information listed at the bottom of this Privacy Policy.

9.      YOUR CALIFORNIA PRIVACY RIGHTS

Under California Civil Code sections 1798.83-1798.84 (the “Shine the Light” law), California residents who have an established business relationship with Mirador are entitled to ask us once a year for information regarding the personal information we have shared, if any, with third parties for their direct marketing purposes. If you are a California resident and would like to submit such a request, please submit your request in writing to the email address listed in the section titled “CONTACTING US” below with “Shine the Light” in the subject line. The request must include your name, street address, city, state, and ZIP code and an attestation that you are a California resident. We are not responsible for requests that are not labeled or sent properly, or that do not have complete information.

10.  NOTICE TO EUROPEAN USERS

The information provided in this section applies only to individuals in the European Union, the European Economic Area, and the United Kingdom (collectively, “Europe”). Except as otherwise specified, references to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller. The controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation is Mirador Therapeutics, Inc. (mailing address below). Our data protection representatives in Europe may differ based upon how you interact with us or the locations of our current clinical trials. For more information about our representatives, please refer to the applicable informed consent form or privacy notice delivered separately, or contact us using the information at the bottom of this Privacy Policy.

Legal Bases for Processing. The legal bases of our processing of your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us at privacy@miradortx.com.

Use for New Purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and where the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

• Access. Provide you with information about our processing of your personal information and give you access to your personal information.
• Correct. Update or correct inaccuracies in your personal
• Delete. Delete your personal
• Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
• Restrict. Restrict the processing of your personal
• Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.

You may submit these requests by contacting us using the contact information at the bottom of this Privacy Policy. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.

Cross-Border Data Transfer. If we transfer your personal information to a country outside of Europe such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so. Please contact us using the information below for further information about any such transfers or the specific safeguards applied.

11.  CONTACTING US

You may contact us via email at privacy@miradortx.com or by writing to us at the address below:

Mirador Therapeutics, Inc.
Attn: Privacy Officer
3115 Merryfield Row, Suite 210
San Diego, CA 92121

Last Updated: November 7, 2024