Privacy Notice

Theratechnologies Inc. (including its subsidiaries Theratechnologies Europe Limited and Theratechnologies U.S. Inc., collectively referred to as “Thera”, “we”, “us” or “our”) values the trust you place in us by agreeing to provide us with your personal information, and we are committed to protecting the confidentiality and security of your personal information. The purpose of this notice is to help you better understand our privacy practices, including how we collect, use, disclose and destruct your Personal Information.

This notice applies to all personal information we collect throughout our websites which are: www.theratech.com, www.trogarzo.com and www.egriftasv.com (collectively referred to as the “Websites”). This notice does not extend to any websites which can be accessible through the content of our Websites. We do not assume any responsibility for the privacy practices of such third parties, and we encourage you to review all third-party privacy policies prior to using their websites, products or services.

By using Thera's Websites, you acknowledge that you accept the content of this notice, we encourage you to read it carefully and, in its entirety, so that you understand how we process your Personal Information.

WHAT’S IN THIS PRIVACY NOTICE?

  1. Meaning of the Expression “Personal Information”
  2. Personal Information We Collect
  3. How We Use Your Personal Information
  4. Who We Share Your Personal Information With
  5. Unsubscribing from Our Communications
  6. Retention of your Personal Information
  7. Information Security
  8. Your Rights Pertaining to Your Personal Information
  9. Transfer of Your Personal Information
  10. Children’s Information
  11. Changes to this Privacy Notice
  12. Contact Us

1. Meaning of the Expression “Personal Information”

Personal Information” means any factual or subjective information, about an identifiable individual, such as age, gender, birth date, province of residence, preferences, opinions, that can directly identify that Individual (for example an individual’s name), or that could identify that Individual once the information is combined (for example the elements of a physical description). Personal Information does not include information that has been anonymized or aggregated in such a way that there is no serious possibility that it can be used to identify an individual.

2. Personal Information We Collect

The Personal Information we collect is generally in one or more of the following categories:

  • Personal Information you submit to us through your use of our Websites:
    • On theratech.com: if you sign up for our email alerts, we will collect your e-mail address. If you contact us through our form for health care provider or investor we may require your name, email address, the subject of your request of contact and any other comments you may provide us. We also collect your name and email address if you fill the grant/sponsorship request form.
    • On trogarzo.com: we collect your name, e-mail address, phone number, city and postal code when you request information from the Thera Patient Support or when you would like to connect directly with us, as well as any other information you give us in the free comments fields.
    • On egriftasv.com: if you are a health care provider and would like to register for updates on our products, we will collect your name, address, e-mail address, phone number. We may also collect your zip code if you wish to use our localisation tool to help find a specialist near you.
  • When you apply for a job via cv@theratech.com, we can collect your name, e-mail address, CV and a cover letter as well as any other information you send us.

We may automatically collect certain technical information related to your electronic device and your use of our Websites.  Such information may include your IP address, information about your device, browser and operating system, and the date and time of your visit, commonly referred to as “Cookies”. You may limit the automatic collection of information on our Websites by deciding not to activate the Cookies using your browser options upon arrival on one of our Websites. Please be aware that disabling Cookies may prevent you from using specific features on our Websites. For more information, please refer to our Cookies Policy https://www.theratech.com/investors/cookie-policy.

3. How We Use Your Personal Information

We will use your Personal Information for the following purposes and if you are a resident of the European Union pursuant to the following applicable legal basis permitted by the General Data Protection Regulation (“GDPR”):

  • To provide you with our products, services or assistance in connection with your use of them. Applicable legal basis under the GDPR: performance of a contract and consent.
  • To help us improve or solve problems with our Websites, and/or our products and services. Applicable legal basis under the GDPR: legitimate interest;
  • To request feedback or otherwise contact you about your use of our Websites and/or our products and services. Applicable legal basis under the GDPR: consent;
  • To notify you about important changes to our Websites and/or our products and services. Applicable legal basis under the GDPR: performance of a contract;
  • For our internal business purposes, such as to analyze trends and statistics, to develop new services, to enhance our Websites, to improve our products or services, and to determine the effectiveness of our promotional campaigns. Applicable legal basis under the GDPR: legitimate interest;
  • To prevent, detect and investigate suspicious activity and transactions that are suspicious, fraudulent, or that violate our Website Terms and Conditions. Applicable legal basis under the GDPR: legal obligation;
  • In an emergency to protect your personal safety. Applicable legal basis under the GDPR: legal obligation; or
  • With your consent, to communicate with you and to send you information by e-mail, postal mail, telephone, text message, or other means about our products, services, contests, and promotions.

4. Who We Share Your Personal Information With

  • Service providers

We rely on third-party services providers to perform a variety of services on our behalf to support our commercial activities (“Service Providers”). Your Personal Information might be shared with one or more the following categories of Service Providers:

  1. Service Providers in connection with the management of information, documents and information technology, as well as with the management and hosting of our Websites;
  2. External consultants or experts for recruitment purposes;
  3. Service Providers in connection with advertising and data analysis services; or
  4. Service Providers in connection with customer service and patient support.

If we share your Personal Information with third-party service providers, we will require them to protect the confidentiality and security of your personal information. We will also require them to use your Personal Information only for the limited purposes for which it was provided and to dispose of it when those purposes are fulfilled. We do not authorize service providers to share your personal information with other parties or to use it for direct marketing purposes. For more information about our service providers, please contact us using the contact information in the "Contact Us" section below.

In certain circumstances, we may authorize our service providers to maintain aggregated or anonymized information so that you can no longer be identified.

  • Legally permitted disclosure

Additionally, we may disclose your Personal Information if we believe such disclosure is permitted, necessary or appropriate:

(a) Under applicable law, including laws outside your country of residence;

(b) To comply with legal process;

(c) To respond to requests from public and government authorities, including public and government authorities outside your country of residence;

(d) To enforce the terms of the agreements for our products and services;

(e) To protect our commercial operations;

(f) To protect our rights, the privacy of our information, safety or property, and/or those of our affiliates, you or others; and

(g) To allow us to pursue available remedies or limit the damages that we may sustain.  In addition, we may transfer your Personal Information and other information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, brands, affiliates, subsidiaries or other assets.

Except when legally permitted, if we otherwise intend to disclose your Personal Information to a third party, we will identify that third party and the purpose of the disclosure and obtain your consent prior to such disclosure.

5. Unsubscribing From our Communications

You may choose to stop receiving communications from us by following the unsubscribe instructions contained in our emails. You can also unsubscribe by contacting us directly using the contact information in the "Contact us" section below.

6. Retention of your Personal Information

We will only retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected or as otherwise permitted by law. If your Personal Information is collected for multiple purposes, we will retain it until the purposes requiring the longest retention have been fulfilled.

7. Information Security

We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss, theft, unauthorized disclosure, copying, use or modification. We have also taken steps to ensure that the only employees or service providers who have access to your Personal Information are those whose duties require them to know it. Each person or service provider who has access to your Personal Information is contractually bound to respect its confidentiality and to follow the measures set forth in this notice.

Despite the measures described above, no method of transmission or storage is completely secure or error-free. As a result, we cannot guarantee the absolute security of your Personal Information. If you have reason to believe that your interaction with us is no longer secure (for example, if you believe that the security of any information you have provided has been compromised), please contact us immediately using the contact information provided in the "Contact Us" section below.

8. Your Rights Regarding Your Personal Information

We will take all reasonable steps to ensure that your Personal Information is as current as possible. To assist us in this regard and to maintain the accuracy of your Personal Information, please notify us promptly of any changes that affect you.

Upon written request, and subject to proof of identity, you may review the Personal Information we have collected about you and request corrections, if any. The Personal Information required to identify you will only be used for this specific purpose.

In addition, under certain circumstances, you may have the following rights:

  • You may withdraw your consent to the disclosure or use of the Personal Information collected;
  • You have the right to request a copy of the Personal Information we hold about you; and
  • You may have the right to request information about any automated decision-making system using your Personal Information and the impact it may have on you.

If you are a resident of a country of the European Union, under the GDPR, you may be entitled to additional rights, including: (i) the right to object to unlawful processing of your Personal Information; (ii) the right to erasure of your Personal Information; and (iii) in certain circumstances, the right to demand that we restrict the processing of your Personal Information. To learn more about your rights under the GDPR, please visit the European Commission's data protection page at the address below:

You also have the right to lodge a complaint with the relevant data protection authority.

9. Transfer of Your Personal Information

In the course of providing our services and conducting our business, we may need to transfer your Personal Information to a country or province other than the one from which you provided such information, which may have different data protection laws. Notwithstanding any such transfer, our treatment of your Personal Information will always be subject to this notice. Prior to any interprovincial or international transfer, the necessary measures will be taken to ensure the adequate and continuing protection of your Personal Information.

For more information about the measures we have put in place, please contact us using the information provided in the "Contact Us" section below.

10. Children’s Information

Our products and services are not intended for, and our Websites are not directed to, children under the age of 16. We do not knowingly collect Personal Information from children under the age of 16.

11. Changes to This Privacy Notice

We may change this Privacy Notice from time to time without prior notice to you. Changes will always be posted on our websites and will be effective when the revised notice is posted.

This notice was last updated September 2023.

12. Contact Us

If you have any comments, questions, concerns or complaints about this notice or our privacy practices, please contact our Privacy Officer as follows:

 

Address:

Attention: Privacy Officer

Theratechnologies Inc.

2015 Peel Street, 11th Floor

Montréal, Québec

Canada H3A 1T8

By phone:

514-336-7800

By e-mail:

privacy@theratech.com