Effective Date: January 26, 2022

CohBar is a clinical stage biotechnology company focused on the research and development of mitochondria based therapeutics, an emerging class of drugs for the treatment of chronic and age-related diseases.  Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use and share your personal information and to assist you in exercising the privacy rights available to you.

SCOPE

This Privacy Policy applies to personal information processed by us in our business, including on our websites and other online or offline offerings (collectively, the “Services”).

I.  PERSONAL INFORMATION WE COLLECT

We collect different categories of personal information depending on how you interact with us.

Information You Provide to Us

Your Communications with Us.  We collect personal information from you such as your name, email address, phone number, or mailing address when you request information about our Services, participate on earnings and related calls, request customer or technical support, apply for a job, or otherwise communicate with us.

Enrollment and Clinical Trial Referral Information. When you enroll in our Services, such if you request to be matched to one of our clinical trial sites through one of our referral websites, we may collect information such as your name, email address, phone number, physical address, date of birth, and relevant information about your medical history.

Regulatory Requirements.  In some cases, CohBar is obligated to collect certain personal information to comply with regulatory requirements, including information relating to adverse effects you have experienced when using our products.

Surveys.  We may contact you to participate in surveys.  If you decide to participate, you may be asked to provide certain information which may include personal information.

Social Media Content.  We may offer forums, blogs, or social media pages.  Any content you provide on these channels will be considered “public” and is not subject to privacy protections.

Conferences, Trade Shows, and other Events. We may attend conferences, trade shows, and other events where we collect personal information from individuals who interact with or express an interest in CohBar and/or the Services. If you provide us with any information at one of these events, we will use it for the purposes for which it was collected.

Information Collected Automatically

Information Related to Use of the Services.  We may collect certain information automatically when you use the Services.  This information may include your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, and other information about how you use the Services.  Information we collect may be associated with accounts and other devices.

In addition, we may automatically collect data regarding your use of our Services, such as the types of content you interact with and the frequency and duration of your activities. 

Cookies, Pixel Tags/Web Beacons and Analytics Information.  We, as well as third parties that provide content or other functionality on the Services, may use cookies, pixel tags and other technologies (“Technologies”) to automatically collect information through the Services.  Technologies are essentially small data files placed on your computer, tablet, mobile phone, or other devices that allow us and our partners to record certain pieces of information whenever you visit or interact with our Services.

Cookies. Cookies are small text files placed in visitors’ computer browsers to store their preferences.  Most browsers allow you to block and delete cookies.  However, if you do that, the Services may not work properly.

Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in the Services that collects information about users’ engagement on that web page.  The use of a pixel allows us to record, for example, that a user has visited a particular web page.

Analytics.  We may also use Google Analytics and other service providers to collect information regarding visitor behavior and visitor demographics on our Services.  For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/.  You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout.

Information from Other Sources

We may obtain information about you from other sources, including through third party services and organizations.  This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with information about our business, products, and Services.

II.  HOW WE USE PERSONAL INFORMATION

We use personal information for a variety of business purposes, including:

To provide our Services or Information Requested, such as:

  • Fulfilling our contract with you or the organization on whose behalf you use the Services;
  • Managing your information;
  • Responding to questions, comments, and other requests;
  • Providing access to certain areas, functionalities, and features of our Services;
  • Communicating with you about activities on our Services and policy changes;
  • Undertaking activities to verify or maintain the quality or safety of a service or product; and
  • Processing applications and transactions.

Analyze and improve our Services pursuant to our legitimate interest, such as:

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
  • Measuring interest and engagement in our Services;
  • Undertaking research for technological development and demonstration;
  • Researching and developing products, services, marketing or security procedures to improve their performance, resilience, reliability or efficiency;
  • Improving, upgrading or enhancing our Services or products;
  • Developing new products and Services;
  • Ensuring internal quality control;
  • Verifying your identity and preventing fraud;
  • Debugging to identify and repair errors that impair existing intended functionality;
  • Enforcing our terms and policies; and
  • Complying with our legal obligations, protecting your vital interest, or as may be required for the public good.

Marketing Our Products and Services.  We may use personal information to tailor and provide you with content. We may provide you with these materials as permitted by applicable law. 

If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may contact us at any time as set forth below.

Consent. We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.

Use of De-identified and Aggregated Information.  We may use personal information and other data about you to create de-identified and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access our Services, or other analyses we create.

How We Use Automatic Collection Technologies.  We, as well as third parties that provide content or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies to automatically collect information through the Services.  Our uses of these Technologies fall into the following general categories:

  • Operationally Necessary. This includes Technologies that allow you access to our Services, applications, and tools that are required to identify irregular site behavior, prevent fraudulent activity and improve security or that allow you to make use of our functionality;
  • Performance Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;
  • Functionality Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services.  This may include identifying you when you sign into our Services or keeping track of your specified preferences, interests, or past items viewed;

III. DISCLOSING YOUR INFORMATION TO THIRD PARTIES

Except as provided below, we do not disclose personal information.

Service Providers.  We may share any personal information we collect about you with our third- party service providers.  The categories of service providers (processors) to whom we entrust personal information include: IT and related services; customer service providers; and vendors to support the provision of the Services.

Clinical Research Organizations. If you participate in clinical trials and research, the clinical trial sites may disclose any personal information you provide in conjunction with your participation, to the Clinical Research Organization (“CRO”) we have partnered with, that is responsible for organizing the research or conducting the clinical trial. We endeavor not to collect clinical trial participant personal information directly, and other than pharmacovigilance data, all information we receive from the clinical trial sites and CROs are required to be de-identified.

Business Partners.  We may provide personal information to business partners with whom we jointly offer products or services. 

Affiliates.  We may share personal information with our affiliated companies.

Disclosures to Protect Us or Others.  We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

Disclosure in the Event of Merger, Sale, or Other Asset Transfers.  If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

International Data Transfers.  You agree that all information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live.  We have taken appropriate safeguards to require that your personal information will remain protected and require our third-party service providers and partners to have appropriate safeguards as well.  Further details can be provided upon request.

IV.  YOUR CHOICES

General. You have certain choices about your personal information.  Where you have consented to the processing of your personal information, you may withdraw that consent at any time and prevent further processing by contacting us as described below.  Even if you opt out, we may still collect and use non- personal information regarding your activities on our Services and for other legal purposes as described above.

Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails.  Note that you will continue to receive transaction-related emails regarding products or Services you have requested.  We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to our Terms or this Privacy Policy).

 “Do Not Track”. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers.  Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Cookies. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. 

Please note you must separately opt out in each browser and on each device. 

Your Privacy Rights. In accordance with applicable law, you may have the right to request:

Access to/Portability of personal information about you consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic personal information transferred to another party.

Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information or we may refer you to the controller of your personal information who is able to make the correction.

Deletion of your personal information, subject to certain exceptions prescribed by law.

Restriction of or object to processing of your personal information, including the right to opt in or opt out of the sale of your personal information to third parties, if applicable, where such requests are permitted by law.

Withdraw your Consent to our processing of your personal information. Please note that your withdrawal will only take effect for future processing, and will not affect the lawfulness of processing before the withdrawal.

If you would like to exercise any of these rights, please contact us as set forth below.  We will process such requests in accordance with applicable laws.  To protect your privacy, we will take steps to verify your identity before fulfilling your request.

If you are a California resident, you have the right not to receive discriminatory treatment by CohBar for the excise of your rights conferred by the California Consumer Privacy Act.

V.  DATA RETENTION

We store the personal information we receive as described in this Privacy Policy for as long  as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

VI.  SECURITY OF YOUR INFORMATION

We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy.  Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us.  To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure.

By using the Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services.  If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an e-mail to you.

VII.  CHILDREN’S INFORMATION

The Services are not directed to children under 18 (or other age as required by local law), and we do not knowingly collect personal information from children.  If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below.  If we learn that we have collected any personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account.

VIII.  SUPERVISORY AUTHORITY

If you are located in the European Economic Area or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law.

IX.  CHANGES TO OUR PRIVACY POLICY

We may revise this Privacy Policy from time to time in our sole discretion.  If there are any material changes to this Privacy Policy, we will notify you as required by applicable law.  You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use the Services after the new Privacy Policy takes effect.

X.  SUPPLEMENTAL CALIFORNIA PRIVACY NOTICE

CCPA. Under the CCPA, California residents have certain rights around our collection, use, and sharing of personal information as explained in the “Your Privacy Rights” section above. If you wish to exercise any of your rights as a California resident, please contact us as set forth below. If you exercise any rights under the CCPA, we may ask certain questions in order to verify your identity and your status as a California resident. An agent may also submit a request on your behalf, but we may require that you verify the agent has been authorized by you.

We collected the following categories of consumer personal information from the following types of sources in our role as a business within the last 12 months:

Categories of Information Collected Information Examples Source(s)

Identifiers

Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.

Consumers, both directly and indirectly via the Services.

Our business partners, affiliates, and third party services.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

A name, physical characteristics or description, address, telephone number or medical information.

Consumers, both directly and indirectly via the Services.

Internet or other electronic network activity

Browsing history, search history, information on a consumer's interaction with an internet website.

Consumers, both directly and indirectly via the Services.

Our business partners, affiliates, and third party services.

Professional or employment-related information

Current or past job history.

Consumers, directly.

We disclosed for a business purpose the following categories of personal information to the following categories of third parties in the preceding 12 months:

Categories of Information Disclosed Categories of Third Parties

Identifiers

Service providers, business partners, affiliates, law enforcement, Clinical Research Organizations.

Internet or other electronic network activity

Service providers, business partners, affiliates, law enforcement, other third parties.

We have not sold consumers’ personal information in the preceding 12 months.

Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To designate an authorized agent, please contact us as set forth in “Contact Us” below and provide written authorization signed by you and your designated agent.

Verification. To protect your privacy when you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include asking you to answer questions regarding your account and use of our Services.

XII. CONTACT US

If you have any questions about our privacy practices or this Privacy Policy, or if you wish to submit a request to exercise your rights as detailed in this Privacy Policy, please contact us at:

CohBar, Inc.
1455 Adams Drive
Menlo Park, CA 94025
info@cohbar.com