Effective as of June 13, 2018.
This “Privacy Statement” describes the online privacy practices of Merus N.V. and our subsidiary Merus US, Inc. (collectively, “Company”, “we”, “us”, or “our”). This Privacy Statement describes how we collect, use, disclose and otherwise process personal information in connection with our websites and other services, and explains the rights and choices available to individuals with respect to their information. For convenience, our websites are collectively referred to as the “Sites,” and, together with our other services, collectively referred to as the “Services.” This Privacy Statement governs any of the Services on which the Privacy Statement is posted.
Additional information related to European data protection legislation is provided here.
Personal Information We Collect
We collect personal information about you in the following ways:
Information you give us
Personal information that you may provide through the Services or otherwise communicate with us includes:
- Personal and Business Contact information, such as your first name, last name, postal address, email address, telephone number, fax number, job title, and employer name, to the extent that you choose to submit it to us;
- Feedback and correspondence, such as information you provide when you request information for investors, report a problem with the Sites, or otherwise correspond with us; and
- Usage information, such as information about how you use the Sites and interact with us.
Information we get from others
We may also get information about you from other sources, for example Google Analytics, and we may add this to information we get from our Site or the Services.
We may combine other publicly available information, such as information related to the organization for which you work, with the personal information that you provide to us through our Services.
Information automatically collected
We may automatically log information about you and your computer or mobile device when you access our Sites. For example, we may log your internet protocol address, pages you viewed, access times, and the website you visited before visiting our Sites if you clicked on a hyperlink to visit our Sites. We collect this information about you using technology similar to cookies. Please refer to the Cookies and Similar Technologies section for more details.
Changes to your personal information
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by emailing us at firstname.lastname@example.org.
Cookies and Similar Technologies
What are cookies?
Information about you and your computer may be collected by using “cookies.” Cookies are small data files stored on the hard drive of your computer or mobile device by a website.
We use third-party cookies which are provided by external parties. These third-party cookies are used by us to track unique visitors across our Sites, and by external parties to track views for videos or other media.
Cookies we use
Our Sites use the following types of cookies for the purposes set out below:
|Type of cookie||Purpose|
|Analytics and Performance Cookies||These cookies are used to collect information about traffic to our Site and how users use our Site. The information gathered may include the number of visitors to our Site, the websites that hyperlinked them to our Site, the pages they visited on our Site, what time of day they visited our Site, whether they have visited our Site before, and other similar information. We use this information to help operate our Site more efficiently, to gather broad demographic information and to monitor the level of activity on our Site.
We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is used to improve how our Site works. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our Site by downloading and installing the browser plugin available here.
For any videos on our Sites, Vimeo Analytics uses its own cookies to track views of videos and other media. You can find out more information about Vimeo Analytics cookies here.
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings.
For further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.
Do Not Track Signals
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We do not track unique users of our Sites, except as described above in the Cookies we use section. We currently do not respond to do not track signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
To provide our Services
If you use our Sites, we use your personal information to:
- operate, maintain, administer and improve the Sites;
- provide support and maintenance for the Sites and our services; and
- respond to your requests, questions and feedback.
To communicate with you
If you request information from us or otherwise communicate with us, we may send you Company-related communications as permitted by law. You will have the ability to opt out of such communications by emailing us at email@example.com.
To comply with law
We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or other requests from government authorities.
With your consent
For compliance, fraud prevention and safety
We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
How We Share Your Personal Information
Except as described in this Privacy Statement, we do not share the personal information that you provide to us with other organizations. We disclose personal information to third parties under the following circumstances:
- Affiliates.We may disclose your personal information to our subsidiary Merus US, Inc. and any corporate affiliates for purposes consistent with this Privacy Statement.
- Service Providers. We may employ third-party companies and individuals to administer and provide the Services on our behalf (such as training, customer support, hosting, email delivery and database management services). These third parties may use your information only as directed by Company and in a manner consistent with this Privacy Statement, and are prohibited from using or disclosing your information for any other purpose.
- Professional Advisors.We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
- Compliance with Laws and Law Enforcement; Protection and Safety. We may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to: (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Services; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
- Business Transfers.We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Statement.
Access, Update, Correct or Delete Your Information
You may review, update, correct or delete your personal information by contacting us at firstname.lastname@example.org if you have additional requests or questions.
Choosing not to share your personal information
Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with the Services. We will tell you what information you must provide to receive the Services by designating it as required in the Services or through other appropriate means.
The security of your personal information is important to us. We take a number of organizational, technical and physical measures designed to protect the personal information we collect, both during transmission and once we receive it. However, no security safeguards are 100% secure and we cannot guarantee the security of your information.
Our Site is not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their parent or guardian’s consent, he or she should contact us at email@example.com. We will delete such information from our files as soon as reasonably practicable.
Sensitive Personal Data
We ask that you not send us, and you not disclose, any sensitive personal data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Site or otherwise to us.
If you send or disclose any sensitive personal data to us when you use the Site, you must also provide to us your explicit consent to our processing and use of such sensitive personal data in accordance with this Privacy Statement. If you will not provide to us your explicit consent to our processing and use of such sensitive personal data, you must not submit such sensitive personal data to us or through our Site.
Merus N.V. is headquartered in the Netherlands and has affiliates and service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.
Please read the important information provided here about transfer of personal information outside of the European Economic Area.
Other Sites and Services
The Sites may contain links to other websites and services. These links are not an endorsement, authorization or representation that we are affiliated with that third party. We do not exercise control over third-party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.
Changes to this Privacy Statement
We reserve the right to modify this Privacy Statement at any time in our sole discretion. We encourage you to periodically review this page for the latest information on our online privacy practices. If we make material changes to this Privacy Statement you will be notified through the Services in a manner that we believe reasonably likely to reach you (which may include posting a new privacy statement on our Sites – or a specific announcement on this page or elsewhere on our Sites).
Any modifications to this Privacy Statement will be effective upon our posting of the new terms and/or upon implementation of the new changes on the Services (or as otherwise indicated at the time of posting). In all cases, your continued use of the Services after the posting of any modified Privacy Statement indicates your acceptance of the terms of the modified Privacy Statement.
If you have any questions or concerns at all about our Privacy Statement, please feel free to email us at firstname.lastname@example.org, or write to us at:
Additional Information Related to European Data Protection Legislation
References to “personal information” in this Privacy Statement are equivalent to “personal data” governed by European data protection legislation.
Controller and Data Protection Officer
Company is the controller of your personal information for purposes of European data protection legislation. See the Contact Us section above for contact details.
Legal bases for processing
We only use your personal information as permitted by law, and hereby inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at email@example.com.
(click link for details)
|To provide the Services||Processing is necessary to perform the contract governing our provision of the Services or to take steps that you request prior to using the Services.|
|To communicate with you||These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).|
|To comply with law||Processing is necessary to comply with our legal obligations.|
|With your consent||Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Services or by contacting us at firstname.lastname@example.org.|
Use for new purposes
We may use your personal information for reasons not described in this Privacy Statement where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
We will retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we will consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out. Stop sending you direct communications. You may continue to receive service-related emails, if applicable.
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit these requests by email to email@example.com our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Cross-Border Data Transfer
Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on the following safeguard recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation:
- Contracts approved by the European Commission which impose data protection obligations on the parties to the transfer. For further details, see European Commission Model contracts for the transfer of personal information to third countries.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.