Privacy Policy

Effective Date: January 1, 2020

Eiger BioPharmaceuticals Inc. (“Eiger,” “we,” “us,” or “our”) respects the privacy of visitors to our websites and online services and values the confidence of our customers, partners, patients, and employees.

This Privacy Policy (“Privacy Notice”) sets forth Eiger’s practices regarding the collection, use, and disclosure of information that you may provide through the websites and online services that we operate and that link to this Privacy Notice, as well as through any of our offline services that reference this Privacy Notice (collectively, the “Services”). Please read the entire Privacy Notice before using our Services. California residents, please see our CCPA-specific notice below.

Collection of Information

We may ask you for some or all of the following types of information when you register with our Services, access various content or features, submit photos and other content, or directly contact us with questions or feedback:

Contact information, such as name, email address, postal address, and telephone number; user name and password; demographic information, such as age information and gender; communications preferences; search queries; stories, comments, photos, and other information posted in our interactive online features; and correspondence and other information that you send to us.

We also may collect certain information automatically when you visit the Services, including: your browser type and operating system; your Internet Protocol (IP) address, which can sometimes be used to derive your general geographic area; other unique identifiers, including mobile device identification numbers; sites you visited before and after visiting the Services; pages you view and links you click on within the Services; information collected through cookies, web beacons, and other technologies; information about your interactions with email messages, such as the links clicked on and whether the messages were opened or forwarded; and standard server log information.

We may use cookies, pixel tags, and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. However, if you choose to reject cookies, you may not be able to use certain online products, services or features on the Services.

Response to “Do Not Track” Signals

Some Internet browsers include the ability to transmit “Do Not Track” signals. Since uniform standards for “Do Not Track” signals have not yet been adopted, Eiger does not process or respond to “Do Not Track” signals.

Use of Information

Our legal basis to process your information includes processing that is necessary for legitimate business interests, including but not limited to the following examples: providing you with the products, promotions, services, and information you request; contacting you via email and otherwise about products, services, and events that we think might be of interest to you; maintaining or administering the Services, performing business analyses, or for other internal purposes to improve the quality of our business, the Services, and other products and services we offer; publishing stories, comments, photos, and other information posted in our interactive online features; processing employment applications and inquiries; and customizing and personalizing your use of the Services.

We may also process your information in order to comply with our legal obligations, perform a contract between us and you, establish and defend any legal claims, and in some cases our basis for processing will be because you have consented to our use of your information.

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

Corporate Parents and Affiliates. We may share your information with our corporate parents and other affiliated entities for a variety of purposes, including business, operational, and marketing purposes.
Service Providers. We may share your information with service providers that perform certain functions or services on our behalf pursuant to the purposes set out in this Privacy Notice (such as to host the Services, manage databases, perform analyses, or send communications for us).
Other Parties When Required by Law or as Necessary to Protect the Services. We may disclose your information to third parties in order to: protect the legal rights, safety, and security of Eiger, our corporate parents and affiliates, and the users of our Services; enforce our Terms of Use; prevent fraud (or for risk management purposes); and comply with or respond to law enforcement, or legal process, or a request for cooperation by a government entity, whether or not legally required.
In Connection with a Transfer of Assets. If we sell all or part of our business, or make a sale or transfer of assets, or are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may transfer your information to one or more third parties as part of that transaction.
Aggregate Information. We may disclose to third parties information that does not describe or identify individual users, such as aggregate website usage data or demographic reports.

We may allow third parties to place and read their own cookies, web beacons, local shared objects, and similar technologies to collect information through the Services. For example, our third-party service providers may use these technologies to collect information that helps us with traffic measurement, research, and analytics. Local shared objects (sometimes referred to as “Flash cookies”) are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player. Please note that you may need to take additional steps beyond changing your browser settings to refuse or disable local shared objects and similar technologies. For example, local shared objects can be controlled through the instructions on Adobe’s Setting Manager page. If you choose to refuse, disable, or delete these technologies, some of the functionality of the Services may no longer be available to you.

Social Networking Services

Eiger has worked with certain third-party social media providers to offer you their social networking services through our Services. For example, you can use third-party social networking services, including but not limited to Facebook, Twitter, and others, to share information about your experience on our Services with your friends and followers on those social networking services. These social networking services may be able to collect information about you, including your activity on our Services. These third-party social networking services also may notify your friends, both on our Services and on the social networking services themselves, that you are a user of our Services or about your use of our Services, in accordance with applicable law and their own privacy policies. If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services.

Security and Retention

We maintain reasonable security procedures to help protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of the information you provide through the Services. However, no data transmission over the Internet or stored on a server can be guaranteed to be 100% secure. As a result, while we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and cannot be responsible for the theft, destruction, or inadvertent disclosure of your information. In the event that we believe that the security of your information may have been compromised, we will endeavor to give you appropriate notice as quickly as possible, including by email, and in accordance with applicable laws.

You are responsible for maintaining the confidentiality of your account password and for any access to or use of the Services using your password, whether or not authorized by you. Please notify us immediately of any unauthorized use of your password or account or any other breach of security.

Your information will be retained only for so long as reasonably necessary for the purposes set forth in this Privacy Notice, in accordance with applicable laws.

Children’s Privacy

Eiger respects the privacy of children, and we are committed to complying with applicable legislation, including the US Children’s Online Privacy Protection Act (COPPA) and the EU General Data Protection Act (GDPR). The Services do not knowingly collect, use, or disclose personal information from children without prior parental consent, except as permitted by applicable legislation.

If you have questions concerning our information practices with respect to children, please contact us at the address found under Contact Us below.

Your rights, depending on where you live, may include the right to review, have deleted, or stop the further collection of your child’s personal information. If you would like to make such a request, please contact us at the address found under Contact Us below.

Your Choices and Your Information

If at any time you wish to stop receiving emails or other communications from us, or if you have submitted information through the Services and would like to have that information deleted from our records, please notify us at the address below in the Contact Us heading.

Your rights, depending on where you live, may include the right to object to or request restriction of processing of your personal information, and request access to, erasure and/or portability of your information held by Eiger, and you may make such a request, please contact us at the address found under Contact Us below.

You may also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe that our use of your information violates applicable law.

International Transfers

Some of the parties to whom we disclose your information are located in countries that may not provide the same level of data protection as your home country. We take appropriate steps to ensure that such recipients of your information are bound to duties of confidentiality, and Eiger implements measures such as the EU standard data protection contractual clauses to ensure that any transferred personal information remains protected and secure.

Links to Third-Party Content

As a convenience to our visitors, the Services may link to a number of sites, services, and other content that are operated and maintained by third parties. These third parties operate independently from us, and we do not control their privacy practices. Such links do not constitute an endorsement by Eiger of the content or the persons or entities associated therewith. This Privacy Notice does not apply to third-party content. We encourage you to review the privacy policies of any third party to whom you provide information.

Policy Updates

This Privacy Notice may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security best practices evolve. We display an effective date on the policy in the upper left corner of this Privacy Policy so that it will be easier for you to know when there has been a change. If we make any material change to this Privacy Notice regarding use or disclosure of personal information, we will provide advance notice through the Services. Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice.

Contact Us

If you have any questions about this Privacy Notice, you may contact our European Affiliate Data Protection Officer at:

[email protected]

In the United States, please contact us at:

[email protected]

CCPA Privacy Notice (Notice for California Consumers)

The California Consumer Privacy Act of 2018 (CCPA) gives California residents the right to know what Personal Information Eiger BioPharmaceuticals Inc. (“Eiger,” “we,” “us,” or “our”) collects about them, including whether it is being sold or disclosed to third parties. In this Notice, “Personal Information” (or “PI”) means any information that identifies, relates to, describes, or is capable of being associated with you or your household, whether directly or indirectly.

The CCPA also grants certain rights to California residents, including the right to delete their Personal Information (subject to certain exceptions) and the right to prevent Eiger from selling their Personal Information. Companies are also prohibited from retaliating or discriminating against consumers for exercising their rights under the CCPA.

All companies need to collect and share consumers’ Personal Information for everyday business purposes, marketing, and maintenance of the safety, security, and integrity of their websites and other assets, among other reasons. This Notice provides the information required under the CCPA and applies to both Eiger’s online and offline activities. For more information about how we collect, use, and share information through our websites and online and offline services, please review our Privacy Policy and Notice of Information Practices.

The types of Personal Information we collect and disclose depends on your relationship and interaction with Eiger. Please review the information below to learn about our data collection and disclosure practices generally. The information below describes the categories of personal information we have collected in the preceding 12 months, along with the categories of sources from which the personal information was collected, the purpose for collecting or selling the personal information, the categories of third parties with whom we share the personal information, and if we sell the information, the categories of third parties to whom we sell it.

In addition to the purposes for collecting and sharing Personal Information described in the information below, Eiger may collect and disclose any and all Personal Information to our service providers and corporate affiliates (but only as necessary or appropriate to perform legitimate business purposes). We also collect and disclose any and all Personal Information as necessary to: comply with laws and regulations; monitor, investigate potential breaches of, and enforce compliance with Eiger’s policies and procedures and legal and regulatory requirements; comply with civil, criminal, judicial, or regulatory inquiries, investigations, subpoenas, or summons; and exercise or defend the legal rights of Eiger and its employees, affiliates, customers, contractors, and agents. We will not collect additional categories of Personal Information nor use the Personal Information collected for additional purposes without providing you notice.

Your Rights

If you are a California resident, you have the following rights under the CCPA with respect to your Personal Information, subject to certain exceptions and exemptions:

Right to Notice: Before or at the time we collect Personal Information from you, you have the right to receive notice of the Personal Information to be collected and the purposes for which we use it. This Notice is intended to satisfy this requirement. You also have the right to request that we disclose to you the categories of Personal Information we have collected about you in the preceding 12 months, along with the categories of sources from which the Personal Information was collected, the purpose for collecting or selling the Personal Information, the categories of third parties with whom we shared the Personal Information, and the categories of third parties to whom we sold the Personal Information, if any.
Right of Access: You have the right to request that we disclose or provide you with access to the specific pieces of Personal Information we have collected about you in the preceding 12 months.
Right to Deletion: You have the right to request that we delete the Personal Information we collect from you. However, in certain situations we are not required to delete your Personal Information, such as when the information is necessary in order to complete the transaction for which the Personal Information was collected, to provide a good or service requested by you, to comply with a legal obligation, to engage in research, to secure our websites or other online services, or to otherwise use your Personal Information internally in a lawful manner that is compatible with the context in which you provided the information.
Right to Opt Out of the Sale of Personal Information: Eiger does not sell your Personal Information. Eiger does not sell the Personal Information of minors under 16 years of age without affirmative authorization.
Right Not to Be Subject to Discrimination: You have the right to be free from discrimination or retaliation for exercising any of your rights under the CCPA as described above.

You can exercise your rights by contacting us at (415) 203-0934 or email: [email protected].

Verification: We value the security and confidentiality of your Personal Information. Therefore, if you exercise your right to notice, right of access, or right to deletion, we must first verify your identity to make sure that you are the person about whom we have collected Personal Information. We will verify every request carefully.

Along with your request, we will ask that you provide us with a scanned copy of a government-issued ID and/or use a multi-factor authentication process to confirm your identity.
When all of your household members jointly submit a request, we will ask that each of you provide us a scanned copy of a government-issued ID and/or use a multi-factor authentication process to confirm your identities.

You may also authorize someone else to submit these requests on your behalf. To do so, you may designate directly with us another person who may act on your behalf by providing us with a notarized copy of power of attorney, or ask the authorized agent to provide us with a copy of your written permission and a scanned copy of their own government-issued ID.

Financial Incentives

You have the right to be free from discrimination or retaliation for exercising any of your rights under the CCPA. We may, however, charge a different price or rate, or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to Eiger by your Personal Information. Further, we may offer you financial incentives in return for your Personal Information. Should we offer such programs, we will provide you with additional information at the time you enroll.

Personal Information

For each of the categories of Personal Information listed below, here are: (1) the definition of each category; (2) the source(s) we collect such PI from; (3) our purpose(s) for collecting or sharing the PI; (4) the third parties to whom we disclose the PI; and (5) the third parties to whom we sell the PI, if any.

Biometric Information:

Definition: Biometric information, including an individual’s physiological, biological, or behavioral characteristics (including DNA) to the extent it can be used to establish individual identity. Biometric information consists of, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template (such as a faceprint, a minutiae template, or a voiceprint) can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.
Source(s) of PI: Directly from you; and from third parties, including those to whom you have previously provided data
Purpose(s) for Collecting or Sharing PI: To help maintain the safety and security of our physical California locations, including our offices; and to respond to law enforcement requests as required by applicable law, court order, or government regulation
Third Parties to Whom We Disclose PI: Service providers; and government entities
We do not sell this PI

Commercial Information:

Definition: Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Source(s) of PI: Directly from you; from third parties, including those to whom you have previously provided data; and from publicly available sources, like government records, or from information you have made public, including by posting or publishing it online.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to monitor and improve our website functionality; to personalize your website experience; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers; and government entities.
We do not sell this PI

Education Information:

Definition: An individual’s education information, including academic information and records
Source(s) of PI: Directly from you; from third parties, including those to whom you have previously provided data; and from publicly available sources, like government records, or from information you have made public, including by posting or publishing it online
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to personalize your website experience; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; to help maintain the safety and security of our physical California locations, including our offices; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers; and government entities.
We do not sell this PI

Electronic and Sensory Data:

Definition: Audio, electronic, visual, or similar information (e.g., a recording of a customer service call or profile photograph).
Source(s) of PI: Directly from you; and from third parties, including those to whom you have previously provided data.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to monitor and improve our website functionality; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; to help maintain the safety and security of our physical California locations, including our offices; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers; and government entities.
We do not sell this PI

Financial Information:

Definition: Financial information, including bank account number, credit or debit card number, or other financial information.
Source(s) of PI: Directly from you; and from third parties, including those to whom you have previously provided data.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; auditing related to current interactions with you; to detect security incidents and other fraudulent activity; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; or to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers, and government entities.
We do not sell this PI

Identifiers:

Definition: Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, phone number or other similar identifiers.
Source(s) of PI: Directly from you; from third parties, including those to whom you have previously provided data; and from publicly available sources, like government records, or from information you have made public, including by posting or publishing it online.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to monitor and improve our website functionality; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; to help maintain the safety and security of our physical California locations, including our offices; and to respond to law enforcement requests as required by applicable law, court order, or government regulation
Third Parties to Whom We Disclose PI: Service providers, and government entities.
We do not sell this PI

Inferences:

Definition: Inferences drawn from any of the information listed above about an individual reflecting the individual’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes (e.g., predictions about an individual’s preferences or tendencies).
Source(s) of PI: Directly from you, and from third parties, including those to whom you have previously provided data.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to personalize your website experience; and for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law).
Third Parties to Whom We Disclose PI: Service providers, and government entities.
We do not sell this PI

Health Insurance Information:

Definition: Health insurance information, including an individual’s insurance policy number or subscriber identification number, any unique identifier used by a health insurer to identify the individual, or any information in the individual’s application and claims history
Source(s) of PI: Directly from you, and from third parties, including those to whom you have previously provided data.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; to detect security incidents and other fraudulent activity; to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: service providers, and government entities.
We do not sell this PI

Medical Information:

Definition: Medical information, including any information in possession of or derived from a healthcare provider, healthcare service plan, pharmaceutical company, or contractor regarding an individual’s medical history, mental or physical condition, or treatment
Source(s) of PI: Directly from you, and from third parties, including those to whom you have previously provided data.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers and government entities.
We do not sell this PI

Network Activity Data:

Definition: Internet or other electronic network activity information, such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement
Source(s) of PI: Directly from you; and from third parties, including those to whom you have previously provided data
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to monitor and improve our website functionality; to personalize your website experience; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; to help maintain the safety and security of our physical California locations, including our offices; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers, and government entities.
We do not sell this PI

Professional Information:

Definition: An individual’s professional or employment-related information
Source(s) of PI: Directly from you; from third parties, including those to whom you have previously provided data; and from publicly available sources, like government records, or from information you have made public, including by posting or publishing it online.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; to personalize your website experience; for marketing purposes to deliver content and product and service offerings, including targeted offers and ads (with your consent, as required by law); to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; to help maintain the safety and security of our physical California locations, including our offices; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: Service providers, and government entities.
We do not sell this PI

Protected Characteristics:

Definition: Characteristics of protected classifications under California or federal law, such as race, gender, physical or mental disability, and religion
Source(s) of PI: Directly from you, and from third parties, including those to whom you have previously provided data.
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; to conduct research related to our current or prospective our products or services; to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: service providers and government entities.
We do not sell this PI

Written Signature:

Definition: An individual’s written signature
Source(s) of PI: Directly from you
Purpose(s) for Collecting or Sharing PI: For our everyday business purposes such as to process your requests, inquiries, or other communications with us; auditing related to current interactions with you including counting impressions and unique visitors to our website; to detect security incidents and other fraudulent activity; and to respond to law enforcement requests as required by applicable law, court order, or government regulation.
Third Parties to Whom We Disclose PI: service providers and government entities.
We do not sell this PI