Insmed

Powered by Purpose

Contact Us Job Opportunities

Privacy Policy

Print This Page

This policy was last updated effective October 15, 2024.

I. Introduction

This Privacy Policy describes how we at Insmed Incorporated and its affiliates worldwide (also referred to as “Insmed” or “us”) collect, maintain, use, and disclose information from you and others (collectively referred to as “You”) when You visit our website www.insmed.com or any other of our websites that link to this Policy, or otherwise interact with us online or offline (collectively referred to as the “Site”). This Privacy Policy also describes our specific policies with respect to the privacy protection we accord to personally identifiable information (“PII”).  “PII” also covers ‘personal data’ within the meaning of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Japan Act on the Protection of Personal Information (Act No.57 of May 30, 2003, as amended). For purposes of this Policy, PII about You means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with You or Your household.

Please note that Insmed reserves the right to revise this Privacy Policy at any time at our sole discretion. Therefore, You are urged to review the Privacy Policy each time You access this Site to ensure that You are familiar with the most current version. If we modify the Privacy Policy in a material way, we will post a notice on the Site to let You know that the Policy has been so modified. Use of this Site following such modification (or following any nonmaterial change) constitutes Your acceptance of the revised Privacy Policy then in effect.

II. How Does Insmed Collect Your PII and What Types of PII Does It Collect?

Insmed collects PII about You when You actively provide it to us, such as by completing an online form, applying for employment, seeking engagement to work with us, as part of Your employment or engagement with us, responding to a request for information, signing up to receive communications from us, or sending us an email or letter. Some areas of this Site may ask You to submit PII for You to benefit from the specified features or to participate in a particular activity. On the registration screen for such feature or activity, we clearly label which information is required for registration, application or participation, and which information is optional and may be given at Your discretion. You may always refuse to provide information to us, but this may lead to our inability to provide You with certain information, products, or services or for You to apply for employment or participate in certain activities.

We also may collect PII about You from other sources, such as our business partners; the Internet, including social media websites; the press or other print media; and other organizations or individuals as permitted under applicable law.

Listed below are the types of PII that we may collect about You. Each type of information listed below is PII only if the information identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with You or Your household.

The types of PII mentioned below will only be processed by us to the extent allowed under the applicable data privacy laws and/or regulations in Your country. PII does not include information that is excluded from the definition of “personal information,” “personal data,” or equivalent term under applicable data privacy laws.

  • Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, signature, physical characteristics or description, or other similar identifiers.
  • Contact, financial, and insurance information, such as address, telephone number, insurance policy number, bank account number, credit card number, debit card number, or any other financial information or health insurance information.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding Your interaction with an internet website application, or advertisement. This may include hardware and browser information of Your computer or other online device.
  • Biometrics including, fingerprint, face, and voice recordings from which an identifier template, such as a faceprint, can be extracted.
  • Geolocation data, such as the physical location of the device You use to connect with us online.
  • Sensory data, such as audio, electronic, visual, or similar information.
  • Professional or employment-related information, such as Your professional credentials, education, employment history, and title.
  • Characteristics of protected classifications under applicable law such as race, national origin, ethnicity, marital status, age, and gender.
  • Inferences drawn from other PII, to create a profile about You reflecting Your apparent preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Education information, defined as information that is not publicly available PII as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
  • Sensitive Personal Information, which is PII that reveals sensitive information, such as Your social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious, political, or philosophical beliefs, or union membership; contents of mail, email, and text messages unless we are the intended recipient of the communication; or genetic data; as well as the processing of personal information collected and analyzed concerning Your health, personal information collected and analyzed concerning Your sex life or sexual orientation, or other categories of information that constitute “sensitive personal information” or “sensitive data” under applicable privacy laws.

For more information about the types of health-related information we collect about U.S. residents, please see our U.S. Consumer Health Data Privacy Policy.

III. Our Business Purposes for Collecting PII; How We Use the Information

We use the PII we collect from You, including Sensitive Personal Information, for the following business purposes:

  • To communicate with You, including in response to Your inquiries and to fulfill Your requests.
  • To provide You with information about our products and services, and to provide You with our products and services.
  • To process and evaluate Your application for employment, and if You become an employee, for human resources related purposes. Applicants for employment can find additional information in our Applicants’ Privacy Notice for EMEA and California Notice at Collection for California residents.
  • To improve the content of the Site, including to customize the Site to Your preferences.
  • For our data analysis, product development, advertising, marketing, and research purposes.
  • To prevent fraud, including by confirming Your identity.
  • To maintain and upgrade the security of any data or information collected.
  • For risk management and compliance purposes, including to comply with law enforcement and other legal processes.
  • For any other purpose You may agree to at or before the time the PII is collected from You.

For U.S. Residents: We sell and share, and process for purposes of targeted advertising, and we have sold, shared, and processed for purposes of targeted advertising in the past 12 months, Identifiers and Internet or other similar network activity via cookies and other tracking technologies on our websites for marketing purposes to our third-party marketing and advertising partners, which may include health-related inferences, and as defined under applicable law in certain states, your sensitive data. While we generally do not sell sensitive data for monetary consideration, U.S. state data protection laws broadly define the term “sale” to include disclosures of browsing data collected via cookies and other tracking technologies to third parties, which may include health-related inferences depending on which parts of our website You visit.

Some U.S. residents have the right to opt-out of the sale, sharing, and processing for purposes of targeted advertising of Your PII. To do so, You can click here or contact us via the methods listed in Section X.B of this Policy.

IV. Data Retention; Security

We will retain PII about You for the period necessary to fulfill the purposes outlined in this Policy and for no longer than is reasonably necessary for that purpose. We endeavor to use reasonable organizational, technical, and administrative measures to protect the PII we maintain within our organization.

V. How we may disclose personally identifiable information

As to any processing undertaken under this Policy, such as retention and/or disclosure of personal data, such processing will only be undertaken by us to the extent allowed under the applicable data privacy laws and/or regulations in Your country.

We disclose and have disclosed in the past 12 months the categories of PII listed in Section II to the categories of entities listed below for the purposes listed in Section III:

  • Service providers: with whom we engage to assist us with technology support, operational support, and other forms of assistance, and whom we bind by contract to protect the confidentiality and security of the PII we share with them.
  • Third party marketing and advertising partners: such as third-party providers of cookies and other technologies, for purposes of marketing our products and services to You.
  • Other third parties: with Your consent or at Your direction.
  • Affiliates: entities within the Insmed corporate family, for legally permissible purposes.
    • For residents of Japan:
      1. We may use Your PII jointly with other parties, as specified below.
      2. All PII that we collect from You may be jointly used.
      3. The other parties that may jointly use Your PII are our affiliated companies which are listed here https://www.sec.gov/Archives/edgar/data/1104506/000110450621000005/insm20201231ex211.htm.
      4. The purposes of joint use are the same as those set forth in Section III above.
      5. The department that will be responsible for the management of your PII is set forth in Section XII below.
  • Change of Control: in the event of a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our company or its assets, to the proposed or actual acquiring party or assignee.
  • Legal purpose: as we believe to be appropriate: (i) when required by applicable law, including laws outside Your country of residence; (ii) to comply with legal process; (iii) to respond to requests from public and government authorities, as far as not in conflict with the applicable laws of Your country; (iv) to enforce the terms and conditions for use of the Sites subject to applicable law, including this Policy; (v) to protect and defend our rights and property subject to applicable law; (vi) to protect the interests of Insmed or others subject to applicable law; and (vii) to permit us to pursue available remedies or limit the damages that we may sustain subject to applicable law.

We do not have actual knowledge of selling or sharing the PII of anyone under the age of 16.

We may also deidentify any PII we collect about You. When we do so, we take reasonable measures to ensure that the information cannot be associated with a consumer or household, and we maintain and use the information in deidentified form. We will not attempt to reidentify the information, except that we may do so solely for the purpose of determining whether our deidentification processes satisfy applicable legal requirements. After it has been deidentified, the information is no longer PII and is not subject to this Policy. We may disclose for an above identified business purpose patient information that is deidentified pursuant to the HIPAA expert determination method.

VI. Other information collection, use and sharing

As You navigate through this Site, we may automatically collect (that is, gather without You actively providing the information) certain information using various technologies and means, such as Internet protocol addresses, cookies, Internet tags, web beacons and navigational data collection. For example, Your Internet browser automatically transmits to this Site some of this unidentifiable information, such as the URL of the website You just came from, the Internet Protocol (IP) address, and the browser version Your computer is currently using. This Site may also collect information from Your computer through cookies, HTTP Logging, or other technological means.

Cookies are small bits of information that are stored by Your computer’s web browser and are classified as identifying files sent to a computer by a web server. Websites read these uniquely identifying files for future access and enable servers to associate computers to user profiles. HTTP Logging consists of transaction files between a web client and server. You may be able to decide if and how Your computer will accept a cookie by configuring Your preferences or options in Your browser. You may be able to change Your browser settings to reject all cookies, accept only certain cookies, or notify You when a cookie is set. Please note that You may need to renew these settings if You delete Your cookies after these preferences are made. These settings also may not apply if You are using a different computer or internet browser. However, if You choose to reject cookies, You may not be able to use certain online products, services, or features on this Site. To learn more about cookies, please visit http://www.allaboutcookies.org.

The Site also uses third-party analytical tools to help us monitor performance and usage patterns, for example Google Analytics (http://www.google.com/analytics/). Google Analytics uses cookies to collect information about Site visitors to provide analytics services based on a user’s visits to sites across the Internet and across other mobile applications. For further information about the collection and use of data through Google Analytics, see http://www.google.com/policies/privacy/partners/. Google offers the ability to opt out from tracking through Google Analytics cookies; to learn about this, visit: http://tools.google.com/dlpage/gaoptout.

VII. Updates to Your PII

If You would like to update PII that You have provided to us, You may contact us through one of the means listed in Section X.B.

VIII. Site Use Limitations and International Data Transfers

Our Sites are not directed to users under the age of 13 and we do not knowingly collect PII online from any person we know to be under the age of 13. Although use of our Sites by children is unlikely, if You become aware that a child has provided us with PII without parental consent, please contact us at privacy@insmed.com. If we become aware that a child under 13 has provided us with PII without parental consent, we will take steps to remove such information and terminate the child’s account, if any.

Our Sites are controlled and operated by us from the United States. If You reside outside of the United States and interact with us, we may collect and transfer Your PII to the United States. For more information, see Section XI.C. of this Policy.

IX. Links to Other Websites

Our Sites may provide links to third-party websites. When You click on one of these links, You will be accessing content that is not subject to this Policy. We are not responsible for the information-collection practices of the other websites that You visit and advise You to review their privacy policies before You provide them with any PII.

X. Disclosures for certain U.S. Residents

Residents who reside in states that have adopted comprehensive privacy legislation (collectively, “U.S. Privacy Laws”) have certain rights regarding our collection and use of PII, subject to certain exceptions. We provide details about these rights below. Please note that some rights vary by state. We process data subject rights requests in accordance with U.S. Privacy Laws applicable to us. In some instances, we may not be required to comply with Your request, such as if an applicable exception applies under U.S. Privacy Laws.

A. Data subject rights

Rights That Require Verification. U.S. Privacy Laws require us to verify Your identity prior to fulfilling certain types of data subject requests. This Section X.A. provides details about those rights, and Section X.B. provides information about how we verify Your identity and otherwise respond to such requests.

  • Right to Know. On receipt of a verifiable request from You, You have the right to know certain information about our privacy practices at or before the point of collection. We have provided such information in this Policy. You may also request that we provide you with information about the following aspects of how we have handled Your PII specifically in the 12 months preceding your request:
  • The categories of PII we have collected about You, including Sensitive Personal Information;
  • The categories of sources from which the PII is collected;
  • Our business or commercial purpose for collecting, selling, or sharing PII, if applicable; and
  • The categories of third parties (excluding service providers and contractors) to whom we disclose PII, if any.
  • Right to Delete. You may request that we delete any PII about you we that we collected from You, subject to certain exceptions.
  • Right to Correction. You may request that we correct any inaccurate PII we maintain about You.
  • Right to Access Specific Pieces of Personal Information and Data Portability. You may ask to obtain the specific pieces of PII we have collected about You in a portable and, to the extent technically feasible, readily usable format that allows You to transmit the PII to another entity without hindrance. You may not exercise this right more than two times in a calendar year.

Rights That Do Not Require Verification. Other types of data subject rights requests do not require verification, as described below.

Your Privacy Choices

  • Right to Opt Out of Sale, Sharing, and Processing for Targeted Advertising. We sell, share, and process for targeted advertising purposes, and we have sold, shared, and processed for targeted advertising purposes in the past 12 months Identifiers and Internet or other similar network activity via cookies and other tracking technologies on our websites for marketing purposes to our third-party marketing and advertising partners, which may include health-related inferences. While we generally do not sell data for monetary consideration, U.S. state data protection laws broadly define the term “sale” to include disclosures of browsing data collected via cookies and other tracking technologies to third parties, which may include health-related inferences depending on which parts of our website you visit. You have the right to opt-out of sale and sharing of Your PII, and processing of Your PII for targeted advertising purposes, as applicable depending on the U.S. Privacy Law applicable to you. To do so, You can click here or contact us via the methods listed in Section X.B of this Policy.
  • Right to Revoke Consent for or Limit the Use of Your Sensitive Personal Information. You also have the right to revoke consent for or limit the use of your Sensitive Personal Information to the purposes authorized by the applicable U.S. Privacy Laws, depending on the U.S. Privacy Law applicable to you. For California consumers – we use Sensitive Personal Information for the purposes listed in Section III, above, which includes purposes other than those expressly permitted by the CCPA regulations. Accordingly, California consumers have the right to limit the use of Your Sensitive Personal Information to the purposes listed in the CCPA regulations, including to perform services or provide goods to You, prevent and detect security incidents, fraud, and other illegal actions, ensure physical safety of natural persons, for short-term, transient use, such as non-personalized advertising as part of Your current interaction with us, perform services on our behalf, verify and maintain product and service quality, and collect or process Sensitive Personal Information where doing so is not for the purpose of inferring characteristics about You. To exercise Your right to revoke consent or your right to limit, You may click here or contact us via any of the methods listed in Section X.B of this Policy.

Nondiscrimination. You have the right to not be discriminated against by us because You exercised any of Your data subject rights. We will not deny goods or services to You, charge You different prices or rates for goods or services, provide You a different level or quality of goods or services, or otherwise retaliate against You for exercising Your data subject rights.

B. Exercising data subject rights

Exercising Your Rights. You may submit a request to us by either:

  • Completing our webform
  • Calling us at our Privacy Rights toll-free number: 1-844-4-INSMED (1-844-446-7633)

You may make a request on Your own behalf, and if You are the parent or guardian of a minor child, You also may make a request related to Your child’s PII.

Authorized Agents. Residents of some states, including California, may also designate an authorized agent to make requests on Your behalf. Authorized agents may use the same methods as You, described above, to submit requests to us. When we receive a request from an authorized agent, we may request further information from the agent and/or from You to confirm that You gave the agent permission to make the request. For example, we may ask the agent to provide proof that You gave them signed permission to make the request, or we may ask You to verify Your identity directly to us and/or directly confirm to us that You gave the agent permission to submit the request.

Verification. Depending on the type of request You submit, and to protect Your PII from unauthorized disclosure or deletion at the request of someone other than You or Your legal representative, we may verify Your identity prior to fulfilling Your request. We may request additional information from You, depending on the context and details of Your request, in order to do so, and we may not be able to fulfill Your request if we are unable to verify Your identity. Making a verifiable consumer request does not require You to create an account with us. We will only use information provided in Your request to verify Your identity and process Your request. Insmed reserves the right to take additional steps as necessary to verify Your identity where we have reason to believe a request is fraudulent.

Responding to Verifiable Requests. We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 45 additional days), we will inform You of the reason and extension period in writing.

Appeals. If You would like to appeal our decision with respect to your data subject request, You can do so by contacting us at the methods listed above. Please attach a copy of or otherwise specifically reference Your data subject request, so that we may appropriately process and respond to Your appeal.

Opt-Out Preference Signals. We recognize opt-out preference signals that we are required to recognize for compliance with applicable law. Where required by law, we treat such opt-out preference signals as a valid request to opt-out of sale and sharing for the browser or device through which the signal is sent and any consumer profile we have associated with that browser or device, including pseudonymous profiles. Further, to the extent required by law, if we know the identity of the consumer from the opt-out preference signal, we will also treat the opt-out preference signal as a valid request to opt out of sale and sharing for such consumer. Consumers may use opt-out preference signals by downloading or otherwise activating them for use on supported browsers and setting them to send opt-out preference signals to websites they visit. Please note that we while we recognize opt-out preference signals we are required to recognize by law, we do not currently recognize “Do Not Track” signals.

Profiling. We do not process PII for profiling in furtherance of legal or similarly significant effects.

Contact Information. If You have any questions or concerns about our Privacy Policy or our practices regarding the collection, use, disclosure, sale, sharing, and retention of Your PII, You may contact us by:

  • Sending us an email at privacy@insmed.com; or
  • Mailing us at:
    Insmed Incorporated
    700 US Highway 202/206
    Bridgewater, NJ 08807
    Attention: Chief Legal Officer
    Tel: (908) 977-9900

XI. European Union (EU)/European Economic Area (EEA)/United Kingdom (UK) Residents’ Privacy Rights

A. Purposes and legal basis for the processing

When processing Your PII, Insmed always needs a lawful basis, such as: You have given consent to the processing for one or more specific purposes; processing is necessary for the performance of a contract with You or in order to take steps at Your request prior to entering into a contract; processing is necessary for compliance with a legal obligation to which we are subject; we have a legitimate interest for processing, except where such interests are overridden by the interests of Your fundamental rights and freedoms.

Where processing is based on ‘consent’ (under article 6(1)(a) GDPR or on explicit consent where special categories of PII are processed (under article 9(2)(a) GDPR) or any equivalent regulation), You have the right to withdraw Your consent at any time without affecting the lawfulness of the processing based on the consent before its withdrawal. When processing Your PII, we don’t use automated decision making.

B. Access, Rectification, Blocking and Deletion Rights

In accordance with applicable law, You may at any time request to access, rectify, complete, update, block, move, or delete Your PII, by contacting us at privacy@insmed.com

You have a right to lodge a complaint with the supervisory authority for data protection in Your country.

C. International Data Transfers ex EEA/UK

Your PII will be shared with Insmed affiliates including in the U.S. and may also be shared with our service providers, where different levels of privacy protection apply.  Insmed puts in place adequate contractual protection to guarantee an appropriate level of protection as required from time to time by applicable law.  For more information, please contact us at the address below. 

Insmed Incorporated
700 US Highway 202/206
Bridgewater, NJ 08807
Attention: Chief Legal Officer
Tel: (908) 977-9900

D. EEA/UK Residents

In addition to the email contact information mentioned above, we inform You that our European representative office is located in The Netherlands: Insmed Netherlands B.V., office address: Stadsplateau 7, 3521 AZ Utrecht.

We have appointed a Data Protection Officer (DPO) for our European region (not including the United Kingdom and Switzerland), who is based in Germany. Our DPO can be contacted via: privacy@insmed.com. Please specifically mention in Your message that Your message is for the attention of our DPO.

XII. Japan Residents’ Privacy Rights

A. Rights of Japan Residents. 

Subject to applicable law (including certain exceptions and qualifications), as a resident of Japan, You may have certain rights with respect to Your information. These rights may include the following:

  • Suspension of use and deletion: To request suspension of use or deletion of Your PII that we have collected about You.
  • Disclosure: To require that we disclose Your PII that we have collected about You.
  • Correction: To correct Your PII that we have collected about You.

B. Exercising Your Rights.

If You would like to exercise any of the rights described above, please contact us at the address below. Please note that depending on Your request, we may request proof of Your identity and verify such identity, in order to protect Your PII and ensure compliance with all applicable regulations and policies.  We may conduct the verification process by email or phone and may ask You to provide PII, such as Your name, contact information, and any additional relevant information based on Your relationship with us.

Insmed Incorporated
700 US Highway 202/206
Bridgewater, NJ 08807
Attention: Chief Legal Officer
Tel: (908) 977-9900 

C. International Data Transfers ex Japan

Your PII will be shared with Insmed affiliates including in the U.S. and may also be shared with our service providers, where different levels of privacy protection apply.  Insmed puts in place adequate contractual protection to guarantee an appropriate level of protection as required from time to time by applicable law.  For more information, please contact us at the address above. 

Culture
Patients
Science

Contact Us Job Opportunities

© 2024 Insmed Incorporated.
All Rights Reserved.

Terms of Use Privacy Policy U.S. Consumer Health Data Privacy Policy