Privacy Policy

When you register for our Services, access various features, submit content, or contact us directly, we may request some or all of the following types of information:  

• Contact information, such as name, email address, postal address, and telephone number; 
• National Provider Identifier (NPI) numbers of healthcare providers; 
• Username and password; 
• Demographic information, such as age and gender; 
• Communication preferences; 
• Search queries; 
• Stories, comments, photos, and other information collected through your use of our interactive online features;  
• Publicly available personal information from various sources, including social media profiles. This information may include your name, location, and biographical information; 
• Correspondence and other information that you send to us; 
• Health, insurance, and/or financial information in connection with a promotion or a patient assistance or support program;
• Information collected from clinicians; and  
• Healthcare providers may choose to provide information relating to their specialties and professional affiliations. 

We may also automatically collect certain information when you visit the Services, including: 

• Your browser type and operating system; 
• Your Internet Protocol (IP) address, which is the number automatically assigned to your computer whenever you access the Internet and that can sometimes be used to derive your general geographic area; 
• Other unique identifiers, including mobile device identification numbers; 
• Sites you visited before and after visiting the Services; 
• Pages you view and links you click on within the Services; 
• Information collected through cookies and other technologies; 
• Information about your interactions with email messages, such as the links clicked on and whether the messages were opened or forwarded; and 
• Standard server log information. 

Some of the categories of information that we collect are special categories of personal data (also known as sensitive personal information). In particular, we may process personal information that relates to your health, such as medical history, diagnosis, treatment plans, and insurance information.

We may use first or third-party cookies and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer's web browser. You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. You may also click on “Cookie Preferences” on our websites to manage your choices. However, if you choose to reject cookies, you may not be able to use certain online products, services, or features available through the Services. 

We process your information for a variety of legitimate business interests, including but not limited to: 

• Providing you with the products, promotions, services, and information you request; 
• Communicating with you about products, services, and events that we think might be of interest to you; 
• Maintaining or administering the Services, performing business analyses, or other internal purposes to improve the quality of our business, the Services, and other products and services we offer; 
• Publishing stories, comments, photos, and other information posted in our interactive online features; 
• Processing employment applications and inquiries; and 
• Customizing and personalizing your use of the Services. 

We may also process your information to comply with our legal obligations, satisfy any contract between us and you, establish and defend any legal claims, and in specific cases, process your information based on your consent when we are required to do so by law (for example, when we process sensitive personal information). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this privacy notice.

When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected.

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

• Service Providers: We may share your information with service providers that perform certain functions or services on our behalf pursuant to the purposes set out in this Privacy and Cookie Notice (such as to host Services, manage databases, perform analyses, or send communications for us). 
• Other Parties When Required by Law or as Necessary to Protect the Services: We may disclose your information to third parties to protect the legal rights, safety, and security of Abeona and the users of our Services; enforce our Terms of Use; prevent fraud (or for risk management purposes); and comply with or respond to law enforcement, or legal process, or a request for cooperation by a government entity, whether or not legally required. 
• In Connection with a Transfer of Assets: If we sell all or part of our business, or make a sale or transfer of assets, or are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may transfer your information to one or more third parties as part of that transaction. 
• Other Parties with Your Consent: We may disclose information to third parties when we have your consent to do so. 
• Aggregate Information: We may disclose to third parties, information that does not describe or identify individual users, such as aggregate website usage data or demographic reports. 

Abeona has partnered with certain third-party social media providers to offer their social networking services through our platforms. For example, you can use third-party social networking services, including Facebook, X (formerly Twitter), and others, to share information about your experience on our Services with your friends and followers.

These social networking services may collect information about you, including your activity on our Services. Additionally, they may also notify your friends, both on our Services and on their platforms, that you are a user of our Services, in accordance with applicable laws and their own privacy policies. If you choose to access or use these third-party social networking services, we may receive information about you that you have made available to those services, including information about your contacts.

We maintain reasonable security procedures to help protect against loss, misuse or unauthorized access, disclosure, alteration, or destruction of the information you provide through the Services. However, no data transmission over the Internet or stored on a server can be guaranteed to be 100% secure. Despite our best efforts, while we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us. However, we are committed to using industry standards practices to minimize risks. If we believe the security of your information may have been compromised, we will notify you promptly, including by email, and in accordance with applicable laws. 

You are responsible for maintaining the confidentiality of your account password and for any access to or use of the Services using your password, whether authorized by you or not. Please notify us immediately of any unauthorized use of your password or account or any other breach of security. 

Your information will be retained only for so long as reasonably necessary for the purposes set forth in this Privacy and Cookie Notice, in accordance with applicable laws. 

Our site is not intended to be directed towards children. We are committed to complying with applicable legislation, including the US Children's Online Privacy Protection Act (COPPA) and the EU General Data Protection Regulation (GDPR). The Services do not knowingly collect, use, or disclose personal information from children without prior parental consent, except as permitted by applicable legislation. 

If you have questions concerning our information practices with respect to children, please contact us using the form located here. 

Your rights, depending on where you live, may include the right to review, have deleted, or stop the further collection of your child's personal information. If you want to make such a request, please contact us using the form here. 

If at any time you wish to stop receiving emails or other communications from us, or if you have submitted information through the Services and would like to have that information deleted from our records, please use the form found here to notify us. 

Your rights, depending on where you live, may include the right to object to or request restriction of processing of your personal information, and request access to, erasure, rectification, and/or portability of your information held by Abeona. You can make such a request by contacting us by completing the form found here. 

You may also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe that our use of your information violates applicable law. 

While this policy primarily addresses US residents, it is important to note that some recipients of your information may be located in countries with different levels of data protection compared to those of your home country. To safeguard your information, we take measures to ensure these recipients are obligated to maintain confidentiality. Abeona employs strategies to uphold the security and protection of transferred personal data. For more information on the appropriate safeguards in place or if you wish to see a copy of the relevant mechanism that we use to transfer your personal information, please contact us at the details below.

As a convenience to our visitors, the Services may link to a number of sites, services, and other content that are operated and maintained by third parties. These third parties operate independently from us, and we do not control their privacy practices. Such links do not constitute an endorsement by Abeona of the content, or the persons or entities associated therewith. This Privacy and Cookie Notice does not apply to third-party content. We encourage you to review the privacy policies of any third party to whom you provide information. 

Cookies And Other Tracking Technologies 

We and certain third-parties use certain tracking technologies (“Tracking Technologies” or “Cookies”) to collect personal data and to store information or gain access to information stored on your device when you use our Sites. This notice provides more information about Cookies and how we use them on our Sites.

Depending on the applicable law where you are located, you might have the right to choose whether or not to accept cookies. When you enter our Sites, you can accept our cookies or manage your cookie preferences by using our cookie banner. Additionally, you may be able to change your browser settings to refuse certain cookies or notify you before accepting cookies. Explanations on how to manage these settings are often provided in the “help” menu of your browser. In some cases, disabling certain cookies may cause some functions of the Sites to not work properly. 

For further information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, please visit www.allaboutcookies.org and www.youronlinechoices.eu.

What Are Tracking Technologies? 

Tracking Technologies can remain on your device for different periods of time. Some Tracking Technologies exist only while your browser is open and are deleted automatically once you close your browser. Other Tracking Technologies are “permanent”, meaning they persist after your browser is closed and can recognize your device when you open your browser and browse the internet again. 

• Cookies. Cookies are small text files stored on your browser that uniquely identify your browser or device. Cookies improve your user experience by enabling our Sites to recognize you when you re-visit, remembering your preferences, and providing you with the ability to use customized features. Cookies also help websites operate efficiently and ensure the advertisements you see online are relevant to you and your interests. You can find more information about cookies at www.allaboutcookies.org. 
• Pixels. Pixels are small portions of code that we use as part of our Sites. They help us learn whether you have clicked on certain web content, allowing us to measure and improve our services and personalize your experience. 
• Web Beacons. Web beacons are invisible picture files used as part of our Sites. They help us understand how you interact with our Sites and how often you view certain content, so we can make our Sites more efficient and easier to use. Our Sites may also include web beacons placed by third-party advertisers. 
• Mobile Device IDs. Mobile device IDs are a unique identifier used to identify a mobile device. We use them to run analytics and ensure our Sites are useful to you. Our advertising partners use these IDs to show you ads that are relevant to you and to avoid showing you the same ad multiple times.
• Local Storage. We use local storage to store data on your device such as the last time you visited a webpage, to remember which items you put in our shopping cart, or to welcome you to our site. 
• HTML5 Local Storage. We occasionally store information locally on your device using HTML5. This allows information to be stored in your browser after it has been closed and reopened. We only use HTML5 to store non-sensitive information, such as the previous page you viewed, the name of the current page you are viewing, and some of your preferences. We do not use HTML5 local storage to collect personal data from you. You can choose whether the data in HTML5 local storage should be kept beyond your current browser session or deleted. Depending on your browser, you can remove local storage, including HTML5, when clearing your cache and cookies.  

How Do We Use Tracking Technologies? 

We use first-party and third-party Tracking Technologies. First-party Tracking Technologies are used directly by us, while third-party Tracking Technologies are used by third-parties, such as analytics providers, our advertisers, and business partners. 

We use Tracking Technologies for the following functions: 

• Essential Tracking Technologies: These are essential for the functioning of our Sites, to provide a service requested by you, or to comply with the law (e.g., the security requirements of data protection law). We do not need to obtain your consent to use these Tracking Technologies, and they cannot be turned off because the Sites cannot operate without them. 
• Functionality Tracking Technologies: These allow us to remember choices you make and provide enhanced, personalized features, such as showing you when you are logged in. 
• Performance Tracking Technologies: These enable us to collect information about your online activity (e.g., the duration of your use of the Sites), including behavioral data and content engagement. They allow us to provide you with a better user experience and to maintain, operate and continually improve the Sites. 
• Social Media Tracking Technologies: Our Sites include social media features, such as Facebook “Like” or “Share” buttons. These features are hosted by third parties and enable us or the social network to obtain information about how you interact with our Sites or the social network. In addition, where we have a presence on social media platforms, those platforms will set Tracking Technologies on your device when you visit our pages on their platforms. This helps us obtain statistical information about how you interact with our social media presence. The cookies notice of the social media platform should explain how you can manage the Tracking Technologies they set, or you may also be able to manage these Tracking Technologies through your browser settings. 

The California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”), and other states with similar laws in other states, grant residents specific rights regarding their Personal Information. We are committed to ensuring transparency and compliance with these regulations. This Notice outlines your rights and our practices concerning the collection, use, and disclosure of Personal Information.  

If our processing of your personal data is governed by such laws, the following provisions apply, whether your data is collected online or offline. These provisions supplement the other sections of the Privacy Policy. 

We do not “sell” or “share” for cross-contextual behavioral advertising (as defined under applicable local law) the categories of personal data described below. Instead, where we may use cookies for analytics purposes, we do so at your instruction based on your consent to use cookies associated with this processing. We do not use or disclose sensitive personal data for purposes other than those permitted under applicable local law. 

For each of the categories of Personal Information listed below, we provide: (1) the definition of each category; (2) the sources from which we collect such Personal Information; (3) our purposes for collecting or disclosing the Personal Information; and (4) the third parties to whom we disclose the Personal Information for a business purpose. For more information about how we disclose your personal data, refer to the How We Disclose Your Information.  

As described in the Information We Collect, we collect this personal data directly from you, automatically through your use of our Site, and from other sources such as public databases, social media platforms, and other third parties when they share information with us. For example, we may use third-party information to confirm contact or financial details, verify the licensure of healthcare professionals, or better understand your interests by associating demographic data with the information you provide. 

Additionally, as outlined in the How We Use Your Data we may use this personal data to serve you, connect you with third parties, validate your ability to access and/or use certain products, services, and information, provide and improve products and services, and protect patients and consumers. This is done in accordance with special program terms to operate, manage, and maintain our business, respond to your inquiries and fulfill your requests, send administrative information to you, send you marketing communications, personalize certain experiences, and facilitate social sharing or messages services when available.

We may also use your personal data for our business purposes and objectives, including data analysis, audits, developing new products, improving existing products, identifying usage trends, determining the effectiveness of promotional campaigns, preventing fraud, and expanding our business activities. Additionally, we may use this personal data to comply with applicable law and legal processes, respond to requests from public and government authorities, and protect our rights and operations, and enforce our terms of service. 

As described in the Security and Retention section, we may retain your personal data for as long as needed or permitted in light of the purposes for which it was obtained and as outlined in this Privacy Policy, depending on the length of our relationship with you, whether there is a legal obligation to which we are subject, or whether retention is advisable in light of our legal position. 

Individual Rights: If you are a California or Virginia resident, or a resident of another state with similar laws, you have the following rights, subject to certain exceptions and exemptions: 

1. Right to Notice: Before or at the time we collect Personal Information from you, you have the right to receive notice of the Personal Information to be collected and the purposes for which we use it. This Notice is intended to satisfy this requirement. You also have the right to request that we disclose to you the categories of Personal Information we have collected about you in the preceding 12 months, along with the categories of sources from which the Personal Information was collected, the purpose for collecting or selling the Personal Information, the categories of third parties to whom we disclosed the Personal Information, and the categories of third parties to whom we sold the Personal Information, if any. 
   
   
2. Right of Access: You have the right to request that we disclose or provide you with access to the specific pieces of Personal Information we have collected about you in the preceding 12 months. 
   
   
3. Right to Deletion: You have the right to request that we delete the Personal Information we collect from you. However, in certain situations, we are not required to delete your Personal Information, such as when the information is necessary to complete the transaction for which it was collected, to provide a good or service requested by you, to comply with a legal obligation, to engage in research, to secure our websites or other online services, or to otherwise use your Personal Information internally in a lawful manner that is compatible with the context in which you provided the information. 
   
   
4. Right to Correction: You may request corrections to any inaccurate Personal Information. 
   
   
5. Right to Limit Use of Sensitive Personal Information: You have the right to limit the use of your Sensitive Personal Information to the purposes authorized by the CCPA. We do not use Sensitive Personal Information for purposes beyond those authorized by the CCPA.   
   
   
6. Right Not to Be Subject to Discrimination: You have the right to be free from discrimination or retaliation for exercising any of your rights under the CCPA as described. 

You can exercise your rights by completing and submitting the form found here.  

Verification: If you exercise your right to notice, right of access, right to deletion, or right to correction, we must first verify your identity to ensure that you are the person about whom we have collected Personal Information. We will verify every request carefully.  Along with your request, we will ask that you provide us with a scanned copy of a government-issued ID and/or use a multi-factor authentication process to confirm your identity.  You may also authorize someone else to submit these requests on your behalf by designating them directly with us and  providing us with a notarized copy of your power of attorney, or by having the authorized agent provide us with a copy of your written permission and a scanned copy of their own government-issued ID.  

Disclosure About Direct Marketing for California Residents: California residents have the right under California Civil Code § 1798.83 to request information annually about our disclosure of their Personal Information to third parties for direct marketing purposes in the previous calendar year. We confirm that we did not engage in such activities during the preceding calendar year. Your Personal Information was not shared with third parties for their direct marketing purposes.