LUPIN PRIVACY STATEMENT

Effective Date: October 5, 2023

You care about the protection of your Personal Information – and so do we. At Lupin Pharmaceutical, Inc. (USA) (“Lupin”), we work to maintain the privacy and data security of all Personal Information we collect or receive from you, including when you use the Lupin Inc. (US) website Lupin U.S. | Branded + Generic Pharmaceutical Company.

This Privacy Statement (“Statement”) applies to Personal Information Lupin collects, uses or shares, including when you visit our website, www.lupin.com/US/ (“Website”). Please read this Statement carefully. We may modify this Statement at any time. All changes will be effective immediately upon posting to the Website. Material changes will be conspicuously posted on the Website or otherwise communicated to you. Should you have any questions about this Statement or how we handle Personal Information, please contact us at complianceandethicsoffice@lupin.com.

IF YOU ARE A CALIFORNIA RESIDENT, PLEASE SEE SECTION 13 BELOW FOR ADDITIONAL TERMS THAT MAY APPLY TO YOU.

IF YOU PROVIDE PERSONAL INFORMATION WITH REGARD TO OUR PHARMACOVIGILANCE PROGRAM, PLEASE SEE OUR PHARMACOVIGILANCE PRIVACY STATEMENT WHICH DESCRIBES HOW WE COLLECT, USE AND SHARE THE PERSONAL INFORMATION YOU PROVIDE IN CONNECTION WITH THAT PROGRAM.

1. WHAT IS PERSONAL INFORMATION?

Personal Information” (which we also refer to as “Personal Data”) is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household. Personal Information does not include publicly available information or aggregated information that does not include personal identifiers.

2. WHAT PERSONAL INFORMATION DO WE COLLECT?

We may collect the following categories of your Personal Information. We have collected the following categories of Personal Information from consumers within the twelve (12) months preceding the effective date of this Privacy Statement:

Category Examples Retention Period
Identifiers name, address, internet protocol address (“IP Address”), social media handle, email address, phone number and government ID numbers, mailing address, physician NPI and ME numbers. We retain this information for so long as we maintain a business relationship with you; and for so long as required for any other business or legal purpose.
Customer Records Your signature, government ID numbers, physical characteristics or description, address, telephone number, insurance policy number and other medical information that you provide if you report an adverse event or product complaint. This Personal Information will generally be kept for as long as is reasonably necessary taking into consideration our business relationship with you and our need to answer queries or resolve problems, and any other purpose outlined below.

If collected as part of our Pharmacovigilance Program, we keep this information for so long as necessary to comply with legal requirements under applicable law(s), in particular by the US Food & Drug Administration regulations related to reporting of adverse events related to our products.

Protected Classifications Please see our Pharmacovigilance Privacy Statement. Please see our Pharmacovigilance Privacy Statement.
Commercial Information Records of products purchased or used by you, and content of communications you send to us or post online, including our social media accounts or posts. We retain this information for so long as we keep a business relationship with you; and for so long as required for any other business or legal purpose.
Internet Activity Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement. We retain this information for 14 months.
Sensory Data Recordings of customer service calls, if you participate in our patient testimonial videos for the Website, employee introduction videos. Recording of customer service calls are retained for 10 years, as required to meet our legal obligations.

Internal training videos and patient testimonial videos are kept for so long as we have a legitimate business need.

Employment Information Professional or employment-related information that you provide when you apply for a position with us. If Lupin does not hire you, we keep your application for 12 to 18 months. If you are hired at Lupin, we keep your application and employment information for the duration of employment plus 6 years after termination of employment.
Education Information Education-related information, including information you provide when you apply for a position with us. If Lupin does not hire you, we keep your application for 12 to 18 months. If you are hired at Lupin, we keep your application and employment information for the duration of employment plus 6 years after termination of employment.
Inferences Drawn from other Personal Information Inferences drawn from the categories of Personal Information we collect are used to create a profile about your consumer preferences and purchasing tendencies. We retain this information for as long as we have a business relationship with you; and for so long as required for any other business or legal purpose.

3. WHAT ARE THE SOURCES OF PERSONAL INFORMATION WE COLLECT?

We collect Personal Information from the following sources:

Information You Provide to Us

We collect Personal Information you provide to us in the following ways:

  • When You Communicate with Us. When you communicate with us by calling us, writing us, emailing us, or through our “Contact Us” webform. When you provide your email or mailing address to sign up for our marketing emails.
  • Drug Safety Information and Concerns. When you seek drug safety information or instructions regarding our products, seek help on how to use our products, if you have drug safety questions, report an adverse event or provide us with any comments or concerns about our products, as further described in our Pharmacovigilance Privacy Statement.
  • Career Opportunities. If you send us your job application materials directly, we will only use and share those job application materials to evaluate your qualifications to work with Lupin. Your submission of an application or inquiry does not in any way require Lupin to review your information or consider you for employment.
  • Feedback. When you provide comments or feedback about our Website or our products (“Feedback”), we may collect Personal Information.
  • Vendor Management. If you are one of our vendors, when you provide your contact information in our vendor management and invoice platform.

Information We Automatically Collect Using Technology.

We collect information about your computer or other electronic device when you visit our Website. This information may include your Internet Protocol (IP) address, Internet Service Provider (ISP), domain name, browser type, operating system, location, website you visit before or after you visit this Website, pages you click on this Website, search requests, date and time of your requests, the amount of time spent on the Website and information provided by tracking technologies, such as cookies, single- pixel tags, local share objects (Flash), local storage, Etags and scripts.

We may use cookies in conjunction with third parties to serve advertisements to your computer or other electronic device. Please reference the Your Data Privacy Choices Section in Section 8 below for more information about cookies and how you can control the use of cookies when visiting our Website.

Use of Deidentified or Aggregate Information

Lupin may collect, use, share, transfer and otherwise process de-identified and aggregated information that it receives or creates for any purposes in its sole discretion, in compliance with applicable laws. Deidentified or aggregates information describes users as a group but does not reveal the identity of individual users. We will not attempt to re-identify aggregated or deidentified information. We may use deidentified or aggregate information to understand users’ needs, to determine user demographics and Website usage patterns, to determine what kinds of products or services we can provide, and to improve and enrich our products and services and the Website. Lupin is the sole and exclusive owner of such de-identified and aggregated information.

Information We Collect from Third-Party Sources.

We may collect Personal Information from health care professionals, public sources, or third-party sources to verify their professional credentials and identity.

Source Purpose of Collection and Use Examples Category Collected
Analytics Providers Business Purposes We may use third-parties or service providers to help us understand the Website’s demographics and user preferences, and to evaluate the Website’s operations. Identifiers, Commercial Information, Internet Activity
Social Media Companies Advertising, processing job applications We may use social media companies to advertise our products to you; we may collect job applications through social media companies when you submit applications through their platforms. Identifiers, Commercial Information, Internet Activity, Inferences Gathered from Other Personal Information.
Third-Party Advertising Partners Advertising and Marketing We may use your professional or personal contact information to send you marketing for our products. Identifiers, Commercial Information, Internet Activity, Inferences Gathered from Other Personal Information.
Job Application Processing Service Providers Processing job applications, facilitating hiring processes To submit a job application for openings, you will be redirected to our online career portal, which is provided by iCIMS, and you will be required to create an iCIMS account (if you do not already have one). Job applications submitted through that career portal, including your resume and all other materials and information you provide in the course of submitting job applications, will be submitted directly to iCIMS and will then be shared with Lupin. We encourage you to review iCIMS’s Privacy Policy.

When logging into iCIMS, you may use your Facebook, LinkedIn, Google+, or Microsoft account by providing your log-in information for those third-party services when prompted. If you choose to use this single sign-on feature, iCIMS may access, handle, and store any content and other information that you have provided through Facebook, LinkedIn, Google+, or Microsoft (as applicable). We do not and cannot control any policies or terms of any third party, including Facebook, LinkedIn, Google+, and Microsoft. All information you have provided to Facebook, LinkedIn, Google+, or Microsoft is subject to the applicable privacy policy: see Facebook’s Data Policy, LinkedIn’s Privacy Policy, Google’s Privacy Policy; and Microsoft’s Privacy Statement.

We may also collect information from recruiters, employment agencies, and contractors we work with.

Identifiers, Employment Information, Education Information
Employment Vendors To identify qualified candidates and onboard employees. Background check third party vendor, public records, recruiters and employment agencies, temporary employment agencies and contractors. Identifiers, Employment Information, Education Information

4. WHAT ARE THE PURPOSES FOR WHICH WE COLLECT PERSONAL INFORMATION?

We collect Personal Information for the following business or commercial purposes:

Purpose of Collection and Use Examples/Explanations Category
To Provide and Improve Our Customer Service We use Information we collect from the Website to improve our products, choose what products we offer, offer you new products, and to predict trends with regard to our products. Identifiers, Commercial Information, Internet Activity
Business Purposes We use Personal Information for administrative purposes, such informing our business strategies, to understand the Website demographics and user preferences, for evaluating job applications, paying vendor invoices, and to manage profiles. Identifiers, Commercial Information, Internet Activity.
Website Management We use Personal Information for website management, such as troubleshooting problems, improving the content and functionality of our Website, statistical and other analyses of the Website, and to customize the Website. We also may use Personal Information to audit our Website for compliance, authorized access and security. Identifiers, Internet Activity
Advertising/Marketing We may use Personal Information to send you promotions, to perform targeted advertising, to notify you of new products, to notify you of new features of or information on our Website, to notify you of changes to our Terms of Use or this Privacy Statement or our Pharmacovigilance Privacy Statement, and for other similar communications.

If you participate in our patient testimonial videos, we may collect Personal Information about you to facilitate that process.

We may obtain your Social Media handle if you comment on or “like” our Social Media posts or ads.

Identifiers, Commercial Information, Internet Activity
To Protect Our Rights We may use Personal Information to protect our legal rights or interests, or those of third parties, including to bring a legal action against you or anyone who may be causing harm to us, our Website, or to others. We may also use Personal Information to seek business, financial or legal advice, and to respond to other legal requests. Identifiers, Commercial Information
For Drug Safety and To Meet Our Regulatory Obligations Please see our Pharmacovigilance Privacy Statement for more information. Please see our Pharmacovigilance Privacy Statement.
Job Applications To enable you to fill out our job application and submit application materials, to enable email communications, and to process and track job applications.

We may collect Personal Information for background checks, drug screenings and others information from job applicants as relevant to the open position.

Identifiers, Employment Information, Education Information.

5. WHEN DO WE SHARE OR DISCLOSE PERSONAL INFORMATION?

Below, we explain (a) the purposes for which we share or disclose your Personal Information and (b) the entities with whom we disclose or share your Personal Information to provide services for us and (c) the third-party entities with which we “share” your Personal Information to serve you with targeted advertising or related purposes. We conduct targeted advertising when we show you ads based on your Personal Information and the products we believe may interest you.

Entity Purpose Category
Website Hosting Service Provider, Email Service Provider, Data Processing Service Providers We may share Personal Information with our service providers and to third parties. For example, we may share Personal Information with service providers that host and manage our Website; provide email services; provide data processing; and support or provide the security of our Website. Identifiers, Internet Activity, Commercial Information.
Website Analytics Partners We may use your Personal Information to develop and improve the Website’s functionality, to evaluate user needs and customize Website content, and your browsing experience; to operate and troubleshoot problems with the Website; to conduct statistical and other analyses of the Website. Identifiers, Internet Activity.
Marketing and Advertising Partners We will use Personal Information to serve targeted advertising to you, to develop marketing materials, to communicate with you about our products; to notify you of new products and programs; to enhance our marketing capabilities, and to inform marketing and communication plans and strategies. Identifiers, Internet Activity, Commercial Information.
Government Officials / Law Enforcement We will cooperate with law enforcement and other governmental agencies, and may disclose Personal Information: (i) if we believe in good faith we are legally required to disclose that Personal Information, (ii) if we are contractually required to do so to fulfill audit requirements for government agency clients; (iii) if we are advised to disclose Personal Information by our legal counsel, or (iv) when necessary to identify, contact or bring a legal action against someone who may cause or be causing harm to, or interfering with the legal rights of Lupin or any other party. Identifiers, Commercial Information, Internet Activity, Employment Information, Education Information.
Professional Advisors We may share Personal Information with our professional advisors, such as our attorneys, accountants, financial advisors and business advisors, in their capacity as advisors to Lupin. Identifiers, Commercial Information, Internet Activity, Employment Information, Education Information.
Change in Ownership In the event Lupin is the subject of a due diligence process concerning the sale of the company in whole or in part, through sale, merger or acquisition or in the event of a bankruptcy, receivership or a similar transaction, we may provide Personal Information to the prospective or subsequent owner(s). In these circumstances, Personal Information may be shared with actual or prospective purchasers or successors and may be transferred in the case that transaction is completed. Identifiers, Commercial Information, Internet Activity, Employment Information, Education Information.
When Explicitly Requested or Consented to by You We may share Personal Information with third parties or service providers when explicitly requested by or consented to by you, or for the purposes for which you disclosed the Personal Information to us as indicated at the time and point of the disclosure (or as was obvious at the time and point of disclosure). Identifiers, Commercial Information.

6. HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

Personal Information about you will be accessible to Lupin, including its Affiliates, and to individuals and organizations that use Personal Information solely for and at our direction. Lupin may transfer your Personal Information to one of its databases outside your country of domicile.

Lupin uses reasonable security measures to protect your Personal Information. We use practices appropriate to the nature of the Personal Information to protect against the unauthorized or illegal access, destruction, use, modification, or disclosure of Personal Information.

Uses and disclosures of Personal Information by service providers acting on our behalf are governed by agreements that require Personal Information to be protected appropriately. Personal Information will only be used and disclosed by us and those working on our behalf, in a manner consistent with this Statement, other applicable privacy statements or notices, data, with accessed controlled as needed and as explicitly permitted or required by applicable laws, rules and regulations.

7. TARGETED ADVERTISING AND DATA ANALYTICS AND OTHER COOKIES WE USE ON OUR WEBSITE

We use cookies when you use our Website. A cookie is a small text file that we or our third-party advertising or data analytics providers place onto your computer or device when you use the Website.  The cookies allow the Website to remember your actions and preferences and recognize you or your browser. Web beacons or pixel tags are small graphics on a webpage that monitor your activity when viewing a webpage (together with cookies, “Cookies”).

We may combine information from Cookies with Personal Information, including data obtained from third parties.

Most browsers automatically accept cookies. You can disable this function by changing your browser settings but disabling cookies may impact your use and enjoyment of the Website. You cannot disable all Cookies, such as Cookies that are essential to the functioning of the Website. You can manually delete persistent Cookies, or Cookies that track your activity across websites, through your browser settings. To learn about managing your Flash cookie settings, or cookies that store information about some videos you see online, visit the Flash player settings page on Adobe’s website here.

We describe below some of the tools we use on our Website to collect information, including Personal Information for Targeted Advertising and Analytics and the options to limit the use of or opt-out of remarketing or analytics for those tools.

Analytics

Google Analytics and Google Advertising Features. We may use Google Analytics to collect and process information about your use of the Website. Google sets cookies on your browser or device, and then your web browser will automatically send information to Google. Google uses this information to provide us with reports that we use to better understand and measure how users interact with our Website.

We have enabled and implemented the following Google Analytics Advertising Features: DoubleClick and Google Beacons. To prevent your information from being used by Google Analytics and its advertising features, follow the instructions to download and install the Google Analytics Opt-out Browser Add-on for each web browser you use. Using the Google Analytics opt-out browser add-on will not prevent us from using other analytics tools and will not prevent data from being sent to the Website itself or to Google. Opting out will not affect your use of the Website. For more information on how Google uses Personal Information, visit Google’s Privacy Policy and Google’s page on How Google uses data when you use our partners’ websites or apps.

Advertising

Meta Custom Audiences.We use the remarketing services of Meta, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Meta”) on our Website. We use the Meta Custom Audiences to deliver targeted advertisements to Website visitors across those Meta owned social media platforms based on email addresses that we have collected. You may learn more about Meta Custom Audiences by visiting here. To learn more about Meta’s Privacy Policy including their services and your rights, please click here.

Videos; Embedded Content.

Our Website may contain videos and embedded content provided by YouTube and other third parties, including visible content and/or feeds scripts embedded in the Website code. YouTube, Vimeo and such third parties may collect data about how you interact with such content.

We may use the YouTube application programming interface (API) Services to allow you to access YouTube content from our Website. Your use of YouTube is governed by YouTube’s Terms of Service and Privacy Policy and not by our Terms of Use or this Statement. We encourage you to read the YouTube Terms of Service and Privacy Statement which are available on its website at https://www.youtube.com/t/terms.

8. YOUR DATA PRIVACY CHOICES

We recognize that you may want to limit how your Personal Information is used and shared. We currently offer the following choices and options:

  • Updating your Personal Information:You may update your Personal Information by contacting us as described below.
  • Limits on Targeted Advertising.To change your preferences with respect to certain online ads and to obtain more information about third-party ad networks and targeted advertising, visit National Advertising Initiative Consumer opt-out page or the Digital Advertising Alliance Self-Regulatory Program. Changing your settings with individual browsers or ad networks will not necessarily carry over to other browsers or ad networks. As a result, depending on the opt-outs you request, you may still see our ads.  In addition to the methods described above, if you wish to limit receipt of targeted advertisements you may click on the displayed icon on that advertisement to receive more information and you may choose to opt-out.

    If you opt out, you may still receive online advertising from Lupin, which is based on your preferences or online behavior. Lupin uses multiple online advertising programs, so opting out of one program does not opt you out from all online advertising.

  • Marketing Communications; Opt-Out. If you opt-in to receive marketing communications from us, we may collect your name, email, mailing address, and phone number. We use this information to send you promotional and other electronic and hardcopy communications. We may use third-party providers to deliver communications to you. You may opt-out of such emails by using the unsubscribe link in the email or contacting us at complianceandethicsoffice@lupin.com with “Unsubscribe” in the subject line. To opt-out of other communications (e.g., postal marketing and telemarketing), please contact us using the contact information below. Opting out of marketing communications does not opt you out of communications about your account or transactions.

9. ACCESS BY CHILDREN

Our Website is not directed at children and is designed for individuals who are 17 years of age or older. Where requests for information about a product are permitted by law, individuals requesting information about a product that is indicated for use in children must be 16 years of age or older. We do not knowingly collect Personal Information from children under 16 years of age, or according to local law, without obtaining verifiable parental consent prior to collection. If you are a parent or guardian that has knowledge that we have collected Personal Information from your child, please contact complianceandethicsoffice@lupin.com to request removal and we will endeavor to verify the identity of any applicable child Personal Information and make commercially reasonable attempts to delete such Personal Information.

10. THIRD PARTY WEBSITES AND SOCIAL MEDIA PLATFORMS

SOCIAL MEDIA PLATFORMS

We are active on Facebook®, Instagram®, Twitter®, YouTube®, and LinkedIn (“Social Media”) that enable online sharing and collaboration among customers. Anything you post on Social Media is public information and will not be treated confidentially. We may post (or re-post) on the Website and our Social Media pages any comments or content that you post on our Social Media pages.

Our Website allows you to connect and share data with Social Media platforms. These features may require us to use cookies, plug-ins, and APIs provided by such Social Media platforms to facilitate those communications and features. Our Website may use advertising networks and services offered by Social Media platforms to deliver advertising content. Use of these services requires Social Media platforms to implement cookies or pixel tags to deliver ads to you while you access our Website.

Your use of Social Media is governed by the privacy policies and terms of the providers that own and operate those websites and not by this Statement. We encourage you to review those policies and terms.

THIRD PARTY WEBSITES

For your convenience, our Website may link to, or be linked to, websites not owned or controlled by us. This does not imply any affiliation with, or an endorsement, authorization, sponsorship or promotion of a non-Lupin website or its owner. We are not responsible for third parties’ privacy policies or practices. This Statement does not apply to any third-party website or to any data that you provide to third parties. You should read the privacy policy for each website that you visit.

11. ACCESS FROM OUTSIDE THE UNITED STATES

The Website is intended for consumers within the United States. If you access our Website from outside the United States, please be aware that Personal Information may be transferred to, stored in, and processed in the United States. Certain governmental authorities may not consider the level of protection of Personal Information in the United States to be equivalent to that required by other jurisdictions.

12. CONTACT US

We seek to constantly improve how we manage the collection and use of Personal Information. If you have questions regarding this Privacy Statement or how we treat your Personal Information, please contact us at:

13. ADDITIONAL TERMS APPLICABLE TO CALIFORNIA RESIDENTS ONLY – YOUR CALIFORNIA PRIVACY RIGHTS

If you are a California resident, California law provides you with additional rights regarding our use of your Personal Information subject to certain limitations such as (a) exceptions permitted by applicable law and (b) verification of your identity,

This section provides additional terms that apply to residents of California. In the event of a conflict between this Section and the remainder of this Privacy Statement (“Statement”), this Section shall take precedence for California residents.  In this section only, any capitalized terms not defined in this Statement have the meanings set forth in the California Consumer Privacy Act of 2018 and its implementing regulations, each as amended (the “CCPA”).

  • Categories of Personal Information We Have Collected. During the past 12 months, we have collected the following categories of Personal Information: Identifiers, Protected Classifications, Commercial Information, Internet Activity, Sensory Data, Employment Information, Education Information and Inferences.
  • Categories Of Personal Information Disclosed for A Business Purpose. During the past 12 months, we have disclosed the following categories of Personal Information for a Business Purpose: Identifiers, Protected Classifications, Commercial Information, Internet Activity, Sensory Data, Employment Information, and Educational Information to the Sources described in this Statement.
  • Sharing Personal Information. In the last 12 months we have not Sold your Personal Information to a third party for monetary compensation. We have Shared Personal Information with third parties for the purposes of serving targeted advertising, including: Identifiers, Commercial Information, and Internet Activity to the Sources described in this Statement.
  • We Do Not Use or Disclose Sensitive Information. We do not use or disclose sensitive information, as defined in the CCPA.

Your California Privacy Rights:

California residents may exercise the following rights regarding their Personal Information:

  1. Right to Opt-Out of the Selling or Sharing of Your Personal Information.

California residents may direct us not to sell or share your Personal Information at any time (this is your right to “opt-out”).

Honoring Opt-out Preference Signals. California residents may opt out of third-party Cookies on the Lupin Website by sending an Opt-Out Preference Signal, such as the Global Privacy Control (GPC) on the browsers or extensions that support such a signal. To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs.

If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser you use.

You may also submit an opt-out request by:

You may appoint an authorized agent to submit a request to opt-out on your Personal Information. If you choose to use an authorized agent, the authorized agent must provide signed permission from you to that the authorized agent to submit requests on your behalf. We may deny a request from an authorized agent if we do not have proof that they are authorized by you to act on your behalf.

  1. Right to Access.

You have the right to access any of the following which occurred in the prior 12-month period: (a) the categories of Personal Information we collected from you, (b) the categories of sources from which the Personal Information was collected, (c) the business or commercial purpose for collecting your Personal Information, (d) the categories of third parties with whom we shared your Personal Information, and (e) the specific pieces of Personal Information we collected from you.

  1. Right to Request Deletion.

You have a right to request that we delete Personal Information we collected from you. We will comply with such requests, and direct our service providers to do the same, subject to certain exceptions permitted by applicable law.

  1. Right to Correct Your Information

You have a right to request that we correct your inaccurate Personal Information. If you request that we correct inaccurate Personal Information about you, we will use commercially reasonable efforts to correct it. If necessary, we may ask that you provide documentation showing that the information we retained is inaccurate.

  1. Right to Data Portability

You may request a copy of the Personal Information you previously provided to us in a portable and, to the extent technically feasible, readily usable format.

How to Exercise Your Rights of Access, Deletion, Correction and Portability. To exercise your California rights described in this Section, you may submit your request to us by contacting us at any of the following:

Verifiable Consumer Request. In order to verify your request to exercise your rights under the CCPA, except for the right to opt-out, you must provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Information.  You must describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to your request.

When we receive your request to exercise your rights under the CCPA: (a) we will acknowledge receipt of your request; (b) we will try to match the information you provide in making the request with information we already maintain; (c) if required to verify your identity, we may ask you to provide additional information, including Personal Information; (d) we will consider various factors when determining how to verify your identity, such as the sensitivity and value of the data, the risk of harm, and the likelihood of fraud.

We will only use the Personal Information we collect during the verification process for the purpose of verifying your identity. If you maintain an account with us, we may use that account to respond to your request and/or verify your identity.  If we are unable to verify your identity as required by applicable laws and regulations, we will decline to comply with your request, and let you know why.

When We Will Respond. We will try to respond to your request to exercise your California privacy rights within 45 days. If we require additional time, we will inform you of the reason and extension period. Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. For data portability requests, we will select a format to provide you with that Personal Information. We may charge a fee to process or respond to your request if it is excessive, repetitive, or manifestly unfounded.

Who May Exercise Your Rights? You may only make a request to exercise your rights on behalf of yourself. A parent or legal guardian may make a request on behalf of his or her child.

You also have a right to submit requests to exercise your rights under the CCPA through an authorized agent. You may designate an authorized agent to make a request on your behalf to exercise your rights under the CCPA by doing the following: (1) provide the authorized agent written permission to do so; and (2) verify your own identity (per the process stated above), as well as the identity of the authorized agent directly. We may deny a request from an authorized agent if we do not have proof that they are authorized by you to act on your behalf. We will not require authorized agents to verify your identity to effectuate an opt-out request. We may deny a request from an authorized agent if we do not have proof that they are authorized by you to act on your behalf.

Right to Non-Discrimination. California residents have the right to not receive discriminatory treatment for exercising any of their rights under the CCPA.

Shine the Light.California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to complianceandethicsoffice@lupin.com or write to us at: Lupin Inc., 400 Campus Dr, Somerset, NJ 08873.