Privacy Policy
US SUPPLEMENTAL PRIVACY NOTICE
Janssen Biotech, Inc. respects your privacy and wants you to be familiar with how we collect, use, and disclose information. This Privacy Policy describes our practices in connection with information that we or our service providers collect through the website or application (hereinafter the “Service”) operated and controlled by us from which you are accessing this Privacy Policy. We encourage you to read the full Privacy Policy before using this Service or providing any personal information. By providing personal information to us or by using the Service, you acknowledge that you have read and understand this Privacy Policy.
USE BY MINORS
The Service is not directed to individuals under the age of 18, and we request that these individuals not provide personal information through the Service. If your child has submitted Personal Information and you would like to request that such Personal Information be removed, please contact us as explained below under “Contacting Us”.
INFORMATION COLLECTION
We may ask you to submit personal information in order for you to benefit from certain features (such as newsletter subscriptions, tips/pointers, or order processing) or to participate in a particular activity (such as sweepstakes or other promotions). You will be informed what information is required and what information is optional.
We may combine the information you submit with other information we have collected from you, whether on or offline, including, for example, your purchase history. We may also combine it with information we receive about you from other sources, such as other Johnson & Johnson Affiliates, publicly available information sources (including information from your publicly available social media profiles), and other third-party information providers.
If you submit any personal information relating to another individual to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.
SENSITIVE INFORMATION
Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive personal information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health or medical condition, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual) on or through the Service or otherwise directly to us.
AUTOMATIC INFORMATION COLLECTION AND USE
We and our service providers may automatically collect and use information in the following ways as you navigate around the Service:
- Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, and Internet browser type and version. We may collect similar information, such as your device type and identifier, if you access the Service through a mobile device. We use this information to ensure that the Service functions properly.
- Using cookies: Cookies are pieces of information stored directly on the computer you are using. Cookies allow us to collect information such as browser type, time spent on the Service, pages visited, and language preferences. We and our service providers use the information for security purposes, to facilitate navigation, display information more effectively, and to personalize your experience while using the Service. We also use cookies to recognize your computer or device, which makes your use of the Service easier, such as to remember what is in your shopping cart. In addition, we use cookies to gather statistical information about Service usage in order to continually improve its design and functionality, understand how individuals use it, and to assist us with resolving questions regarding it. Cookies further allow us to select which of our advertisements or offers are most likely to appeal to you and display them while you are on the Service. We may also use cookies in online advertising to track consumer responses to our advertisements.
- You can refuse to accept these cookies by following your browser’s instructions; however, if you do not accept them, you may experience some inconvenience in your use of the Service. You may also not receive advertising or other offers from us that are relevant to your interests and needs. To learn more about cookies, please visit http://www.allaboutcookies.org.
- Using Flash cookies: Our use of Adobe Flash technology (including Flash Local Stored Objects (“Flash LSOs”)) allows us to, among other things, serve you with more tailored information, facilitate your ongoing access to and use of the Service, and collect and store information about your use of the Service. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also control Flash LSOs by going to the Global Storage Settings Panel and following the instructions. Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications.
- Using pixel tags, web beacons, clear GIFs, or other similar technologies: These may be used in connection with some Service pages and HTML-formatted e-mail messages to, among other things, track the actions of users and e-mail recipients, measure the success of our marketing campaigns, and compile statistics about Service usage.
- Interest-based advertising: We may use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Service and other online services, based on information relating to your access to and use of the Service and other online services on any of your devices. To do so, these companies may place or recognize a unique cookie on your browser (including through the use of pixel tags). They may also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop.
- If you would like more information about this practice, and to learn how to opt-out of it, in desktop and mobile browsers on the particular device on which you are accessing this Privacy Policy, please visit http://optout.aboutads.info/#/ and http://optout.networkadvertising.org/#/. You may download the AppChoices app at http://www.aboutads.info/appchoices to opt-out in mobile apps.
- IP address: Your IP address is a number that is automatically assigned to your computer by your Internet Service Provider. An IP address is identified and logged automatically in our server log files whenever a user visits the Service, along with the time of the visit and the pages visited. Collecting IP addresses is standard practice and is done automatically by many online services. We use IP addresses for purposes such as calculating Service usage levels, diagnosing server problems, and administering the Service. We may also derive your approximate location from your IP address.
- Device Information: We may collect information about your mobile device, such as a unique device identifier, to understand how you use the Service.
HOW WE USE AND DISCLOSE INFORMATION
We use and disclose information you provide to us as described to you at the point of collection. Please see the section entitled “Choices and Access” below to learn how you may opt-out of certain of our uses and disclosures.
Where required by applicable law, we will obtain your consent to our use of your personal information at the point of information collection. We may also use information from or about you as necessary to perform a contract, to comply with a legal obligation (for example, due to our pharmacovigilance obligations), or for our legitimate business interests. We may also rely on other legal bases, specifically for:
- Providing the functionality of the Service and fulfilling your requests.
- to provide the functionality of the Service to you and providing you with related customer service;
- to respond to your inquiries and fulfill your requests, such as to send you documents you request or to e-mail alerts;
- to send you important information regarding our relationship with you or regarding the Service, changes to our terms, conditions, and policies and/or other administrative information.
We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.
- Accomplishing our business purposes.
- for data analysis, for example, to improve the efficiency of the Service;
- for audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements;
- for fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
- for developing new products and services;
- for enhancing, improving or modifying our website or products and services;
- for identifying Service usage trends, for example, understanding which parts of our Service are of most interest to users; and
- for determining the effectiveness of our promotional campaigns so that we can adapt our campaigns to the needs and interests of our users.
We will engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.
- Analysis of Personal Information to provide personalized services.
- to better understand you so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests;
- to better understand your preferences so that we can deliver content via the Service that we believe will be relevant and interesting to you.
We will provide personalized services either with your consent or because we have a legitimate interest.
We also disclose information collected through the Service:
- to our affiliates, including Johnson & Johnson Health Care Systems Inc., for the purposes described in this Privacy Policy. A list of our affiliates is available at https://johnsonandjohnson.gcs-web.com/financial-information/sec-filings (click on the link for Form 10K, Exhibit 21, under “SEC Filings”). Janssen Biotech, Inc. is the party responsible for the management of the jointly used Personal Information on stelarainfo.com; Johnson & Johnson Health Care Systems Inc. is the party responsible for the management of the jointly used Personal Information on https://www.stelarawithme.com/;
- to our third-party partners with whom we offer a co-branded or co-marketed promotion;
- to our third-party service providers who provide services, such as website hosting and moderating, mobile application hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer service, e-mail and direct mail delivery services, auditing, and other services, in order to enable them to provide services; and
- as permitted by applicable law, to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
In addition, we may use and disclose your information as we believe to be necessary or appropriate: (a) to comply with legal process or applicable law which may include laws outside your country of residence; (b) as permitted by applicable law to respond to requests from public and government authorities, which may include authorities outside your country of residence; (c) to enforce our terms and conditions; and (d) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others. We may also use and disclose your information in other ways, after obtaining your consent to do so.
We may use and disclose information we collect automatically as described above under “Automatic Information Collection and Use.”
In addition, where allowed by applicable law, we may use and disclose information that is not in personally identifiable form for any purpose. If we combine information that is not in personally identifiable form with information that is identifiable (such as combining your name with your geographical location), we will treat the combined information as personal information as long as it is combined.
CHOICES AND ACCESS
Your choices regarding our use and disclosure of your personal information
We give you choices regarding our use and disclosure of your personal information for marketing purposes. You may opt-out from the following:
CHOICES FOR STELARAINFO.COM | CHOICES FOR THE STELARA withME PROGRAM (INFORMATION SUBMITTED VIA https://www.stelarawithme.com/) |
Receiving Stelara withMe program communications from us: If you no longer want to receive Stelara withMe program Communications from us on a going-forward basis, please contact us via 1-844-4withMe (494-8463) or send a written request to STELARA withMe, 2250 Perimeter Park Drive, Suite 300, Morrisville, NC 27560. | |
Receiving marketing communications from us: If you no longer want to receive marketing communications from us on a going-forward basis, you may opt-out of receiving them by contacting us via 1-800-JANSSEN (526-7736) or send a written request to Janssen Medical Information, PO BOX 200 Titusville, NJ 08560. In your request to us, please provide your name, identify the form(s) of marketing communications that you no longer wish to receive, and include the address(es) to which it/they are sent. For example, if you no longer wish to receive marketing e-mails or direct mail from us, tell us that, and provide your name and e-mail or postal address. In addition, you may opt-out of receiving marketing e-mails from us by following the unsubscribe instructions provided in any such message. | Receiving marketing communications from us: If you no longer want to receive marketing communications from us on a going-forward basis, you may opt-out of receiving them by contacting us via 1-844-4withMe (494-8463) or send a written request STELARA withMe, 2250 Perimeter Park Drive, Suite 300, Morrisville, NC 27560. In your request to us, please provide your name, identify the form(s) of marketing communications that you no longer wish to receive, and include the address(es) to which it/they are sent. For example, if you no longer wish to receive marketing e-mails or direct mail from us, tell us that, and provide your name and e-mail or postal address. In addition, you may opt-out of receiving marketing e-mails from us by following the unsubscribe instructions provided in any such message. |
Receiving reminders from us: If you no longer want to receive medical reminders from us on a going-forward basis, you may opt-out of receiving them by contacting us via 1-800-JANSSEN (526-7736) or send a written request to Janssen Medical Information, PO BOX 200 Titusville, NJ 08560. In your response to us, please provide your name and the e-mail address or phone number at which you receive reminders from us. | Receiving reminders from us: If you no longer want to receive medical reminders from us on a going-forward basis, you may opt-out of receiving them by contacting us via 1-844-4withMe (494-8463) or send a written request to STELARA withMe, 2250 Perimeter Park Drive, Suite 300, Morrisville, NC 27560. In your response to us, please provide your name and the e-mail address or phone number at which you receive reminders from us. |
Our sharing of your personal information with affiliates and third party partners: If you previously opted-in to receiving marketing communications from our affiliates or third party partners, you may opt-out of our sharing of your personal information with those parties for their direct marketing purposes on a going-forward basis by contacting us via 1-800-JANSSEN (526-7736) or send a written request to Janssen Medical Information, PO BOX 200 Titusville, NJ 08560. In your communication to us, please state that we should no longer share your personal information with our affiliates and/or third-party partners for their marketing purposes and include your name and e-mail address. | Our sharing of your personal information with affiliates and third party partners: If you previously opted-in to receiving marketing communications from our affiliates or third party partners, you may opt-out of our sharing of your personal information with those parties for their direct marketing purposes on a going-forward basis by contacting us 1-844-4withMe (494-8463) or send a written request to STELARA withMe, 2250 Perimeter Park Drive, Suite 300, Morrisville, NC 27560. In your communication to us, please state that we should no longer share your personal information with our affiliates and/or third-party partners for their marketing purposes and include your name and e-mail address. |
We will seek to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out as described above, we may not be able to directly remove your personal information from the databases of our affiliates with which we have already shared your information (i.e., as of the date that we implement your opt-out request). However, we will make reasonable efforts to inform our affiliates of your request. Please also note that if you opt-out of receiving marketing-related messages from us, we may still send you important transactional and administrative messages from which you cannot opt-out.
How you can access, change, or delete your personal information
If you would like to review, correct, update, restrict, or delete your personal information, or if you would like to request an electronic copy of your personal information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), please contact us via:
STELARAINFO.COM | THE STELARA withME PROGRAM (INFORMATION SUBMITTED VIA https://www.stelarawithme.com/) |
1-800-JANSSEN (526-7736) or send a written request to Janssen Medical Information, PO BOX 200 Titusville, NJ 08560. | 1-844-4withMe (494-8463) or send a written request to STELARA withMe, 2250 Perimeter Park Drive, Suite 300, Morrisville, NC 27560. |
We will respond to your request(s) as soon as reasonably practicable and no later than one month after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.
CROSS‑BORDER TRANSFER
Your personal information may be stored and processed in any country where we have facilities or service providers, and by using our Service or by providing consent to us (where required by law), your information may be transferred to countries outside of your country of residence, including to the United States, which may provide for different data protection rules than in your country of residence. Nonetheless, appropriate contractual and other measures are in place to protect personal information when it is transferred to our affiliates or third parties in other countries.
SECURITY
We seek to use reasonable organizational, technical, and administrative measures designed to protect personal information under our control. However, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you have with us has been compromised), please immediately notify us in accordance with the “Contacting Us” section below.
RETENTION PERIOD
We will retain your personal information for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you and provide the Service to you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
THIRD PARTY SITES AND SERVICES
This Service may contain links to sites of third parties. This Privacy Policy does not address, and we are not responsible for, the privacy, information, or practices of any third parties, including any third party operating any site or online service (including, without limitation, any application) that is available through this Service or to which this Service contains a link. The availability of, or inclusion of a link to, any such site or property on the Service does not imply endorsement of it by us or by our affiliates.
CONTACTING US
STELARAINFO.COM | THE STELARA withME PROGRAM (INFORMATION SUBMITTED VIA https://www.stelarawithme.com/) |
Janssen Biotech, Inc., located at 800 Ridgeview Drive, Horsham, PA 19044, is the company responsible for collection, use, and disclosure of personal information under this Privacy Policy. If you have any questions about this Privacy Policy, please contact us via 1-800-JANSSEN (526-7736), or please write to the following address: Janssen Medical Information | Johnson & Johnson Health Care Systems Inc., located at 425 Hoes Lane, Piscataway, New Jersey 08854, is the company responsible for collection, use, and disclosure of personal information under this Privacy Policy. If you have any questions about this Privacy Policy, please contact us via 1-844-4withMe (494-8463, or please write to the following address: STELARA withMe |
UPDATES TO THIS PRIVACY POLICY
We may change this Privacy Policy. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on the Service. Your use of the Service following these changes means that you accept the revised Privacy Policy. We recommend that you regularly review the Privacy Policy when you visit the Service. This policy was last updated on November 16, 2022.
US Supplemental Privacy Notice
Last Updated November 16, 2022
This US Supplemental Privacy Notice (“Supplemental Notice”) applies only to information collected about California, Colorado, Virginia, Utah, and Connecticut consumers. It provides information required under the following laws, (collectively, “US State Privacy Laws”):
- California Consumer Privacy Act of 2018 and California Privacy Rights Act of 2020 (collectively, the “CPRA”)
- Colorado Privacy Act of 2021 (the “CPA”)
- Connecticut Data Privacy Act (“CTDPA”)
- Utah Consumer Privacy Act of 2022 (the “UCPA”)
- Virginia Consumer Data Protection Act of 2021 (the “VCDPA”)
We also provide information collected about Nevada consumers under the heading “Privacy Notice for Nevada Residents” at the end of this Supplemental Notice. The other portions of this Supplemental Notice do not apply to Nevada consumers.
This Supplemental Notice describes JANSSEN BIOTECH, INC.’s (“we,” “us,” “our”) practices regarding the collection, use, and disclosure of Personal Information and provides instructions for submitting data subject requests. This Supplemental Notice is parallel in scope to our Global Privacy Policy and should be read in conjunction with our Global Privacy Policy.
Some portions of this Supplemental Notice apply only to consumers of particular states. In those instances, we have indicated that such language applies only to those consumers.
A. Definitions
- “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information includes “personal data” as that term is defined in the applicable US State Privacy Law. Personal Information also includes “Sensitive Personal Information,” as defined below, except where otherwise noted.
- “Sensitive Personal Information” means Personal Information that reveals a consumer’s social security, driver’s license, state identification card, or passport number; account log-in, financial account number, debit card number, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious beliefs, or union membership; contents of email or text messages; and genetic data. Sensitive Personal Information also includes processing of biometric information for the purpose of uniquely identifying a consumer and Personal Information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation. Sensitive Personal Information also includes “sensitive data” as that term is defined in the applicable US State Privacy Law.
- “Third Party” has the meanings afforded to it in the applicable US State Privacy Law.
- “Vendor” means a service provider, contractor, or processor as those terms are defined in the applicable US State Privacy Law.
To the extent other terms used in this Supplemental Notice are defined terms under the applicable US State Privacy Law, they shall have the meanings afforded to them in those statutes, whether or not capitalized herein. As there are some variations between such definitions in each of the state statutes, the definitions applicable to you are those provided in the statute for the state in which you are a consumer. For example, if you are a Virginia consumer, terms used in this Supplemental Notice that are defined terms in the VCDPA shall have the meanings afforded to them in the VCDPA as this Supplemental Notice applies to you.
B. Collection & Processing of Personal Information
We, and our Vendors, may have collected and processed the following categories of Personal Information about you in the preceding 12 months:
- Identifiers, such as name, alias, online identifiers, account name, physical characteristics or description;
- Contact and financial information, including phone number, address, email address, financial information, medical information, health insurance information;
- Characteristics of protected classifications under state or federal law, such as age, gender, race, physical or mental health conditions, and marital status;
- Commercial information, such as transaction information, payment information, tax withholding information and purchase history;
- Biometric information;
- Internet or other electronic network activity information, such as browsing history, search history and interactions with our websites or advertisements;
- Geolocation data, such as device location;
- Audio, electronic, visual and similar information, such as call and video recordings;
- Professional or employment-related information, such as specialty, education history, professional qualifications, work history and prior employer;
- Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics; and
- Sensitive personal information, including:
- Personal Information that reveals:
- Social security, driver’s license, state identification card, or passport number;
- Account log-in, financial account number, debit card number, or credit card number in combination with any required security or access code, password, or credentials for allowing access to an account;
- Precise geolocation;
- Racial or ethnic origin, religious or philosophical beliefs, or union membership;
- Genetic data.
- Biometric data processed for the purpose of uniquely identifying a consumer;
- Personal Information collected and analyzed concerning a consumer’s health; and
- Personal Information collected and analyzed concerning a consumer’s sex life or sexual orientation.
Retention of Personal Information. We retain your Personal Information for the period reasonably necessary to provide goods and services to you and for the period reasonably necessary to support our business operational purposes listed in Section E.
C. Categories of Personal Information We Disclose to Vendors & Third Parties
We may disclose the following categories of Personal Information to Vendors and Third Parties:
- Identifiers, such as name, alias, online identifiers, account name, physical characteristics or description;
- Contact and financial information, including phone number, address, email address, financial information, medical information, health insurance information;
- Characteristics of protected classifications under state or federal law, such as age, gender, race, physical or mental health conditions, and marital status;
- Commercial information, such as transaction information, payment information, tax withholding information and purchase history;
- Biometric information;
- Internet or other electronic network activity information, such as browsing history, search history and interactions with our websites or advertisements;
- Geolocation data, such as device location;
- Audio, electronic, visual and similar information, such as call and video recordings;
- Professional or employment-related information, such as specialty, education history, professional qualifications, work history and prior employer;
- Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics; and
- Sensitive personal information, including:
- Personal Information that reveals:
- Social security, driver’s license, state identification card, or passport number;
- Account log-in, financial account number, debit card number, or credit card number in combination with any required security or access code, password, or credentials for allowing access to an account;
- Precise geolocation;
- Racial or ethnic origin, religious or philosophical beliefs, or union membership;
- Genetic data.
- Biometric data processed for the purpose of uniquely identifying a consumer;
- Personal Information collected and analyzed concerning a consumer’s health; and
- Personal Information collected and analyzed concerning a consumer’s sex life or sexual orientation.
Disclosure for California Consumers: Unless specifically stated, we have not sold or shared Personal Information about California consumers to third parties for their own use in the past twelve months. Relatedly, we do not have actual knowledge that we sell or share Personal Information of California consumers under 16 years of age. However, we may share your personal information with our affiliates and trusted partners in arrangements that may meet the broad definition of “sale” or “share” under California law. In these arrangements, use of the information we share is limited by policies, contracts, or similar restrictions.
For purposes of the CPRA, a “sale” is the disclosure of Personal Information to a Third Party for monetary or other valuable consideration, and a “share” is the disclosure of Personal Information to a Third Party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.
Disclosure for Colorado, Virginia, Utah, and Connecticut Consumers: Unless specifically stated, we do not sell or share Personal Information to Third Parties for their own use. However, we may share or process one or more of the above categories of personal information with our affiliates and trusted partners in arrangements for purposes of targeted advertising, as the terms “sell,” “share,” “process,” and “targeted advertising” are defined in the CPA, VCDPA, UCPA, and CTDPA. In these arrangements, use of the information we share is limited by policies, contracts or similar restrictions.
D. Sources from Which We Collect Personal Information
We collect Personal Information directly from California, Colorado, Virginia, Utah, and Connecticut consumers, as well as from our affiliates, business partners, joint marketing partners, public databases, providers of demographic data, publications, professional organizations, social media platforms, caregivers, third party information providers, affiliates with whom you have a business relationship, service providers with which we have a contractual relationship and to which you have provided your personal information, cookies and other tracking technologies, and Vendors and Third Parties when they share the information with us.
E. Purposes for Processing Personal Information
We, and our Vendors, collect and process the Personal Information (excluding Sensitive Personal Information) described in this Supplemental Notice to:
- Operate, manage, and maintain our business;
- Respond to your inquiries and to fulfill your requests;
- Send you important information regarding our relationship with you or regarding this website, changes to our terms, conditions, and policies and/or other administrative information;
- Conduct audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements;
- Prevent fraud or crime, and for risk and technical security monitoring purposes;
- Facilitate the development of new products and services;
- Enhance, improve or modify our website or products and services;
- Perform research, analytics, and data analysis;
- Determine the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users;
- Personalize, advertise, and market our products and services;
- Comply with law, legal process, and internal policies;
- Maintain records;
- Exercise and defend legal claims; and
- Otherwise accomplish our business purposes and objectives.
We, and our Vendors, collect and process the Sensitive Personal Information described in this Supplemental Notice for:
- Performing the services or providing the goods reasonably expected by an average consumer who requests those goods or services;
- Ensuring security and integrity to the extent the use of the consumer's Personal Information is reasonably necessary and proportionate for these purposes;
- Performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf;
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us;
- Personalizing, advertising, and marketing our products and services;
- Conducting research, analytics, and data analysis;
- Performing accounting, audit, and other internal functions, such as internal investigations;
- Complying with law, legal process, and internal policies;
- Maintaining records;
- Exercising and defending legal claims; and
- Otherwise accomplishing our business purposes and objectives.
F. Categories of Entities to Whom We Disclose Personal Information
- Affiliates & Vendors. We may disclose your Personal Information to our affiliates and Vendors for the purposes described in Section E of this US Annex. A list of our affiliates is available at https://johnsonandjohnson.gcs-web.com/financial-information/sec-filings (click on the link for Form 10K, Exhibit 21, under “SEC Filings”). Our Vendors provide us with services for our websites, as well as other products and services, such as web hosting and moderating, mobile application hosting, data analysis, payment processing, order fulfillment, customer service, infrastructure provision, technology services, email and direct mail delivery services, auditing, legal services, and other similar services. We grant our Vendors access to Personal Information only to the extent needed for them to perform their functions, and require them to protect the confidentiality and security of such information.
- Third Parties. We may disclose your Personal Information to the following categories of Third Parties:
- At Your Direction. We may disclose your Personal Information to any Third Party with your consent or at your direction.
- Business Transfers or Assignments. We may disclose your Personal Information to other entities as reasonably necessary to facilitate a reorganization, merger, sale, joint venture or collaboration, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
- Third Party Co-Branding and Co-Marketing Partners. We may share your Personal Information with our third party partners with whom we offer a co-branded or co-marketed promotion.
- Third Party Advertising Partners. To improve the effectiveness of our communication with you and our marketing campaigns, we may share our data with our third party advertising partners, including social media, medical journals and publishers.
- Legal and Regulatory. We may disclose your Personal Information to government authorities, including regulatory agencies and courts, as reasonably necessary for our business operational purposes, to assert and defend legal claims, and otherwise as permitted or required by law.
G. Data Subject Rights
- Exercising Data Subject Rights. California, Colorado, Virginia Utah, and Connecticut consumers have certain rights with respect to the collection and use of their Personal Information. Those rights vary by state. As required by the CPRA, we provide detailed information below regarding the data subject rights available to California consumers. Colorado, Virginia, Utah, and Connecticut consumers have similar rights and can find more detail by referencing the applicable US State Privacy Law.
- You may exercise the data subject rights applicable to you under the applicable US State Privacy Law by clicking herehttps://www.janssen.com/us/privacy-request/ or contacting us at 1-800-JANSSEN (526-7736). While we will make reasonable efforts to accommodate your request, we reserve the right to impose certain restrictions or requirements on your request, if allowed by or required by applicable law. Consumers in some states may also authorize an agent to make data subject requests on their behalf.
- Verification of Data Subject Requests. We may ask you to provide information that will enable us to verify your identity in order to comply with your data subject request. In particular, when a California or Connecticut consumer authorizes an agent to make a request on their behalf, we may require the agent to provide proof of signed permission from the consumer to submit the request, or we may require the consumer to verify their own identity to us or confirm with us that they provided the agent with permission to submit the request. In some instances, we may decline to honor your request if an exception applies under applicable law. We will respond to your request consistent with applicable law.
- Non-Discrimination. We will not discriminate against you for exercising your data subject rights. For example, we will not deny goods or services to you, or charge you different prices or rates, or provide a different level of quality for products or services as a result of you exercising your data subject rights.
- Appeals To appeal our decision on your data subject requests, you may click here https://privacyportal.onetrust.com/webform/
96f23ee1-34e3-41d6-8d5a-07f0d554152b/926e6f82-2e1b-40a8-8f34-c0e226862f5a. Please enclose a copy of or otherwise specifically reference our decision on your data subject request, so that we may adequately address your appeal. We will respond to your appeal in accordance with applicable law. - Data Subject Rights Disclosure
- Right to Receive Information on Privacy Practices: You have the right to receive the following information at or before the point of collection:
- The categories of Personal Information to be collected;
- The purposes for which the categories of Personal Information are collected or used;
- Whether or not that Personal Information is sold or shared;
- If the business collects Sensitive Personal Information, the categories of Sensitive Personal Information to be collected, the purposes for which it is collected or used, and whether that information is sold or shared; and
- The length of time the business intends to retain each category of Personal Information, or if that is not possible, the criteria used to determine that period.
We have provided such information in this Supplemental Notice, and you may request further information about our privacy practices by clicking here
https://www.janssen.com/us/privacy-request/ or contacting us at 1-800-JANSSEN (526-7736). - Right to Deletion: You may request that we delete any Personal Information about you that we collected from you.
- Right to Correction: You may request that we correct any inaccurate Personal Information we maintain about you.
- Right to Know: You may request that we provide you with the following information about how we have handled your Personal Information in the 12 months preceding your request:
- The categories of Personal Information we collected about you;
- The categories of sources from which we collected such Personal Information;
- The business or commercial purpose for collecting Personal Information about you;
- The categories of Personal Information about you that we shared or disclosed and the categories of Third Parties with whom we shared or disclosed such Personal Information; and
- The specific pieces of Personal Information we have collected about you.
- Right to Receive Information About Onward Disclosures: You may request that we disclose to you:
- The categories of Personal Information that we have collected about you;
- The categories of Personal Information that we have sold or shared about you and the categories of Third Parties to whom the Personal Information was sold or shared; and
- The categories of Personal Information we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.
- Right to Non-Discrimination: You have the right not to be discriminated against for exercising your data subject rights. We will not discriminate against you for exercising your data subject rights.
- Right to Restrict or Limit the Use of Sensitive Personal Information: You have the right to restrict the use and disclosure of sensitive personal information to certain purposes related to the offering of goods or services as listed in the CPRA. To exercise this right, you or your authorized representative may submit a request by clicking on the following link: Limit the Use of My Sensitive Personal Information
- Right to Opt Out of Sharing, Disclosure, or Sale of Personal Information: You have the right to direct us to not share, disclose, or sell your personal information. To exercise this right, you or your authorized representative may submit a request by clicking on the following link: Do Not Sell or Share My Personal Information
H. Other Disclosures
- California Residents Under Age 18. If you are a resident of California under the age of 18 and a registered user of our website, you may ask us to remove content or data that you have posted to the website by clicking here https://www.janssen.com/us/privacy-request/ or contacting us at 1-800-JANSSEN (526-7736). Please note that your request does not ensure complete or comprehensive removal of the content or data, as, for example, some of your content or data may have been reposted by another user.
- Disclosure About Direct Marketing for California Residents. California Civil Code § 1798.83 permits California residents to annually request certain information regarding our disclosure of Personal Information to other entities for their direct marketing purposes in the preceding calendar year. We do not distribute your Personal Information to other entities for their own direct marketing purposes.
- Financial Incentives for California Consumers. We offer various types of financial incentives in exchange for your personal information, such as coupons, discounts, promotions, loyalty points, sweepstakes, contests, surveys, and other exclusive offers for California consumers who sign up to receive our marketing emails or join our loyalty program. The amount and terms of such offers will be presented to you at the time of the offer. When you participate in a financial incentive, we collect personal information from you, such as identifiers (like your email address) and commercial information (like your purchase history). Solely for purposes of California privacy law, we reasonably estimate the value of the discount, coupon, or other financial incentive that we offer to you to be equal to or greater than the value we receive from a consumer’s personal information collected in connection with the offer. We reasonably estimate the value of a consumer’s data by estimating the expenses related to the provision of each incentive program per consumer. We incur a variety of expenses for providing financial incentives, such as administrative and technical expenses associated with maintaining a loyalty program and costs associated with discounts on purchases. Participation in our financial incentives is voluntary. You may opt into a financial incentive by following the sign-up or participation instructions provided, and you have the ability to opt out by unsubscribing from our emails or closing your loyalty member account.
- Changes to our Supplemental Notice. We reserve the right to amend this Supplemental Notice at our discretion and at any time. When we make material changes to this Supplemental Notice, we will notify you by posting an updated Supplemental Notice on our website and listing the effective date of such updates.
PRIVACY NOTICE FOR NEVADA RESIDENTS
Effective: October 1, 2019
This Privacy Notice for Nevada Residents adds to the information contained in the Johnson & Johnson Global Privacy Policy, and applies only to Nevada residents (“You,” “your” or “consumer”).
Personal Information Collection and Purposes of Use
We collect certain personal information of Nevada consumers through our Internet websites or other online service. This information includes one or more of the following elements of personally identifiable information:
- A first and last name.
- A home or other physical address that includes the name of a street and the name of a city or town.
- An electronic mail address.
- A telephone number.
- A Social Security Number.
- An identifier that allows a specific person to be contacted either physically or online.
- Any other information concerning a person collected from the person through the Internet website or online service of the operator, and maintained by the operator in combination with an identifier in a form that makes the information personally identifiable.
We collect this personal information for the following purposes:
- to respond to your inquiries and to fulfill your requests;
- to send you important information regarding our relationship with you or regarding this website, changes to our terms, conditions, and policies and/or other administrative information;
- for audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements;
- for fraud or crime prevention, and for technical security monitoring purposes;
- to facilitate the development of new products and services;
- to enhance, improve or modify our website or products and services;
- for data analysis that will allow us to understand website usage trends;
- to determine the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users.
- to better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
Your Privacy Rights
Right to access and/or correct your personal information, or opt out of sale of personal information
If you would like to review, correct, or update your personal information, you or your authorized representative may submit your request to https://www.janssen.com/us/privacy-request/. We will respond to your verified request as soon as reasonably practicable, but no later than sixty (60) days after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.
We generally do not disclose or share personal information for profit. Under Nevada law, you have the right to direct us to not sell or license your personal information to third parties. To exercise this right, if applicable, you or your authorized representative may submit a request to https://www.janssen.com/us/privacy-request/. We will respond to your verified request as soon as reasonably practicable, but no later than sixty (60) days after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.