TENPOINT THERAPEUTICS

Web Services Privacy Policy

This Web Services Privacy Policy (this “Privacy Policy”) was last updated on December 9, 2024

This Privacy Policy describes the privacy practices of Tenpoint Therapeutics Ltd. (“Tenpoint,” “we,”or “us”) and how we handle personal information that we collectthrough our website and through any website that we own or control and whichposts to this Privacy Policy (collectively, the “Services”).

Personal Information We Collect

Information you provide to us, including through the contact form and through our communications with you.

• Contact and identification details, such as your first and last name, profession, company name, email address, phone number and any other contact data that you may provide when you contact us.
• Communications that we exchange with you, including when you contact us with questions, feedback, or otherwise.
• Careers information, such as your resume or CV, cover letter and any other information you submit to us when applying for a job with us.
• Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with them.

Information we obtain from third parties. 

• Social media. We may maintain pages on social media platforms, such as Instagram, X, and LinkedIn. When you visit or interact with our pages on those platforms,the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your personal information. You or theplatforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.
• Other sources. We may obtain your personal information from other third parties, such from recruitment and marketing partners.

Automatic data collection. We and our service providers may automatically log information about you, your computer ormobile device, and your interaction over time with the Services, our communications and other online services, such as:

• Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state, or geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the website,navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.

For more information, please visit our Cookie Policy.

We use your personal information for the following purposes:

Provision of the Services.It is in our legitimate interest to operate and allow you to use our Services. In particular, we provide, operate, maintain, and secure our Services and respond to your requests, questions, and feedback.

Analytics and improvement of the Services. We process personal information in our legitimate interests to monitor and analyze use of our Services to maintain and improve performance, reliability, and functionality. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We may use this anonymous data and share it with third parties for our lawful business purposes, including to identify business opportunities and promote our business.

Marketing and advertising. We may send you direct marketing communications as permitted by law via email and other means. Unless where consent is required, we do so where it is in our legitimate interests to market to you. You may opt out of our marketing communications as described in the “Opt out of marketing communications” section below. We may also engage advertising partners, including third party advertising companies and social media companies, to advertise our services on social media platforms and other third-party websites and services.

Job applications. We use the personal information you provide to us in the context of a job application to process your application and to assess your suitability for a position with us.

Compliance and protection, including:

• To comply with applicable laws, lawful requests, and legal process, such as to respond to requests from government authorities.
• In our legitimate interests to protect our, your or others’ rights, privacy, safety, or property (including by making and defending legal claims).
• Auditing our internal processes for compliance with legal and contractual requirements and internal policies. Where we do not have a legal obligation, we do so in our legitimate interests.
• Enforce the terms and conditions that govern our Services.
• In our legitimate interests to prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

How We Share Personal Information

We may share your personal information with the following categories of third parties:

Affiliates. Our subsidiaries and affiliates, for purposes consistent with this Privacy Policy.

Service providers. Companies and individuals that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, and website analytics services).

Advertising partners. Third-party advertising companies and social media platforms for the business promotion purposes described above.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale, or other disposition of all or any portion of the business or assets of, or equity interests in Tenpoint (including, in connection with a bankruptcy or similar proceedings).

Your Rights and Choices

Opt out of marketing communications. You may opt out of marketing-related communications by following the opt-out or unsubscribe instructions contained in the marketing communications we send you.

Personal information requests. You may have certain rights in relation to your personal information depending on your location and the nature of your interactions with our Services. For example, if you reside in the European Economic Area (“EEA”) or the United Kingdom (“UK”), you may request the following in relation to your personal information:

• Information about how we have collected and used your personal information. We have made this information available to you without having to request it by including it in this Privacy Policy.
• Access to a copy of the personal information that we have collectedabout you. Where applicable, we will provide the information in a portable,machine-readable, readily-usable format.
• Correction of personal information that is inaccurate or out of date.
• Deletion of personal information that we no longer need to provide the Services or for other lawful purposes.
• Additional rights, such as to object to and request that we restrict our use of personal information.

To exercise the above rights, contact us as set out in the “How to contact us” Section below. Prior to responding to your requests, we may verify your identity by matching any requested identifying information you provide against the information we have about you.

In some instances, your rights and choices may be limited, such as where fulfilling your request would impair: the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights.

Right to complain.Depending on where you reside, such as if you reside in the EEA or UK, you may have the right to complain to a data protection regulator where you live or work, or where you feel a violation has occurred. Click here to find your local supervisory authority in the EEA. In the UK, the competent authority is the Information Commissioner’s Office.

Other Sites and Services

Our Services may contain links to websites and other onlineservices operated by third parties. In addition, our content may be integratedinto web pages or other online services that are not associated with us. Theselinks and integrations are not an endorsement of, or representation that we areaffiliated with, any third party. We do not control websites or online servicesoperated by third parties, and we are not responsible for their actions.

Retention

Where required under applicable laws, we retain personal information only for as long as is necessary to fulfill the purposes for which it was collected and processed, in accordance with our retention policies, and in accordance with applicable laws and regulatory obligations or until you withdraw your consent (where applicable). To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.

Data Security

We employ a number of technical, organizational, and physical safeguards designed to protect the personal information we collect. However, no security measures are fail safe and we cannot guarantee the security of your personal information.

International Data Transfers

We may also transfer personal information to our affiliates and service providers in Switzerland, the UK, the United States and other jurisdictions. Please note that some of these jurisdictions may not provide the same protections as the data protection laws in your home country.
When we engage in cross-border data transfers, we put in place relevant safeguards to comply with applicable data protection laws, such as by relying on an EU Commission or UK government adequacy decision or on contractual protections for the transfer of personal information. For more information about how we transfer personal information internationally, please contact us as set out in the “How to Contact Us” section below.

Children

The Services are not intended for use by children. If we learn that we have collected personal information through the Services from a child without the consent of the child’s parent or guardian as required by law, we will delete it.

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the website.

How to Contact Us

Responsible entity. Tenpoint Therapeutics Ltd. is the entity responsible for the processing of personal information under this Privacy Policy (as a controller, where provided under applicable law).

Contact us. If you have any questions or comments about this Privacy Policy, our privacy practices, or if you would like to exercise your rights with respect to your personal information, please contact us by email at info@tenpoint-tx.com or at the following mailing address: 30Broad Street, Great Cambourne, Cambridge, England, CB23 6HJ.