Data We Collect
and How We
Use It


Data We Collect
and How We
Use It

Information We Collect Online

1. Information you may provide to us online

When you visit our websites or contact us through a method provided on our websites, you may provide us with personal information, including (i) identifiers such as your name, postal address, email address or phone number, or (ii) other information you voluntarily provide to us, for example, when you complete the “Contact Us” form.

We use this information to respond to emails or other inquiries, to help improve our websites and our services, or to send updates or notices about Exelixis or our websites that we think may be of interest to you. We may also combine the personal information you provide with other generally or publicly available information to help us identify visitors’ preferences or interests, or to improve our websites and our services.

Additionally, we may also obtain certain information described in the “Information We Collect Offline” section below through our websites if you voluntarily submit it to us online, such as by sending it through our “Contact Us” form.

2. Information we may collect automatically online

When you visit our websites, we may automatically collect certain information that includes: (i) identifiers, including Internet Protocol (“IP”) addresses and other unique identifiers used online; and (ii) internet or other electronic network activity, including operating system, device details, usage details such as the date and times a website is accessed, referring URL, webpages viewed and links clicked. We may also approximate your geographic region and Internet Service Provider based on your IP address. Certain internet or other network activity may constitute personal information if it is reasonably capable of being associated with you. This information may be collected by us or on our behalf through our service providers using a number of technologies, including cookies, web beacons, and other tracking technologies, which are described further below.

We use this information to improve our website and services, including by diagnosing problems with our servers, reporting aggregated information, determining the fastest route for your computer to use in connecting to our websites, tailoring website functionality for certain geographies, and otherwise administering and improving the websites. We may also use this information to better understand our audience and by personalizing our website, services or advertisements.

Information We Collect Offline

In addition to our collection of personal information online, we also collect personal information offline in various circumstances, as described below. As discussed below, this information is typically collected during our provision of services to you and our business partners.

3. Information we may collect when you contact us by phone, fax, mail or in person

We may obtain certain information either directly from you or from your healthcare provider (“Provider”) by phone, fax, mail, or in person. We use such information to provide you and our business partners with our products and services, to answer medical inquiries, administer our medical information activities, manage and plan our business operations, and improve our services.

The information we collect by phone, fax, mail, or in person may include: (i) identifiers, such as your name, postal address, email address and phone number; (ii) medical information, including prescription number, dosage and health conditions or diagnoses; and (iii) other information you may voluntarily provide to us.

4. Information we collect from Providers

We collect information relating to individual Providers that we receive during the course of our business operations, such as through administering our medical information activities. This information may include identifiers, such as name, postal address, email address, phone number, and occupational details including NPI physician ID number or similar identifiers, as well as other information such providers voluntarily provide to us. We use such information to answer medical inquiries, manage and plan our business operations, and improve our services.

5. De-identified information we collect from third parties

We obtain de-identified information relating to healthcare and prescription drug transactions from third parties, such as our service providers, specialty pharmacies, and healthcare data providers. This information may include: (i) medical information, including medical condition, treatment history, and prescription information such as dosage; (ii) health insurance-related information; and (iii) demographic information, including income level, year of birth, gender, postal code, and state.

We use this information to forecast market demands, analyze market trends, track prescription drug distribution, improve the services we offer, and manage and plan our business operations. However, this information is provided to us in a form that is not reasonably capable of being associated with, or reasonably linked to, a particular individual, and we do not attempt to identify any individuals using this information.

6. Information we collect when you visit our facilities

We may collect certain information from you if you visit our facilities, such as our offices. You generally provide this information when you first arrive at our facilities, and it includes identifiers such as your name and email address. Additionally, we use security cameras in our facilities, and may collect visual information (namely, your image) if your image is captured by one of our security cameras. We use this information to protect the security and safety of our staff and visitors, and to maintain the security and confidentiality of our facilities, systems, and other information.

7. Information we collect through adverse event and safety reporting

We are required by law to collect certain adverse event and safety information regarding our products and services. Where such information concerns individuals, such as patients or clinical subjects, we require such information to be de-identified; however, in certain limited circumstances, a doctor or other third-party may inadvertently provide us with identifiable personal information. If received, such personal information may include identifiers, such as your name, postal address, email address, phone number, insurance or other patient ID number and date of birth, and medical information, such as diagnosis and health status, therapy and treatment history, and prescription information such as dosage. We have adopted procedures to protect such personal information and take steps to limit access to only those who require such access to accomplish our legitimate business purposes described below or to otherwise comply with local, state, or federal law, regulations or other requirements. We use this data to comply with legal requirements and to improve and monitor the safety of our products, drug candidates and services.

Business or Commercial Purposes

We collect and process personal information for the purposes described in the sections above, to comply with applicable laws, to communicate with you, and for our legitimate business interests. These purposes include:

  • to respond to inquiries from you or to otherwise perform services or engage with requests;
  • to send you notices or updates we think may be of interest to you;
  • to operate, maintain and improve our services, including our websites, such as diagnosing and debugging issues, or auditing site visits and conducting analytics;
  • to understand how our services and websites are used in order to customize our services and activities;
  • to fulfil other legitimate business interests, including to meet our contractual obligations and support our internal business operations;
  • to detect security risks, protect against malicious or illegal activity, and to investigate and pursue those responsible for such activity; and
  • to comply with law or regulatory obligations, or in response to law enforcement requests.