Privacy Policy

This “Privacy Policy” describes the privacy practices of Global Blood Therapeutics, Inc. and our subsidiaries and affiliates (collectively, “GBT”, “we”, “us”, or “our”). This Privacy Policy describes how we collect, use, disclose and otherwise process personal information in connection with the websites that we own or control and which post or link to this Privacy Policy, our products and services, and our online and offline activities and communications. This Privacy Policy also explains the rights and choices available to individuals with respect to their information.

GBT may provide additional privacy notices to individuals at the time we collect their data. For example, we provide a specific privacy notice to clinical trial participants that describe our privacy practices in connection with conducting clinical trials. This type of an “in-time” notice will govern how we may process the information you provide at that time. 

Residents of the State of California – please see the end of this Privacy Notice for the California Consumer Privacy Act (CCPA) Privacy Notice.

We provide important information for individuals residing in the European Union here.

Table of Contents

Personal Information We Collect
How We Use Personal Information
How We Share Personal Information
Your Choices
Job Applicants
International Data Transfer
Other Sites and Services
Changes to this Privacy Policy
Contact Us
Notice to European Users
Notice to California Users

Personal Information We Collect

Whose Personal Information We Collect

We collect personal information about the following types of individuals: clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists, users of our websites, and other individuals who interact directly with GBT or our service providers or business partners.

How We Collect Personal Information

We collect personal information:

  • Directly from individuals
  • Through our websites
  • From healthcare professionals
  • From contract research organizations and clinical trial investigators
  • From government agencies or public records
  • From third party service providers, data brokers or business partners
  • From industry and patient groups and associations
  • From social media or other public forums (including adverse event information or product quality complaints)

Types of Personal Information We Collect

The types of personal information we collect and share depend on the nature of the relationship you have with GBT and the requirements of applicable laws. We may collect:

  • Health and medical information (such as medical insurance details, information about physical and mental health conditions and diagnoses, treatments for medical conditions, genetic information, family medical history, and medications an individual may take, including the dosage, timing, and frequency) we collect in connection with managing clinical trials, conducting research, providing patient support programs, and tracking adverse event reports
  • Contact information and preferences (such as name, job title and employer name, email address, mailing address, phone number, and emergency contact information)
  • Biographical and demographic information (such as date of birth, age, gender, marital status, and information regarding any parents or legal guardians)
  • Professional credentials, educational and professional history, and institutional affiliations
  • Payment-related information we need to pay for professional services, such as consulting, that individuals may provide to us (such as tax identification number and financial account information)
  • Engagement data, such as information about the programs and activities in which you have participated (including the investor presentations you have viewed), and, if you are a health care professional, your prescribing of our products and the agreements you have executed with us)
  • Digital identifiers, such as your photograph, social media handle or digital or electronic signature
  • Publicly available information, including information posted on or collected from our social media channels (such as comments describing support for and experience with GBT products)
  • Correspondence and other information you provide to us (such as in emails, on phone calls, in market research surveys, or in other correspondence with GBT or our service providers or business partners)
  • Information collected automatically, using cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, and similar technologies, including:
    • Device data that is collected automatically (such as IP Address, your device’s operating system, your Internet service provider and location, browser type and language, your unique device ID (persistent/non-persistent), and the website you visited before browsing to our website)
    • Online activity data that is collected automatically (such as information about the website content you access and information about the date, time and duration of your visit)

This information may be collected by us, our service providers, or our advertising partners, over time and across third-party websites. Our emails may also contain web beacons, which we may use to understand which webpages you accessed and which content you viewed, to measure the success of our marketing campaigns or engagement with our emails, and to compile statistics about usage of our websites.

We may combine other publicly available information, such as information related to the organization for which you work, with the personal information that you provide to us.

How We Use Personal Information

To operate and improve our websites, including to:

  • Operate, maintain, administer and improve the websites
  • Better understand your needs and interests, and personalize your experience with the websites
  • Provide support and maintenance for our websites
  • Respond to your service-related requests, questions and feedback

To communicate with you, including to:

  • Provide you with investor, media or other materials
  • Send you copies of our press releases or other information
  • Send you surveys or other marketing communications

To advertise our products and services, by working with third party advertising partners who use cookies and similar technologies to help us advertise our products and services. These advertisements are delivered by our advertising partners and may be targeted based on your activity on our websites and other online services. 

To perform and administer clinical trials, research and product-improvement activities, when necessary to facilitate our clinical trials, research, studies, and related activities that support product improvement, including to:

  • Staff and manage clinical trials, including by recruiting investigators and participants
  • Track and respond to safety and product quality concerns (including product recalls)
  • Support public health initiatives, symposia, conferences, and scientific, educational and volunteer events
  • Facilitate medication adherence programs
  • Define and manage appropriate patient engagement activities, and patient support programs (including to provide co-pay and other financial assistance where available)
  • Identify and engage thought leaders and external experts
  • Award scholarships and grants
  • Attribute authorship to academic and promotional materials
  • Promote our product(s) and provide disease-state education

To provide our products and services, including to:

  • Manage access to our products, including where access is limited by law to licensed physicians
  • Pay for services that physicians, researchers and other individuals may provide to us

To comply with law, as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention, and safety, where we may use personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern our websites, products and services; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

To comply with regulatory monitoring and reporting obligations, as we believe necessary or appropriate, such as those related to adverse events, product complaints, patient safety, and financial disclosures.

With your consent, where we specifically ask for consent to collect, use or share personal information, such as when required by law.  

To create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect, by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes.

How We Share Personal Information

We do not share personal information with third parties without consent, except in the following circumstances or as described in this Privacy Policy:

Affiliates.  We may share personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers.  We may employ third party companies and individuals to perform services on our behalf, including:

  • Contract research organizations that conduct clinical trials
  • Data storage and analytics
  • Customer service (including our medical information line) and patient support program providers (including for product quality and adverse event reporting, patient co-pay assistance, medicine intake adherence programs, etc.)
  • Product recall administration
  • Technology services and support (including email and web hosting providers, marketing and advertising technology providers, email and text communications providers, mobile app developers)
  • Event planning and travel organizations that help facilitate GBT programs
  • Payment, shipping and fulfillment service providers

These third parties may use your information only as directed by GBT and in a manner consistent with this Privacy Policy, and are prohibited from using or disclosing your information for any other purpose.

Business partners and other professionals and organizations.  We may disclose personal information to partners with whom we jointly develop products or services, in connection with the development and promotion of such products or services. We will ask for your consent before disclosing your information with our business partners where required by applicable law. We may also share personal information with health care professionals, researchers, academics, public health organizations, and publishers for purposes consistent with this Privacy Policy.

Professional advisors.  We may disclose personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

The public. We may make available functionality that enables you to disclose information to the public; for example, when you submit or permit us to post testimonials on our website(s) and/or social media channels. We do not control how other individuals or third parties use any personal information that you make available to the public.

Advertising partners.  We may share personal information with third party advertising companies that collect information about your activity on our websites and other online services for advertising purposes.

For compliance, fraud prevention and safety.  We may share personal information for the compliance, fraud prevention and safety purposes described above.

Business transfers.  We may sell, transfer or otherwise share some or all of our business or assets, including personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

Update your information.  If you become aware that the personal information we maintain about you is inaccurate, incomplete, misleading, irrelevant or out of date, you may contact us at

Marketing communications.  You may opt out of marketing-related emails by clicking the “Unsubscribe” link at the bottom of each such email, or by sending an email with the subject line “Unsubscribe” to You may continue to receive service-related and other non-marketing emails.

Do Not Track.  Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit

Testimonials.  If you gave us consent to post a testimonial on our websites and/or or social media pages, but wish to update or delete it, please contact us at

Choosing not to share personal information.  Where we are required by law to collect personal information, or where we need personal information in order to provide you with our products or services, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our products or services and may need to terminate our relationship with you. We will tell you what information you must provide to us by designating it as required when we request the information or through other appropriate means.

Cookies and other technologies.  Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, our websites may not work properly. For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit If you do not accept our cookies, you may experience some inconvenience in your use of our websites.

We use Google Analytics to help us understand how our websites are performing and being used. Google Analytics uses its own cookies. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our websites by downloading and installing a browser plugin available here.


The security of personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

Job Applicants

When you visit the careers portion of our website, we collect the information that you provide to us in connection with your job application. This includes business and personal contact information, professional credentials and skills, educational and work history, and other information of the type that may be included in a resume. This may also include diversity information that you voluntarily provide. We use this information to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, and monitoring recruitment statistics. We may also use this information to operate and improve our websites, to communicate with you, and as otherwise necessary to comply with law or for compliance, fraud prevention, and safety purposes.


We do not knowingly collect personal information from anyone under the age of 13 on our websites. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us at

International Data Transfers

GBT is headquartered in the United States and has affiliates and service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.

European Union users should read the important information provided below about transfer of personal information outside of the European Union.

Other Sites and Services

We may provide links to other websites and online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our websites. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if we have your contact information).

Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on our websites (or as otherwise indicated at the time of posting). In all cases, your continued use of the websites, our products and services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

Contact Us

Please direct any questions or comments about this Privacy Policy or privacy practices to You may also write to us via postal mail at:

Global Blood Therapeutics, Inc.
Attn: Chief Privacy Officer
181 Oyster Point Boulevard
South San Francisco, CA 94080

Notice to European Users

Personal information.  References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller and Representative.  Global Blood Therapeutics, Inc. is the controller of your personal information for purposes of European data protection legislation. See the Contact Us section above for contact details. GBT’s EU representative is MyData Trust and can be reached at:

You can also contact the Data Protection Officer of GBT at

Legal bases for processing.  We use your personal information only as permitted by law. Our legal bases for processing the personal information described in this Privacy Policy are as follows:

  • Legal compliance.  We may need to collect, use, and otherwise process your personal information to comply with our legal obligations, such as regulatory monitoring and reporting obligations.
  • Legitimate interests.  We may process your personal information where we have a legitimate interest in doing so, provided that our interests are not outweighed by any potential impact of the processing on you, or your fundamental rights and freedoms.
  • Contract.  We may need to process your personal information to perform a contract with you or to take steps that you have requested prior to entering into the contract.
  • Necessity.  We may need to process your personal information to protect your vital interests, or those of another person.
  • Consent.  In some cases, we may rely on your consent to process your personal information. Where we rely on your consent, you have the right to withdraw it at any time in the manner indicated when we requested the consent or by contacting us at

Use for new purposes.  We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an incompatible purpose, we will notify you, explain the applicable legal basis and ask for your consent if required.

Retention.  We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, for how long we informed you we would retain it , or for as long as required by law. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

Your rights.  European data protection laws give you certain rights regarding your personal information. If you are located within the European Union, you may ask us to take the following actions in relation to your personal information that we hold:

  • Provide you with information about our processing of your personal information and give you access to your personal information.
  • Update, complete or correct inaccuracies in your personal information.
  • Delete your personal information.
  • Transfer a machine-readable copy of your personal information to you or to another controller of your choice.
  • Restrict the processing of your personal information.
  • Object, on the ground relating to your particular situation, to the processing of your personal data.

You may submit these requests by email to or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the Data Protection Authority in the member state of your habitual residence, of your place of work, or where an alleged infringement took place. You can find your Data Protection Authority here

Cross-border data transfer. If we transfer your personal information out of Europe to a country not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be performed:

You may contact our DPO if you want further information on the specific mechanism used by us when transferring your personal information out of Europe.

Recipients. Please see How We Share Personal Information above.

Notice to California Residents

We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of the personal information.

Under the CCPA, this Notice to California Residents and the privacy practices and rights it describes do not apply to the information we collect, use or disclose about clinical trial volunteers, candidates, participants and investigators, health care providers, and other individuals who represent businesses that provide services to us or to which we provide our products or services. This is because information about these individuals is governed by clinical trial regulations, the California’s Confidentiality of Medical Information Act or the Health Insurance Portability and Accountability Act of 1996, or is subject to the CCPA’s exemption on business contact information.

Personal Information We Collect, Use and Share

We do not sell personal information. As we explain in this Privacy Policy, we use cookies and other tracking technologies to analyze website traffic and facilitate advertising. If you would like to opt out of our (and our third party advertising partners’) use of cookies and other tracking technologies, please review the instructions provided in the Online Tracking Opt-out Guide.  

In addition to the information in our Privacy Policy, the following chart further describes our privacy practices with respect to individuals whose information is not subject to the above exceptions and is governed by the CCPA, such as our individual investors and consumers who visit our websites.

Personal information we collectCCPA-defined categories
(click for details)
Sources from which we may collect the personal informationPurposes for which we may collect and use the personal informationCategories of third parties to which we disclose the personal information
• Personal and business contact information• Identifiers• You• To operate and improve our websites
• To communicate with you
• Affiliates
Correspondence• Online identifiers

• Professional or employment information
• Engagement data

• Device data

• Online activity data

• Information derived from device data and online activity data
• Inferences

• Internet or Network Information

• Online Identifiers

• Commercial information
• You
• Automatic collection
• To operate and improve our websites
• To communicate with you
• To advertise our products and services
• Advertising partners

Please note that we may also disclose all personal information to affiliates, service providers, and professional advisors, in connection with business transfers, and for compliance, fraud prevention and safety purposes as described in the “How We Share Personal Information” section of the Privacy Policy.

California Residents’ Privacy Rights

Except as excluded from the scope of this notice above, the CCPA grants California residents the following rights:

  • Information.  You can request information about how we have collected, used and shared and used your Personal Information during the past 12 months. We have made this this information available to California residents without having to request it by including it in this notice, in the above chart.
  • Access.  You can request a copy of the personal information that we maintain about you.
  • Deletion.  You can ask us to delete the personal information that we collected or maintain about you.

Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you. 

You are entitled to exercise the rights described above free from discrimination.

How to Submit a Request

  • To request access to or deletion of personal information:
  • Identity verification.  We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We may attempt to verify your identify by asking you to confirm information that we have on file about you or your interactions with us. Where we ask for additional personal information to verify your identity, we will only use it to verify your identity or your authority to make the request on behalf of another consumer.
  • Authorized agents.  California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.

List of Data Elements That Constitute “Personal Information” under California Civil Code §1798.140(o)

  • Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers;
  • Characteristics of protected classifications under California or federal law;
  • Commercial information, including records of personal property, products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies;
  • Biometric information;
  • Internet or other electronic network activity information, including, but not limited to: browsing history, search history, and information regarding a consumer’s interaction with a website, application, or advertisement;
  • Geolocation data;
  • Audio, electronic, visual, thermal, olfactory, or similar information;
  • Professional or employment-related information;
  • Education information, defined as information that is not publicly available or personally identifiable, as defined in the Family Educational Rights and Privacy Act (20 U.S.C. §1232g, 34 C.F.R. Part 99)
  • Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Effective as of March 31, 2020