We want to make sure you understand what personal information we may collect about you when you interact with Immunocore Ltd, how we use your personal information, and how we keep it safe.

This Privacy Notice explains:

  • What personal information we collect about you
  • How we use your personal information
  • On what basis we use your personal information
  • How long we keep your personal information
  • We may share your personal information with others and transfer it internationally
  • How we protect your personal information
  • Your rights regarding your personal information
  • What to do if you don’t want to provide us with your personal information
  • How we use cookies and where to find further information

We may change this Privacy Notice from time to time. We encourage you to review this Privacy Notice periodically.

If you have any questions, please get in touch via one of the methods set out in the Contact us section below.

What personal information do we collect?

The personal information we collect when you interact with us via this website, by email, by phone, at a conference or via any other means includes:

Information you provide us with, such as

  • Your email address
  • Email communications sent to Immunocore Ltd


Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

How do we use your personal information?

We may use your personal information to:

Provide you with information and services including:

  • Our press releases
  • Our newsletters

Contact and interact with you, including to:

  • Respond to your requests (for instance if you send us an email).
  • Provide important notices and updates, such as changes to our terms and policies, security alerts and administrative messages.

Operate our business, including to:

  • Comply with applicable laws, regulations and guidance.
  • Comply with demands or requests made by regulators, governments, courts and law enforcement authorities.
  • Investigate and take action against illegal or harmful behaviour of users.

Improve our day-to-day operations, including:

  • For internal purposes such as auditing, data analysis and research to help us deliver and improve our Immunocore digital platforms, content and services.
  • To monitor and analyse trends, usage and activities in connection with our products and services to understand which parts of our digital platforms and services are of the most interest and to improve the design and content of our platforms.
  • To improve our products and services and our communications to you.
  • Where applicable, to ensure we have up-to-date contact information for you.

On what basis do we use your personal information?

Data privacy law sets out a number of different reasons on which a company may rely to collect and use your personal information.

We use your personal information for the following reasons:

  • For legitimate business purposes: We use your personal information to make our communications with you more relevant and personalised to you, and to make your experience of our products and services efficient and effective. It also helps us to operate and improve our business and minimise any disruption to the services that we may offer to you.
  • To comply with our legal obligations and other demands for information: It is important to us that we are able to comply with laws, regulations and guidance, as well as the other requests or demands for data as set out here. They affect the way in which we run our business and help us to make our products and services as safe as we can.
  • You have given your consent: At times we may need to get your consent to allow us to use your personal information for one or more of the purposes set out above. See the “Your rights regarding your personal information” section for information about the rights that you have if we process your information on the basis of your consent.

How long will we keep your personal information?

We will always keep your personal information for the period required by law and where we need to do so in connection with legal action or an investigation involving Immunocore. Otherwise, we keep your personal information:

For as long as needed to provide you with access to services you have requested.
Where you have contacted us with a question or request, for as long as necessary to allow us to respond your question or request.

We sometimes share your personal information with others and transfer it internationally

We may share your personal information with:

  • Members of Immunocore Holdings plc
  • The following trusted third parties:
    • Our agents and suppliers, including those who provide us with technology services such as data analytics, hosting and technical support.
    • Our professional advisors, auditors and business partners.
    • Regulators, governments and law enforcement authorities.
    • Other third parties in connection with re-organising all or any part of our business.

Your personal information may be processed by Immunocore and Immunocore’s trusted third party suppliers outside of your home country. Data privacy laws in the countries to which your personal information is transferred may not be equivalent to, or as protective as, the laws in your home country.

We will implement appropriate measures to ensure that your personal information remains protected and secure when it is transferred outside of your home country, in accordance with applicable data protection and privacy laws. These measures include data transfer agreements implementing standard data protection clauses. You can find more information about data transfer agreements here.

Protecting your personal information

We use a variety of security measures and technologies to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction in line with applicable data protection and privacy laws. For example, when we share your personal information with external suppliers, we may put in place a written agreement which commits the suppliers to keep your information confidential, and to put in place appropriate security measures to keep your information secure.

The transmission to us of information via the internet or a mobile phone network connection may not be completely secure and any transmission is at your own risk.

Websites that we do not own or control

From time to time we may provide links to websites or mobile applications that are not owned or controlled by us. This Privacy Notice does not apply to those websites. If you choose to use those websites, please check the legal and privacy statements posted on each website or mobile application you access to understand their privacy practices.

Your rights regarding your personal information

Data privacy laws provide you with a number of rights over your personal information.

You may be entitled to:

  • Ask Immunocore for access to the personal information Immunocore holds about you.
  • Request the correction and/or deletion of your personal information.
  • Request the restriction of the processing of your personal information, or object to that processing.
  • Withdraw your consent to the processing of your personal information (where Immunocore is processing your personal information based on your consent).
  • Request for the receipt or the transfer to another organisation, in a machine-readable form, of the personal information that you have provided to Immunocore.
  • Complain to your local data protection authority if your privacy rights are violated, or if you have suffered as a result of unlawful processing of your personal information.
  • If you would like to exercise your rights, please let us know by getting in touch with us as set out in the Contact us section below.

What if you do not want to provide us with your personal information?

Where you are given the option to share your personal information with us, you can always choose not to do so.

If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. This could mean that we may not be able to perform the actions necessary to achieve the purposes as set out in the section “How do we use your personal information?” above or that you are unable to make use of the services and products offered by us.

Cookies and other technologies

To improve your experience on our site, we may use ‘cookies’. Cookies are an industry standard and most major web sites use them. A cookie is a small text file that our site may place on your computer as a tool to remember your preferences. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

Social media guidelines

Welcome to our Immunocore online community. We value your interest and participation. Because we work in a regulated industry, however, when you engage with us on any of Immunocore’s social media channels you are agreeing to abide by these Community Guidelines. These are a supplement to any other disclosures provided, such as those discussing Privacy or Terms of Use, including those of the platform itself (e.g. Twitter, LinkedIn, etc.).
Our posts are informational only and are not to be considered health or medical advice. You should also not consider any comments or posts by others to be a substitute for advice from your own doctor. Always talk to a medical professional to address questions about a medical condition.

We have set up our social accounts to share news and information with you. We do not promise to respond to comments or links you may post but do reserve the right to remove a comment or link at our sole discretion. Reasons we might remove them include:

  • The comment mentions a specific product – whether ours or those of another company- and does not include all the information required by the government;
  • The comment includes false, misleading, inaccurate or deceptive information;
    The comment contains language, images or links that are defamatory, profane, obscene, or disparaging of others’ race, gender, religion, age or lifestyle, or it contains threats/ messages condoning violence or illegal behaviors;
    The comment is off-topic or is using our space to advertise or promote other sites, products or services or to solicit followers.

If you are a minor, do not post or share comments without the permission of a parent or legal guardian.

Please be cautious about sharing details about your own healthcare or providing advice or suggestions to others. If you share personal information about other people, you are representing to us that you have the legal right and/or permissions to do so.

Comments or content posted by any person other than Immunocore are solely the views, opinions and responsibility of the person expressing them, and do not necessarily reflect our views or opinions. Immunocore does not guarantee the accuracy or reliability of third party materials.

On occasion, Immunocore may link to another website or social media account not generated by Immunocore. Doing so is not an endorsement of that site, and Immunocore has no responsibility to independently validate the accuracy or content on the third-party account.

If you are a medical professional and require further information about Immunocore, clinical research or clinical trials we are conducting, please send an e-mail to medicalinformation@immunocore.com

If you are a patient and require further information about Immunocore, clinical research or clinical trials we are conducting, please contact your physician.

Contact us

If you have questions or requests regarding this Privacy Notice, or if you would like to exercise your rights, please contact Immunocore Ltd using the contact information below.

T: +44 (0) 1235 438600

E: info@immunocore.com

You can contact Immunocore’s Data Protection Officer using the email address: dataprotection@immunocore.com

California Privacy Policy

Effective Date: 05/06/2020

This Privacy Policy for California Residents (“California Privacy Policy”) supplements the information contained in the Immunocore Ltd (“Immuncore,” “we,” “us,” or “our”) privacy policy. Immunocore has adopted this California Privacy Policy in accordance with the notice requirements under the California Consumer Privacy Act of 2018, as amended (“CCPA”), and any terms defined in the CCPA have the same meaning when used in this California Privacy Policy.

This California Privacy Policy is parallel in scope to our privacy policy.

Definitions Specific to this Policy

The CCPA includes definitions for terms specific to this California Privacy Policy that do not apply to Immunocore’s privacy policy, including the following terms:

“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include publicly available information obtained from government records; deidentified or aggregated consumer information that cannot be reconstructed to identify you; any information covered under the Gramm-Leach-Bliley Act or the California Financial Information Privacy Act, activities covered by the Fair Credit Reporting Act, or protected health information as defined under the Health Insurance Portability and Accountability Act.

“Sale” or “sell” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.

“Service Provider” means a sole proprietorship, partnership, limited liability company, corporation, association, or other legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners, that processes information on behalf of a business and to which the business discloses a consumer’s Personal Information for a business purpose pursuant to a written contract.

“Third Party” means a person or entity who is not a business that collects Personal Information from consumers, as defined in the CCPA, and to whom the business discloses a consumer’s Personal Information for a business purpose pursuant to a written contract.

The Personal Information We Collect

The chart below shows the categories of Personal Information we collect or “may collect”; examples of the type of Personal Information in each category; all types of sources from which each category of Personal Information is collected; and the business purpose(s) for which that category of Personal Information is collected. We do not sell Personal Information. This information covers the past 12 months.

Categories
of Personal
Information
Examples:Types of Sources from which this Category of Personal Information Is CollectedBusiness
Purpose(s)
for Collection
Unique identifiersName, address, telephone, email, online identifier, IP addressEmails to us from website usersTo respond to emails to us from website users
Internet activityInternet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisementWebsite hostTo analyze use of our website
Geolocation dataGeolocation dataWebsite hostTo analyze use of our website

We will not collect a category of Personal Information not listed above, or use any Personal Information collected in any of the above categories for a business purpose not listed above, without first providing you with notice.

You have the right to request certain information regarding the Personal Information we have collected about you in the preceding 12 months. You may make such a request up to twice in a 12-month span. Please note that there are circumstances in which we may not be able to comply with your request pursuant to the CCPA, including when we cannot verify your request and/or when there is a conflict with our own obligations to comply with other legal or regulatory requirements. We will notify you following submission of your request if this is the case.

  • If you would like to request (1) the categories of Personal Information collected about you; (2) the categories of sources providing that Personal Information; and (3) the business purpose for collecting that Personal Information, please email us at info@immunocore.com.
  • If you would like to request the specific pieces of Personal Information we collected about you, please email us at info@immunocore.com. We will confirm receipt of the request within ten (10) business days.
  • If you would like to request (1) the categories of Personal Information collected about you; and (2) the categories of Personal Information that were disclosed for a business purpose, please email us at info@immunocore.com.

Verification Process

Only you, or a person that you authorize to act on your behalf, may make a request related to your personal information. In the case of access and deletion, your request must be verifiable before we can fulfill such request.

Verifying your request will require you to provide sufficient information for us to reasonably verify that you are the person about whom we collected personal information, or a person authorized to act on your behalf.

We will only use the personal information that you have provided in a verifiable request in order to verify your request. As stated above, we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority.

Non-Discrimination

We will not discriminate against you if you exercise any of the rights provided by the CCPA set forth in this California Privacy Policy. Please note that a legitimate denial of a request for information, deletion, or to opt-out is not discriminatory, nor is charging a fee for excessive or repetitive consumer requests as permitted by the CCPA.

Deletion of Your Personal Information

You have the right to request that we delete certain Personal Information that we have collected. Please note that there are circumstances in which we may not be able to comply with your request pursuant to the CCPA, including when we cannot verify your request and/or when there is a conflict with our own obligations to comply with other legal or regulatory requirements. We will notify you following submission of your request if this is the case.

If you would like to request that we delete your Personal Information pursuant to the requirements of the CCPA, please email us at info@immunocore.com.

Authorized Agents

You may designate an authorized agent to exercise your rights under the CCPA on your behalf.

Pursuant to the CCPA:

  • Only a business entity or natural person registered with the California Secretary of State may act as an authorized agent.
  • You must provide the authorized agent written permission to exercise your rights under the CCPA on your behalf.
  • We may deny a request from an authorized agent on your behalf if the authorized agent does not submit proof that he, she, or it has been authorized by you to act on your behalf if we request such proof, as permitted by the CCPA.
  • Even if you use an authorized agent to exercise your rights under the CCPA on your behalf, pursuant to the CCPA we may still require that you verify your own identity directly to us. This provision does not apply if you have provided with a power of attorney under California Probate Code sections 4000 to 4465.

Additional Information

If you would like additional information regarding our California Privacy Policy, please email us at info@immunocore.com. Additionally, if you would like to receive our California Privacy Policy in an alternative form, please email us at info@immunocore.com.

Additional California Privacy Rights

California Civil Code Section § 1798.83 permits users of our web site that are California residents to request certain information regarding our disclosure of personal information to other parties for their direct marketing purposes. To make such a request, please send an email to info@immunocore.com with the subject “Shine the Light Request.”

You may view our main privacy policy here or contact us at info@immunocore.com with any questions.

Changes to Our California Privacy Policy

Immunocore reserves the right to amend this California Privacy Policy at our discretion and at any time. When we make changes to this California Privacy Policy, we will post an updated notice on our website with the effective date.