Privacy Policy
Last Updated: June 2026
Jsuru Therapeutix (“we,” “us,” or “our”) is committed to protecting the privacy of individuals who interact with our website and services. This Privacy Policy explains how we collect, use, disclose, and protect your personal information in compliance with applicable privacy laws, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR). By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy.
1. Information We Collect
We collect information to operate effectively, advance our research mission, and communicate with stakeholders. The types of information we may collect include:
Personal Identification Information
When you interact with our website, submit a form, or correspond with us, we may collect your name, email address, phone number, and mailing address.
Professional Information
For healthcare professionals, researchers, and potential partners, we may collect your job title, institutional or organizational affiliation, medical specialty, areas of research interest, and professional credentials.
Usage Data and Analytics
We automatically collect certain technical information when you visit our website, including:
- IP address and approximate geolocation
- Browser type, version, and language preference
- Operating system and device type
- Pages visited, time spent on each page, and navigation paths
- Referring URL and search terms used to reach our website
- Date and time of access
Communications
We retain records of correspondence when you contact us via email, web forms, or other communication channels. This includes the content of your messages, attachments, and any information you voluntarily provide.
Information from Partners and Public Sources
We may supplement the information we collect with data obtained from trusted third-party sources, including publicly available databases, industry directories, scientific publication databases, and strategic partners. This data helps us maintain the accuracy of our records and better understand the communities we serve.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Respond to Inquiries: To answer your questions, fulfill requests for information about our pipeline, and provide customer support.
- Scientific and Investor Communications: To send peer-reviewed publications, therapeutic pipeline updates, press releases, SEC filings, and investor relations materials to individuals who have opted in to receive them.
- Clinical Trial Recruitment and Research Partnerships: To facilitate clinical trial enrollment processes, identify potential research collaborators, and support investigator-initiated studies related to our therapeutic areas.
- Website Improvement: To analyze usage patterns, diagnose technical issues, optimize content and layout, and enhance the overall user experience of our digital properties.
- Legal and Regulatory Compliance: To meet obligations imposed by applicable laws, regulations, and industry standards, including FDA reporting requirements, SEC disclosure obligations, and pharmacovigilance regulations.
- Fraud Prevention and Security: To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity, and to protect the security and integrity of our systems and data.
3. Legal Basis for Processing (GDPR)
For individuals located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process personal data based on the following legal grounds:
- Legitimate Interests: We may process your data when it is in our legitimate business interests to do so, such as improving our services, conducting analytics, ensuring network security, or communicating with healthcare professionals about our research. We balance these interests against your fundamental rights and freedoms.
- Consent: Where required by law, we obtain your explicit consent before processing your personal data—for example, before sending marketing communications or placing non-essential cookies on your device. You may withdraw your consent at any time.
- Legal Obligation: We process personal data when necessary to comply with a legal obligation to which Jsuru Therapeutix is subject, such as regulatory reporting, tax compliance, or responding to lawful requests from public authorities.
- Performance of a Contract: We process personal data when it is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract, such as a research collaboration agreement or clinical trial participation.
4. Sharing of Information
We may share your information in the following limited circumstances:
- Service Providers and Vendors: We engage trusted third-party companies to perform services on our behalf, including website hosting, data analytics, email delivery, cloud storage, and IT support. These service providers are bound by data processing agreements that restrict their use of your data to the services they provide to us and require them to maintain appropriate security measures.
- Regulatory Authorities: We may disclose personal data to regulatory bodies, law enforcement agencies, or other governmental authorities when required to do so by law, regulation, legal process, or enforceable governmental request. This includes disclosures to the FDA, EMA, SEC, or equivalent authorities in other jurisdictions.
- Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
- With Your Consent: We may share your information with third parties when you have given us your explicit consent to do so.
5. Cookies and Tracking Technologies
Please refer to our Cookies Policy page found here .
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention considerations include:
- General Correspondence: Records of inquiries and communications are retained for up to three (3) years after the last interaction, unless a longer period is required for legal or regulatory purposes.
- Regulatory and Compliance Records: Data related to clinical trials, pharmacovigilance, regulatory submissions, and SEC filings may be retained for extended periods as mandated by applicable regulations—in some cases, up to fifteen (15) years or longer.
- Marketing and Communications Preferences: Your subscription preferences and opt-out records are retained for as long as necessary to honor your communication choices.
- Anonymized and Aggregated Data: Data that has been irreversibly anonymized or aggregated so that it can no longer identify you may be retained and used indefinitely for research, analytics, and reporting purposes.
When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention and disposal procedures.
7. Your Rights
Rights Under the California Consumer Privacy Act (CCPA)
If you are a California resident, you have the following rights under the CCPA and its amendments (CPRA):
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the purposes for collection, and the categories of third parties with whom it was shared.
- Right to Delete: You may request the deletion of personal information we have collected from you, subject to certain legal exceptions (e.g., regulatory retention requirements).
- Right to Opt-Out of Sale: Although we do not sell personal information, you have the right to direct us not to sell your data. We honor Global Privacy Control (GPC) signals.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. You will not receive different pricing, quality of service, or access as a result of exercising your privacy rights.
- Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
Rights Under the General Data Protection Regulation (GDPR)
If you are located in the EEA, UK, or Switzerland, you have the following rights under the GDPR:
- Right of Access: You may request a copy of the personal data we hold about you.
- Right to Rectification: You may request that we correct inaccurate or incomplete personal data.
- Right to Erasure (“Right to Be Forgotten”): You may request that we delete your personal data, subject to legal retention obligations.
- Right to Data Portability: You may request that we provide your personal data in a structured, commonly used, machine-readable format for transfer to another controller.
- Right to Object: You may object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
- Right to Restrict Processing: You may request that we limit the processing of your personal data under certain circumstances.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.
How to Exercise Your Rights
To exercise any of the rights described above, please contact us using the information provided in the Contact Us section below. We will respond to verified requests within the timeframes required by applicable law—typically within 30 days for GDPR requests and 45 days for CCPA requests. We may need to verify your identity before processing your request.
8. Data Deletion & Unsubscribe
We respect your right to control your personal data. You may request the deletion of your data or unsubscribe from our communications at any time.
Please note that certain data may be retained as required by law or for legitimate business purposes, such as maintaining records of pharmacovigilance reports or regulatory correspondence. In such cases, we will inform you of the specific data retained and the legal basis for its retention.
9. Data Security
We take the security of your personal data seriously and implement industry-standard technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security measures include:
- Encryption in Transit and at Rest: All data transmitted between your browser and our servers is encrypted using Transport Layer Security (TLS 1.2 or higher). Sensitive data stored on our systems is encrypted at rest using AES-256 encryption.
- Access Controls: We enforce role-based access controls (RBAC), multi-factor authentication (MFA), and the principle of least privilege to ensure that only authorized personnel can access personal data.
- Employee Training: All employees and contractors who handle personal data receive regular training on data protection, information security best practices, and our internal privacy policies.
- Security Audits and Assessments: We conduct regular internal and third-party security audits, penetration testing, and vulnerability assessments to identify and remediate potential risks.
- Incident Response: We maintain a comprehensive incident response plan to address data breaches or security incidents promptly. In the event of a breach, we will notify affected individuals and relevant authorities as required by applicable law.
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to continuously improving our safeguards.
10. International Data Transfers
Jsuru Therapeutix operates globally, and your personal data may be transferred to, stored in, or processed in countries other than your country of residence, including the United States, where data protection laws may differ from those in your jurisdiction.
When we transfer personal data outside the EEA, UK, or Switzerland, we ensure that appropriate safeguards are in place to protect your data, including:
- Standard Contractual Clauses (SCCs): We use European Commission–approved Standard Contractual Clauses as the primary mechanism for cross-border data transfers, supplemented by additional technical and organizational measures where necessary.
- Adequacy Decisions: Where applicable, we rely on adequacy decisions issued by the European Commission or the UK Secretary of State recognizing certain countries as providing an adequate level of data protection.
- Data Processing Agreements: All international service providers are bound by comprehensive data processing agreements that require compliance with applicable data protection standards.
11. Children’s Privacy
Our website and services are not directed at, marketed to, or intended for use by children under the age of 13 (or 16 in jurisdictions where the GDPR applies). We do not knowingly collect, solicit, or maintain personal information from children under these age thresholds.
If we learn that we have inadvertently collected personal data from a child under the applicable age, we will take prompt steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at privacy@jsurutherapeutix.com so we can take appropriate action.
12. Third-Party Links
Our website may contain links to third-party websites, platforms, or services that are not owned or controlled by Jsuru Therapeutix. These may include links to scientific journals, regulatory agency websites, partner organizations, or social media platforms.
We are not responsible for the privacy practices, content, or security of any third-party websites. We encourage you to review the privacy policies of any third-party sites you visit. The inclusion of a link on our website does not imply endorsement of the linked site or its content by Jsuru Therapeutix.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations. When we make material changes, we will:
- Update the “Last Updated” date at the top of this page.
- Post the revised policy on our website.
- Where required by applicable law, provide additional notice, such as a banner on our website or a direct email notification to affected individuals.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website or services after the posting of changes constitutes your acceptance of the updated Privacy Policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact the Jsuru Therapeutix — Privacy Team:
Email: privacy@jsurutherapeutix.com
Mailing Address: 30 N Gould St # 60786, Sheridan, WY 82801
Contact Form: Contact Us
For GDPR-related inquiries, you may also contact our Data Protection Officer at the address above. If you are unsatisfied with our response, you have the right to lodge a complaint with your local supervisory authority.


