Privacy Policy

This Privacy Policy (“Policy”) governs the manner in which CRISPR Therapeutics AG and its respective subsidiaries and affiliates (“CRISPR”, “we”, “us”, or “our”) collects, uses, maintains and discloses information in connection with your use of our website (“Website”). This Policy does not apply to our collection, use, or disclosure of data collected through other means.

When you use the Website, you agree to our Terms of Use and collection, use, and disclosure of information about you as described in this Policy. Before you use or submit any information through this Website, please carefully review this Privacy Policy and our Terms of Use. IF YOU DO NOT AGREE TO THIS POLICY OR OUR TERMS, PLEASE DO NOT USE THIS WEBSITE.

We may change this Privacy Policy at any time and when we do we will post an updated version on the Website, unless another type of notice is required by the applicable law. By continuing to use the Website or providing us with information after we have posted an updated Privacy Policy or notified you (if applicable), you consent to the revised Privacy Policy and practices described in it.

Information We Collect

We collect and store information about you in multiple ways, including when you provide information directly to us and when we passively collect information from you, such as from your browser or device.

Information You Provide Directly to Us

We collect and store all information that you provide to us when using this Website. You might provide information to us in a variety of ways such as (but not limited to) when you submit any of the following on our Website: information requests, business proposals, employment inquiries, and responses to surveys.

The information you provide may include, but is not limited to: full name, home address, phone number, e-mail address and password, employment history, and your answers to background information questions.

Information Collected Automatically

When you visit any page on this Website, we may use one or more programs that monitor and evaluate this Website’s traffic. Any such program automatically records every visitor’s host, domain name, pages visited, length of user session, browser type and/or IP address. We may also collect information about your time zone or language.

When you visit and interact with this Website, CRISPR and third parties with whom CRISPR has contracted to provide services to CRISPR, may collect information via cookies, pixels, web beacons, or other tracking mechanisms (for example, a catalog of the site pages you visit, or your IP address), described in more detail, below.

Cookies and Other Tracking Mechanisms

We may also collect data about your use of the Website through the use of Internet server logs, cookies, tracking pixels, and/or other tracking technologies. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website that enables us to: (a) recognize your computer; (b) store your preferences and settings; (c) understand the web pages of the Website you have visited; (d) perform searches and analytics; and (e) assist with security administrative functions. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads, and/or email, and that are designed to provide usage information like ad impressions or clicks, measure popularity of the Website and associated advertising, and to access user cookies. We also may include web beacons in email messages, newsletters, and other electronic communications to determine whether the message has been opened and for other analytics, personalization, and advertising. As we adopt additional technologies, we may also gather additional information through other methods.

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Microsoft Edge; Google Chrome; Mozilla Firefox; or Apple Safari).

How We Use Your Information

We may use the information we collect from and about you for the following purposes:

  • complete any transactions you request online;
  • provide, improve, and troubleshoot the Website;
  • improve our products and services, and identify, develop, and offer new or expanded products and services;
  • notify you about updates, products and/or services from CRISPR, its affiliates, and selected third parties;
  • ask you to participate in brief surveys; and/or
  • generate aggregate statistical studies and conduct research related to our products and services and the use of the Website.

We may combine information that we collect from you and about you (including automatically collected information) with information we obtain about you from our affiliates and/or non-affiliated third parties, and use such combined information in accordance with this Policy.

We may aggregate and/or de-identify information collected through the Website. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and/or others.

Disclosure of Your Information

We may disclose your information to certain third parties with whom we have a direct or indirect business or contract relationship, under the following circumstances:

To our subsidiaries or affiliates: we may disclose your information to other companies within the CRISPR family of companies.

To our partners: we may disclose your information to our partners, including other companies and academic institutions, such as those listed or referenced on the Website.

To service providers: we disclose your information with third parties who perform services on our behalf, including without limitation market research, data storage, data analysis and processing, and legal services. When you request other services, we will provide your information to third parties with whom we arrange for those services to be provided.

To protect ourselves or others: we may also disclose information collected on this Website, in accordance with applicable law, to assert or defend our rights and property, to prevent harm to others, to collect a debt, or in response to legal processes such as subpoenas.

To comply with the law: we may also provide (or reserve the right to provide) information to regulators, law enforcement authorities, courts, and other governmental authorities, consistent with applicable laws.

Business transfers: if we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, your information and other information may be transferred to a successor or affiliate as part of that transaction.


We will keep your information for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so in connection with your account, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

Online Analytics

We may use third-party web analytics services (such as those of Google Analytics) on our Website to collect and analyze the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies” section above will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

If you receive email from us, we may use certain analytics tools, such as clear GIFs, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.

Your Choices

You have the ability to opt out of receiving promotional communications from CRISPR by emailing us at or clicking the unsubscribe link in the relevant email. Remember, however, that even if you opt out of promotional communications, CRISPR may still e-mail you in order to provide a product or service that you request.

You can also access your information, update or correct factual errors in your information by sending us an e-mail at To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.

Links to Third Party Sites

On the Website, we may link to third party websites, such as our partner companies, social media sites, academic institutions, government institutions or employment listings. For example, to view a job description or apply to an open position, you may be rerouted to a third-party website. Please note, CRISPR does not control the privacy policies or practices of these third-party sites. You should review those policies before providing any information.


We take reasonable administrative and technical steps to protect prevent unauthorized access to or misuse of your information but cannot guarantee that your information will never be disclosed in a manner inconsistent with this Policy (for example, as a result of unauthorized acts by third parties that violate applicable law or relevant Web policies).

Children’s Privacy

This Website is not directed at children and we do not knowingly collect personal information (as defined by the Children’s Online Privacy Protection Act) from children under the age of 13. If we become aware that we have collected personal information from children under the age of 13, we will take reasonable steps to delete it as soon as practicable. If a child provides us with this type of information online, please contact us to have the account deactivated by sending us an e-mail at

Do Not Track

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Although our Website currently does not recognize or respond to the various web browser Do Not Track signals, we do offer you choices to manage your preferences as described in the “Your Choices” section, above. To learn more about browser tracking signals and Do Not Track please visit

European Union (EU) Users

When you interact with the Website, we may collect information that, alone or in combination with other information, could be used to identify you (“Personal Data”). This section provides information on your rights under EU law (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and also includes Switzerland).

Data Controller. CRISPR Therapeutics AG is the data controller for your Personal Data. To find out our contact details, please see the “Contact Us” section below.

Your Rights. Subject to EU law, you have the following rights in relation to your Personal Data:

  • Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to erasure: You may ask us to erase your Personal Data in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable). If we shared your data with others, we will alert them to the need for erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
  • If we are relying on a legitimate interest (described below) to process your Personal Data -- unless we demonstrate compelling legitimate grounds for the processing; or
  • If we are processing your Personal Data for direct marketing.
  • Rights in relation to automated decision-making and profiling: You have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, unless this is necessary in relation to a contract between you and us or you provide your explicit consent to this use.
  • Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns.

Legitimate Interest. “Legitimate interests” means our interests in conducting our business. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Privacy Shield Frameworks

EU-U.S. Privacy Shield. CRISPR has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Privacy Shield Framework and its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement and Liability. CRISPR’s certification under the Privacy Shield applies to all Personal Data subject to this Privacy Policy and transferred from the EEA to the U.S. CRISPR is responsible for the processing of Personal Data it receives and subsequently transfers to a third-party acting as an agent on its behalf. CRISPR complies with the EU-U.S. Privacy Shield Principles for all onward transfers of Personal Data from the EEA, including the onward transfer liability provisions.

U.S.-Swiss Privacy Shield. CRISPR has certified to the U.S. Department of Commerce that it adheres to the U.S.-Swiss Privacy Shield Framework and its Principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement. CRISPR’s certification under the Privacy Shield applies to all Personal Data subject to this Privacy Policy and transferred from Switzerland to the U.S. CRISPR is responsible for the processing of Personal Data it receives and subsequently transfers to a third-party acting as an agent on its behalf. CRISPR complies with the U.S.-Swiss Privacy Shield Principles for all onward transfers of Personal Data from Switzerland, including the onward transfer liability provisions.

Dispute Resolution. Disputes within the jurisdiction of the EU-U.S. or Swiss Privacy Shield Frameworks should first be referred to . CRISPR has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss Privacy Shield Principles to JAMS, CRISPR’s independent recourse mechanism. If a timely acknowledgement of a complaint is not received, or if we have not satisfactorily addressed a complaint, please contact or visit the JAMS website at for more information or to file a complaint. The services of JAMS for Privacy Shield complaints are provided at no cost to the complainant. If neither CRISPR nor JAMS resolves the complaint, users may pursue binding arbitration through the Privacy Shield Panel. To learn more about the Privacy Shield Panel, visit here. Certain affiliates of CRISPR are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. Without prejudice to any other administrative or judicial remedy, users always have the right to lodge a complaint with the relevant data protection supervisory authority in their resident country.

Conflict. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. or Swiss Privacy Shield Principles, the Privacy Shield Principles shall govern according to jurisdiction. To learn more about the Privacy Shield program, and to view our certification, please visit

Employment Information. CRISPR commits to cooperate with the appropriate EU data protection authorities as well as the Swiss Federal Data Protection and Information Commissioner, and take steps to comply with the written advice provided by such authorities, regarding human resources data transferred from the EU (as noted above, including Switzerland) in the context of any employment relationship involving CRISPR.

Dispute Resolution

Users agree that any dispute or claim against CRISPR will be resolved by binding arbitration, rather than in court. Such disputes and claims shall be referred to and finally determined by arbitration in accordance with JAMS Streamlined Arbitration Rules and Procedures. By accessing the Website, users agree to not participate in or seek to recover monetary or other relief in any lawsuit filed against CRISPR alleging class, collective and/or representative claims. Instead, by agreeing to arbitration, users may bring claims against CRISPR in an individual arbitration proceeding. Claims of more than one individual cannot be arbitrated or consolidated with those of any other individual. Users acknowledge the advisement to consult with an attorney in deciding whether to accept this Privacy Policy prior to using the Website including this arbitration agreement. If any provision of this Privacy Policy is held to be invalid, the remaining provisions shall not be affected.


We will notify you of changes to the data processing activities described in this Privacy Policy by posting a prominent notice on the Website or the Apps or as otherwise required by law.

Contact Information

If you have any questions or concerns about this Privacy Policy or our privacy or security practices, you may contact us by e-mail at or write to us in care of: CRISPR Therapeutics AG, Attn: Legal Department, Baarerstrasse 14, Zug, V8 CH-6300 Switzerland.

This Privacy Policy is effective as of: November 20, 2018.

You are now leaving the CRISPR Therapeutics website.

CRISPR Therapeutics is not responsible for the content or availability of third-party sites.