Policy on Global Data Privacy

Astellas is a data-driven organization and as a result personal information is central to our business. We also know how important privacy is to all individuals impacted by our processing of their personal information, and we are committed to collect and use such personal information both fairly and transparently. Astellas retains a data privacy policy which is implemented globally to ensure that Astellas conducts its business throughout the world in accordance with applicable privacy laws and high ethical standards.

Astellas Global Data Privacy Policy defines the following six core principles, which require that personal information must:

1. Be processed lawfully, fairly and transparently.
2. Only be collected for specific and legitimate purposes.
3. Be adequate, relevant and limited to only what is necessary.
4. Be accurate and, where possible, kept up-to-date.
5. Be retained for only as long as necessary.
6. Be kept secure and protected against loss or inappropriate (e.g., unauthorized) access or disclosure.

Astellas has actively operationalized a privacy program that supports all business operations to achieve both regulatory compliance with applicable privacy laws & regulations globally and business efficiency in the pursuit of Astellas’ vision to bring value to patients in a responsible and ethical manner. Privacy is at the heart of what we do at Astellas.

Physicians, patients, employees, suppliers, and other individuals, may share their personal information with Astellas. And they all trust us to keep their information safe, use it responsibly, and to always handle it with care.

Our position is that we are not just protecting their data; we are protecting their personal stories!

Updated in November 2023