Privacy Policy

Last updated March 8, 2022


Access to and use of the website, as well as any other media form, media channel, mobile website or mobile application related, linked, or otherwise connected thereto is collectively referred to as the “Site”.
The Site is made available by or on behalf of IndyKite Inc., also referred to as “we”, “us”, and “our”. You will find contact information for IndyKite Inc. in section 13 of this document.

By using the Site, you agree to be bound by this Privacy Policy, which is also incorporated into our Terms of Use posted on the Site.


The European Union (EU) General Data Protection Regulation (GDPR) is a first step toward giving individuals more control over how their data is used by organizations. IndyKite Inc. is committed to GDPR compliance.

“Personal Data” is data that identifies you as an individual or relates to an identifiable individual.  We collect Personal Data in various ways on this Site, including in connection with your inquiries, and automatically when you browse the Site.

You agree that we shall have no liability to you for any loss or corruption of any Personal Data, and you hereby waive any right of action against us arising from any such loss or corruption of the Personal Data.


If you sign up to be contacted by one of our representatives, you are asked to provide your name, e-mail address, the name of the company you represent, and the plan in which you are interested. There is also an “inquiry”-field where you may make an inquiry.

The legal basis for the processing of your Personal Data is your consent, ref. GDPR art 6 no 1 letter a.

We will furthermore process cookies. Please see the cookie information provided below in section 14.


We process the information to provide you with the above-mentioned functions and to provide you with optimal functionality and operation. We also process the information to manage and improve the Site.

If you provide your consent, we may use your Personal Data for the purpose of marketing. 

We may disclose Personal Data as follows:

  • To other IndyKite companies for the purposes described in this Privacy Policy. 
  • To our third-party service providers, to provide services such as website hosting, data analysis, and information technology and related infrastructure provision.

We may also use and disclose your Personal Data as we believe to be necessary or appropriate: 

  • To comply with applicable law (which may include laws outside your country of residence), to respond to requests from public and government authorities (which may include authorities outside your country of residence), to cooperate with law enforcement, or for other legal reasons.
  • To enforce our Terms of Use.

In addition, we may use, disclose, or transfer Personal Data to a third party in connection with any reorganization, merger, sale, joint venture, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

For our use of cookies, please see the cookie information provided below in section 14.

We will not use the Personal Data for any other purpose.


Please be advised the Site is hosted in the United States and locations outside the United States and are governed by United States law. 

If you are accessing the Site from the European Union, Asia, or any other region of the world outside the United States, please be aware that your information may be transferred to, stored and processed in the United States and other countries where our servers are located, and our databases are operated. The data protection and other laws of the United States and other countries might not be as comprehensive or protective of certain rights as those in your country. 

Under United States law, your information may be subject to access requests from governments, courts, or law enforcement in the United States. By using the Services, you explicitly consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share it as described in this Privacy Policy and processed in those facilities.


You may be entitled, where provided for under applicable data privacy laws and regulations, to:

  • Request access to the Personal Data we process about you: this right entitles you to know whether we hold Personal Data about you and, if we do, to obtain information on and a copy of the specific pieces and categories of Personal Data.
  • Request a rectification of your Personal Data: this right entitles you to have your Personal Data corrected if it is inaccurate or incomplete.
  • Object to the processing of your Personal Data: this right entitles you to request that we no longer process your Personal Data.
  • Request the erasure or deletion of your Personal Data: this right entitles you to request the erasure or deletion of your Personal Data, including where such Personal Data would no longer be necessary to achieve the purposes.
  • Request the restriction of the processing of your Personal Data: this right entitles you to request that we process your Personal Data only in limited circumstances, including with your consent.
  • Request portability of your Personal Data: this right entitles you to receive a copy (in a portable and, if technically feasible, readily usable format) of your Personal Data, or request us to transmit such Personal Data to another data controller.

Please note that we may not always be obliged to comply with a request of deletion, restriction, objection, or data portability. Assessment may be made on a case-by-case basis of our legal obligations and the exception to such rights.

In the event that our processing of your Personal Data or part thereof is based on your consent, you have the right to at any time withdraw your consent, in which case we will cease any further processing activities of your Personal Data or the relevant part thereof (however such withdrawal will not affect the legality of the data processing activities prior to the withdrawal).

To exercise any of these rights, please contact us as indicated in the Contact Us section 13.
We will respond to your request consistent with applicable law. 

Please note that we may need to retain certain Personal Data for record-keeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.


We utilize appropriate and reasonable legal, technical, and organizational security measures, including information technology security and physical security measures, to adequately protect your Personal Data.

These measures are appropriate to the risks posed by the processing of Personal Data and to the sensitivity of the Personal Data and consider the requirements of applicable local law. In addition, the measures are continuously improved in line with the development of available security measures.

We require all persons to abide by applicable security policies related to Personal Data when using our systems.


The Site is not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Data from such individuals. If you are under the relevant age of consent in your jurisdiction, you will need your parent’s or legal guardian’s permission to use the Site. 

Please consult with your parent or legal guardian before using the Site.
If you are providing us with Personal Data of individuals under the age of sixteen (16), you represent that you have the appropriate authority to do so, and that you can demonstrate such authority to us upon request.


We will retain your Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained and as outlined in this Privacy Policy.  The criteria used to determine our retention periods include:  (i) the length of time IndyKite has an ongoing relationship with you and provide the Site to you; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to the enforcement of the Site’s Terms of Use, applicable statutes of limitations, litigation or regulatory investigations).


This Privacy Policy does not address, and we are not responsible for, the data collection, use, disclosure or security practices, or other practices, of any third party, including any third party operating a service to which the Site links.  The inclusion of a link within the Site does not imply our endorsement of the linked service.


You may lodge a complaint with the National Data Protection Authority competent for your country or region or place of alleged infringement. Please click here for contact information for such authorities.


We encourage the periodic review of this Privacy Policy to stay aware of any changes to it.

We reserve the right to amend this Privacy Policy as needed. When we do, we will note near the top of this Privacy Policy the date that any such changes are made and/or when they become effective.


IndyKite Inc. is the data controller and is responsible for collection, use and disclosure of your Personal Data under this Privacy Policy.

If you have questions about this Privacy Policy, or if you would like to request to exercise any individual rights, please contact us at:

IndyKite Inc.
1 Ferry Building #201
San Francisco, CA  94111, USA


What are cookies?
A cookie is a small text file that a website stores on your computer or mobile device to collect standard Internet log information and visitor behavior information when you visit the site. For further information, visit (

  • First-party cookies are cookies set by the website you’re visiting. Only that website can read them. In addition, a website might potentially use external services, which also set their own cookies, known as third-party cookies

Persistent cookies are cookies saved on your computer and that are not deleted automatically when you quit your browser, unlike a session cookie, which is deleted when you quit your browser.

  • Every time you visit the site, you will be prompted to accept or refuse cookies. The purpose is to enable the site to remember your preferences (such as user name, language, etc.) for a certain period of time. That way, you don’t have to re-enter them when browsing around the site during the same visit. Cookies can also be used to establish anonymized statistics about the browsing experience on the sites.

How do we use cookies?
When you visit this Site, IndyKite may collect information through cookies.

We use cookies to understand how you use the Site and to improve the experience on the Site. If you provide your consent, we may use your Personal Data for the purpose of marketing.

What types of cookies do we use?
We use three types of cookies to learn how to improve the Site:

  • Functional cookies enable basic website functionality and are essential to browse the Site and use its features. Functional cookies are first-party cookies.
  • Analytics cookies help us understand how the Site performs and how you interact with the Site. Analytics cookies are a combination of first and third-party cookies.
  • Marketing cookies track your online activity, so that we can deliver more relevant content. Marketing cookies are a combination of first and third-party cookies.

What is the legal basis for our use of cookies?
The legal basis for our use of Functional cookies is our legitimate interest in providing you with a functioning website, ref. GDPR art 6 no 1 letter f. The legal basis for our use of Analytics and Marketing cookies is your consent, ref. GDPR art 6 no 1 letter a.