Privacy Policy

Voyager Privacy Policy

Effective Date:  4-8-2025

At Voyager Therapeutics (“Voyager,” “we,” “our,” “us”), we know that you care about your personal information and how it is used, and we want you to trust that we use your personal information carefully. This Privacy Policy (“Policy”) will help you understand how we collect, use, store and disclose (together “process”) personal information, and explains the rights and choices available to individuals.

This Privacy Notice applies to all personal data submitted to us for use with or in connection with this site and other websites or digital portals we own or operate (collectively, our “Websites”) as well as personal data collected via email, data collected in connection with applications for employment, personal data we collect as necessary to deliver our products or collaborate with our research partners, and all personal data we may collect when you enter our premises. Please note this Privacy Notice does not apply to Voyager’s processing of employee or contractor data.

Individuals About Whom We Collect Personal Information

We may collect personal data about: clinical trial participants, patients, patient family members, caregivers or advocates, physicians and other health care professionals, clinical trial investigators, researchers, pharmacists, contractors, consultants, job applicants, volunteers, visitors to our offices, and other individuals who interact directly with Voyager or its service providers or business partners, including users of websites and mobile applications.

Information We Collect and Maintain About You

Personal information (or data) means any information that can be used to identify directly or indirectly a specific individual (or data subject) and as defined by any applicable privacy and data protection laws. Voyager controls the following types of personal information that we collect from or about you:

  • Identifiers, such as your name, title, email address, and postal address
  • Biographical and demographic information (such as date of birth, age, gender, marital status, and information regarding any parents or legal guardians)
  • Commercial or financial information, such as your bank account information and transaction history
  • Security and access credentials such as username and password that may be created in connection with establishing an account on our website or mobile application
  • Internet or other electronic network activity information, such as your cookies, web logs, pixels, and IP addresses
  • If you are a visitor to a Voyager office location, we may collect information through closed circuit television (CCTV)
  • Geolocation data
  • Health and medical information we collect in connection with managing clinical trials, conducting research, providing patient support programs, and tracking adverse event reports
  • From health care professionals, we may collect information about the programs and activities in which you have participated, our interactions with you, and the agreements you have executed with us
  • Professional or employment-related information including credentials, educational and employment history, institutional and government affiliations, background checks, performance reviews, and information of the type included on a resume or curriculum vitae

Personal information you give us directly.  We may collect the above personal information from you when you contact or engage with us, for example when you inquire about our development of gene therapies and pipeline, provide products and services to us, or apply for a job with us. The information we collect from you may include basic contact information such as your name, title, email address, street address, and telephone number, as well as your marketing preferences and any other information that you choose to provide to us.

Personal information collected from third parties. From time to time, we may collect the above personal information from other sources, such as public databases or data brokers and aggregators.

Personal information we collect automatically. We further may automatically collect certain information about you and your computer or other device when you use, access, or interact with our website or marketing content. We, our service providers, and our business partners, may also collect certain information about the use of our Websites and mobile applications by automated means, such as cookies, web beacons and other technologies (“Automated Information”). We or our service providers and business partners may collect Automated Information about your online activities over time and across our own and third-party websites when you use our Websites and mobile applications, including to deliver advertising-related content. In jurisdictions where Automated Information is considered personal data, or if we associate Automated Information with personal data, we will treat Automated Information as personal data and process such information in accordance with this Privacy Notice and applicable laws. To find out more about cookies and the Automated Information we collect, and to manage your preferences, please consult our cookie dashboard

Sensitive Personal Data. We do not use or disclose your sensitive personal data for purposes that are not necessary to provide our products or conduct health research in a manner consistent with the reasonable expectations of an average person engaging in these activities with us.

Why We Use Your Personal Information

We use the information that we collect about you for a variety of purposes including to draw inferences from any of the information we collect and maintain about you. Our legal bases for processing your information are: 1) our legitimate interest in running and maintaining our business; 2) performance and fulfillment of our contracts; 3) your consent; and 4) compliance with our legal obligations. In some instances, more than one of these legal bases may apply to the processing of your personal information. We will specify the purpose and legal basis on which we intend to use personal information when we collect or begin using the personal information. In some situations, we may have a separate agreement or relationship with you with respect to a specific type of data processing, such as if you participate in a special program, activity, event, or clinical trial. These situations will be governed by specific terms, privacy notices, or consent forms that provide additional information about how we will use your information.

How We Use Your Personal Information

The purposes for which we use your information include to:

  • Manage and improve our business (including both physical premises and digital environments)
  • Process, complete, and fulfill your requested transactions
  • Provide customer service and respond to requests or inquiries
  • Communicate with you, including by providing you with newsletters, articles, alerts, announcements, invitations, and other information about our business, product pipeline, health topics, and disease states
  • Analyze and enhance our communications and marketing programs and strategies (e.g. effectiveness of emails or our Websites and mobile applications)
  • Conduct analytics and research
  • Staff, facilitate, conduct and manage clinical trials
  • Comply with regulatory monitoring and reporting obligations (including those related to adverse events, product complaints, spend transparency, and patient safety)
  • Use interest-based advertising (as described below)
  • Consider your qualifications for employment (if you apply for a job with us) and improve our recruitment activities
  • Comply with legal and/or regulatory requirements
  • Aggregate and deidentify information

With Whom and Why We Share Your Personal Information

We may share any of the information we collect about you with other parties for a variety of purposes, as described below.

Please note that we do not sell your personal information.

Service providers.  Voyager uses service providers that perform services on our behalf and help us run our business, including:

  • Contract research organizations that conduct clinical trials on our behalf
  • Customer service and patient support providers (including for product quality, adverse event reporting, etc.)
  • Data storage and analytics and technology providers (including web-hosting and technology support)
  • Mailing vendors
  • Event planning and travel organizations that help facilitate Voyager programs.

These service providers may collect and/or use your information, including information that identifies you personally, to assist us in achieving the purposes discussed above.

Regulators. We may be required by law to share your personal data with regulators worldwide including in connection with monitoring, review and approval of our studies, products or services, and for adverse event reporting.

Health care professionals. We may share your personal data with health care professionals, including researchers, academics, and public health organizations.

Corporate transactions. Unless prohibited by applicable law, we may disclose personal data as part of a business transaction, such as a merger, acquisition, reorganization, joint venture or the sale of our assets. We may also disclose personal data to a successor entity in the event of insolvency, bankruptcy, or receivership.

Analytics.  We partner with Google Analytics to obtain the automatically collected information discussed above and to engage in analysis, auditing, research, and reporting. These third parties may use pixels or server logs, and they may set and access device IDs from your device. You can learn about how Google Analytics uses personal data when you access our Websites by visiting Google’s website and reviewing their privacy policies on the use of personal information from partner sites.

Interest-based advertising.  Our Websites enable third-party tracking mechanisms to collect information about you and your computing devices for use in online interest-based advertising. For example, third parties may use the fact that you visited our Websites to target online ads to you. In addition, our third-party advertising networks might use information about your use of our Websites to help target advertisements based on your online activity in general.

Although our Websites currently do not respond to “do not track” browser headers, you can limit tracking through these third-party programs and by taking the other steps discussed above.

Legal purposes.  We also may use or share your information with third parties when we believe, in our sole discretion, that doing so is necessary to:

  • Comply with applicable law or a court order, subpoena, or other legal process
  • Investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our terms and conditions, or situations involving threats to our property or the property or physical safety of any person or third party
  • Establish, protect, or exercise our legal rights or defend against legal claims
  • Facilitate the financing, securitization, insuring, sale, assignment, bankruptcy, or other disposal of all or part of our business or assets

Aggregated, Anonymized, or Deidentified Information.  We may also share aggregated, anonymized, or deidentified information about users of the website. Such aggregated, anonymized, or deidentified information will not identify you personally.

Your Choices

If you have any questions concerning Voyager’s privacy practices or wish to access, correct, or delete personal information that Voyager has collected from you, please contact us by email at: Privacy@vygr.com.

If you wish to opt out of marketing emails you receive from us, you may do so by following the instructions in those emails or by contacting us at Privacy@vygr.com.

Individuals are able to exercise certain rights in relation to the personal data that we may have collected about you. We will not discriminate against you for exercising any of your rights over your personal data. However, if you exercise these rights, it may limit our ability to process your personal data and we may not be able to provide the products or services you requested.

We reserve the right to verify the identity of an individual in connection with any requests regarding personal data, to help ensure that we provide the information to individuals to whom the information pertains and allow only those individuals or their authorized representatives to exercise rights with respect to that information.

If we receive personal data about you from a third party, we will protect it as set out in this privacy notice.

Withdrawal of consent

Where you have provided consent to us to process your personal data, you may withdraw such consent by following the instructions provided at the time of collection or by contacting us using details in the Contact Us section below. In some instances, withdrawing your consent may mean we can no longer provide products or services to you or otherwise engage with you.

Access to personal data

You may request access to the personal data that we maintain about you and details of our processing practices including:

  • The categories of personal information we collected about you
  • The categories of sources for the personal information we collected about you
  • The categories of personal information that we have disclosed for a business or commercial purpose
  • Our business or commercial purposes for collecting, selling, or sharing personal information
  • The categories of third parties with whom we share or disclose that personal information as well as a list of third parties to whom we have disclosed your personal information
  • The specific pieces of personal information we collected about you

Right to Delete

You may request that we delete the personal information that we collected and retain about you, subject to certain exceptions (“Right to Delete”). Once we receive and verify your request, we will delete (and direct our service providers/vendors to delete) your personal information from our records, unless an exception applies. In some cases, we may not be able to comply with your request or comply fully. In the event we cannot comply with your request, we will notify you of the reasons for this.

Right to Correct

You may request to correct any errors or amend your personal data (“Right to Correct”). In the event we cannot comply with your request, either fully or at all, we will notify you of the reasons for this.

Objection to the use, sale or sharing of personal data

You may object (opt-out) at any time on legitimate grounds to the processing of your personal data including the “sale” or “sharing” of your personal information as defined in applicable privacy and data protection laws such as the CCPA (“Right to Opt Out”). In some cases, we may not be able to comply with your request or comply fully. In the event we cannot comply, we will notify you of the reasons for this.

You also have the right to object if we use your Personal Data for direct marketing purposes. This includes your right to request that your Personal Data not be sold to or shared with third parties for their own proprietary purposes including for cross-context behavioral advertising, which is the targeting of advertising to a consumer based on that consumer’s personal data from a number of sources. If you wish to modify your preferences in respect to updates or notifications, you can contact us using the details provided in the “How to Contact Us” section below. All commercial and marketing communications (e.g. notification emails and newsletters) include instructions on how to opt out of those communications in the future.

In any event, you have the right to file a complaint with a regulator or data protection supervisory authority in your jurisdiction.

Except in instances where you are a subject of one of our clinical trials, when submitting a request any of these rights, please describe your relationship with us and your request, with sufficient detail to allow us to properly understand, evaluate, and respond to it. We will need to verify your identity before processing your request, which may require us to request additional personal data from you. You should not contact us to exercise your privacy rights if you are a clinical trial participant as we are unable to respond to you.

If you would like an authorized agent to exercise these rights on your behalf, you (or the authorized agent) must provide a written request including your full name and all contact details (e.g. email address, mailing address) that we have in our records and with which we can authenticate you, as well as (if applicable) the relationship with Voyager. The written request must include the full name and preferred contact details of the authorized agent. We may deny a request from an agent who cannot meet these requirements.

If you believe that we have breached relevant data protection law and wish to make a complaint, please contact us using the details provided in the “How to Contact Us” section below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint. To exercise any of the rights listed in this policy, please contact us using the details in the “How to Contact Us” section.

We will respond to your request as soon as reasonably possible and within the timeframe required under applicable law. We will allow you to appeal any decision we make in response to such request in accordance with applicable law. Appeals may be submitted to Privacy@vygr.com with the subject line “Appeal of Decision Related to Privacy Rights Request.”

You will not have to pay a fee to exercise your privacy rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

California Residents

If you are a resident of the state of California, please review our California Privacy Addendum at the end of this Privacy Policy for additional rights that may be applicable to you.

Clinical Trial Data

Due to the confidentiality restrictions in place to protect participants in our clinical trials, Voyager cannot identify an individual trial participant and therefore, we cannot respond to any request from a trial participant to withdraw from any Voyager sponsored trial or to exercise the personal data access rights outlined above. The informed consent (ICF) that you agree to when you agreed to participate in the clinical trial provides information on how to direct your request to your respective study doctor or study team who will advise you further on the necessary procedures.

External Links

This Privacy Policy does not address, and Voyager is not responsible for, the terms of use, information, or privacy practices of any third-party website or service to which our website links. The inclusion of a link on any of our Websites does not imply our endorsement of the linked site or service.

Data Security

We employ physical, technical, and administrative procedures to safeguard the personal information we collect online. However, no website is 100% secure, and we cannot ensure or warrant the security of any information you transmit to our Websites or to us, and you transmit such information at your own risk.

Data Retention

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

We will actively review the personal information we hold and delete it securely, or in some cases anonymize it, when there is no longer a legal, business, or consumer need for it to be retained.

International Transfers

We are based in the United States, so we or our service providers or research partners may transfer personal information we collect from outside the United States back to the United States. In such cases, Voyager or its service providers or partners will take, in accordance with applicable legislation, all organizational and technical measures reasonably necessary to ensure an adequate level of protection of your personal information.

Children

We do not knowingly collect personal information from minors under the age of 13 and we also do not have actual knowledge that we sell or share the personal information of individuals under the age of 16. If you are aware that a child has provided us with personal information through any of our Websites, please contact us using the information on the “How to Contact Us” section below. We will take reasonable steps to delete such data as soon as possible.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Please check this Privacy Policy periodically for changes. If we make any changes, the updated Privacy Policy will be posted with a revised effective date.

How to Contact Us

Should you have any questions or concerns about this Policy, you can contact us at:

Voyager Therapeutics, Inc.
Attn: Voyager Privacy Officer
Privacy@vygr.com
75 Hayden Avenue
Lexington, MA 02421
USA

Or

c/o Riebeeck Solutions Ltd
Sobo Southbound, Suite 4, Pearse Street Station
Dublin 2
D02 PP40
Ireland

CALIFORNIA PRIVACY ADDENDUM

If you are a California resident, the California Consumer Privacy Act and the California Privacy Rights Act (collectively, the “CCPA”) provide you with certain rights regarding your personal information as described in the Your Choices section, including the right to know about personal information collected, disclosed, or sold; the right to request that we delete personal information that we have collected from you; the right to update or correct your information; the right to opt-out of the sale or sharing of your personal information; the right to limit our use of your sensitive personal information; and the right not to be discriminated against for exercising your rights. These rights are subject to certain exceptions. You may also visit our Privacy Policy above for additional information and rights that may be available to you.

This California Privacy Addendum also serves as our “Notice at Collection” for purposes of the CCPA.

Please note that information that we collect in our clinical trials, as well as information we process pursuant to federal law, may be exempt from the scope of the CCPA.

Collection of Personal Information

We may collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”) as described in the section titled “Information We Collect and Maintain About You”. We may have collected such personal information about you over the past 12 months.

We collect this personal information for the purposes described in our Privacy Policy, in the section titled “How We Use Your Personal Information.”

Disclosure, Sharing, or Sale of Personal Information

In the last 12 months, with your permission, we may have disclosed or “shared” the personal information described in the section titled “Information We Collect and Maintain About You” which may be subject to the CCPA.

Your Rights

If we maintain personal information about you that is subject to the CCPA, you may exercise certain rights in connection with this data as described in the section titled “Your Choices”.

Right to Limit the Use of Your Sensitive Personal Information

The CCPA provides California residents with the right to limit the use of their “sensitive personal information” to the purposes outlined in Cal. Code Regs. tit. 11, § 7027(m) of the CCPA regulations.

We do not use your sensitive personal information for any purposes outside of those permitted by § 7027(m).

Right to Nondiscrimination

The CCPA provides California residents with the right not to receive discriminatory treatment for the exercise of their privacy rights conferred by the CCPA. We will not discriminate against you for exercising any of your CCPA rights.

Exercising Your Rights

To exercise any of the rights listed in this policy, please contact us using the details in the How to Contact Us section.

When you submit a request, we may ask you for information in order to verify your identity in order to comply with your request.

Authorized Agent

You may authorize an agent to make a request on your behalf. To designate an agent, please provide a written and signed document by both you and the agent that authorizes the agent to act on your behalf. You may also use a power of attorney. We will still require you to provide information to allow us to reasonably verify that you are the person about whom we collected personal information.

Contact for More Information

If you wish to contact us regarding this California Privacy Addendum, you may do so through the methods provided in the How to Contact Us section.