Privacy Policy

Last Updated: November 7, 2023

Your privacy is important to Hyperion Therapeutics, Inc. (“Hyperion,” “we,” “us,” or “our”). This privacy policy (“Privacy Policy”) describes the online collection and use of personal information you provide to us either when you interact with us through this website (the “Site”), email, and/or via the services we provide to you (collectively, the “Services”).

Your use of our Services is subject to the Terms of Service, available at, which includes applicable terms governing limitations on liability and the resolution of disputes. By using the Services, you accept and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Services or provide us with any personal information (as defined below).


For purposes of this Privacy Policy, unless otherwise required by applicable law, “personal information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. This may include, without limitation information that directly identifies you or which could be used to identify you such as your name and contact details, or your user account information. “Personal information” does not include information that is considered publicly available, aggregated, or deidentified under applicable law.

The personal information we collect varies depending upon the nature of the services provided or used and our interactions with individuals. The categories of personal information we may collect and process (but only to the extent and in a manner consistent with applicable law), and the sources from which we collect them are as follows:

·   Personal identifiers and personal details. We may collect personal identifiers (such as your name, email address or contact details) and relevant personal characteristics directly from you when you communicate with us, such as when you subscribe to receive updates using our Google Form.

·   Internet, Cookies/Pixels and Network Activity Information. We may collect your IP address when you visit our Site. We may also use tracking tools like cookies and pixels to passively collect information about how you interact with our Site and online content. This might include device identifiers, the type of browser and operating system you are using, your browsing history on our Site, what areas of our Site you visit and for how long, what content you view and click on, what site you came from to get to us and what site you go to when you leave us, and your interactions with our digital ads and content on other sites. We may collect and record page interaction information and other electronic communications and content from your use of the Site, including content entry, mouse movements, screen captures, the search terms and other data you enter, and methods used to navigate away from the page. We may engage or otherwise allow other parties to also collect information on our Site in these ways.  To offer you a consistent and personalized experience in your interactions with us, information collected through one service we provide may be combined with information obtained through other services.

·   Voluntary information. We may collect information that you provide to us voluntarily, such as when you subscribe to receive updates from us or inquire about more information.

·   Inferences. We may draw inferences from any of the above categories in connection with the purposes stated as to such categories.

We collect these categories of personal information to carry out the purposes described in the “Use Of Your Personal Information” section below.


We may use your personal information to provide our Services and to support our business functions, to ensure compliance with local legal and regulatory requirements and where we have legal grounds to do so, including, without limitation:

·       Providing support and services: including to provide our Services, operate our Site and online services, and interact with you on our Site; to respond to your inquiries; to provide troubleshooting, fulfill your orders and requests, and provide technical support; and for other customer service and support purposes. Our lawful basis is to fulfil any contractual terms with you.

·       Analyzing and improving our business: including to better understand how users access and use our Services, to evaluate and improve our Services and business operations, and to develop new features, offerings, and services; to troubleshoot problems that may arise on our Services; to improve the accuracy of our customer database; to increase our understanding of our customer database; to increase our understanding of our customers; and for other research and analytical purposes. Our lawful basis is our legitimate business interests in understanding and improving our services.

·       Personalizing content and experiences: including to tailor content we send or display on our Services and to otherwise personalize your experiences. To assist in these purposes, as well as the other purposes identified in this Privacy Policy, at certain times, we create a profile relating to you in order to show you the content that we think you might be interested in and to display the content according to your preferences. Our lawful basis is our legitimate business interests in offering a more personalized service.

·       Advertising, marketing and promotional purposes: including to reach you with more relevant ads and to evaluate, measure and improve the effectiveness of our ad campaigns; to send you newsletters, offers or other information we think may interest you; to contact you about our services, products, or other information we think may interest you; and to identify potential new customers. Our lawful basis is your consent to choose to subscribe to any newsletter or marketing (and you can unsubscribe at any time).

·   Securing and protecting our business: including to protect and secure our business operations, assets, services, network and information and technology resources; to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third-party, or other unauthorized activities or misconduct.  Our lawful basis is our legitimate business interests in protecting our business and services.

·       Defending our legal rights: including to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with third parties. Our lawful basis is our legitimate business interests in protecting our business or our need to defend ourselves legally.

·       Auditing, reporting, corporate governance, and internal operations: including relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; and related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business. Our lawful basis is our legal obligations under relevant legislation such as tax reporting and our legitimate interests in running our governance programs.

·       Complying with legal obligations: including to comply with the law, our legal obligations and legal process, such as warrants, subpoenas, court orders, and regulatory or law enforcement requests. Our lawful basis is compliance with applicable law.

·   For our legitimate business interests: including where the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us. Our lawful basis is this legitimate business interest.

·   To perform any contracts in place between us and you: where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract. Our lawful basis is performance of these contracts.

Aggregate and De-identified Data. We may de-identify information and create anonymous and aggregated data sets and reports to assess, improve and develop our business, products and services, and for other research, marketing and analytics purposes. This data is not personal information.

We may combine information from different sources. For example, we may combine information that we have collected offline with information we collect online, or we may combine information we get from a third-party with information we already have.

If you submit any personal information relating to other people to us, you represent that you have the authority to do so and have informed that other person about the contents of this Privacy Policy.


We may share or disclose the personal information we collect as follows:

·       Service providers: We may disclose personal information with third-party service providers who use this information to perform services for us, such as hosting providers, video conferencing providers, scheduling providers, payment processing providers, etc.

·       Advertising and Marketing Partners: We may share personal information with third parties that provide advertising, campaign measurement, online and/or mobile analytics, and related services. These third parties may receive or access browsing and/or other data about your use of the Site, in order to help us better reach individuals with relevant ads and/or measure our ad campaigns, and/or to better understand how individuals interact with our Services over time and across devices.

·       Subsidiaries, affiliates, and business partners: We may share your personal information with our business partners (i.e., other companies under common ownership, control or management with us); they may use such personal information for the purposes set out in this Privacy Policy.

·       Legal compliance: We may be required to share personal information in response to a valid court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful. In addition, we may share certain personal information when we believe that doing so is reasonably necessary to protect the rights, property and safety of our Hyperion and/or others.

·       Business transfers: We may disclose and/or transfer personal information as part of any actual or contemplated merger, sale, transfer of assets, acquisition, financing and/or restructuring of all or part of our business, bankruptcy or similar event, including related to due diligence conducted prior to such event where permitted by law.

·       Protect our rights: We may disclose personal information where we believe it necessary to respond to claims asserted against us, to enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation and/or to protect our and our affiliates,  partners, clients, customers and/or others’ rights, property, or safety.

Aggregated and De-identified Data. We may share aggregate or de-identified information with third parties for research, marketing, advertising, analytics and/or other purposes.


In general, the third-party providers used by us will only collect, use and disclose your personal information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers have their own privacy policies in respect to the information we are required to provide to them in order to provide certain services. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us.

Our Site contains links to other sites. In general, we are not responsible for the privacy practices or content of such other sites. Once you leave our Site or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy unless the third-party website says that the collection of personal information is subject to our Privacy Policy.

In particular, our Site uses the following social media plug-ins: X/Twitter, Linkedin, and/or YouTube. The plug-ins can be identified by the social media button marked with the logo of the provider of the respective social media networks. We have implemented these plug-ins using a 2-click solution, which means that when you use our Site, personal information will not initially be collected by the providers of these social media plug-ins. Only if you click on one of the plug-ins will your personal information be transmitted. By activating the plug-in, information is automatically transmitted to the respective plug-in provider and stored by them. We neither have influence over the information collected and processing operations conducted by the providers, nor are we aware of the full extent of information collection, purposes, or the retention periods. Information on the purpose and scope of information collection and its processing by the plug-in provider can be found in the respective privacy policies of these providers, where you will also find further information on your rights and options for privacy protection.

X Corp (f/k/a Twitter, Inc.)




Where necessary, we use cookies, pixels, tags, and other technologies, which may be provided by third parties, on our Site to enable certain functionality and for security and fraud detection and prevention, as well as to collect usage information about our Site and the emails that we send and to personalize content and provide more relevant ads and information. We may combine the information we collect via these technologies with other information, including personal information. We, and third parties we allow, use cookies and other similar technologies. We may use session cookies or persistent cookies. Session cookies only last for the specific duration of your visit and are deleted when you close your browser. Persistent cookies remain on your device’s hard drive until you delete them or they expire. Different cookies are used to perform different functions, which we explain below:

·       Essential. Some cookies are essential in order to enable you to move around our Site and use its features, such as accessing secure areas of our Site. Without these cookies, we cannot enable appropriate content based on the type of device you are using.

·       Analytics. Personal information collected via cookies for analytics purposes may include: information about your browser, network, and device; web pages you visited prior to coming to our Site; IP address; clicks; internal links; pages visited; scrolling; searches; and timestamps. We use this information to learn about site traffic and activity. In particular, we use Google Analytics to measure how you interact with our Site and to improve your user experience. To learn more about Google Analytics privacy practices and opt-out mechanisms, please visit the Google Analytics Security and Privacy Principles page here. Google also provides a complete privacy policy and instructions on opting-out of Google Analytics, view here.

·       Advertising and marketing. These cookies may be used to send you advertising and marketing-related material tailored to you and your interests. They may also be used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator's permission. The third parties that provide these cookies may collect and combine information about your online activities over time, on other devices, and on other websites or online services, if those websites and online services also use the same advertising partners. Thus, although we do not track your website usage activity across non-affiliated websites over time, some third-party cookie providers may do so when you use the Site.

There are several ways to manage cookies. You can control the use of cookies at the browser level, by instructing your browser to accept cookies, disable cookies or notify you when receiving a new cookie. Please note that if you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited. The Network Advertising Initiative also offers a means to opt-out of a number of advertising cookies. Please visit to learn more. Note that opting-out does not mean you will no longer receive online advertising. It does mean that the Hyperion or companies from which you opted-out will no longer deliver ads tailored to your preferences and usage patterns.


Hyperion is committed to protecting the security of your personal information. We take reasonable steps (including appropriate technical and organizational measures) in an effort to ensure your personal information is processed securely to protect the confidentiality, integrity and availability of your personal information in accordance with this Privacy Policy. The nature of the internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the internet and any transmission is at your own risk.


Hyperion will store your personal information for as long as we have to by law, and where there is no legal requirement, we will only store your personal information for as long as necessary to fulfill the purpose for which the personal information was collected. As soon as it is reasonable to assume your personal information is no longer needed or required, we will cease to retain your personal information, or remove the means by which the data can be associated with you.


Our Services are intended for users age thirteen (13) and older. Hyperion does not knowingly collect personal information from children. If we discover that we have inadvertently collected personal information from anyone younger than the age of 13, we will delete that information. If you have concerns over the collection of children's personal information, please contact us at the information provided in the Contact Us section below. We do not sell personal information for valuable consideration or share the personal information for behavioral or targeted advertising of any individual we know to be under the age of 13.


Although we do not currently share your information for other companies’ direct marketing purposes, residents of California have the right to request information from us regarding other companies to whom we have disclosed certain categories of information during the preceding year for the other companies’ direct marketing purposes. If you are a California resident and would like to make such a request, please email .

California Do Not Track Disclosure

Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. At this time, we do not respond to Do Not Track browser settings or signals. For information about Do Not Track, please visit:


We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the Site. If we make material changes to this policy, we will update the “Last Updated” above and notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.


For more information, contact us via email at