Recently Updated: November 28, 2021


Galmed Research & Development Ltd. (collectively with its affiliates and subsidiaries shall be referred to herein as “Galmed,” “we,” “us,” or “our”) is committed to your right to privacy.

This privacy policy (“Policy”) explains Galmed’s practices with respect to its collection, storage, usage and processing of certain information, including Personal Data and PHI (as such terms are defined below and as applicable), from our prospective Study Subjects (“Prospective Study Subject“) as such term is defined below) and individuals who access or use our website (“Visitors“) (collectively, “users“, “you” or “your”).

In the event you enroll in one of Galmed’s sponsored studies (i.e., clinical trials) (Study Subject), we may collect and process additional information about you than what is listed in this Policy, which will be described in detail in the Informed Consent Form (“ICF”) that you will receive and review before you officially enroll in the study (Study Subject Information). Please contact your physician and the principal investigator of the applicable study for more information. As a Study Subject, you may be entitled to certain rights under applicable data protection laws which will also be explained in the ICF. This Policy does not apply to the processing of such Study Subject Information.

If you are a resident of California, the California Consumer Privacy Act (“CCPA”) may apply to you. Please review our CCPA Privacy Notice to learn more about our privacy practices with respect to the CCPA.



  • You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary.
  • You may be entitled under applicable law to request to review, amend, erase or restrict the processing of your Personal Data, all as detailed under this Policy and in our Privacy Rights Policy.
  • We do not sell, trade, or rent your Personal Data to third parties. We only share Personal Data for limited circumstances as specified herein.

If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Policy, please send us an email at:



We may update or revise this Policy from time to time. Modifications to this Policy will be posted on the website, and shall be effective as of the date reflected under the “Recently Updated” header above. In the event that we made any substantial changes to this Policy, we will make reasonable efforts to provide you with notification with respect to such changes, if we are required to do so under applicable law.



We may collect two types of data from you, depending on your interaction with us.

  • Non-Personal Data: The first type of data is non-identifiable, anonymous and aggregated data that is mainly technical data which is available to us when you access our website (“Non-Personal Data”). We are not aware of the identity of the individual who we collected the Non-Personal Data from.
  • Personal Data: The second type of data is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”). For the purposes of this Privacy Policy the term Personal Data will also include Protected Health Information (“PHI“), which is information that may identify an individual and that relates to such individuals past, present, or future physical or mental health or condition, the provision of health care products and services to such individual or payment for such services, all as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

For the avoidance of doubt, any Non-Personal Data that is connected or linked to any Personal Data shall be considered Personal Data for as long as such connection or linkage exists. Furthermore, you are not required by law to provide us with any information and may choose to avoid providing us with certain Personal Data.

Data We Process From Users:


Type of Personal DataPurposes of Processing and Lawful Basis
Contact Details and Contact History

If you contact us via the email address,, or through one of our customer care representatives (via phone or email), you may need to provide us with your contact information such as your name, phone number, address, and email address.

In the event you contact us in order to apply to enroll in one of our sponsored studies or other inquiries, via Email, our contact us form on our website or any other method, you may be requested to provide us with your full name, Email, phone number, and country. Additionally, we may have access to certain PHI or health data pertaining to you if you choose to provide us with such information when you contact us.

We will process this information subject to our legitimate interest and use it solely for the purpose of contacting you, responding to your inquiries and providing you with the information that you requested as well as determining (either on our own or via a member of the clinical trial staff) whether you will be a good candidate for the clinical trial that you are interested in. Further use of your health data or PHI will be governed by and further explained in the ICF.
Online Identifiers

We will collect your Internet Protocol (“IP”) address. This data may be collected directly by us or by our third-party service providers.

Additionally, we will process some of your technical Non-Personal Data including the type of browser you use, type of operating system, type of device, the time and date that you accessed the website, the actions you took while accessing the website, your language preferences and your geographical location (country level).

In the event required under applicable law, we will obtain your consent to gather and process such data.

We use this data in order to maintain, protect and manage the website and for analytical and statistical purposes regarding traffic flow and users’ interaction with our website.



Certain Personal Data is collected automatically by using cookies and other similar tracking technologies, while other Personal Data is provided by you voluntarily and actively, for example, when you contact us.


We or our third-party service providers may use cookies and other similar tracking technologies or methods of web and mobile analysis to gather, store, and track certain information related to your access of, activity and interaction with our website.

A “cookie” is a small piece of information that a website assigns to your device while you access such website. Cookies are very helpful and may be used for a variety of different purposes. These purposes include, among other things, allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences and making the interaction between you and our website quicker, easier and smoother. You can find out more information about cookies at

We use the following third-party cookies on our website:






Privacy Policy and Opt-Out


Google Analytics



Analytical, Measurement &

For additional information regarding our use of Google products, click here.


We will not share any Personal Data collected from you with third parties or any of our partners except under the following circumstances:

  • Compelled Disclosures – To satisfy any applicable law, regulation, legal process, subpoena or governmental request;
  • Enforcement of our Rights – To enforce this Policy and the terms of our agreements, including the investigation of potential violations thereof;
  • Security Detections – To detect, prevent, or otherwise address fraud, security or technical issues;
  • Business Transfers and Affiliated Companies – When it is undergoing any change in control, including by means of a merger, acquisition or purchase of all or substantially all of its assets or with our parent company, any subsidiaries, joint ventures, or other companies under common control with Galmed solely if and when applicable or necessary for the purposes described in this Policy, or in the event of any of the corporate transactions listed herein;
  • Service Providers and Legitimate Business Purposes – To collect, hold or manage your Personal Data through our authorized third-party service providers or clinical trial staff (including our CRO), as reasonable for our business purposes;
  • Explicit Consent –If you provide us with your explicit approval to share your information prior to the disclosure.


We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your information, depending on your relationship with Galmed and the applicable privacy laws that apply to you. Please see our Privacy Rights Policy for more information regarding the applicable rights you may have in your jurisdiction.

You may exercise any or all of your above rights in relation to your Personal Data by filling out the Data Subject Request (“DSR”) form available here and sending it to our privacy team at:

Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisory authority (in the event you are EEA resident). We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.



We retain the information we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws. We may at our sole discretion, delete or amend information from our systems, without providing any notice to you, once we deem it is no longer necessary for our purposes.



We employ industry standard and implemented technical and administrative security measures to ensure the safety of your Personal Data and prevent unauthorized access or use of such data.  For more information regarding our security measures, please click here.

Please contact us at: if you feel that your privacy was mistreated or treated in a way that is contrary to this Policy.


The website is not intended for use by individuals who are under the age of eighteen (18). Therefore, Galmed does not intend and does not knowingly collect any Personal Data directly from individuals who are considered to be children in their jurisdictions (i.e., under the age of sixteen (16) or as otherwise defined under applicable law in such jurisdiction), and does not wish to do so. If you are under 18, please be sure to read the terms of this Policy with your parents or legal guardian. If we obtain actual knowledge that you are considered a child under applicable law, we will take steps to immediately delete your Personal Data. We request that such individuals do not provide Personal Data through our website. Please contact us at: if you become aware or have any reason to believe that a child has shared any Personal Data with us.


Our databases are currently located in the Microsoft Azure data server.

We may store or process your Personal Data in the EU, the United States or in other countries. Thus, any information you provide us may be transferred to and processed in countries other than the country from which you accessed our website. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer. When Personal Data that was collected within the European Economic Area (“EEA”) is transferred outside the EEA, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data. You may exercise your rights, where applicable, to receive information regarding the transfer mechanism that was used during such transfer. Personal Data transferred outside the EEA that is transferred to a country which has not received an adequacy decision from the European Commission, will be transferred in all cases pursuant to the standard contractual clauses approved by the European Commission.


If you have any questions or concerns regarding privacy issues, or if you wish to be provided with any other information related to our privacy practices, please contact us at:

Israeli Headquarters:

Galmed Pharmaceuticals Ltd.

16 Tiomkin Street, Tel Aviv, 6578317 Israel

Tel + 972 3 6938448

Fax + 972 3 6938447


Additionally, if you have any requests regarding the data collected under this Policy, including without limitation, requests to remove, delete, amend, modify or transfer the data, please contact our Data Protection Officer at:

Please include your name, address and email address in any correspondence so that we can respond to your inquiry or request.


Skip to content