Privacy Policy

homepage wave

Introduction

Corcept Therapeutics (“we”, “our”, “us”) are committed to protecting and respecting your privacy. We are a public company established in the United States of America (USA) with a registered office at 149 Commonwealth Drive, Menlo Park, CA 94025, and, for the purpose of the General Data Protection Regulation (the “GDPR”), we are the data controller.

This policy sets out the basis on which we will process any personal data or usage information we collect from you, or that you provide to us, in connection with your use of our websites at https://www.korlym.com and https://corcept.korlymstaging.wpengine.com (together, the “Website”). Please read this policy carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data. If you do not agree with this Privacy Policy in general or any part of it, you should not access the Website.

What types of information do we collect and how we use it?

Information you give us. You may provide the following information by contacting us via our Website or email, telephone, or otherwise through the use of our Website:

  • Name;
  • Company affiliation;
  • Email address;
  • Telephone number;
  • Physical address; and
  • Other information that may be required for you to use the Website.

As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organization, we will use your information to:

  • Communicate with you;
  • Identify our users;
  • Administer and provide services for you;
  • Enforce our Website terms and conditions;
  • If you have opted in to marketing, communicate with you about products, services, promotions, events and other news and information we think will be of interest to you; or
  • Provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information).

Additionally, if you are an employment applicant, you may provide us with the following information:

  • Information regarding your prior employment;
  • Your education;
  • Your gender; and
  • Your ethnicity.

This includes information provided in resumes, emails, and cover letters we receive electronically.

Technical usage information. When you visit the Website, we collect the information sent to us by your computer, mobile phone, or other access device. This information includes:

  • Your IP address;
  • Device information including, but not limited to, identifier, name, and type of operating system;
  • Internet service provider and mobile network information;
  • Date and time of your visit;
  • Time spent on our site;
  • Standard web information, such as your browser type and the pages you access on our Website; and
  • Websites visited just before and just after our Sites (including any third-party websites that link to our Website, if you followed a link to our Website.

We collect this information in order to:

  • Personalize our Website to ensure content from the Website is presented in the most effective manner for you and your device;
  • Monitor and analyze trends, usage activity in connection with our Website and services to improve the Website;
  • Administer the Website and for internal operations, to conduct troubleshooting, data analysis, testing, research, statistical and survey analysis;
  • Keep the Website safe and secure; and
  • Measure and understand the effectiveness of the content we serve to you and others.

We use cookies to collect information about your browsing activities over time and across different websites following your use of our services. They allow us to recognize and count the number of users and see how users move around the Website when they are using it. This helps us to improve the services we provide to you and the way the Website works. You can find more information about cookies and how to manage them at https://www.allaboutcookies.org/.

Response to “Do Not Track” signals

Some internet browsers include the ability to transmit “Do Not Track” signals. Since uniform standards for “Do Not Track” signals have not yet been adopted, we do not process or respond to “Do Not Track” signals.

How and where do we store and share your personal data?

The information that we collect from you will be stored/processed in the USA. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.

We do not sell, rent or lease your personal information to others. We share your information with selected recipients. These categories of recipients include:

  • Cloud storage providers located in the USA, and which store your personal data in the USA, to store the personal data you provide and for disaster recovery services, as well as for the performance of any contract we enter with you;
  • IT Service providers that provide us with SaaS services, including Salesforce, Microsoft, and Emagine [located in the USA] who we use to store our customer relationship management, emails and website information;
  • Provided you have consented, advertisers and advertising networks located in the USA and which store your personal data in the USA that require the data to select and serve relevant adverts to you and others;
  • Background reference agencies located in the USA, and which store your personal data in the USA, for the purpose of performing background checks, with your prior consent, as part of our hiring process.

We will share your information with law enforcement agencies, public authorities or other organizations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:

  • Comply with a legal obligation, process or request;
  • Enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
  • Detect, prevent or otherwise address security, fraud or technical issues; or
  • Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchange information, with other companies and organizations for the purposes of fraud protection and credit risk reduction).

We will also disclose your information to third parties:

  • If we sell any business or assets that requires the transfer of your information; or
  • If we, or substantially all our assets, are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.

In the event any of the above situations apply, the buyer of our business or assets will be subject to the terms and conditions of this policy.

The security of your personal data

Unfortunately, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Website or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal data against loss, theft and unauthorized use, access or modification.

We will, from time to time, host links to and from the websites of our affiliates or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.

Your rights

In certain circumstances you have rights in relation to the personal data we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identify before responding to any requests to exercise your rights. To exercise your rights, please email compliance@corcept.com. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.

  • Access: You have the right to know whether we process personal data about you, and if we do, to access certain data we hold about you and certain information about how we use it and who we share it with.
  • Correction: You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed.
  • Erasure: You may request that we erase the personal data we hold about you in the following circumstances: where you believe it is no longer necessary for us to hold the personal data, we are processing it on the basis of your consent and you wish to withdraw your consent, we are processing your data on the basis of our legitimate interest and you object to such processing, you no longer wish us to use your data to send you marketing or you believe we are unlawfully processing your data. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
  • Objection: You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assesses whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.

Withdrawal of Consent

Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by sending us an email to compliance@corcept.com or through our contact us link.

Children

We do not knowingly collect or solicit personal data from anyone under the age of 18. In the event that we learn that we have collected personal data from a child under age 18, we will delete that information. If you believe that we might have any such information from or about a child under 18, please contact us at compliance@corcept.com or through our “contact us” link.

California

California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal data to third parties for direct marketing purposes. To make such a request, you may contact us by email at compliance@corcept.com or through our “contact us” link.

Complaints

In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at compliance@corcept.com and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to lodge a complaint with the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.

Changes

Any changes we will make to this policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this policy.

Contact

Questions, comments and requests regarding this policy are welcomed and should be addressed to:

Corcept Compliance at compliance@corcept.com

Make sure to provide the name of the Website applicable to your request, and your name and contact information. If you do not provide us with this information, we may not be able to respond.

You can mail your request to the following postal address:

Corcept Therapeutics, Attn: Compliance Officer, 149 Commonwealth Drive, Menlo Park, CA 94025. Please also see our Terms of Use at https://corcept.korlymstaging.wpengine.com/terms-of-use/ which apply to your use of our Website.

Last revised on June 12, 2018

Important Safety Information IMPORTANT SAFETY INFORMATION, INCLUDING BOXED WARNING ON TERMINATION OF PREGNANCY.

BOXED WARNING: TERMINATION OF PREGNANCY

Mifepristone is a potent antagonist of progesterone and cortisol via the progesterone and
glucocorticoid (GR-II) receptors, respectively. The antiprogestational effects will result in the
termination of pregnancy. Pregnancy must therefore be excluded before the initiation of
treatment with Korlym and prevented during treatment and for one month after stopping
treatment by the use of a nonhormonal medically acceptable method of contraception unless
the patient has had a surgical sterilization, in which case no additional contraception is needed.
Pregnancy must also be excluded if treatment is interrupted for more than 14 days in females
of reproductive potential.

DOSAGE AND ADMINISTRATION

Obtain a negative pregnancy test prior to initiating treatment with Korlym in females of
reproductive potential, or if treatment is interrupted for more than 14 days.
Administer once daily orally with a meal. The recommended starting dose is 300 mg once daily.
Renal impairment: Do not exceed 600 mg once daily. Mild-to-moderate hepatic impairment: Do
not exceed 600 mg once daily. Do not use in severe hepatic impairment. Based on clinical
response and tolerability, the dose may be increased in 300-mg increments to a maximum of
1200 mg once daily. Do not exceed 20 mg/kg per day.
Concomitant use of Korlym with a strong CYP3A inhibitor resulted in a 38% increase in mean
plasma concentration of mifepristone. For patients already being treated with a strong CYP3A
inhibitor, start with a Korlym dose of 300 mg per day and titrate to a maximum of 900 mg per
day if clinically indicated. When a strong CYP3A inhibitor is administered to patients already
receiving Korlym, adjust the dose as follows: for patients receiving a daily dose of 600 mg,
reduce dose to 300 mg. For patients receiving a daily dose of 900 mg, reduce dose to 600 mg.
For patients receiving a daily dose of 1200 mg, reduce dose to 900 mg. Titrate if clinically
indicated and do not exceed a Korlym dose of 900 mg in combination with a strong CYP3A
inhibitor.

CONTRAINDICATIONS

Pregnancy; patients taking simvastatin or lovastatin and CYP3A substrates with narrow
therapeutic ranges; patients receiving systemic corticosteroids for lifesaving purposes; women
with a history of unexplained vaginal bleeding or endometrial hyperplasia with atypia or
endometrial carcinoma; patients with known hypersensitivity to mifepristone or to any of the
product components.

WARNINGS AND PRECAUTIONS

Adrenal insufficiency: Patients should be closely monitored for signs and symptoms of adrenal
insufficiency.
Hypokalemia: Hypokalemia should be corrected prior to treatment and monitored for during
treatment.
Vaginal bleeding and endometrial changes: Women may experience endometrial thickening or
unexpected vaginal bleeding. Use with caution if the patient also has a hemorrhagic disorder or is
on anticoagulant therapy.
QT interval prolongation: Avoid use with QT interval-prolonging drugs, or in patients with
potassium channel variants resulting in a long QT interval.
Use of strong CYP3A inhibitors: Concomitant use increases mifepristone plasma levels. Adjust
Korlym dose as described in Dosage and Administration. Use only when necessary and do not
exceed a Korlym dose of 900 mg.

ADVERSE REACTIONS

Most common adverse reactions in Cushing’s syndrome (≥20%): nausea, fatigue, headache,
decreased blood potassium, arthralgia, vomiting, peripheral edema, hypertension, dizziness,
decreased appetite, endometrial hypertrophy.

DRUG INTERACTIONS

Drugs metabolized by CYP3A: Administer drugs that are metabolized by CYP3A at the lowest
dose when used with Korlym.
CYP3A inhibitors: Caution should be used when Korlym is used with strong CYP3A inhibitors.
Adjust Korlym dose as described in Dosage and Administration. Use only when necessary, and
do not exceed a Korlym dose of 900 mg.
CYP3A inducers: Do not use Korlym with CYP3A inducers.
Drugs metabolized by CYP2C8/2C9: Use the lowest dose of CYP2C8/2C9 substrates when used
with Korlym.
Drugs metabolized by CYP2B6: Use of Korlym should be done with caution with bupropion and
efavirenz.
Hormonal contraceptives: Do not use with Korlym.

USE IN SPECIFIC POPULATIONS

Lactation: Mifepristone is present in human milk, however, there are no data on the amount of
mifepristone in human milk, the effects on the breastfed infant, or the effects on milk production
during long term use of mifepristone.

Please see accompanying full Prescribing Information and Medication Guide.

INDICATIONS AND USAGE

Korlym® (mifepristone) is a cortisol receptor blocker indicated to control hyperglycemia
secondary to hypercortisolism in adult patients with endogenous Cushing’s syndrome who have
type 2 diabetes mellitus or glucose intolerance and have failed surgery or are not candidates for
surgery.

Important Limitations of Use

Do not use for the treatment of type 2 diabetes mellitus unrelated to endogenous Cushing’s
syndrome.