Privacy policy

iTeos may change its Privacy Policy from time to time. We encourage you to review this Privacy Policy periodically. This policy was last modified on 15 October 2021

1. Introduction

This privacy policy sets out how iTeos Therapeutics Inc. (“iTeos”, “we”, “our”, “us”) and its affiliates uses and protects your personal data.  iTeos is a privately held, biopharmaceutical company with its corporate domicile and principal place of business at 139 Main Street, Cambridge, Massachusetts 02142. This policy applies to the personal data for which iTeos acts as controller; in other words, where we have control over what happens with your data and how this data is handled.

iTeos is committed to ensure that your privacy is protected and will only process your personal data in conformity with the General Data Protection Regulation (“GDPR”) which has been in effect since May 25, 2018. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy policy. 

2. How we collect your personal data

Personal data includes any information relating to an identified or identifiable person. This may include, but is not limited to your name, address, email address, phone number, location data and IP address. An IP address means “internet protocol address” which is a unique string of numbers separated by periods that identifies each computer using the Internet Protocol to communicate over a network.

We collect personal data that you provide to us in the following ways:

  • Entering into agreement with us: when you enter into a contractual agreement with us, we may collect certain details in respect of you or other representatives of your business, such as name, contact details, company address, job title and location.
  • Communications with us directly: we collect personal data when you provide it to us directly, such as via postal, telephone and/or email communications.
  • SharePoint: if you connect and use SharePoint to interact with us, we will collect your personal data, such as your name, email address, IP address as well as information on your usage of SharePoint and any personal data contained within the content you upload to SharePoint.
  • Communications via our website: we collect personal data when you provide it to us through communications via our website. This includes where you have contacted us through the “Contact US” page on our website, such as your full name, email, company, and the details of your enquiry.
  • Careers: we may collect personal data from you when you apply for a vacancy with us, such as your name and curriculum vitae.
  • Automated technologies and/or interactions: as you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see the section below “About cookies” for further details.

3. How we use your personal data

To the extent we collect personal data from you, as described in this Privacy Policy, we use such information for the purposes, and rely on the legal bases, listed below. Note, that in certain circumstances detailed below, we will process your personal data on more than one legal basis depending on the specific purpose for which we are using your personal data.

Purpose Legal Basis
To enable us to carry out our obligations arising from any contracts and to provide you with the information you request from us.  Performance of a contract or our legitimate interests.
To enable us to respond to an enquiry or other request you make when you contact us via our website or directly. Performance of a contract or our legitimate interests.
To notify you about changes to our service. Performance of a contract or our legitimate interests.
To protect the security of and managing access to our premises, IT and communication systems, online platforms, website, and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities. Performance of a contract or our legitimate interests.
To comply with our legal and regulatory obligations and requests, including reporting to and/or being audited or investigated by national and international regulatory bodies. Legal obligation.
To comply with court orders and to exercise and/or defend our legal rights. Legal obligation or legitimate interests. 
To understand how you visit our website and how you interact with us to enrich your user experience. Legitimate interests.
To allow tracking pixels for third parties such as Facebook and Twitter to interact with us. Legitimate interests.
When you subscribe to our news alerts, we will send you details of our press releases. Consent or legitimate interests.
For our recruitment when you apply for a job role with us. We may use information collected throughout the recruitment process to review our equal opportunities profile in accordance with applicable legislation. To take steps to enter into a contract with you, legal obligation, or legitimate interests. 

4. About Cookies

(a) Our use of cookies

This website uses cookies to gather general information about the browsing activities of visitors to this website. This allows us to constantly improve the website design by arranging the content in the most user-friendly manner and to continually meet the users’ needs. 

A cookie is a small data file that is placed on your computer by your web browser when you visit the website. It is a tool that stores information about website visits, recognizes you and your preferences each time you visit our website, and ensures website functionality and generally improving your experience of the website.

We use the following categories of cookies on this website: 

  • Performance cookies: these are analytics cookies that allow us to collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. This helps us to improve the way the website works and allows us to test different ideas on the site.

These cookies are dropped after you have consented via the cookie banner on our website. 

We may change our use of cookies over time, but our use of cookies will generally fall into the above categories. Please visit this page regularly so that you are aware of any changes.

(b) Opting out of cookies

You can withdraw your consent at any time, for example by deleting the cookies. If you do not accept all cookies or withdraw your consent, you may still browse the website.

You may also configure the settings of your browser to activate, disable or delete cookies. Detailed instructions are provided by your browser. If you disable or delete cookies, however, you may have to manually adjust some preferences every time you visit the website, and some functionalities may not work.

For more information on cookies and how they can be managed and deleted please visit or

(c) Third party cookies 

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google"). Google Analytics uses cookies to help a website to analyze how users use the website. The information generated by the cookie about your use of our website (including your IP address) will be transmitted and stored by Google on servers in the USA.

You can block the cookie’s collection of data regarding your use of this website (including your IP address) as well as the processing of this data by Google, by downloading and installing the browser add-on found under the following link:

As an alternative to the browser add-on, you can go to in order to opt out from being tracked by Google Analytics within this website in the future. An opt-out cookie will be stored on your device, which means that you will have to click this link again if you delete your cookies.”

5. Your rights/our legal obligations

You may have the right to: request (a) access the to your personal data we hold about you; (b) request we correct any inaccurate personal data we hold about you; (c) request we delete any personal data we hold about you; (d) restrict the processing of personal data we hold about you; (e) object to the processing of personal data we hold about you; and/or (f) receive any personal data we hold about you in a structured and commonly used machine-readable format or have such personal data transmitted to another company.

We may ask you for additional information to confirm your identity and for security purposes, before disclosing information requested to you. We will process any request in line with any local laws and our policies and procedures. If you are located in the United Kingdom or the European Economic Area, you have the right to lodge a complaint about how we process your personal data with the supervisory authority in your country.

Please note if you refuse to provide certain data or ask for us to delete your personal data, we will no longer be able to provide certain services to you. There may be occasions where we are unable to delete or update your personal data for legal obligations or for compelling legitimate interest.

If you wish to exercise any of your rights, please contact us using the information provided in the “Questions and Complaints” section below.

6. How we share your personal data

We may share your personal data with the following categories of recipients:

  • Affiliates of iTeos.
  • Third party service providers, to perform business functions on behalf of iTeos such as IT providers for the management of the web-based services, recruitment management, legal services, auditing, and any other companies providing support services as required.
  • Companies providing services for credit risk reduction, money laundering, and terrorist financing checks and other fraud and crime prevention purposes, and companies providing similar services, including financial institutions, credit reference agencies, and regulatory bodies with whom such personal data is shared.
  • Courts, law enforcement authorities, regulators, government officials, or other parties where it is reasonably necessary for the establishment, exercise, or defence of a legal or equitable claim.
  • We may pass your information on to third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock.

We will never sell or rent your personal data to third parties.

Your personal data will not be transferred to third parties without taking appropriate protection to help ensure your personal data is kept confidential at all times.

7. International transfers

We have offices and facilities in in Cambridge, MA, US and therefore we may transfer your personal data outside the European Economic Area ("EEA") or the UK to the United States. When we transfer your personal data outside the EEA, where required, we will ensure appropriate safeguards are in place to  protect your personal data (such as relying on the European Commission approved standard contractual clauses to govern such transfers), a copy of which can be obtained from our Data Protection Officer who can be reached by emailing

8. Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over these other websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites; and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the websites concerned.

9. Data retention

We will only retain your personal data for as long as is necessary for fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

10. Security

We have implemented appropriate technical and organisational security measures to help protect your personal data against a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, personal data transmitted, stored, or otherwise processed and to safeguard against access by unauthorised persons.

11. Questions and complaints

If you have any questions or complaints on how iTeos processes your personal data, you can always contact our Data Protection Officer: .

If you believe that our processing of your personal data infringes data protection laws, you also have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the UK or EU member state of your habitual residence, your place of work or the place of the alleged infringement. We however kindly request that you also present your complaints to our Data Protection Officer first, so that we can quickly find a suitable solution to your problem.