Privacy Policy

Effective Date: April 1, 2026, version 2.0

Wellcome Leap (“Leap” “our,” “we,” or “us”) respects your privacy and is committed to protecting your personal information. The term “personal information” means any information relating to an identified or identifiable individual. This privacy policy (the “Policy”) describes the types of information we collect and our practices for collecting, using, transferring, retaining and disclosing it, and the rights you may exercise, where applicable, regarding personal information about you. Leap is the “data controller” of personal information which is provided to us, collected by us, or processed in connection with the use of the Site.

This privacy policy applies to our website as well as all other sites, social media accounts, mobile apps and the like directly controlled by us (collectively the “Site”), but does not apply to third party sites, applications, or products that may be accessed through the Site. If you click on a link that directs you away from the Site to the website of a third party, please note that we are not responsible for their privacy practices and we encourage you to read their privacy statements.

By accessing and using the Site, you acknowledge that you have read and understood this Policy, which may be updated and amended from time to time. If you do not agree with the practices described in this Policy, do not access the Site.

Supplemental Information

This Policy may be supplemented by a supplemental privacy notice applicable to a particular interaction with us, which may be either embedded in this notice or made available to you separately. We will tell you when a supplemental privacy notice applies.

Information Collection

Leap may collect the following information, which may include personal information, about you in connection with your use of the Site:

  • Information about your computer, including your IP address, location, data usage, etc.;
  • Your contact information, including title, forename and last name;
  • Your username or email address;
  • Your phone number;
  • Your address;
  • Information about yourself or other parties such as family members that you voluntarily submit to us; or
  • information from third party sites, including third party social media sites such as Facebook, LinkedIn, and the like, including when you log in through such sites.

You can refuse to provide this information, but if you choose not to provide personal information that is necessary to provide services that you may request, we may not be able to provide you those services.

If you provide or permit us to collect any personal information relating to another person, you are telling us that you have the authority to share that information and to permit us to use the data as described in this Policy.

We collect this information:

  • Directly from you when you provide it to us by your interactions with the Site;
  • When you subscribe to receive our publications, newsletters and updates;
  • When you fill in surveys on the Site; or
  • When you contact us for another purpose through the Site, including, but not limited to, contacting us in connection with our grant-making activities (i.e. as a grant applicant, holder, participant, external adviser or reviewer).

Additionally, certain technical information relating to you and your device are collected automatically when you use the Site, such as your internet log information, including Internet Protocol (IP) address, browser type and version, and page interaction information using cookies or similar technologies.

Cookies

We use essential cookies and similar technologies to make our Site work. These cookies cannot be disabled.

We also use additional cookies, including analytical (performance) cookies. For example, we use third party analytical services (e.g., Google Analytics) that collect aggregated information about how visitors use our website. These cookies may collect: pages visited, time spent on pages, click paths, browser and device information, general (approximate) geographic location. This data helps us understand site performance and improve user experience. Analytical cookies are only activated with your consent where required by law. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

We may use certain cookies to inform our marketing and digital content efforts, which help us tell people about the work we do. This data helps us to personalize your experience, to send relevant marketing communications, to segment audiences and tailor content, to manage your consent and communication preferences, to maintain accurate and secure marketing records. Marketing and digital content cookies are only activated with your consent where required by law. You can manage or disable cookies using our Site cookie banner.

Our Site may be configured to recognize certain general global privacy control or “Do Not Track” signals from some browser settings, but it may be possible that your specific signal is not recognized by the Site.

Artificial Intelligence (AI) Use

We may use chatbots or other AI tools to facilitate communication with you and to help us organize information and improve our services. Some of our uses of AI may include collection of data from you, including your name, email, phone number, company information, or the like, and may record the communications with you. We use this data to address inquiries, provide personalized feedback or services to you. We do not use AI to autonomously make any decisions related to our business interactions with you.

Information Use and Legal Basis for Processing

We may use your information, including personal information:

  • To respond to requests that you make on the site and send you requested notifications;
  • To maintain the security and integrity of the Site and enable internal operations and accessibility;
  • To comply with legal obligations;
  • To manage grants, partnerships, and collaborations and communications related to the same, including all related communications; or
  • For any other purpose with your consent

We rely on the following legal bases to process your personal information for these non-exhaustive purposes:

Consent – We may obtain your consent to process your personal information in certain circumstances, which may include when you opt-in to subscribe to publications, newsletters and updates, or you contact us to register an interest in Leap.

You have the right to withdraw your consent at any time by using the ‘unsubscribe’ link in our emails. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

Legitimate Interests – We rely on this lawful processing ground when we process your personal information to provide you with information about Leap. We also rely on this lawful processing ground to respond to specific requests, to manage our business operations, to manage our relationships with you and with third parties in connection with our business, to develop our business, and when we provide you with marketing information or other information in relation to Leap which we believe may interest you.

Contractual Necessity – Where applicable, we process your information to enter into a contract with you or take steps at your request before entering into such a contract.

Legal Obligations – We may process your information to comply with applicable laws or regulatory requirements.

Information Disclosure

We may disclose information, including personal information:

  • To our affiliates and service providers;
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets;
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request;
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Leap, our stakeholders, or others;
  • For any other purpose disclosed by us when you provide the information; or
  • With your consent.

We may also disclose aggregated information and de-identified or anonymized information without restriction.

We may also share your information with website hosting providers, analytics providers, IT support vendors and cloud storage providers operating under confidentiality and security obligations.

Your Rights

Whenever we process personal information, we take reasonable steps to ensure that your personal information is accurate and up-to-date for the purposes for which it was collected. We will provide you with the ability to exercise the following rights where required by law, such as in the European Economic Area, and in the United Kingdom:

  • the right to know what personal information we have about you and how we process personal information about you;
  • the right to access personal information we process about you and, if you believe that any information relating to you is incorrect, outdated, or incomplete, to request correction or updating;
  • the right to request the deletion of personal information about you, or to restrict the processing of personal information for certain specific categories of processing;
  • the right to withdraw your consent at any time where we have processed personal information about you on the basis of consent, without affecting the lawfulness of the processing before such withdrawal;
  • the right to object, in whole or in part, to the processing of personal information about you. With certain exceptions, this includes the right to object to direct marketing and the right to object to personal information about you being used for research;
  • the right to request data portability, meaning that the personal information you have provided to us be returned to you or transferred to the person of your choice, in a structured, commonly used and machine-readable format without hindrance from us and subject to your confidentiality obligations; and
  • the right to object to automated decision-making including profiling resulting in a significant or legal effect. Please note that currently we do not engage in such automated decision-making.

To make such a request, please email us at dataprotection@wellcomeleap.org.

If you live in California or another U.S. state with applicable privacy laws, you may have additional rights, including the right to know, delete, correct and opt-out of certain data sharing.

To exercise your rights, contact us at dataprotection@wellcomeleap.org. We may need to verify your identity and will reply within legally required timeframes.

International Data Transfers

Our servers are either located in the United States or, if located in other countries, may be accessed from the United States. Where required by law, we use appropriate safeguards for international transfers, including:

  • EU Standard Contractual Clauses
  • UK International Data Transfer Agreement

You may contact us at dataprotection@wellcomeleap.org to obtain more information about these safeguards.

Minors

The Site is not intended minors (individuals under the age of 13, or equivalent minimum age depending on jurisdiction), and we do not knowingly collect personal information from minors through Site. If you become aware of any personal information we have collected from a minor through the Site, please contact us. If we learn that we have collected personal information from a minor through the Site, we will take steps to delete the personal information without notice as soon as possible.

Retention

We retain personal information only as long as necessary for the purposes described in this policy, including to meet any legal, accounting, or reporting requirement. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you and provide the Site to you; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to the enforcement of the Site Terms of Use, applicable statutes of limitations, litigation or regulatory investigations). When personal information is no longer required, we securely delete, anonymize, or otherwise remove it from our systems. If anonymized, the information may be retained for statistical or research purposes without further notice to you. Please contact us if you would like more details regarding our retention periods for different categories of personal information.

Security

We have implemented reasonable measures designed to secure your personal information from unauthorized access, use, alteration, and disclosure. These include a variety of technologies and procedures to help protect the security of your personal information from unauthorized access, use, or disclosure. We also maintain standard physical and electronic procedural safeguards that limit access to your personal information to our employees (or people working on our behalf and under confidentiality agreements) who, through the course of standard business activities, need to access your personal information. However, no such measure is ever 100% effective, and we do not guarantee that your personal information will be secure from theft, loss, or unauthorized access or use, and we make no representation as to the reasonableness, efficacy, or appropriateness of the measures we use to safeguard personal information.

Updates to Our Privacy Policy

From time to time, we may update this Policy. Any changes will be effective when we post the revised Policy. This Policy was last updated as of the effective date listed above. If the Privacy Policy changes in a way that significantly affects how we process personal information, we will not use the personal information we previously gathered in the manner described in the new policy without providing notice and/or obtaining your consent, as appropriate. Minor changes to the Policy may occur that will not significantly affect our use of personal information without notice or consent. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us

Please submit questions, concerns, or requests to exercise your applicable rights to Leap by email to dataprotection@wellcomeleap.org or write to: 302 Washington Street 150-1384, San Diego CA 92103. You may also make a complaint to your local data protection authority.

Lodging a Complaint with a Regulator

You may lodge a complaint with a data protection authority competent for your country or region or place of alleged infringement.

Privacy Policy

© 2026 Wellcome Leap Inc. All Rights Reserved.

Wellcome Leap is a 501(c)(3) organization.