Welcome To AARP membership Renew Today Last Attempt#DFCv

[Hello]( The website may contain forward-looking statements within the meaning of the "safe harbor" provisions of the Private Securities Litigation Reform Act of 1995. In addition, except for the historical information contained therein, the matters set forth in Incyte press releases, presentations, webcasts, announcements and other disclosures are also forward-looking statements. Data Protection Officer Incyte: privacy@incyte.com Data Protection Authority/Supervisory Authority: The Data Protection Authority/Supervisory Authority for the processing of your personal data is the authority located in the country of the Incyte organization or affiliate whose website you are visiting or the country where you live, work, or the place of the alleged infringement. More information about how to contact these authorities in the European Union can be found here. For Switzerland information, please visit the office of the Federal Data Protection and Information Commissioner. For United Kingdom information, please visit the Information Commissioner’s Office (ICO). United States California These statements can often be identified by the use of forward-looking terminology such as "expects," "believes," "intends," "anticipates," "estimates," "plans," "may," or "will," or the negative of these terms, and other similar expressions. These forward-looking statements reflect our current views with respect to future events, are based on assumptions and are subject to risks and uncertainties. These risks and uncertainties could cause actual results to differ materially from those projected. For a discussion of some of the factors that may cause results to differ, see Incyte’s reports filed with the Securities and Exchange Commission. Incyte disclaims any intent or obligation to update these forward-looking statements. You should not place undue reliance on these forward-looking statements. f you live, work or travel in the EEA, Switzerland or the United Kingdom (UK)—or visit an EEA, Swiss or UK website—please read this section to learn more about the General Data Protection Regulation (GDPR) or UK Data Protection Act and how it applies to the personal data collected and used by Incyte as described in this Privacy Policy. Incyte does not knowingly collect personal information directly from minors—persons under the age of 13 or another age of a minor as defined by the applicable law of your jurisdiction—other than when required to comply with the law or for safety or security reasons. If you are a parent or guardian of a minor who has provided personal information without your knowledge or consent, you may submit a request to remove the minor’s information by emailing us at privacy@incyte.com. If we become aware that anyone under the age of 13 has submitted personal information to our site, we will delete it and we will not use it for any purpose whatsoever. If you participate in certain activities on our websites, mobile applications or social media accounts, you may need to provide us with personal information such as your name, email address, mailing address, phone number or fax number. For example, if you choose to send us an email or fill out an online form, you are voluntarily providing personal information to us. We do not sell, rent or trade voluntarily submitted personal information with third parties. If you choose not to provide your personal information, you may not be able to participate in those activities; however, you will still be able to access information available on the website to the general public. As technology improves the efficiency of our organization and activities, it may also increase our risk. Incyte has a robust Cybersecurity program, with a comprehensive suite of tools and processes. These include technical and administrative safeguards such as penetration testing, vulnerability assessment and remediation; privacy and cybersecurity assessment of business partners; end-to-end security tools; cloud security and protection mechanisms for patient data and intellectual property. o obtain access to your personal data together with information about how and on what basis that personal data is processed To rectify inaccurate personal data (including the right to have incomplete personal information completed) To erase your personal data in limited circumstances where it is no longer necessary in relation to the purposes for which it was collected or processed Incyte also focuses on regularly improving cybersecurity awareness among employees and contingent workers through mandatory cybersecurity training during orientation, annual refreshers and “Cybersecurity Awareness Month” activities, which are supplemented by periodic phishing simulation testing campaigns with additional training for users who do not pass the tests. The website, and the information which it contains, is the property of Incyte, and is protected from unauthorized copying and dissemination by United States copyright law, international conventions and other intellectual property laws. The trademarks, service marks, logos, or other intellectual property displayed on the website are owned by Incyte except as otherwise noted. Nothing on the website should be construed to grant any license or right in or to any trademarks, service mark, logos or other intellectual property rights. All rights are reserved by the owners of each trademark, service mark, logo, or other intellectual property, except as otherwise described in this notice. Incyte Corporation (including its affiliates in its worldwide group of companies) (collectively, “Incyte,” “we” or “us”) honors its trusted relationships with patients, healthcare professionals, caregivers, consumers, employees and business partners by being transparent about how we collect, use, share, transfer and retain personal information when you visit one of Incyte’s websites, mobile applications or social media accounts.¹ We encourage you to explore this webpage, and the webpages and policies to which it links, in order to learn more about our privacy practices. Incyte Biosciences Canada Corporation is responsible for personal information under its control. We have designated a Privacy Officer who is responsible for Incyte Biosciences Canada Corporation compliance with this Policy. Incyte Biosciences Canada Corporation will, on request, provide information regarding its complaint procedures. Nicholas Apruzzi, Privacy Officer, on behalf of Incyte Biosciences Canada Corporation 1801 Augustine Cut-off Wilmington, Delaware 19803 USA