Sanofi respects individual privacy and values the confidence of its customers, partners, patients, users and employees. Therefore, Sanofi takes your privacy seriously and all processing of personal data is done in accordance with applicable laws and regulation on data protection.
“Adverse event” shall mean any undesirable experience associated with the use of a medical product in a patient.
“Data controller” shall mean the person(s) who determine the purposes and means of processing personal data
“Medical information enquiry” shall mean any unsolicited enquiry arriving via phone, mail, websites and other sources from internal and external customers.
“Personal Data” shall mean information related to an identified or identifiable individual.
“Sensitive personal data” are personal data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, data concerning health or sex life and sexual orientation as well as genetic data or biometric data. Sensitive Personal Data are special categories of personal data that are subject to additional and protections with regard to EU data protection law.
Sanofi may process the following personal data:
The legal basis for processing your non-sensitive personal data, such as technical data that Sanofi may collect during your visit to Sanofi’s website or your name, e-mail address etc., is the legitimate purposes that Sanofi pursues in order to optimize and improve your visit to Sanofi’s websites or to receive and process your inquiries by your submission of a form or when contacting Sanofi by email, phone or any other means.
If you submit sensitive personal data, such as your health data related to an adverse event, the legal basis for processing these personal data will be the legal obligation for Sanofi to collect, process and retain these data pursuant to the relevant and applicable local and European legislation.
Please note, that you are free to withdraw your consent to the processing of your personal data at any time.
Sanofi may process your personal data:
Your personal data will be stored as long as it is necessary in order for Sanofi to fulfil the purposes for which your personal is collected as stated above, or for which it is further processed. Sanofi stores and processes your personal data for a period reasonably determined by business necessity and for all the obligations Sanofi may have to comply with, as it may be required by law.
As Sanofi is part of a global group of companies, Sanofi may share your personal data with other affiliates of the Sanofi Group. Such transfer to group companies will be done for the abovementioned purposes (cf. section “For what purposes and for how long is your personal data processed”) and based on the same legal ground as the processing as such.
Sanofi may also transfer your data to external service provider(s) (such as IT resources providers, research organizations, marketing agencies, IT solutions service providers, etc.) who assist Sanofi in the processing of your personal data (the "Recipients"). Some of these Recipients may be located in countries outside the EU/EEA, which do not ensure the same level of personal data protection as the country where you are located. In such case, Sanofi has implemented appropriate mechanisms to protect your personal data, including notably (but not limited to) data transfer agreements based on the European Commission standard contractual clauses, or Binding Corporate Rules.
For more information on the countries where the data are transferred or on the data transfers mechanisms implemented, you can contact firstname.lastname@example.org
Any such sharing will be in compliance with the applicable law.
However, please be aware that there is always some risk involved when submitting data over the Internet and that Sanofi cannot guarantee that its websites are 100% safe from illegal tampering or “hacking.”
Any data transmitted over the Internet may be at risk.
As a user of Sanofi’s websites, you have the following basic rights under the applicable data protection laws and regulation:
Right to access: You may at any time inquire whether your personal data is being processed by Sanofi, and, if so, you may for example enquire what data is processed about you, the purpose of such processing and to whom such data may be disclosed. In addition, when a Sanofi’s website includes a feature relevant for the right of data portability, you have the right to receive your personal data provided to Sanofi in a structured, commonly used and machine-readable format to transmit such data to another data controller.
Right to rectification and deletion: If the personal data collected about you is incorrect or inaccurate, you may request Sanofi to rectify the incorrect or inaccurate personal data of yours.
Right to object and file a complaint: You may at any time object against the processing of your personal data with request to stop or limit Sanofi's processing of your personal data. Further, you are entitled to file a complaint about the processing of your personal data to the following data protection authority:
Sanofi warrants that it will work in good faith, cooperate with the relevant Data Protection Authority and comply with its decision.
Right to be forgotten: You also have the right to obtain erasure of your personal data (“right to be forgotten”).
Please note that your right to such access or correcting may be limited by applicable law.
Apart from the information (including personal data) that Sanofi requests from you, Sanofi’s Websites are not intended to receive other information from you, including confidential information. Consequently, and except for personal data mentioned above, any information not requested by Sanofi, whatever its form - document, data, graphic, question, suggestion, concept, comment or other - that you send to Sanofi through its websites, will be sent at your own risk and will not under any circumstances be deemed confidential, unless otherwise provided for in applicable laws.
Also, unless otherwise provided for in applicable laws, the act of sending such information to Sanofi gives Sanofi the right to use it, reproduce it, publish it, alter it or send it with a view to dealing with your request as well as delete it, when your request has been dealt with.
The website you are visiting (the “Site”) belongs to and is operated by Sanofi AB which determines the purposes and means of the processing of your personal data.
Please note that when you contact Sanofi via email, you may be asked to answer several questions related to your personal data in order to allow Sanofi verify your identity.
Sanofi, as a pharmaceutical company, is obliged to collect, register and follow-up on any information regarding adverse events on human medicinal products which are brought to its attention, and to report to concerned Competent Authorities according to current pharmacovigilance legislation (Directive 2010/84//EU and Regulation (EU) No 1235/2010).
In addition to adverse events, Sanofi is also obliged to collect information about lack of therapeutic efficacy of a product, overdose or misuse/off-label, if a product was used during pregnancy and / or lactation, medication error/unintended failure in the drug treatment, transmission of infectious agent, occupational exposure and unexpected positive effect of a product.
When you contact Sanofi by filling out a form available on Sanofi’s websites or by corresponding with Sanofi by email, phone, fax, post or by any other means:
Pharmacovigilance data and medical information are considered as sensitive personal data and are only processed where relevant and necessary for Sanofi to document your reaction properly and for the purpose of meeting all pharmacovigilance and legal requirements (e.g. provide mandatory reports to national competent authorities) and to answer your enquiry.
As part of meeting Sanofi’s pharmacovigilance obligations, Sanofi may use your information to contact you and/or further investigate the adverse event.
The personal data provided by you will be captured in a protected and secured global safety database which by design guarantees from any compliance breach to non-authorized personnel.
The data is disclosed to the European Medicines Agency (EMA) and the corresponding competent authorities in other countries of the world. It could also be disclosed to Sanofi's partners for the above purposes. The disclosure of personal data is normally only in a pseudonymous form, but upon disclosure to partners, identifiable personal data such as name and address could also be submitted so the recipient can fulfill their legal obligations.
All Pharmacovigilance data, and all documents relating to authorized human medicinal products, will be retained by Sanofi as long as the product is marketed, and for at least 10 years after the product has ceased to exist. After that, the data will be anonymized. The anonymized data is stored in the global safety database without time limit.
If you report safety data regarding medical device, nutraceuticals or cosmetics the personal data will be handled as explained above.
For more information on the legal basis with regard to medical devices, nutraceuticals and cosmetics, you can contact email@example.com.
You may access and correct your personal data at any time by contacting us (see section below “contact details”).
However, for legal reasons, Sanofi cannot delete information that has been collected as part of an adverse event report. Sanofi may also require you to provide proper identification before Sanofi comply with any request to access or correct your data. Your right to such access and/or correction may be limited by applicable law.
Comments, questions, complaints and requests for disclosure relating to Sanofi’s handling of personal information should be directed to: