




Your order's being loaded.
SANOFI fully understands the importance of privacy and the protection of personal data in the digital era and is committed to ensure an adequate level of data protection for all persons with whom SANOFI has dealings. This includes, notably:
This privacy policy (“Policy”) describes how SANOFI collects and processes personal data relating to the persons it deals with in its business activities in the UK through our websites, products, services, online stores and applications that reference this Policy. This Policy also describes SANOFI’s practices to ensure the adequate protection of that personal data and your privacy rights.
In certain circumstances, we may, if necessary, provide you with specific privacy information notices and/or consent forms (“Privacy Notice”), which will describe in more detail how your personal data will be processed. It is important that you read this Policy together with any Privacy Notice we may provide so that you are fully aware of how and why we are using your personal data. Click on the links below for more detailed information on our data processing activities in the following areas:
The objective of this Policy is to help you understand the following areas. Click on the links to go straight to the specific section.
Who is SANOFI and what is our role?
SANOFI is made up of different legal entities and, in the UK, SANOFI conducts its business through Aventis Pharma Limited and Opella Healthcare UK Limited. When we mention “SANOFI”, we are referring to the relevant company in the SANOFI group responsible for processing your data.
Each Privacy Notice will set out which SANOFI entity will be the controller and determines for what reasons (i.e. the purposes) your personal data is processed as well as the resources (i.e. the means) allocated to such processing. Unless specified otherwise, Aventis Pharma Limited is the controller and responsible for www.sanofi.co.uk and any other SANOFI website that links to this Policy.
We have appointed a Data Protection Officer who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including any requests to exercise your rights (as detailed in the “Your rights” section below), please contact our data protection officer as described in the “How to contact us” section below.
Changes to this Policy
This Policy may be modified by SANOFI from time to time, in particular in the event of changes in the law or SANOFI’s practices. Changes to this Policy will be made available on this page. We invite you to check this Policy periodically. The date on which this Policy was last updated is shown at the end of this document.
Third-party links
Our websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our websites, we encourage you to read the privacy policy of every website you visit.
Personal data, or personal information, means any information relating to an individual from which that person can be identified.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity data, which includes name, username or similar identifier, social media usernames, profile photos, title, date of birth, age, gender, race and ethnicity, photographs, and audio and visual recordings.
Contact data, which includes address, email, and telephone and mobile phone numbers.
Professional data, which includes job title, place of work, employment history, education, work address, areas of practice and specialisms.
Financial data, which includes bank account and payment card details.
Transaction data, which includes details about payments to and from you, and other details of products and services you have purchased from us, including customer account numbers.
Technical data, which includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our websites.
Profile data, which includes your username and password, purchases or orders made by you, and your interests, preferences, feedback and survey responses.
Usage and engagement data, which includes information about how you use our websites, products and services. We may use tracking pixels and encoded URL strings to track when emails we send you have been opened and which links in an email have been clicked. Tracking pixels are small image files which are embedded in emails and downloaded to your device when you load the pictures in an email. You can turn off pixels by turning off the images in the email itself. Encoded URL strings are pieces of code that are added to links. These do not use any technology (e.g. local storage, cookies etc.) to store or access data on your device. Through the use of tracking pixels and encoded URL strings, we collect information about your opening of the email (including time and date, your IP address, the city where you opened the email, the type of device, browser and operating system used to open the email) and the links you click on in the email.
Health data, which includes information about your health, diseases you may have, medicines you may be taking, adverse effects you may have experienced, and genetic and biometric data.
Beliefs and interests data, which includes details about your religious or philosophical beliefs, political opinions, hobbies and interests.
Marketing and communications data, which includes your preferences for receiving marketing from us and our third parties and your communication preferences
Some of our websites use Google Analytics and Mouseflow to collect anonymous data to customise, measure and improve our websites.
Google Analytics is a web analytics service provided by Google, Inc. Google Analytics uses cookies to analyse use patterns and may collect information about your use of the website, including your IP address. More information on Google Analytics can be found at https://policies.google.com/technologies/partner-sites. If you would like to opt-out of having your data used by Google Analytics, you can opt out at https://tools.google.com/dlpage/gaoptout.
Mouseflow is a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback campaigns, and similar features/functionality. Mouseflow may record your clicks, mouse movements, scrolling, pages visited and content, time on site, browser, operating system, device type (desktop/tablet/phone), screen resolution, visitor type (first time/returning), referrer, anonymized IP address, location (city/country), language, and similar meta data. Mouseflow does not collect any information on pages where it is not installed, nor does it track or collect information outside your web browser. If you'd like to opt-out, you can do so at https://mouseflow.com/opt-out. For more information, see Mouseflow’s Privacy Policy at http://mouseflow.com/privacy.
Please see the Cookie policy on the Sanofi website you arrived at this Privacy Policy from for more details about our use of cookies on that website. Please see our Cookie policy for more details about our use of cookies on www.sanofi.co.uk.
SANOFI may collect your personal data from different sources:
Personal data relating to children
In some instances we may collect personal data about children for the provision of our services, such as clinical activities or for patient support programs, with the consent of his/her parent or guardian. However, we do not otherwise knowingly solicit personal data from, or market to, children. If a parent or guardian becomes aware that his or her child has provided us with personal data, he or she should contact us as described in the “How to contact us” section below. We will take steps to delete such information from our database in accordance with applicable legal requirements.
SANOFI collects your personal data for the following purposes:
Marketing Communications
If you sign-up to receive email updates from Sanofi, we will also use your personal data in the ways described in our separate Staying in touch privacy notice.You may unsubscribe from receiving these emails at any time by following instructions which will be provided in each email.
Depending on the data processing in question, SANOFI will generally process your personal data on one of the following legal grounds:
As described in “The Purposes” section above, we may collect and process your personal data when you visit our websites (including through cookies) for a number of purposes, such as to administer and protect our websites, to deliver relevant website content to you, and to use data analytics to improve our websites. In these cases, we will process your personal data on the basis that it is necessary for our legitimate interests (for provision of administration and IT services and network security, to keep our website updated and relevant, to study how customers use our products/services and to develop our business).
If we use tracking pixels or encoded URL strings in emails we send you as described in the “What” section above, we will process your personal data on the basis that it is necessary for our legitimate interests (to develop our products/services and grow our business).
When we process your personal data for other purposes, we will notify you of the specific legal ground we are relying on to process your personal data in the Privacy Notice we provide you.
SANOFI may, on a case-by-case basis, rely on other legal grounds for processing your personal data, such as the protection of your vital interests. If this is the case, we will notify you in a Privacy Notice.
Please note that we may also process your personal data on the basis of more than one legal ground depending on the specific purpose for which we are using your data.
Please contact us as described in the “How to contact us” section below if you need details about the specific legal ground we are relying on to process your personal data.
For the purposes described above, SANOFI may need to share your personal data with the following authorised third-parties:
SANOFI may need to share your personal data with other third-parties, in which case we will inform you in the applicable Privacy Notice.
In any case, SANOFI will require that all such third-parties:
SANOFI is a multinational organisation with affiliates, partners, suppliers, service providers and vendors located in many countries around the world. For that reason, SANOFI may need to transfer (via access, visualisation or storage) your personal data to other jurisdictions, including countries outside the UK which may not be regarded as providing the same level of protection as the UK.
Safeguards for international transfers of personal data: In cases where SANOFI needs to transfer personal data outside the UK, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented
Please contact us as described in the “How to contact us” section below of you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
We have implemented a variety of technological and organisational procedures and measures to ensure the integrity and confidentiality of your personal data from unauthorised access, use and disclosure. These measures will take into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risks posed by the processing (in terms of likelihood and severity) to your rights and freedoms. For instance, we store your personal data on servers that have various types of technical and physical access controls, which may include, for instance, if appropriate, encryption. We may also aggregate, pseudonymise or anonymise personal data to ensure that no personally identifiable information is communicated to third parties.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
SANOFI will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, as outlined in this Policy.
As an exception, SANOFI may be required to retain your personal data for longer periods as required or permitted by law, or as necessary to protect its rights and interests. In such a case, you will be informed of the intended retention period in the applicable Privacy Notice.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting and other requirements.
In some circumstances you can ask us to delete your data: see the "Your Rights" section below for further information.
We may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
If you would like to exercise any of these rights, please contact us as described in the “How to contact us” section below and we will take necessary steps to respond as soon as possible.
You also have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk), regarding the processing of your personal data. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
SANOFI welcomes any questions or comments you may have regarding this Policy or its implementation.
You can send any questions about this Policy or SANOFI’s use of your personal data to our Data Protection Officer using the contact details below:
Post: 410 Thames Valley Park Drive, Reading Berkshire, RG6
1PT
Email: GB-DataProtection@sanofi.com
Last updated: November 2022
We will send you an email to reset your password