QUICK GUIDE TO CONTENTS:
- WHAT IS THE PURPOSE OF THIS POLICY?
- WHAT TYPES OF PERSONAL DATA WILL BE COLLECTED?
- HOW DO WE COLLECT PERSONAL DATA?
- HOW WILL PERSONAL DATA BE USED?
- WILL PERSONAL DATA BE TRANSFERRED OUTSIDE SINGAPORE?
- HOW WILL PERSONAL DATA BE STORED?
- HOW LONG WILL PERSONAL DATA BE RETAINED?
- WHO WILL PERSONAL DATA BE SHARED WITH?
- HOW CAN I EXERCISE MY RIGHTS?
- HOW TO CONTACT US?
- ACCURACY OF DATA
- REVISION TO THIS POLICY
1. WHAT IS THE PURPOSE OF THIS POLICY?
This Privacy Policy (“Policy”) describes the practices and responsibilities of SANOFI-AVENTIS SINGAPORE PTE LTD and its affiliates (“Sanofi”, “we”, “us”, or “our”) on the collection, use, disclosure, processing and transfer of personal data relating to persons with whom Sanofi has dealings, including without limitation, patients, customers, individuals who request information about our products and services, health care professionals, users, online visitors or members of our affiliated or related websites, social media sites, digital tools, online resources, mobile devices, applications and various other platforms (“Site(s)”), in accordance with the Personal Data Protection Act 2012 of Singapore and all laws and regulations applicable to the protection of your personal data ("Applicable Laws") and this Policy. In certain circumstances, specific data protection information notices and/or consent forms will, if necessary, be communicated to you regarding specific situations where Sanofi may process your personal data, and describe in more detail how your personal data will be processed in relation with the processing in question.
BY ACCESSING THE SITES, PROVIDING YOUR PERSONAL DATA TO US AND/OR ALLOWING OUR COLLECTION OF YOUR PERSONAL DATA, YOU CONFIRM THAT YOU HAVE READ, UNDERSTOOD AND AGREED TO THE TERMS AND CONDITIONS AS PROVIDED HEREIN AND YOU CONSENT TO THE COLLECTION, USE, DISCLOSURE, PROCESSING AND/OR TRANSFER OF YOUR PERSONAL DATA WHICH HAS BEEN OR WILL BE RECEIVED OR COLLECTED BY SANOFI IN THE MANNER AND FOR THE PURPOSES DESCRIBED IN THIS POLICY. |
Unless otherwise defined, the definitions in the Terms of Use will apply to this Notice.
2. WHAT PERSONAL DATA MAY BE COLLECTED?
Personal data means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly, as defined by Applicable Laws. Depending on your interaction with us, we may collect the following categories of personal data, including but not limited to:
- Identity data, which includes name, username or similar identifier, social media usernames, title, date of birth, age, gender, race and ethnicity, photographs, and audio and visual recordings.
- Contact data, which includes address, email, and telephone and mobile phone numbers.
- Professional data, which includes job title, place of work, employment history, education, work address, areas of practice and specialties.
- Financial data, which includes bank account and payment card details.
- Transaction data, which includes details about payments to and from you, pursuant to our engagement of your services, and other details of products and services you have purchased from us, including customer account numbers.
- Technical data, which includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Sites.
- Profile data, which includes your username and password, purchases or orders made by you, and your interests, preferences, feedback and survey responses.
- Usage data, which includes information about how you use the Sites, products and services.
- Health data, which includes information about your health, diseases you may have, medicines you may be taking, adverse effects you may have experienced, and genetic and biometric data.
- Beliefs and interests data, which includes details about your religious or philosophical beliefs, political opinions, hobbies and interests.
- Marketing and communications data, which includes your preferences for receiving marketing from us and our third parties and your communication preferences.
Where indicated, it is obligatory to provide your personal data to us to enable us to process your data in relation to specific Purposes (defined hereunder). Should you decline to provide such obligatory personal data, we may not be able to engage with you, including to communicate with you or provide you with the information you require.
3. HOW DO WE COLLECT PERSONAL DATA?
Sanofi collects and processes personal data either through its employees or authorized third parties acting on our behalf. Apart from personal data you have provided to us or allowed us to collect as set out in this Site, Sanofi may collect and process your personal data from different sources:
- data that you communicate to us and/or our authorized agents, through various media and communication channels, whether face-to-face, by phone, in writing, through general business contact with you, through registrations, applications, surveys, and direct and indirect interactions with Sanofi. For example, data you provide to purchase or acquire our products or services, when you meet or communicate with us, when you post a message on a Sanofi bulletin board or comments thread, to register for scientific events, to participate in a patient support programme, to report an adverse event, to submit an online application, to submit your resume to us for employment purposes, to create an account on the Sites, or to contact us or send us a request for information.
- data that we collect following your interactions with the Sites, platforms, electronic or mobile applications and services through certain technologies, such as cookies;
- data from publicly available sources that we collect in accordance with Applicable Laws, e.g. data that is published by you, social media profiles, directories, signages;
- data that we obtain legally from third parties who are authorized to collect, use, transfer, disclose or process your personal data as authorized by you or in accordance with applicable laws, for example, when we may need to confirm contact or financial information or to verify the registration of healthcare professionals, or data provided by one of your healthcare professionals regarding an adverse experience in relation to one of our products.
Specific topics:
Cookies
The Sites may use a tracking technology called a “cookie”. A “cookie” is a small text file that a website can place on your computer’s hard drive in order, for example, to collect information about your activities on the Site, to track your preferences and selections, or to show you advertisements based on your interests, such as banner ads relating to Sanofi products and services. Cookies may be placed on your computer by Sanofi or by another company or advertiser that Sanofi engages to provide services or advertising (a “third party cookie”).
It is possible that these cookies could be used in combination with other information to identify you. Information stored in first party cookies associated with a Site will be transmitted back to us. Information stored in third party cookies may be transmitted to the party placing the cookie, so that they can deliver to you messages and advertisements based on your interests as you browse the Internet.
You may be able to opt out of third parties using cookies to deliver interest-based advertising to you by visiting www.aboutads.info/choices/ or https://www.networkadvertising.org/choices/. With most internet browsers, you can also erase cookies from your computer’s hard drive, block all cookies, block specific kinds of cookies, or even receive a warning before a cookie is placed on your system. Refer to your browser instructions or help button to learn more about cookies. You should be aware, however, that cookies might be necessary to provide you with certain features (e.g. customized delivery of information) available on the Sites.
Web Logs
The Sites may also automatically collect and store web log information relating to your computer and your visit, such as the name of the domain and host from which you access the Internet; the Internet address of the website from which you linked to a Site; the date and time you accessed a Site, how long you spent and which pages you visited; your computer's operating system and browser software; and your Internet protocol (IP) address. An IP address is a number assigned to your computer by your Internet Service Provider so you can access the Internet. This number may change each time you connect to the internet (“dynamic IP address”) or it may remain constant (“static IP address”). If you have an IP address, it is possible that this address could be used in combination with other information to identify you.
Pixel Tags
The Sites may also track your usage of the site through the use of pixel tags (also called clear gifs or web beacons). A pixel tag is a tiny graphic on a web page that is used to track pages viewed. Pixel tags tell the web site server information such as the IP address and browser type related to the visitor’s computer. Pixel tags may be placed in online advertisements that bring people to a Site and on different pages of the Sites. Web beacons provide us with information on how many times a page is opened and which information is consulted.
Social Plugins
The Sites may use social plugins (e.g., the Facebook “Like” button) to enable you to easily share information with others. When you visit the Sites, the operator of the social plugin may be able to place a cookie on your computer, enabling that operator to recognize individuals who have previously visited the Sites. If you are logged into the associated social media website (e.g., Facebook) while browsing on the Sites, the social plugin allows that social media website to receive information that you have visited the Sites. The social plugin may also allow the social media website to share information about your activities on the Sites with other users of their social media website. For more information about the information shared via a particular social media plugin, you should refer to that social media site’s privacy statement.
Google Analytics and its advertising features
Some of the Sites use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics and its advertising features use cookies to analyze use patterns and may collect information about your use of the Sites, including your IP address. Among the features of Google Analytics Advertising Features, we have implemented the following features:
- Remarketing with Google Analytics to create audiences of visitors of the Sites and share them with our ads accounts and offer them, as part of our campaigns on the Google Search Network and Google Display Network, relevant ads focused on the actions they took during their visits.
- Google Analytics Demographics and Interest Reporting to a) determine the distribution of the audience of the Sites by age, gender and interests, b) to improve the targeting of our advertising expenses, c) to create segments for our reports, and d) to create remarketing lists.
- Integrated services that require Google Analytics to collect data for advertising purposes, including the data collect by advertising cookies and device identifiers to maximize the benefits of these products by combining them and then sharing the data in each associated account.
- We refer you to the aforementioned section of this Policy regarding how we and our advertisers use cookies (cookies of the Sites and cookies of third parties), including cookies from Google Analytics, and how you can opt out Google Analytics Advertising Features. We encourage you to use the Google Analytics Web Deactivation Add-on for this purpose.
Clinical trial or research
In the case of a clinical trial or research the collection of personal data will always require an explicit consent in compliance with the applicable laws, regulations and guidelines and the collection, use and disclosure of such personal data will be governed by the terms provided for in the consent.
Personal data relating to children
In some instances, we may collect personal data about children for the provision of our services, such as clinical activities or for patient support programs, with the consent of his/her parent or guardian. However, we do not otherwise knowingly solicit personal data from, or market to, children. If a parent or guardian becomes aware that his or her child has provided us with personal data, he or she should contact us as described in the “How to Contact Us” section below. We will take steps to delete such information from our database in accordance with applicable legal requirements.
Consent from third parties
In some circumstances you may have provided personal data relating to other individuals (such as your spouse, family members or friends) and in such circumstances you represent and warrant that you are authorised to provide their personal data to us and you have obtained their consent for their personal data to be processed and used in the manner as set forth in this Policy.
Links to Third-Party Websites
The Sites may contain links to third parties' websites. Please note that we are not responsible for the collection, use, maintenance, sharing, or disclosure of data and information by such third parties. If you provide information directly to such sites, the privacy policy and terms of service on those sites are applicable and we are not responsible for the information processing practices or privacy policies of such sites.
4. HOW WILL PERSONAL DATA BE USED?
Sanofi and its affiliates (and any third party who may be acting on our behalf) may collect, use, transfer, disclose, and/or process your personal data, for the following purposes (“Purposes”):
- to allow us to communicate with you,including respond to your comments, requests and inquiries; to provide support for products and services; to provide you with important information, administrative information, required notices, and promotional materials; to send you news and information about our products, services, or brands and operations, educational materials on healthcare for and relevant to patients and physicians; to send you information or invitations to events, seminars, conferences, initiatives and promotions and talks which may be of interest to you; and to organise and manage professional events and congresses, including your participation in such events; to send you reminders on purchases and placements of orders for products; to request and/or remind you on scheduling of appointments;
- to carry out our business operations, including to carry out marketing and sales; to register you as a customer; to provide you with access to Sanofi’s products and services; to process and deliver your order, including to manage payments, fees and charges, and collect and recover money owed to us; to assess and respond to your comments, requests or inquiries, applications, complaints, and feedback; to keep track of our interactions and meetings, such as when you contact us for information and support; to set up, develop, use and manage validation, analytics, CRM, data repository, data input, profiling, activity management, digital marketing, data processing and reporting tools, and other processing systems;
- to provide patient support, healthcare support services, patient engagement and prescription information, including to provide, manage and administer patient support and homecare programs; and to manage claims, including insurance claims;
- to organize and manage professional events and congresses, including your participation to such events;
- to provide you access to online services, application and platforms, including to administer the Sites and keep them safe and secure; and to manage your online accounts;
- to allow us to identify or authenticate you, including to provide or verify your credentials including via passwords, password hints, security information and questions, government-issued identification, healthcare professional number;
- to personalize your experiencewhen using our services, including to ensure that our services are presented in the way that best suits you, understand your professional and personal interests in our content, products and services or other content and adapt our content to your needs and preferences, present you products and offers tailored to you;/li>
- to comply with legal or regulatory obligations, including to monitor safety; to manage and report adverse events; to carry out prevention and investigatory activities; to document and publically disclose certain transfers of value made to healthcare professionals, healthcare organisations and patient organisations; and to carry out administrative formalities, registrations, declarations and audits;
- to respond to legal requests, including from administrative and judicial authorities, in accordance with applicable laws; to comply with a subpoena, required registration, or legal process;
- to protect our rights and interests, protect the health, safety, and security of Sanofi personnel, premises and property, including to carry out internal audits, asset management, system and other business controls, manage business administration (finance and accounting, fraud monitoring and prevention), maintain the security of our services and operations, allow us to pursue available remedies or limit the damages that we may incur as necessary, protect ourselves against possible fraudulent actions;
- to improve and develop our products and services, carry out market or consumer studies, identify and analyze business and usage trend, to carry out profiling, develop content for our services, understand how you and/or your device interact with the Sites or digital tools, track and respond to safety concerns, determine the effectiveness of products and services;
- to conduct research and development, including to carry out clinical studies, registries and trials; to manage and validate the recruitment and participation of individuals in studies, trials and other operations; to analyse demographic data; to offer special programs, activities, trials, events and promotions via our services; and to carry out market and consumer studies;
- to compile statistical data on the use of our products and services, including to track the total number of visitors to each page of the Sites, how visitors navigate through the Sites and the domain names of visitor’s internet service providers for the purposes of evaluating and improving the Sites.
5. WILL PERSONAL DATA BE TRANSFERRED OUTSIDE SINGAPORE?
Sanofi may transfer your personal data to our affiliates and authorized employees, agents and third parties (which may be within or outside Singapore) for the Purposes. In particular, Sanofi may transfer your personal data to our oversea affiliate(s) where our information technology storage facilities and servers may be located. At all times, your personal data will be treated by Sanofi and our authorized employees, agents and third parties as confidential information.
Safeguards for international transfers of personal data: In cases where Sanofi needs to transfer personal data for the Purposes described above, it shall ensure that adequate safeguards, as required under applicable data protection legislation, will be implemented. In this respect and in particular, for intra-group transfers of personal data implemented for clinical studies and pharmacovigilance purposes, Sanofi has implemented and shall apply its “Binding Corporate Rules” validated by the EU Data Protection Authorities.
By accessing the Sites, providing your personal data to us and/or allowing our collection of your personal data, you consent to the transfer of your personal data out of Singapore as described herein.
6. HOW WILL PERSONAL DATA BE STORED?
Sanofi stores your personal data in secure operating environments, databases, and tools (within Singapore or in server located outside Singapore), which are only accessible to authorized Sanofi employees, agents and third parties. Sanofi undertakes to observe generally accepted industry standards and practices in the storage of your personal information.
We may also aggregate, pseudonymize or anonymize personal data to ensure that no personally identifiable information is communicated to third parties. However, please be aware that there is always some risk involved when submitting data over the Internet and that Sanofi cannot guarantee that the Sites are 100% safe from illegal tampering or “hacking.” Any data transmitted over the Internet may be at risk.
7. HOW LONG WILL PERSONAL DATA BE RETAINED?
We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
8. WHO WILL PERSONAL DATA BE SHARED WITH?
For the Purposes described above, we may disclose your personal data to the parties (within or outside Singapore) as listed below, including but not limited to: -
- Sanofi associated or affiliated companies for legitimate business purposes;
- our selected partners such as sponsors of events and conferences, and professional or accreditation bodies or organizations, associations for accreditation in your favour pursuant to your attendance at any events organized or sponsored by Sanofi;/li>
- suppliers, distributors, service providers, agents or contractors engaged by Sanofi or acting on Sanofi's behalf, who provide website hosting, payment processing, order fulfilment, information technology, system administration and related infrastructure provision, printing, billing, customer service, healthcare professional validation, email delivery, data analysis, auditing, market research, digital monitoring, marketing, advertising, brand, communication and other services./li>
- external advisors (e.g. lawyers, accountants, company secretary, auditors, insurers and brokers on a need to know basis for the purposes of providing their services or advice to us, etc.);/li>
- relevant government regulators, statutory boards or authorities or law enforcement agencies or industry regulators or any person to whom we are compelled or required to do so under law, to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority;/li>
- potential acquirers and other stakeholders in the event of potential, proposed or actual business transfer, whether in whole or in part, sale of business, disposal, acquisition, merger, spin-off, joint venture, assignment, reorganisation of Sanofi's business, assets or stock or similar transaction;/li>
- any other party to whom you authorise us to disclose your personal data to.
Sanofi may disclose aggregate, pseudonymized or anonymized data derived from personal data (but without identifiers that will disclose your identity) to third parties. Sanofi shall endeavor to cause such third parties to comply with Applicable Laws in the course of its engagement with Sanofi and require such third parties to use and protect your personal data consistent with this Policy. We will ensure that reasonable steps are taken by the above categories of parties to protect and/or maintain confidentiality of your information that we may disclose to them.
9. HOW CAN I EXERCISE MY RIGHTS?
You can exercise your rights as provided by Applicable Laws. To that end, Sanofi informs you that you are entitled:
- to apply for a copy of your personal data that Sanofi holds;
- to correct your personal data should your personal data be inaccurate, incomplete, misleading or not up-to-date;
- to limit or withdraw your consent to the processing of your personal data that Sanofi holds;
- to lodge an inquiry or complaint with our Data Protection Officer.
If you would like to exercise any of these rights, please contact us as described in the “How to Contact Us” section below and we will take necessary steps to respond as soon as possible. We may impose a fee for processing the aforesaid requests. You may also withdraw consent from receiving marketing messages about goods and services, including promotional information about Sanofi products from us by clicking on the “Unsubscribe” link provided to you in our email or text to you, however, unsubscribing will apply to direct marketing communications only as we may still need to communicate with you for other reasons, for example about your order of a product or service.
In respect of your right to access and/or correct your personal data, Sanofi has the right to refuse your requests to access and/or make any correction to your personal data for the reasons permitted under law.
10. HOW TO CONTACT US
You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner: Tel: +6037651 0800, Email: SG_Privacy.Officer@sanofi.com, Address: 38 Beach Road, #18-11 South Beach Tower, Singapore 189767.
11. ACCURACY OF DATA
We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing at the contact details provided.
12. REVISION OF POLICY
We may revise this Policy from time to time without any prior notice. The revised Policy will be available on this Site. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. We invite you to check this Policy periodically. By continuing to communicate with Sanofi, by continuing to use the Sites and/or providing your personal data to us or allowing our collection of your personal data, following the revisions to this Policy, this shall signify your acceptance of such revisions.