Ipsen UK and Ireland Privacy Notice
This Privacy Notice describes how we manage personal data for visitors to our UK and Ireland sites. Ipsen Ltd, Ipsen Biopharm Ltd, Sterix Ltd and Ipsen Bioinnovation Ltd in the UK and Ipsen Pharmaceuticals Ltd and Ipsen Manufacturing Ltd in Ireland (together “Ipsen”), are the data controllers in relation to the activities in this privacy notice.
Ipsen is the Data Controller of all Personal Data processed in accordance with this Privacy Information. Ipsen processes personal information in accordance with the EU/UK GDPR and all applicable data protection laws.
Scope of General Privacy Notice
This General Privacy Notice applies to all personal data processed by Ipsen in relation to:
- Ipsen Business Operations.
- Ipsen Services and third-party services commissioned by Ipsen.
- Ipsen Research programmes, surveys, patient support programmes and other healthcare support programmes.
- Ipsen funded webinars, seminars, events.
- Ipsen information, news and marketing communications, including media relations, digital media and social media interactions.
- Healthcare professional, Healthcare organisation and patient organisation engagements.
- Individuals and Organisations who communicate, engage or interact with Ipsen in relation to Ipsen business opportunities, commercial contracting, other engagements, sponsorship, grants, donations, products or services.
Ipsen supplements this General Privacy Notice with additional information for specific categories of personal data. As such, individuals in the following categories should read the additional detailed information. To the extent where there is any conflict between the main body of this General Data Privacy Notice and any additional information, the additional information will take precedence.
The Type of Personal Information We Collect
The personal information we collect depends on the relationships and interactions with you. If you chose not to provide your information it may restrict our relationship and services available to you.
We collect the following information:
- Contact and Identification Information such as your name, email address, personal address, country, phone number and emergency contact information. Information for your next of kin, parent or legal guardian if you are a minor or have additional representation. Your marketing preferences and whether you would like to receive information from Ipsen or contact Ipsen. Some of this information may be mandatory. We will identify what information is mandatory and what information is optional.
- Biographical and demographic information (where necessary and depending on your relationship with Ipsen) such as your date of birth, age, gender, ethnicity, marital status and gender.
- Product Safety, Product Quality and safety-related information to clinical products and treatments.
- Financial Information and transactional data such as banking information, billing information, invoicing and payment related data.
- Professional Information such as CV, online professional profiles, professional registrations from third party sites and institutions.
- Usernames and Passwords and personal data you disclose to us or which you may use in connection with our websites, mobile apps, systems and technology.
- Registration Information for Ipsen supported meetings, programmes and events.
- Digital Images, Photographs and Social Media Handle.
- Digital or Electronic signature.
- Technical and digital footprint data. In the normal course of their operations, websites, information systems and software used by Ipsen collects personal data of individuals whose transmission is implicit when internet communication protocols are used. Such data includes IP address, the type of browser used, the operating system, the domain name and address of websites from or to which it is accessed, information about the pages visited by users on the web, access time and time spent on each page, analysis of the internal path and other parameters relating to the user’s operating system and IT environment. Such technical/IT data is collected and used exclusively in an aggregated and anonymous form and may be used to determine liability in the event of alleged IT or electronic crimes that cause damage to the Website. For further information on cookies, please refer to our cookies policy.
How we get the Personal Information
Ipsen receives personal information, directly and indirectly, from various sources in the normal course of business:
- Organisations and individuals who interact with or provide services for or on behalf of Ipsen.
- Healthcare professionals, healthcare organisations and patient organisations.
- Clinical Research subjects, patients, representatives, legal guardians and relatives.
- Individuals who communicate quality, safety or adverse event information.
- Individuals using websites, apps, tools and software and IT hardware and systems supported by Ipsen.
- Government organisations, institutions and agencies, public records and NHS representatives.
- Industry groups and associations, collaborators and committees.
- Organisations and companies who provide services to and for Ipsen.
- Publicly available sources, included information on websites, social media channels, public forums, journals, publications and other third party sources.
Purposes and Legal Basis of Data Processing and Personal Information Collection
Ipsen processes your personal data for the following purposes:
- To provide services and support in respect of your contracts, relationships and interactions with Ipsen and to personalize your experience.
- To provide you with information, documents and assistance.
- To provide you with marketing materials in accordance with applicable laws.
- To report on the quality and product safety in order to fulfil our legal obligations.
- To conduct research and analysis to improve our services.
- To prevent and detect fraud, unauthorized access, and/or other misuse of Ipsen technology. To investigate and take action regarding suspected illegal activities, fraud, or violations of our terms of services and agreements.
- To fulfil any legal obligation and maintain accurate record keeping.
Ipsen processes personal data where there is a legal ground to do this. Legal grounds for the processing of data includes:
- You have provided your consent. You are able to remove your consent at any time. You can do this by contacting dataprivacy@ipsen.com.
- We have a contractual obligation.
- We have a legal obligation.
- We have a legitimate interest.
We invite individuals in the below categories to read further as to how their personal information is used at Ipsen.
- Safety, Quality and Medical Information
- Healthcare Professional, Healthcare Organisation and Patient Organisation
- Website and Ipsen Technology User
- Ipsen Site Visitor
- Suppliers, Customers and Service Provider
- Job Applicant
- Industry Stakeholder
Personal Data Recipients
In addition to the specific usual business processing, explained in this notice, Ipsen may need to share your personal data with the following authorised third parties for the following reasons:
- Ipsen and its affiliates for business operations and efficiency in the normal course of business.
- Selected suppliers, service providers or vendors to deliver or provide services to and for Ipsen. This may include the transfer of personal data to third party platforms, providers and networks. For the purposes of this website, service providers act upon Ipsen’s instructions for website hosting, data analysis, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, auditing, etc.
- Legal or administrative authorities and third parties: as required by applicable laws (including laws outside your country of residence), to comply with legal obligations, regulations, and government department requests, to investigate, detect, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of the terms of service and other agreements.
- To Public Health Authorities and Regulators for quality assurance and / or product safety and adverse event reporting and to comply with the industry Code of Conduct, including transfer of value disclosure for healthcare professionals and the public disclosure of such data.
- Potential acquirers and other stakeholders in the event of a merger, legal restructuring operation such as, acquisition, joint venture, assignment, spin-off or divestiture.
In any case, Ipsen will require that such third parties:
- Commit to comply with data protection laws and the principles of this notice.
- Will only process the personal data for the purposes described in this notice.
- Implement appropriate technical and organisational security measures designed to protect the integrity and confidentiality of your personal data.
International Personal Data Transfers
Ipsen is a global biopharmaceutical group with affiliates, partners and subcontractors located in many countries around the world.
For that reason, Ipsen may need to transfer your personal data to other countries, including to outside the UK, EU or outside the European Economic Area, in countries which may not be regarded as providing the same level of protection as the UK and EU. In cases that Ipsen needs to transfer personal data outside the UK, EU or outside the European Union, we shall ensure that adequate safeguards, as required under applicable data protection legislation, will be implemented (including, notably, Standard Contractual Clauses, as applicable).
Retention of Personal Data
Your personal information is securely stored. We will retain the personal information for the period of time described to you at the time of the processing or for as long as reasonably necessary to fulfil the purpose of the processing, in order to meet our operational needs and to comply with legislative requirements for retention in line with Ipsen’s Retention and Archiving guidance.
Your Data Protection Rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
- You are not required to pay any charge for exercising your rights.
Please contact us at dataprivacy@ipsen.com, if you wish to make a request.
Cookie Preferences
You may opt out by adjusting your cookie settings. For further information read the Cookie policy on our website.
Browser Settings
You can adjust your browser settings to block cookies or notify you when a cookie is set; you can also delete cookies. The toolbar on most browsers will enable you to prevent your device from accepting new cookies, and to notify you when you receive a new cookie, or how to delete cookies. Visitors who disable cookies will be able to browse Ipsen websites, however some features may not function.
Links and Redirect to External Sites
Ipsen materials, may contain links to reference materials of third parties which are not operated or controlled by Ipsen. This Privacy Notice does not apply to materials accessible from those links.
Social Media Functionality
To make it possible to incorporate Social Network functions directly within the Website (e.g. the “Like” function on Facebook, the “Follow” function on Twitter), some tools to enable Social media plug-ins might be present on this Website.
All the Social plug-ins are marked by the respective social network logo.
When you interact with a plug-in present on the Website (e.g. by clicking the “Like” button) or leave a comment, the corresponding information is sent by the browser directly to the social network platform (in this example, Facebook) and memorised by it.
Please consult the privacy policy of the social network if you would like to have more information about the purpose, type and method of personal data collection, processing, utilisation and storage by the social network platform as well as for details of how to exercise your rights.
At this moment no social plug-ins are present on the Website.
Links From/ToThird Party Websites
From the Website, you may be able to use links to go to other websites, you may also be directed to the Website by third parties.
The Data Controller declines all responsibility for any requests for and/or granting of personal data to third party websites and in relation to management of the authentication credentials issued by third party entities.
You should review the privacy policies of any third-party site before providing any information.
Cookies and Technologies
This Website uses Cookies and similar technologies (“Cookies”), including third-party cookies.
Cookies are small data files which are placed on your computer, smartphone or other device for functionality purposes. Cookies are generally stored on the hard disk of your device whilst you have access to the relevant website or technology.
When you enter the Website, you can:
- Accept the use of Cookies; or
- Refuse the use of Cookies; or
- Set your Cookies preference.
Please consult Ipsen’s Cookies Policy for more information.
Contact Information / How to Complain
If you have any questions, complaints or comments about the handling of your personal data or information contained in this Privacy Notice, please email Ipsen’s Data Protection Officer at: dataprivacy@ipsen.com.
If you are an individual from the UK, you can also complain to the ICO if you are unhappy with how we have used your data.
The UK ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
The Irish Data Protection Commission’s address is:
Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
DO2 RD28
Ireland
Telephone: 017650100 / 1800437 737
DPC website: https://www.dataprotection.ie
Changes to the Privacy Notice
Ipsen reserves the right to update this Privacy Notice from time to time. If Ipsen materially changes how we intend to use and process your information previously gathered, we shall not do this without informing you.
CRSC-GB-000086
November 2023