Who we are. 

We are OPELLA HEALTHCARE GROUP SAS (“Opella”, “we”, “us” or “Controller”), a public company with registered office at 157 Avenue Charles De Gaulle 92200 Neuilly-sur-Seine (France). We are responsible for the collection and use of your Personal Data, as described in this Privacy Notice and according to applicable data protection laws. 

Your Personal Data (or Data) is any information that is about you, or is related to you and used to learn, evaluate, or decide something about you. 

We are committed to protecting your privacy and using your Personal Data in respectful, transparent, and secure ways.

What Data we collect about you. 

When you visit and interact with this Website, we collect: 

  • Device and equipment information, such as the IP address, device type, unique device identification number, browser type, operating system, broad geographic location (e.g., country or area), and other technical information; 
  • Preferences and behavioral information such as the contents accessed, the links clicked, dates and times of connection, personalized settings and choices, including but not limited to preferences about language and cookies; 

How we collect your Data. 

We collect your Data through automated tools or tracking technologies, when you interact with this Website. 

For further details on how we use tracking technologies on this Website please refer to the Cookie Notice.

Why we use your Data.   

Your Data is collected and processed to fulfill our legitimate interests to: 

  • develop and operate our digital platforms and tools;
  • protect our staff, visitors, assets and information;
  • develop and improve our products and services;
  • establish, exercise or defend our legal rights;


when, for example, to:

  • improve the structure and content of this Website;
  • provide you with a better browsing experience by optimizing content for your device;
  • detect possible security threats to this Website; or
  • detect possible violations of this Website's legal terms.


Your Personal Data may also be processed to fulfill our legal, regulatory, ethical and compliance obligations, for example:

  • to respond to subpoenas, court orders, or other legal requests from government authorities;
  • to allow for compliance with data protection laws.

Who can access your Data.

Only authorized recipients have access to your Personal Data to conduct one of the activities described above. Such recipients include: 

  • our employees and staff;
  • other affiliates in our group;   
  • our partners such as service providers or vendors acting upon our instructions for website hosting and/or data analysis; 
  • regulatory bodies, public authorities, courts, and law enforcement bodies.

When required by law, we enter into contractual agreements with these recipients so that they agree to provide adequate protection measures, not to use the Data for purposes other than those described in this Privacy Notice and cooperate with us to ensure that your rights are exercised.

Where is your Data processed.

We are part of a multinational group with employees, affiliates, partners and subcontractors located around the world. Consequently, your Data may be processed and accessed in countries where different data protection laws apply. 

 

When Personal Data is transferred to or accessed in other countries, we ensure that the laws in force in the recipient's country provide adequate protection. If this condition is not met, we commit to adopting one of the mechanisms provided by law to ensure the appropriate protection of the Personal Data in the destination country. This includes, for example, the adoption of the European Commission’s Standard Contractual Clauses. 

How long we keep your Data. 

Your Data will be kept, in accordance with applicable laws and regulations, for a period not exceeding the time necessary to achieve the purposes for which it was collected. The criteria for determining the retention period of the Personal Data consider the period of permitted processing (for all the relevant purposes), applicable regulations affecting the minimum or maximum retention period (if any), limitation of rights, and legal bases for processing.

How we protect your Data. 

While we strive to protect your Personal Data, no Data transmission or storage can be guaranteed as 100% secure. To protect your Data we implemented a variety of technical and organizational measures aimed at mitigating the risk that such Data is leaked, lost, or used for unauthorized purposes. 

These measures consider the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons.

If a security incident occurs and affects your Personal Data, we will take reasonable actions to further mitigate possible impacts on you. When the incident is likely to result in serious harm this may include a notification to you or to competent authorities when necessary. 

Children Data.

Our Website is not intended for children under the age of 13. If you’re under 13, do not use this Website. 

We neither knowingly solicit Data from, nor target, children. If you’re a parent or guardian and you’re aware that your child has provided us with his/her Data, please contact us. We’ll take the necessary steps to delete such Data. 

Your rights. 

You are entitled to: 

have access to, and receive a copy of your Data; 

  • obtain the rectification of your Data, should it be inaccurate, incomplete, or obsolete;
  • obtain the deletion of your Data in situations set forth by applicable data protection laws (“right to be forgotten”);
  • withdraw your consent to data processing at any time, without affecting the lawfulness of processing, where your Data has been collected and processed on the basis of your consent;
  • object to the processing of your Data, where it has been collected and processed on the basis of our legitimate interests;
  • request a limitation of data processing activities, in the situations set forth by applicable laws;
  • request that some of the Data you provided to us is brought to you, or to another Controller, in a commonly used, machine-readable format;


If you want to exercise any of these rights, contact us

You are also entitled to lodge a complaint with your local Data Protection Authority.

Contact us.

If you have a question, want to exercise your rights or simply want to know more, you can use this online form

Alternatively, you can email us at Opella-Privacy-Office@sanofi.com or send a letter to the following address: 

OPELLA HEALTHCARE GROUP SAS 
Attn. “Opella Privacy Office” 
157 AVENUE CHARLES DE GAULLE 
92200 NEUILLY-SUR-SEINE (FRANCE)

Changes to this Privacy Notice.

We may update this Privacy Notice periodically to reflect changes in the law or our practices. We encourage you to check this page periodically.