PRIVACY NOTICE
This privacy notice explains how we use personal data during recruitment processes.
Who is the controller of your personal information?
For the purposes of this Global Privacy Notice, Ipsen Pharma SAS, headquartered at 65, quai Georges Gorse – 92100 Boulogne-Billancourt, France, and its affiliates, are data controllers for the personal data processing described (referred to as Ipsen, we or us in this notice).
Ipsen is an international group of companies. As our headquarters are based in France, this notice is based on GDPR. For information related to Ipsen activity in your country and adherence to local privacy laws, please refer to the Privacy Notices on your country’s Ipsen website, which can be accessed via www.ipsen.com
What personal information do we collect about you?
When you apply for a job at Ipsen, we will collect the following types of personal data:
- Name and contact details, including email, phone number, home address
- Academic and professional qualifications
- Information about your skills and expertise
- Information about your work history
- Application letter, remuneration levels, and availability
- Your right to work in the country that in which the job will be located
- Details about your most recent employer and / or referees
We will record information about you on our careers systems and we will keep records of our interactions with you and notes about any interviews we carry out with you. We may also hold information about any assessments or tasks we ask you to complete during the application process. If you are successful, we will record details of your offer.
If you accept a role with Ipsen, we will then load your data onto our HR system. Before you start at Ipsen, we may complete background checks as relevant to the role. To carry out these checks we will request documents and information from you as relevant to the checking process, such as:
- identity documents e.g. identity card, passport
- evidence of academic and professional qualifications documents
- and other information relevant to the role and position in the company.
Why are we allowed to collect and use your personal information?
| Article 6 1 (f) Legitimate interests | We collect and use your personal data for our legitimate interests to process your application, to make decisions about shortlisting and to contact you during the application process. We will also share data with any third parties that may be assisting us with the recruitment process. We may ask you to complete assessments or tasks during the application process and we will keep personal data about that to help us to make a decision. |
| Article 6 1 (b) Contract | If you are offered a post, we will process your personal data to take steps to prepare for a contract with you, including: – to send you messages, information or meeting invitations before you start – to prepare and agree your contract – to make organisational arrangements for you to start at Ipsen, such as setting you up on our IT systems – to share your personal data with any third parties that work with us to provide any benefits. |
| Article 6 1 (a) Consent | We may be required to make checks on your right to work in the relevant country, by collecting documents or information from or about you. Where this is required by law, we will process this data on the basis of our legal obligations. |
| Conditions for processing – Article 9 2 (b) Employment rights | Where necessary we may need to process certain special category data, such as health, or ethnicity information during the recruitment process for a range of purposes, such as: – to check your right to work in the country – to carry out background checks on your health as relevant to your role – to make special arrangements for your interview in some countries (where permitted) we may collect ethnicity data, which we only use in aggregated form to monitor equality |
Where do we get your personal data from?
We collect personal information about you when you enter your details or upload your CV and other information about yourself when applying for a job. Ipsen also collects data about applicants from recruitment agencies and from recruitment platforms such as “LinkedIn” or other online job boards we decide to use.
With whom do we share your personal information?
Personal data related to you will only be accessed by HR, the hiring manager or other relevant managers, IT and only others who have a legitimate need to access your personal data.
Your personal information is shared with relevant staff in other entities in the Ipsen group where necessary and with third parties who process personal data on behalf of Ipsen within the scope of the purposes mentioned in this Notice.
We will ensure that the third parties we use adequately protect the information entrusted to them and these third parties will be bound by data protection contract clauses, as appropriate to our respective roles. Ipsen will only provide those companies the personal data they need to deliver the service.
We work with third parties in relation to recruitment and starting up relationships with new starters, for the following types of activity:
- recruitment agencies assisting with aspects of the recruitment process
- technology providers processing recruitment data
- background check providers
How long do we keep your personal information?
We will keep your personal data for no longer than necessary to fulfil the purpose for which it was collected and to meet any legal or regulatory provision requiring otherwise.
If you are not successful in your application, your personal data will be stored on our Careers system for two years in order to recontact you for other relevant opportunities. If you do not want us to keep your personal data in this way, please see our careers website portal for how to do this, or you can use this form.
How do we protect your personal information?
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, Ipsen and its third-party service providers have put in place appropriate physical, electronic, and organizational procedures to safeguard and secure the information we collect.
Transfer of personal data outside of your home country?
We work all over the world. Therefore, personal data may be processed, accessed, or stored in a country outside the country where you are located, which may not offer the same level of protection of personal data as your home country.
When we transfer personal data to external companies in other countries, or across our International Ipsen entities, we will protect personal data by putting in place appropriate contractual agreements. When we transfer personal data from Ipsen companies in the European Economic Area (“EEA”) to a third country without an adequacy decision from the EU Commission, we will do so on the basis of standard contractual clauses approved by the European Commission. Similarly, we will protect personal data transfers from other countries including the UK and Switzerland using appropriate contractual clauses approved by the relevant authorities in those countries.
What are your rights regarding your information?
You may have the following rights regarding your information depending on the circumstances and applicable legislation:
1. The right of access
You have the right to obtain access to the information processed by Ipsen.
2. The right to rectification
You are entitled to have your information corrected if it is inaccurate or incomplete.
3. The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for Ipsen to keep using it. This is not a general right to erasure; there are exceptions.
4. The right to restrict processing
You have rights to ‘block’ or suppress further use of your information in certain circumstances. When processing is restricted, Ipsen can still store your information, but may not use it further.
5. The right to data portability
You have rights to obtain and reuse your personal data in a structured, commonly used, and machine-readable format in certain circumstances.
6. The right to object
You have the right to object to certain types of processing, in certain circumstances.
7. The right to withdraw consent
If we are using your personal data on the basis of your consent, you have the right to withdraw that consent at any time.
Contact information
- If you would like to exercise any of these rights, please use this form.
- If you would like to ask us about how we handle your personal data, you can contact our Global Privacy team by contacting dataprivacy@ipsen.com
If you are not satisfied with how Ipsen is handling your personal data, or you think that our processing is not compliant with data protection laws you have the right to complain to the relevant data protection supervisory authority.
Ipsen’s lead authority in the EU is the Commission Nationale de l’Informatique et des Libertés (CNIL), 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, FRANCE.
Contact details for data protection authorities in other European countries can be found here:
Our Members | European Data Protection Board
For other countries, please refer to the local Ipsen website for details
V2.3s Mar 24 JBP
Related links
