Patient organizations and industry stakeholders


This privacy notice explains how we use personal data related to the people we work with in Patient Organizations and that of other key industry stakeholders (referred to as ‘you’ or ‘your’ in this notice).

Who is the controller of your personal information?

For the purposes of this Global Privacy Notice, Ipsen Pharma SAS, headquartered at 65, quai Georges Gorse – 92100 Boulogne-Billancourt, France, and its affiliates, are data controllers for the personal data processing described (referred to as Ipsen, we or us in these notices).

For the purposes of this Global Privacy Notice, Ipsen Pharma SAS, headquartered at 65, quai Georges Gorse – 92100 Boulogne-Billancourt, France, and its affiliates, are data controllers for the personal data processing described (referred to as Ipsen, we or us in these notices).

Ipsen is an international group of companies. As our headquarters are based in France, this notice is based on GDPR. For information related to Ipsen activity in your country and adherence to local privacy laws, please refer to the Privacy Notices on your country’s Ipsen website, which can be accessed via

What personal information do we collect about you?

We hold the following types of information about you, depending on the work we are doing:

  • Name, email address, telephone numbers
  • Organisation, role, business contact details
  • Information about your activities with Ipsen
  • Interests and professional activities (such as, your professional position and background, event activities, publications, media and social media activities, links to other organisations)
  • Filming, photographs or recordings

Why are we allowed to collect and use your personal information?

Article 6 1 (f) Legitimate interestsWe will only use your personal data for specific purposes as needed to support our activities and in our legitimate interests related to stakeholder engagement including:
– Identifying key stakeholders
– Understanding your interests and where these relate to Ipsen’s work
– Managing our activities with you

For our work with Patient Organisations, we will keep your information on a central database to ensure long term and consistent ways of working between Ipsen and Patient Organisations. Keeping track of our data will facilitate any handover changes and continuity within our projects and collaborations, as well as providing transparency in ongoing projects and activities.
Article 6 1 (a) ConsentWhere appropriate, when you take part in activity that involves individual filming or testimonials, we will ask for your consent.

Where do we get your personal data from?

Some information is collected directly from you, but we also collect data from public sources such as websites or social media, and from third parties such as consultancy companies.

With whom do we share your personal information?

Information related to you will only be accessed by employees at Ipsen with a relevant and tangible need to see your information. Information related to you may also be made available to other entities within the Ipsen group of companies where this is relevant to our work. We will also potentially, as necessary share data with third parties who work with Ipsen to support our activities, for example, Public Affairs or Healthcare PR consultancies, or other partners with whom we are working on specific projects. These third parties are obliged to protect the security and confidentiality of any personal data and comply with data protection legislation.

How long do we keep your personal information?

We will only retain your information in order to meet our operational needs and to comply with legislative requirements for retention in line with Ipsen’s retention policies.

How do we protect your personal information?

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, Ipsen and its third-party service providers have put in place appropriate physical, electronic, and organizational procedures to safeguard and secure the information we collect.

Transfer of personal data outside of your home country?

We work all over the world. Therefore, personal data may be processed, accessed, or stored in a country outside the country where you are located, which may not offer the same level of protection of personal data as your home country.

When we transfer personal data to external companies in other countries, or across our International Ipsen entities, we will protect personal data by putting in place appropriate contractual agreements. When we transfer personal data from Ipsen companies in the European Economic Area (“EEA”) to a third country without an adequacy decision from the EU Commission, we will do so on the basis of standard contractual clauses approved by the European Commission. Similarly, we will protect personal data transfers from other countries including the UK and Switzerland using appropriate contractual clauses approved by the relevant authorities in those countries.

What are your rights regarding your information?

You may have the following rights regarding your information depending on the circumstances and applicable legislation:

Alert Icon

Contact information

  • If you would like to exercise any of these rights, please use this form.

  • If you would like to ask us about how we handle your personal data, you can contact our Global Privacy team by contacting

If you are not satisfied with how Ipsen is handling your personal data, or you think that our processing is not compliant with data protection laws you have the right to complain to the relevant data protection supervisory authority.

Ipsen’s lead authority in the EU is the Commission Nationale de l’Informatique et des Libertés (CNIL), 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, FRANCE.

Contact details for data protection authorities in other European countries can be found here:

Our Members | European Data Protection Board (

For other countries, please refer to the local Ipsen website for details.

Alert Icon

V2.0s Mar 24 GPOS