MyWay App Privacy Policy
Last updated 04/04/2024
SANOFI is fully committed to the protection of Personal Data and intends to provide you with all relevant information regarding the way in which SANOFI process your Personal Data in this mobile app.
Sanofi and Regeneron are industry partners, who are committed to handling personal data in ways that respect your privacy. Both companies may independently process your personal data to manage patient support programs, including this mobile application. Please refer to Regeneron's Privacy Notice for more information regarding Regeneron’s processing of your personal data.
We advise you to check this privacy notice regularly for any changes.
Should these changes be objectively substantial and affect your rights or our obligations pertaining to the protection of Your Personal Data (and insofar as we have a means to contact you), we will notify you of the update by adequate means based on the information we may have collected.
You may download a printable (PDF) copy of this Privacy Policy here.
- What is personal data and processing?
- What personal data does this mobile app collect?
- Individual health conditions, treatment, diseases, or diagnosis;
- Use or purchase of prescribed medication;
- Bodily functions, vital signs, symptoms, or measurements of health information;
- Diagnoses or diagnostic testing, treatment, or medication;
- Precise location information that could reasonably indicate a resident’s attempt to acquire or receive health services or supplies; and
- Any inferences of the above categories of health data derived or extrapolated from nonhealthy information.
- For what purpose does this app collect personal data?
- Conduct research and development: carry out clinical studies, registries, and trials; perform observational studies and exploratory data analysis; manage and validate the recruitment and participation of individuals to studies, trials and other operations.
- Analyse socio-demographic and health data to better support patient management, understand triggers, next best actions and tips to improve quality of life without being limited to those
- Offer special programs, activities, trials, events or communications via our services; carry out market or consumer studies.
- What is the legal basis for the processing of your personal data in this app?
- How long is the personal data collected on this app retained?
- From what sources does the platform collect your personal data?
- Who has access to your personal data?
- Other entities of the SANOFI's GROUP
- SANOFI’s Collaborators (Such as Regeneron Pharmaceuticals)
- Providers of health-related services
- Third-party health APPs
- Health Insurance companies
- Providers of information related to air quality
- SANOFI's Partners, including BrightInsight as developer of the App and hosting service provider for your Personal Data, which may in this respect act as Joint Controller with SANOFI. Where such internal or external transfer of Personal Data implies the transfer of your Personal Data to a country providing a lower level of protection to Personal Data than generally afforded in your jurisdiction, SANOFI will ensure that a sufficient level of protection is provided to your Personal Data by implementing adequate safeguards such as the European Standard Contractual Clauses, the SANOFI Binding Corporate Rules or asking for your prior explicit consent.
- Your rights: Sanofi will ensure that you can exercise your rights pertaining to your personal data
- Other disclosures
-
Washington & Nevada My Health My Data Act Disclosures. This section only applies to Consumers as the term “Consumer” is defined by the Washington My Health My Data Act and the Nevada My Health My Data Act, respectively. Terms used in this section that have defined meanings under the Washington My Health My Data Act or the Nevada My Health My Data Act shall have the meanings afforded to them in those statutes as this section applies to Consumers of those states. We Collect and Share the categories of data in Section B above for the purposes and in the manners listed in Section C:
We Collect these categories of Consumer Health Data from the sources listed in Section E, and we Share these categories of Consumer Health Data with the categories of entities listed in Section H, including our affiliates. Consumers may exercise their data subject rights, including obtaining access to and requesting changes to their Consumer Health Data, under the Washington My Health My Data Act and the Nevada My Health My Data Act by contacting us via the methods listed in Section I.
We limit Third Party Collection of Consumer Health Data over time. We do this by ensuring that entities whose cookies, pixels, and other online trackers we use on our websites and online services are our Vendors under applicable U.S. Privacy Laws and under the Washington and Nevada My Health My Data Acts. Nonetheless, please note that Third Parties may still be able to Collect Consumer Health Data from you over time and across different websites depending on your browser, browser add-ons, and associated permissions you set on your device.
-
Privacy Notice for Nevada Residents. To the extent we collect Covered Information as defined by Nevada law, the categories of Covered Information we collect are listed in Section C. We do not Sell Covered Information as defined under Nevada law, and we generally do not disclose or share Personal Information as defined under Nevada law for commercial purposes. Under Nevada law, you have the right to direct us to not sell your Covered Information to third parties. To exercise this right, if applicable, you or your authorized representative may contact us at the BrightInsight Privacy Office online or by calling 1-888-208-0406 or by email at privacy@brightinsight.com
- How to contact us
What is personal data and processing?
For the purposes of this privacy notice, Personal Data is any information relating to an identified or identifiable natural person, processed by SANOFI in connection with the objectives and purposes defined in this notice — it can be any information that relates to an individual.
Some examples of personal data:
Basic identification information such as your name or date of birth
Information that can be attributed to you directly or indirectly — such as a post on a social media
Information which can be associated to you or your device such as, for instance, an IP address (i.e., the network address of your machine)
The notion of “processing” designates any action that is undertaken on your Personal Data such as, for instance:
Collection
Storage
Access
Analysis
Deletion
What personal data does this mobile app collect?
When operating, this app may collect the following categories of Personal Data:
Identification data: Any information which allows your identification, whether directly or indirectly such as your name or contact details (address, email address, Date of Birth)
Messages: You may send us inquiries using this app. You can contact us directly through the app by clicking on "Contact Us" or by email.
Connection data: Any information regarding your connection, use and access to this app (e.g. type of machine and browser used, timestamp of your connection, IP address, pages visited, etc.), browsing history.
Note: In some regions, countries, or U.S. states, you may have the right to opt out of such tracking. Please see the sections below, “Your Rights” and “Contact Us,” if you wish to exercise such rights.
Location data: Information that may be provided by your machine and browser about your location if you allow such information to be shared with SANOFI.
You have three options. You can choose which option suits you best.
Option 1: You enable tracking through your mobile phone.
Option 2: You indicate a city.
Option 3: You do not wish to share any location data.
Your location enables us to provide you with information relevant to your location, for example information regarding pollen, air pollution etc. You can modify your choice at any time on your device settings or in the app.
SANOFI may process
the below categories of health data, and process such categories of health data for the purposes and in the manners described below:
SANOFI will only process such categories of Personal Data which qualify as “sensitive” Personal Data or “special categories” of Personal Data if duly permitted under applicable data protection laws. In particular, SANOFI will only process such information it has obtained your prior explicit and specific consent to do so.
The collection of a certain number of personal data is mandatory to use the app or specific features. If you do not wish to provide this personal data, these features may not be available to you.
SANOFI will not knowingly collect or process Personal Information of minors.
For what purpose does this app collect personal data?
Any processing of Personal Data must be implemented for a defined purpose. In this respect, the collection and processing of Personal Data in this app is conducted for the following purposes:
To allow you to navigate through this app
To identify you and to provide you with access to the app and its services: to manage your online account and profile according to the information you provide.
To provide patient support: healthcare support services, patient engagement and prescription information; claims management, including insurance claims.
Developing de-identified aggregated reports, analysis, charts, tables, infographics in order to:
To personalize your browsing experience: when using our services; ensure that our services are presented in the way that best suits you and tailored to your preferences, and that you get tailored information based on the information you have provided, to implement product development and improvement (e.g. process optimization, study design, program design).
To improve our products and services: identify usage trends and develop new products and services; understand how you and your device interacts with our services; track and respond to safety concerns; determine the effectiveness of our promotional campaigns, conduct surveys.
To allow us to communicate with you: respond to your requests or inquiries; provide support for services; provide you with important information, administrative information and required notices and promotional materials; send you news and information about our products, our services, our brands, our operations.
SANOFI will not Sell Personal Information to Third Parties or Process Personal Information for purposes of Targeted Advertising or Profiling in furtherance of decisions that produce legal or similarly significant effects concerning a Consumer, as the terms “Sell,” “Process,” “Targeted Advertising,” and “Profiling” are defined in the U.S. Privacy Laws. California residents also have the right to limit the use of your Sensitive Personal Information to the purposes authorized by the CCPA.
What is the legal basis for the processing of your personal data in this app?
Your Personal Data is only processed on the basis of:
Your prior consent: where you have clearly expressed your approval of SANOFI’s processing of your Personal Data: In practice, this will generally mean that SANOFI will ask you to sign a document, or to fill in an online “opt-in” form or to follow any relevant procedure to allow you to be fully informed and then either clearly accept or refuse the envisaged Personal Data processing.
Your prior consent is required to use the services of the app involving your health data. Full access to the app is subject to your prior consent. SANOFI may request to renew your consent at least once a year.
A contractual relationship between you and SANOFI. In such case, the processing of your Personal Data is generally necessary to the execution or the performance of the contract (such as your email address, first name and last name); this means that if you do not wish SANOFI to process your Personal Data in that context, you may not create a user account on the APP and SANOFI will not be able to provide the products or services covered in this contract.
The “legitimate interest”: of SANOFI in the sense of applicable data protection law. In such a case, SANOFI shall consider your fundamental rights and interests in determining whether the processing is legitimate and lawful legal obligations applicable to SANOFI’s activities; for instance, SANOFI is required to implement pharmacovigilance procedures to monitor adverse effects of marketed products, which generally involves the collection and retention of Personal Data. Your personal data may also be processed to improve SANOFI 's products and services and to offer you the best navigating experience while using the app (your communications with us, your connection data).
How long is the personal data collected on this app retained?
The Personal Data collected on this app will be retained for an adequate period of time depending on the purposes of the processing.
The data used for your authentication: such as your email address, history and identification will be deidentified. If you delete your account. Some of your data may be aggregated and deidentified in the objective to improve the functionalities and the relevance of the app.
If you withdraw your consent, your data will be deleted except for the data required to store your withdrawal choice.
Logs and tracking: will be stored for six months from their collection.
The data related to appointment scheduling will be stored for three months after their collection and be permanently deleted.
The data related to your health will be kept for a maximum of 5 years after their collection. If you delete the app before this period, your data will be archived for this period. In the event SANOFI processes your health data for conducting research, your health data will be anonymized as soon as the research purpose allows it.
The data related to your messages or enquiries will be stored for one year after we respond and then be permanently deleted.
The location data will be deleted anytime you disable the localization on your device.
From what sources does the platform collect your personal data?
Personal Data processed by the Platform is collected through different channels.
You, when you voluntarily deliver your personal data directly into the mobile application, or your personal data you previously provided to the third party we have engaged to assist in your enrollment in the My Way Program.
Who has access to your personal data?
Sanofi may give access to your personal data internally only where it is strictly necessary.
Sanofi may transfer your personal data to third party such as:
Your rights: Sanofi will ensure that you can exercise your rights pertaining to your personal data
You may have rights under applicable data protection laws.
To that end, SANOFI informs you that you may be entitled:
To have access: upon simple request to your Personal Data – in which case you may receive a copy of such data (if requested), unless such data is made directly available to you, for instance within your personal account
To obtain a rectification: of your Personal Data should your Personal Data be inaccurate, incomplete or obsolete
To obtain the deletion: of your Personal Data in the situations set forth by applicable data protection law (‘right to be forgotten’)
To withdraw your consent to the processing of your Personal Data processing: without affecting the lawfulness of processing, where your Personal Data has been collected and processed on the basis of your consent. You can withdraw your consent at any time on your profile.
To object to the processing of your Personal Data: where your Personal Data has been collected and processed on the basis of legitimate interests of SANOFI, in which case you will need to justify your request by explaining to us your particular situation. Your objection request may be rejected if SANOFI demonstrates that its compelling legitimate interest pursued for this processing overrides your interests or fundamental rights and freedoms.
To request a limitation: of the processing of Personal Data processing in the situations set forth by applicable data protection law.
To receive your Personal Data for transmission: from SANOFI or to have your Personal Data directly transferred by SANOFI to the third-party of your choice, where technically feasible (data portability right allowed only where the processing is based on your consent or the execution of a contract).
For French residents, you have the right to define specific instructions concerning the retention, erasure and disclosure of your personal data after your death.
You can exercise your rights directly through the app in the “Settings” section or by clicking on the following link: BrightInsight Privacy Office online or by phone at 1-888-208-0406, or by email at privacy@brightinsight.com
BrightInsight will need to authenticate you in order to comply with your data subject request, so have your app login credentials to submit such request. in order to comply with your data subject request. In some instances, Sanofi may decline to honor your request if an exception applies under applicable law. BrightInsight will respond to your request consistent with applicable law.
You may have the right to appeal Sanofi’s decision on your data subject request. To do so, you may contact the Brightinsight Privacy Office online or by calling 1-888-208-0406 or by email at privacy@brightinsight.com. Please enclose a copy of or otherwise specifically reference Sanofi’s decision on your data subject request, so that Sanofi may adequately address your appeal. Sanofi or BrightInsight on behalf of Sanofi will respond to your appeal in accordance with applicable law.
For more information on exercising your data subject rights with Regeneron, please visit the Regeneron privacy notice.
We will take necessary steps to respond as soon as possible.
You may also file a complaint before a competent data protection authority regarding the processing of your Personal Data.
Other disclosures
How to contact us
You can ask any further questions related to this privacy notice and how BrightInsight processes your personal data directly through the app on the section "Contact Us" or by clicking the following link.