Privacy Policy

25 January 2019




Pledge on privacy


Lupin Ltd. (Lupin) endeavors to ensure and maintain the privacy and security of all Personal Data of users collected or retrieved through the use of this website. This Privacy Policy outlines the different types of Personal Data that may be collected by the use of this website, how the Personal Data may be collected, used or shared, steps taken by Lupin to protect Personal Data and the choices users have in terms of the use of their Personal Data collected through the use of this website.


In this Privacy Policy, “Personal Data” refers to any information which can lead to the identification of an individual (such as a user or patient, whether directly or indirectly, and includes, but is not limited to, name, date of birth, telephone number or address (physical, mailing and/or email)). LUPIN operates this website in accordance with online privacy practices that are consistent with the European Union (“EU”) General Data Protection Regulation 2016/679 (“GDPR”), which may differ from privacy laws outside the EU. By using this website, and by submitting Personal Data directly or indirectly through using this website, users acknowledge that Lupin may transfer any collected Personal Data to any affiliate or processor in a country within or outside the European Economic Area (“EEA”), as well as the use of Personal Data in accordance with GDPR. LUPIN operates this website with online privacy practices that are consistent with the European Union (“EU”) General Data Protection Regulation 2016/679 (“GDPR”), which may differ from privacy laws outside the EU. By using Lupin websites, and by submitting Personal Data directly or indirectly through using the Lupin websites, users acknowledge that Lupin may transfer any collected Personal Data to any affiliate or processor in a country within or outside the European Economic Area (“EEA”), as well as the use of Personal Data in accordance with GDPR.


This Privacy Policy applies to this website. Lupin neither endorses nor is responsible for the content and use of Personal Data collected by third-party websites which may be accessed via links from this website. Users who access third-party websites via a link from this website are advised to review the privacy policies of such sites before using or providing Personal Data to such sites.


This Privacy Policy may change, and users are responsible to check this page regularly with repeated use of this website as continued use following published updates or changes indicates user acceptance of updated or changed terms.



How and why Personal Information are collected and processed


The main purpose of this website is to provide users with information and documents offered and to allow users to report adverse events or possible adverse events. Personal Information that may directly identify users may be collected by means of requests for users to provide data like name, contact information or any other information that may enable Lupin to identify users directly. Personal Data may be collected that may identify users indirectly by identifying the specific device used to access this website, regardless of the device used.


Personal Data collected are processed for various reasons. These processing activities, the respective category of Personal Data processed and the legal basis of processing for each activity are outlined below:


Respond to user requests or inquiries:


  1. Personal Data are collected when users submit requests for Medical Information, to receive information about a specific product, or to order delivery of Patient Alert cards. The information volunteered by the user in these instances may be used to respond to solicited requests, inquiries or orders. Depending on the activity, Lupin may collect contact information like name, address (both mailing and email), telephone number, specialty, preferences (when requesting product or Medical Information) and any additional information users may provide voluntarily. The lawful bases for collecting and processing such Personal Data include user consent and Lupin’s legitimate interests (such as to improve its products and materials).
  2. Track and monitor various activities related to pharmacovigilance, including adverse events:
    Personal Data that are related to adverse events and pharmacovigilance are collected in accordance with Lupin’s legal obligations, and will be used to detect, assess, understand and prevent adverse events or other problems related to Lupin medicines. This information may also be used for reporting to regulatory authorities and to improve Lupin’s products and materials.
  3. Personalize user experience:
    Lupin may collect Personal Data that may include your preferences and a history of past interaction with this website to personalize current and future user experiences. This may include information about user contact and product preferences, language and demographic data and marketing preferences. Information may either be collected automatically and as a result of using this website, in which case Personal Data is collected and processed for legitimate business interests, or voluntarily following unsolicited requests by LUPIN website users, in which case the volunteering of information confirms user consent.
  4. Maintain this LUPIN website:
    Some information, like user IP Addresses, geographical location or resources accessed, may be collected automatically for legitimate business interest like securing this website, network systems and other assets.
  5. Perform website analytics and to measure website performance:
    Within the legal framework, Lupin may combine Personal Data provided by users directly with other information that may have been collected directly or indirectly through the use of this website or by any other means, including offline records and information received from third parties. See section on Cookies and other Web Trackers in this Privacy Policy.


Some pages on this website require that users share Personal Data to continue using the relevant pages, including ordering of educational material and Patient Alert cards, requests to be contacted, surveys and sharing of content electronically. Lupin collects Personal Data only when users volunteer this information, and therefore relevant pages are only available to users who voluntarily provide this information. Any Personal Data shared voluntarily are governed by this Privacy Policy.



Cookies and other web trackers


This website may collect user information that does not directly identify users, but may match a specific user identity, or link a user to a specific device. This information provides insights into how this website is used to improve and manage the administration of the sites. This information may also be used to personalize user experiences, based information on interests and preferences collected through the use of this website. The collection of this information is mostly automated, though some jurisdictions require user consent before collecting or using this type of information. Please refer to individual section below for more information on Cookies and other Web Trackers.


  • Cookies:
    As described above, this website may use “cookies”, which are small data files placed on user computer hard drives by websites. These Cookies allow the tracking of repeat visits to this website by individual users, and to automatically recall information previously shared by a specific user. Cookies are either placed on your computer by Lupin, or by Lupin third party vendors like those providing web analytic or advertising services.
  • Web Beacons:
    Web beacons are being used on certain Lupin web pages or in emails to track whether emails sent by Lupin are opened and acted upon. This technology may also be used to measure the number of visitors using this website, or how many users use certain key functionalities on this website. This information is useful to analyze the effectiveness of this website.
  • Social Plugins:
    This website may use social plugins, for instance like the Facebook “Like” button. These plugins allow users to share information with others directly from this website. These third-party vendors operating these social plugins may place a cookie on users using these plugin’s computers to enable to recognize users who previously visited this website. If users previously logged onto the relevant social media platform or website (like Facebook in this example) prior to browsing this website, the plugin used on this website may, regardless of user interaction with plugins on this website (i.e. clicking “Like” button) allow the specific social media website to receive the described information about these users. The information collected by these social media plugins allows the particular social media websites to share collected information about user activities on this website with other users of the same social media website. Please refer to specific social media website’s privacy policies for further information about the information shared via specific social media plugins.


In some cases, other websites, browsers or programs may share user preferences about the collection and use of Personal Data and user online activities. Lupin does not currently respond to these signals.



Using information collected for marketing


Lupin endeavors not to sell or transfer Personal Data to any non-affiliated entity for their marketing activities, unless you were clearly informed and provided user’s explicit consent to share your Personal Data. Lupin may use third-party advertising agencies and companies to place advertisements on other websites. These third-party agencies or companies may use user information collected through the use of Lupin or other websites to measure the effectiveness of advertising campaigns, and to personalize advertising based on user preferences and interests. Please see information on Cookies that enables personalized user experiences described in this Privacy Policy.



Sharing of Personal Data


Recipients of Personal Data:


User Personal Data may be shared with Lupin Affiliates globally. These affiliates will use Personal Data shared by Lupin for the same purposes described in this Privacy Policy. Lupin Affiliates are listed in the current annual report on


User Personal Data may also be shared with external third parties, including contracted data processors, to:


  • Help fulfill Lupin’s business transactions;
  • Maintain this website;
  • Facilitate any activities related to transfer of control (i.e. a merger or consolidation) or other corporate reorganization undertaken by Lupin or Lupin Affiliates;
  • Fulfill legal or regulatory requirements, like responding to requests from governmental authorities or court orders or reporting adverse events;
  • Fulfill corporate audit requirements or investigate and respond to complaints or security threats.



International transfers of collected Personal Data


Personal Data of users of this website, collected either directly or indirectly, may be transferred or stored in a country other than the user’s country of origin. Lupin however endeavors to only transfer or store information to countries within the European Economic Area. Where Lupin does transfer Personal Data to persons outside the European Economic Area, any such transfer will be conducted in compliance with applicable law. The country to which the data is transferred may impose different (less restrictive) privacy obligations than under GDPR.


Where Lupin transfers Personal Data to third parties outside the European Economic Area, it ensures that the recipients sign contracts containing the EU Standard Contractual Clauses according to the EU Commission decisions of 27 December 2004 (2004/915/EC) and 05 February 2010 (C(2010)593) designed to constitute appropriate and suitable safeguards to ensure compliance with GDPR.



Retention / storage period of Personal Data


The period of time that Personal Data will be stored following a user’s last interaction with this website depends on the purpose of collecting and processing specific information, for instance pharmacovigilance related information shared are kept for a minimum of ten years after the withdrawal of the product in the last country where the product is marketed.



User rights regarding Personal Data


User rights regarding Personal Data collected either directly or indirectly from the use of this website is covered by GDPR, which means users may have additional rights to the use and processing of Personal Data, including the right to:


  • Request access to Personal Data regarding the user collected, processed and stored by Lupin;
  • Request an explanation of the processing that LUPIN undertakes of the Personal Data regarding the user Lupin holds;
  • Request the rectification or correction of Personal Data regarding the user;
  • Request copies of Personal Data regarding the user in electronic format to transfer to third parties, or to request that Lupin to directly transfer information to third parties;
  • Refuse the processing and use of Personal Data regarding the user for marketing and other purposes;
  • Request the deletion of Personal Data when it is no longer required for the purposes for which information was shared or limit the processing of Personal Data where deletion is not possible. Users therefore have the right to withdraw consent at any time if processing of information is based on consent, provided that the withdrawal of consent does not affect the lawful processing based on consent prior to withdrawal. A copy of a user’s Personal Data may be retained following a request to delete information for record-keeping purposes and to prevent entering of deleted Personal Data in Lupin systems following a request to delete information.


Lupin may ask the person seeking to exercise any of these rights to verify their identity.


Please contact Lupin using the contact information provided in this Privacy Policy to exercise any of these rights.


Users are entitled to lodge a complaint with the relevant GDPR supervisory authority if a user feels that Lupin’s data processing does not comply with GDPR.



Data security


Lupin and its business partners take steps to protect Personal Data accessed or collected through the use of this website from loss, misuse and unauthorized access, disclosure, alteration or destruction. Regardless, Lupin cannot guarantee the security of Personal Data and denies all liability and damages legally permissible that could arise from loss, misuse and unauthorized access, disclosure, alteration or destruction. Lupin recommends that all users take all available precautions to protect Personal Data submitted to this website.





This website, and the information provided on this website, are not designed or intended for use by children 16 years and younger. Lupin also do not knowingly collect, process or store any Personal Data from any users under the age of 16 without the verifiable consent of a parent or guardian prior to collecting, processing or storing information collected either directly or indirectly through the use of this websites. Parents or guardians of minors may have the right to request to view or delete Personal Data provided by the child either directly or indirectly through the use of this website. Lupin recommends that all minors seek permission from parent/s or guardians prior to using or providing any Personal Data on any Lupin website.


Identity and contact details of the data controller


The data controller and EU representative of Lupin is Lupin Europe GmbH, Hanauer Landstraße 139 – 143, 60314 Frankfurt am Main, Germany.


You may contact the data controller by mail at Hanauer Landstraße 139 – 143, 60314 Frankfurt am Main, Germany or email at