Skip to main content
Free shipping from €99.99
24-48h shipping across Europe
100% secure payment
BornovaDeals
Menu
My favourites

Categories

Serums & solutionsSyringes & needlesConsumablesDevicesFamily careBornovaDeals

Privacy Policy

Last updated: April 30, 2026 · Version: 2024-06-21

This Privacy Notice describes how BORNOVA SAS. ("we," "us," or "our") collects, stores, uses, and shares ("processes") your information when you use our Services — for example when you visit https://www.bornovamedical.com, or any related site that links to this notice, or when you engage with us through sales, marketing, or events.

If you do not agree with our policies and practices, please do not use our Services. For any question, contact us at [email protected].

Summary of Key Points

  • Personal information. We process personal information depending on how you interact with our Services.
  • Sensitive personal information. We do not knowingly process sensitive personal information.
  • Third-party data. We may receive information from public databases, marketing partners, social media platforms, and other outside sources.
  • Processing purpose. We process your information to provide, improve, and administer our Services, communicate with you, prevent fraud, and comply with law.
  • Information safety. We have organizational and technical measures in place to protect your personal information.
  • Your rights. Depending on your location, applicable privacy law may give you specific rights regarding your personal information.
  • Exercising rights. The fastest way to exercise your rights is via our online Data Subject Access Request form.

1. What Information Do We Collect?

Personal information you disclose

We collect personal information that you voluntarily provide when you register, contact us, place an order, or otherwise participate in activities on the Services. This typically includes name, email, billing and shipping address, phone, payment information (handled by Stripe — we never store full card numbers), and any other information you choose to share.

Information automatically collected

We automatically collect certain information when you visit, use, or navigate the Services. This information does not directly reveal your identity but may include device and usage data such as IP address, browser and device characteristics, operating system, language preferences, referring URLs, country, and information about how and when you use our Services. We collect:

  • Log and usage data — IP, device information, browser type, settings, activity logs.
  • Device data — IP, device and application identifiers, location, browser, hardware model.
  • Approximate location — derived from IP for fraud prevention and tax determination.

Information from other sources

We may obtain information about you from public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and other third parties.

2. How Do We Process Your Information?

We process your personal information for purposes such as:

  • Account creation and authentication.
  • Delivering and facilitating delivery of the Services.
  • Responding to user inquiries and offering support.
  • Sending administrative information.
  • Fulfilling and managing your orders.
  • Sending marketing and promotional communications (with consent).
  • Protecting our Services against fraud and abuse.
  • Identifying usage trends.

3. Legal Bases for Processing

If you are located in the EU or UK, we rely on one or more of the following legal bases under GDPR Article 6:

  • Consent — when you have given clear permission for a specific purpose.
  • Performance of a contract — when processing is necessary to fulfill our contract with you.
  • Legitimate interests — when reasonably necessary to achieve our legitimate business interests, balanced against your rights.
  • Legal obligations — when we must comply with EU or French law.
  • Vital interests — to protect your or another person's vital interests.

4. Sharing Your Information

We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us:

  • Ad networks (with your consent only).
  • Payment processors (Stripe).
  • Sales, marketing, and email tools (Brevo).
  • Analytics services (with your consent only).
  • Order fulfillment partners and carriers (UPS).

We may also share your personal information in connection with business transfers (mergers, acquisitions, restructuring), with affiliates under shared common ownership, and with business partners to offer specific products or services.

5. Third-Party Websites

The Services may contain advertisements or links from third parties not affiliated with us, leading to other websites, online services, or mobile applications. We cannot guarantee the safety and privacy of data you provide to any third parties.

6. Cookies & Tracking Technologies

We use cookies and similar tracking technologies (such as web beacons and pixels) to deliver, secure, analyze, and improve our Services. Cookies on our Site are organized into the following categories: strictly necessary, preferences, statistics (analytics), and marketing.

Cookie consent on this Site is managed via Cookiebot, a Consent Management Platform certified under IAB TCF v2.2 and compliant with the French CNIL Recommendation of 17 September 2020 on cookies and trackers, the EU ePrivacy Directive (2002/58/EC), and GDPR (Regulation (EU) 2016/679). On your first visit you may accept or reject each category individually via the consent banner. You may withdraw or modify your consent at any time by clicking the cookie icon in the footer of any page.

Strictly necessary cookies (session, security, fraud prevention, load balancing) are exempt from consent under Article 82 of the French Data Protection Act and ePrivacy Directive Article 5(3). All other categories are loaded only after you grant explicit consent for that category.

The complete and continuously updated list of cookies — including purpose, provider, retention period, and category — is available on our Cookie Declaration page, automatically generated and refreshed by Cookiebot.

7. Social Logins

Our Services let you register and log in using a third-party social media account (Google). When you do, we receive certain profile information from that provider in line with its privacy practices. We use this information only for the authentication purpose, in line with this Privacy Policy.

8. Data Retention

We retain your personal information only as long as necessary for the purposes set out in this notice, unless a longer period is required or permitted by law (for example, accounting records: 10 years under French tax law; order data: as required by consumer protection statute of limitations).

9. Information Security

We have implemented appropriate and reasonable technical and organizational measures designed to protect the security of any personal information we process, including encryption in transit (TLS 1.2+), encryption at rest (managed key service), access controls, and regular security audits. No method of transmission over the Internet or method of electronic storage is 100% secure.

10. Minors

We do not knowingly collect data from or market to children under 18 years of age. If you believe a minor has shared personal information with us, contact our Data Protection contact at [email protected].

11. Your Privacy Rights

In the EEA and UK

Under GDPR and the UK Data Protection Act, you have the following rights regarding your personal data:

  • Right to access your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten").
  • Right to restrict processing in certain circumstances.
  • Right to data portability in a structured, machine-readable format.
  • Right to object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Account Information

If you would like to review or change information in your account, or close your account, contact us via the channels below.

Exercising your rights — Data Subject Access Request (DSAR)

The fastest and most secure way to exercise any of the rights above is to submit a Data Subject Access Request via our online form at /data-request. All requests are handled by our Data Protection Officer (DPO) within the 30-day period required by GDPR Article 12(3) (extendable by an additional two months for complex requests, with prior notice to you).

You may also contact our DPO directly:

If you believe our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the French data protection authority (CNIL) at www.cnil.fr or with the supervisory authority of your EU/EEA country of residence.

12. Do-Not-Track Signals

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature. We do not currently respond to DNT browser signals, but you can manage tracking via our cookie banner at any time.

13. United States Residents

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and details about the personal information we maintain about you, correct inaccuracies, obtain a copy, or delete it.

14. Updates to This Notice

We may update this Privacy Notice from time to time. The updated version is indicated by the "Last updated" date at the top of this page. Material changes will be communicated by prominent notice on the Site or by email, where appropriate.

15. Contact Us

For questions or comments about this notice, email us at [email protected] or write to:

BORNOVA SAS. 1 Rue de Stockholm 75008 Paris, France

16. Review, Update, or Delete Your Data

You have the right to request access to, change, or delete the personal information we collect from you. Use our online Data Subject Access Request form to start the process.