Privacy Policy

Privacy Notice

Envalior is committed to processing the personal information of website users, business partners, job candidates and other persons who interact with us in compliance with applicable laws, specifically GDPR. We have implemented various technical and organizational measures to protect any personal data that it processes. This document summarizes how Envalior collects, stores, uses, discloses, or transfers (hereinafter “processes” or "processing") your data. What personal data we collect from you depends on the purpose of your interaction with us.

1. Legal Basis for our Processing of Your Personal Information

We base our processing activities on the following grounds, which are contained in Article 6 GDPR and which we identify throughout this document using the following symbols:

Legal Basis	GDPR Article	Symbol
Compliance with legal obligations	6.1.c	★
Contractual performance	6.1.b	☆
Legitimate Interest	6.1.f	❊
Consent	6.1.a	✤

2. Use of Envalior Tools and Systems

2.1 Website Users

When you visit our Internet or Intranet site or when you use our applications, support systems or other online services, or when you subscribe to our newsletters, we may ask you to provide and then process the following types of personal data:

Contact information: Name, salutation, address, phone number, and email address.
Organizational information: Name of employer and job position.
Support information: Feedback or details regarding a support request, survey, or online/forum comment/post.
Additional personal information that you submit to us or that we have available: For example, IP address or contents of online forms.
Device information: Your device or user identifier, information regarding your operating system, browser, or sites and services that you have accessed during your visit on our pages and systems, including date and time information.

We process your personal data for the following purposes:

To provide you with a secure and comfortable website and browsing experience, including the creation and administration of your online account (if applicable), as well as updating and maintaining our offerings. ☆❊
To confirm your identity. ☆❊✤
To respond to and complete your requests or instructions, and to communicate with you. ★☆❊✤
To communicate with you and to contact you with information about our products, or to solicit feedback in electronic surveys. ★☆❊✤
To monitor our systems, prevent fraud, and illegal activities and prevent illegal access to our IT systems and platforms. ★❊
To improve our processes, tools, and systems. ❊

Envalior uses website tracking technology (including cookies and tracking pixels in emails) to customize and improve your website experience. Cookies are persistent files stored on your device that are required for our website to function properly or that we use to monitor, improve, and maintain our website.

We use these tracking tools (set out in detail in section 4) to capture and process your personal data for the following purposes:

To provide you with a functioning website and browsing experience. ❊
To track your use of our website and other systems to improve our online offering. ✤

2.2 BUSINESS PARTNERS

If you are a customer or supplier of Envalior, we may process the following types of personal data in addition to the data listed in section 2.1::

Personal data of you or your company that is available in publicly available resources (such as company directories, trade registers or social networks), as well as credit agencies and integrity databases and sanction lists.
Information required to perform business partner compliance verifications, such as the date of birth, nationality, ID number, or information about ongoing legal proceedings.

In addition to the purposes listed in section 2.1:, we process your personal data for the following purposes:

Managing the contractual relationship with you as our business partner. ★☆❊
Interest-based profile creation based on publicly available information to tailor offerings, marketing material, arranging shipments and deliveries and providing general assistance and customer support. ❊
Performing marketing analysis activities, including the distribution of marketing material, sales offers and procurement invitations. ❊✤
Procuring legal compliance with applicable laws and regulations, including record-keeping obligations, and in particular trade embargoes and sanctions and denied party screening activities, prevention of money laundering, and other business partner screening activities. ★☆❊
Resolving potential disputes, enforce contracts, and establishing, enforcing, or defending ourselves against legal claims. ★☆❊

2.3 JOB APPLICANTS

If you are applying for a job at Envalior, we may ask you to disclose (on a voluntary basis and to the extent permitted by local applicable laws) and we may then process the following types of personal data in addition to the data listed in section 2.1:

Date of birth.
Passport and nationality information.
CV, application, and motivation letters.
Employment history information, certificates, reference contacts, and other employment-related documents you submit to us.
Salary information (where permitted) and expectation.
Information about any potential disabilities of relevance for potential employment.

Furthermore, we may collect and process the following types of personal data from you as an applicant:

Information we produce during assessment centers and personal assessments.
Background check information (to the extent legally permitted in the relevant geography).
Information received from reference contacts that you have provided.
Information from your social media profiles (e.g., from your LinkedIn profile).
Usage data regarding your interaction with our job portal.

In addition to the purposes listed in section 2.1:, we process your personal data for the following purposes:

To assess your qualifications and to evaluate your application. ❊✤
To identify potentially suitable jobs for you in case you have created a candidate profile, including the use of algorithms to identify suitable jobs for a specific candidate. ✤
To assess any potential employment, immigration, or relocation matters. ★☆❊
To perform background checks. ★❊
To enable you to enter an Envalior facility and to protect the safety, security, and integrity of Envalior, its employees, IT systems, facilities, and visitors in case of an in-person interview. ★❊
To comply with legal requirements regarding disabilities, diversity, and protection of minorities. ★❊

We will delete or anonymize your application data 12 months after completion of the recruiting procedure in case there is no further interaction with you as a potential candidate. If you are an Envalior Employee, you can contact the HR team to have your job applicant information deleted, otherwise, you can delete your recruitment account in our system at any time.

3. TRANSFER AND DISCLOSURE OF PERSONAL DATA

We transfer your personal data to the following partners and sub-processors (listed in section 4) as follows:

Affiliates: When we disclose your personal information to our Affiliates (the members of the Envalior group of Companies), we assume joint controllership and responsibility with the respective Affiliate(s) for such processing in accordance with Article 26 GDPR.
Sales partners: As necessary to conduct business with you, we may disclose your personal data to third parties (for example, affiliates, distributors, partners, and agents). These companies are considered our sub-processors, and they process your personal data under our supervision, and they are our sub-processors.
Suppliers and Service Providers: We contract with suppliers or service partners to perform certain activities for us or on our behalf, such as packaging, shipping, or IT-related services (e.g., cloud platform providers). We employ consultants who assist us in running our business. These providers are considered our sub-processors, and they process your personal data under our supervision and are bound to confidentiality.
Other Third Parties: We may transfer your personal data to other third parties to perform certain services on our behalf. We contract with external advisors who help us establish a legal claim or defend ourselves against a legal claim. They are also our sub-processors and bound to confidentiality.
We may transfer personal data outside of your country of residence. Personal information you provide us with may be accessible globally to other registered users of our systems. In case we process your personal data outside of the European Union, we generally require a sub-processor to execute the EU Standard Contractual Clauses with us or to implement binding corporate rules in its organization.

4. Envalior Sub-Processors

The following table identifies the Sub-Processors used by Envalior, the reason, and the country of residence of the sub processor.

Company	Purpose	Country
CleverReach GmbH & Co. KG	Newsletters	Germany
Microsoft Deutschland GmbH	Microsoft Dynamics, Collaboration Suite and Services	Germany
eTracker GmbH	Website Analytics	Germany
Google Ireland Limited	Website Analytics	Ireland
Consentmananger	Cookie Consent	Sweden
Vimeo Inc.	Online Video Service	USA
OpenStreetMap Foundation	Map Service	United Kingdom
Workable	Talent Management	United Kingdom
Koninklijke DSM N.V.	Corporate Services	The Netherlands
Lanxess Deutschland GmbH	Corporate Services	Germany
Atos Information Technology GmbH	Business Applications Hosting	Germany
Elision B.V.	Customer Portal	The Netherlands

Wipro Technologies GmbH	IT-Support	Germany
Tata Consultancy Services	IT-Security	Germany
Atlassian Germany GmbH	Software	Germany
Clarivate Analytics (UK) Limited	IT- Services	United Kingdom
Adobe Systems GmbH	Marketing Analytics Services	Germany
SAP Deutschland SE & Co. KG	Travel expense processing HR Software	Germany
Orange Business Services GmbH	IT-Services	Germany
Tata Consultancy Services Deutschland GmbH	IT-Support	Germany
Xebia Consultancy Services B.V.	IT-Services	The Netherlands
Software AG	IT-Services	Germany
Alight (NorthgateArinso Deutschland GmbH)	IT-Services	Germany
LinkedIn	Learning Services	United States
Maptive	IT-Services	Germany
MAD	IT-Services	Germany

5. Automated Decision-Making and Profiling

Envalior does not use tools for automated decision-making or profiling (as defined by Article 4 GDPR) on human beings.

6. Data Retention

We store personal data in accordance with applicable law and retention periods as required by applicable laws. After the expiration of the statutory retention period, personal data is being routinely deleted.

7. Security

To protect your personal data from untheorized access or disclosure, we use adequate organizational, physical, and technical protection measures.

8. Your rights

Towards us, you have the rights stipulated by the data processing laws that apply to you. You have the right to inquire with us to which extent we store and process your personal data. You can request us to transfer your personal data in accordance with GDPR. You have the right to request us to correct any personal information that we have inaccurately recorded. You have the right to request us to delete your personal data in the absence of a retention obligation. You can also at any time withdraw your consent to our processing of your personal data or instruct us to stop processing your personal data regarding which we do not require further contractual or statutory processing rights.

9. Children

Envalior does not solicit or knowingly collect, process, or use any information on our website from individuals whom we know to be under 16 years of age without having previously obtained the verifiable consent of a legal guardian. If required, legal guardians can access the information provided by their child and/or demand that this information be erased by contacting us.

10. Contact Information

The data controller according to GDPR or other global data privacy laws is Envalior GmbH, Flughafenstraße 101, 40474 Düsseldorf, Germany.

Our Data Privacy Officer can be reached at privacy <at> envalior.com. Furthermore, you can raise any potential concern with the responsible data privacy authority in your country of residence.