EVERNEX DATA PROTECTION POLICY
Legal entity: Evernex whose registered office is located at Tour CB21 – 16, Place de l’Iris – 92400 Courbevoie, France
For the purpose of applicable data protection laws, the data controller is Evernex Group and all of its direct and indirect subsidiaries and affiliated companies. This means that Evernex Group is responsible for determining how and why your personal data is processed.
National specificities may exist and will be identified in the section “Country Specific Policies” and will depend on your location and the services you receive from Evernex Group. For more information about us, please see: www.evernex.com.
This Data Protection Policy applies to visitors of the website, to our Clients and to our Partners and Suppliers.
We are committed to protecting your privacy and your personal data regardless of where it is processed and regardless of your location.
We are committed to abiding by this Data Protection Policy, as well as the requirements of applicable laws, in the operation of our business.
This Data Protection Policy explains how we collect and process personal data. In this Data Protection Policy, “personal data” or “personal data” means information that (either in isolation or in combination with other information) enables you to be identified as an individual or recognised directly or indirectly.
Below is a table of Contents of this Data Protection Policy. Please select to skip directly to the different sections of this Data Protection Policy to understand our practices and your rights with respect to your information:
Source of information we collect about you
We collect information about you from the following categories of sources:
- When you directly communicate these data to us or allow us to access to these data;
- From time to time, we may collect and use personal data we receive about you from third parties in connection with your use of the Website (reporting and analytics) and to identify areas for improvement;
- We can also collect personal data from Evernex’s affiliates, subsidiaries and newly acquired business.
Information we collect about you
We will only use your personal information if we have a legal basis for doing so. The purposes for which we use and process your information and the legal basis on which we carry out each type of processing are explained in the table below.
The categories of personal data listed in the table below include the following associated personal data:
- Identification and Contact Information: name, job title, company, contact information (including professional email address, phone number, fax number and postal address);
- Correspondence and Communication Data: any other personal data contained within correspondence and communications between you and Evernex.
- Communication Preferences: your communication preferences (postal, email, SMS.).
In some cases, you may provide personal data to us about another person. In such cases, it is you responsibility to ensure that you have the authorisation of such person to provide us with such information.
Please note that we may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a potential litigation in respect to our relationship with you.
Thus, more information may be provided in the “Country Specific Policy” section according to the applicable laws.
|Purpose||Category of Personal Data||Legal Basis||Duration of storage|
|To manage our relationship with you, including responding to your comments, queries and other correspondence (including through our chat widget)||
|To send you direct marketing communications (including our newsletter) (by postal mail, email, fax and SMS).||
|To conduct satisfaction surveys and/or customer market studies||
|To keep an up-to-date suppression list where you have asked not to be contacted, in order for us to not inadvertently re-contact you.||
|To keep our website safe and secure.||
|To collect and analyse information about your interactions with our email marketing communications||
|To collect and analyse information about your interaction with our LinkedIn, Twitter, Facebook, Google, Youtube or other Social Media company pages||
|Pre-contractual exchanges, Contract and follow-up||
|Billing, payment and accounting (partners / suppliers)||
The recipients of your personal data
Your personal data is intended for Evernex, and may be shared internally or externally with third parties in certain circumstances.
We may share your personal data with the following third party organisations:
- Evernex’s group of companies. We may share your personal data among our group of companies or companies we are affiliated to, in order to administer our business, respond to your questions, and conduct the other activities described in this Data Protection Policy.
- Our service providers. We use other companies or contractors (“Service Providers”) to perform services on our behalf. In particular, we will provide your personal data to service providers or suppliers as part of our normal business operations. Such service providers include (i) hosting services providers, (ii) data analytics providers, (iii) social media providers, (iv) digital platform providers (SalesForce) and (v) security services providers.
When you are joining the Evernex page on LinkedIn, we are acting as joint controllers with the LinkedIn. Corporation headquartered at 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA. The joint controller addendum can be found here.
In the course of providing such services, these Service Providers may have access to your personal data. However, we will only provide our Service Providers with the information that is necessary for them to perform the services, and we ask them not to use your information for any other purpose. We will always use our best efforts to ensure that all the Service Providers we work with will keep your personal data secure.
- Other Third Parties: We may, in limited circumstances, transfer your personal to government agencies and regulators (e.g., tax authorities), courts and administrative authorities, all in accordance with applicable law, and to external advisors (e.g., attorneys, accountants, auditors, etc.), all of whom act as data controllers. Evernex may also transfer your Data to third parties when it receives a request from an authority entitled by law to do so, in accordance with applicable laws and regulations.
- Third parties connected with business transfers. We may transfer your personal data to third parties in connection with a reorganisation, restructuring, merger, acquisition or transfer of assets. In the event of such a change, we will ask the receiving party to treat your personal data in a manner consistent with this Data Protection Policy.
In certain circumstances and according to the applicable law, personal data may be subject to disclosure to government agencies in accordance with judicial proceedings, court orders, or legal processes. We may also share personal information to protect the rights of Evernex or others when Evernex believes that such rights may be affected, for example to prevent fraud.
Transfer of your personal data
When possible, the data we collect from you is stored and processed at data centres in the European Economic Area (“EEA”).
- Intra-group transfers
As a global organization with offices and operations throughout the world, personal data we collect may be transferred or be accessible internationally throughout Evernex Group and between its entities and affiliates.
Any such transfers throughout Evernex Group take place in accordance with the applicable data privacy laws.
- Transfer of personal data from EEA to outside EEA
The personal data that we collect from you may be transferred to, and stored at, a destination outside the EEA in Morocco, UAE, Malaysia, Japan, Argentina, Brazil and South Africa by staff operating outside the EEA and who work for us, an entity of the Evernex group of companies or for one of our Service Providers.
If Evernex sends your information to a country that is not in the EEA, we will take the steps necessary to ensure that your personal data is protected in accordance with applicable data protection laws, including, where required, entering into EU standard contractual clauses (or equivalent measures) with the party outside the EEA (as applicable) receiving the personal data.
You have the right to request a copy of the appropriate or suitable safeguards Evernex relies on by contacting us at email@example.com
- Transfer of data between countries both located outside the EEA
Any other non-EEA related transfers of your personal data will take place in accordance with the appropriate international data transfer mechanisms and standards, according to the “Country Specific Policies”
- Your Rights
You have various rights in connection with our processing of your personal data, each of which is explained below.
- Access. You can obtain a confirmation as to whether or not your personal data is processed by Evernex. As applicable you may get more information on the personal data we hold and how your personal data is processed, and get a copy of your personal data.
- Rectification. You have the right to request rectification of personal data if it is inaccurate or incorrect or out-of-date. You may also have incomplete personal data completed.
- Erasure: you may request the erasure of your personal data, e.g. if you object to the processing of your personal data (see below). However, we may have legal or legitimate reasons for retaining the personal data depending on the context.
- Right to object. You have a right to object to any processing based on our legitimate interests in certain circumstances. You can also object to our direct marketing activities for any reason by clicking the “unsubscribe” link set out in any marketing communication you receive.
- Restriction. You have the right to restrict our processing of your personal data where you believe such data to be inaccurate, our processing is unlawful or that we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it. In such case, we would mark stored personal data with the aim of limiting particular processing for particular purposes in accordance with your request, or otherwise restrict its processing.
- Portability. You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you and (c) the data is processed by automated means. Additionally, you have the right to require us to transmit such personal data directly to another controller, where technically feasible.
- Withdrawing Consent. If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge. This includes where you wish to opt out from marketing messages.
- Giving directives. You have the right to define specific directives concerning the conservation, deletion and communication of your personal data after your death.
- You have the possibility to contact the French Data Protection Authority (CNIL) if you consider that your rights relating to the protection of your personal data are not respected. The CNIL’s contact details are available at the following address: https://www.cnil.fr/.
- If you are based or the issue you would like to complain about took place elsewhere in the European Economic Area (EEA), please click here for a list of local data protection authorities in the countries within the EEA in which we operate.
You can make a request to exercise any of these rights in relation to your personal data by sending the request by mail to Evernex: firstname.lastname@example.org.
Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
You also have the right to lodge a complaint to the competent supervisory authority if you believe that we have not complied with our data protection obligations. Contact details of Data Protection Authorities in the European Economic Area can be found here, and in the UK here. Any other authority may be listed in the Country-specific policies section.
Security of your personal data
We take reasonable measures, including administrative, technical, and physical safeguards, to protect your information from loss, theft, and misuse, and unauthorized access, disclosure, alteration, and destruction.
Nevertheless, the internet is not a 100% secure environment, and we cannot guarantee absolute security of the transmission or storage of your information. We hold information about you both at our own premises and with the assistance of third-party service providers.
Changes to this Data Protection Policy