Industries
- Information and Communications Technology
- Software
Participation
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Swiss-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
NAVEX processes personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF for the following purposes: To process HR employee personal data provided to NAVEX about its UK & EU affiliates (GCS Compliance Services Europe Unlimited Company, NAVEX Global UK Limited, & WhistleB Whistleblowing Centre AB). The purpose is to process such employee personal data as necessary to perform NAVEX's business functions in our role as an employer, including administrative and managerial tasks in connection with employment and the provision of services to employees. The type of data is HR data. NAVEX does disclose HR data to outside third parties. Our affiliate group will have access to the personal data, which include NAVEX Global, Inc., NAVEX Global UK Limited, GCS Compliance Services Europe Unlimited Company, and WhistleB Whistleblowing Centre AB. Our service providers, who are data processors, provide data processing services on our behalf. Any personal data processed by NAVEX’s service providers/data processors is strictly in accordance with that service provider relationship and such service providers are not authorized to process personal data except as necessary to perform the services. To process HR candidate personal data provided to NAVEX about its UK & EU affiliates (GCS Compliance Services Europe Unlimited Company, NAVEX Global UK Limited, & WhistleB Whistleblowing Centre AB), with respect to their applicants. The purpose is to process such candidate personal data as necessary to perform NAVEX's business functions in our role as a potential employer, including administrative and managerial tasks in connection with the application process and the provision of services to applicants. The type of data is HR data. NAVEX does disclose HR data to outside third parties. Our affiliate group will have access to the personal data, which include NAVEX Global, Inc., NAVEX Global UK Limited, GCS Compliance Services Europe Unlimited Company, and WhistleB Whistleblowing Centre AB. Our service providers, who are data processors, provide data processing services on our behalf. Any personal data processed by NAVEX’s service providers/data processors is strictly in accordance with that service provider relationship and such service providers are not authorized to process personal data except as necessary to perform the services. To process B2B visitor personal data in relation to our website, and to process B2B customer personal data in relation to prospects and data controller processing activities to provision services to existing customers, for example, when NAVEX maintains the customer relationship by processing personal data necessary to manage the account (e.g., operational communications, contracting information, and administrator communications). The purposes include, but are not limited to, marketing NAVEX’s products and services, responding to support requests, personalizing the experience with the website, and to manage professional relationships with our business customers. The type of data is visitor and customer personal data (non-HR data). NAVEX does disclose visitor or customer personal data to outside third parties. Our affiliate group will have access to the personal data, which include NAVEX Global, Inc., NAVEX Global UK Limited, GCS Compliance Services Europe Unlimited Company, and WhistleB Whistleblowing Centre AB. Our service providers, who are data processors, provide data processing services on our behalf. Any personal data processed by NAVEX’s service providers/data processors is strictly in accordance with that service provider relationship and such service providers are not authorized to process personal data except as necessary to perform the services. To process personal data provided to NAVEX on behalf of its customers at their instruction in the course of delivering NAVEX’s products and services, in NAVEX’s role as a service provider/data processor. The
Privacy Policy
HR Data
This Notice describes NAVEX's processing of personal data is it relates to its job applicants.
This Notice outlines NAVEX's policy in relation to HR data it collects about its employees.
Non-HR Data
Our Privacy Statement is located here: https://www.navex.com/en-us/privacy-statement/. This statement includes our data controller privacy practices, our data processor privacy practices, and links to our cookie notice.
Verification Method
Self-Assessment
Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact NAVEX Global, Inc. at:
AGC, Privacy & Data Privacy Officer
Lake Oswego, Oregon 97035-3626
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from NAVEX Global, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against NAVEX Global, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission