Last Update: 8/15/2022

ENVOY PRIVACY POLICY

Envoy Global, Inc., together with its affiliates and subsidiaries including Envoy International Holdings, Inc. (collectively, “Envoy”, “we” or “us”), are committed to protecting the privacy of all users of our services, which may include employees or potential employees of our business customers, other individual clients of our associated U.S. Law Firms and Local Representatives, and the dependents and family members of such individuals (“you”).

Please review this policy to understand how we handle your information. If you do not agree to this Privacy Policy, please do not use the Platform or the Support Services.

Please take a moment to understand the different ways Envoy works with customers and others involved in the immigration process:

Envoy Global, Inc. provides the Platform, an online tool that facilitates management of Matters involving immigration.
The actual immigration petition or application process is managed by one of the following, not by Envoy Global, Inc.:
- A U.S. Law Firm, for U.S. Matters (i.e. involves petitions and applications for nonimmigrant and immigrant visas, permanent residence, and citizenship status and related ancillary services into the U.S.); or
- Envoy International Holdings, Inc., for Global Matters (i.e. involves immigration to a non-U.S. country).
For Global Matters, Envoy International Holdings, Inc. will handle the application process internally or retain the services of a Local Representative from a network of global immigration providers and representatives. Some Local Representatives are affiliates or subsidiaries of Envoy, and others are not.
In some cases, our customer is an Employer who uses Envoy services for a Matter involving an actual or prospective member of its workforce, i.e., a Business Petitioner Beneficiary.
In other cases, our customer is an individual who uses Envoy services for their own Matter, i.e., an Individual Applicant.
The U.S. Law Firms and Envoy International Holdings, Inc. use the Platform to manage the Matters.
Although Envoy Global, Inc. may offer administrative, clerical or technical assistance to U.S. Law Firms, Envoy International Holdings, Inc., Employers, Business Petitioner Beneficiaries, and Individual Applicants, Envoy Global, Inc. does not manage the Matters.
Envoy Global, Inc. also handles billing for the U.S. Law Firms and Envoy International Holdings, Inc.

This Privacy Policy contains the following sections:

DEFINITIONS
APPLICABILITY
ENVOY AS A DATA CONTROLLER AND DATA PROCESSOR
INFORMATION WE COLLECT AND HOW WE USE IT

4.1. Information Processed For Matters

4.2. Other Information You Provide Us

4.3. Information Collected Through Automated Means

WHEN AND HOW WE SHARE YOUR INFORMATION
LEGAL BASES FOR PROCESSING PERSONAL DATA
YOUR RIGHTS AND CHOICES

7.1. Cookies and Communications

7.2. Access, Deletion, and other Personal Data Rights

7.3. State-Specific Disclosures

7.3.1. California

HOW WE PROTECT YOUR INFORMATION
DATA RETENTION
INTERNATIONAL DATA TRANSFERS
CHANGES TO OUR PRIVACY POLICY
CONTACT INFORMATION

1. DEFINITIONS

“Business Petitioner Beneficiaries” are actual or potential members of the workforce of a business customer of Envoy (i.e., the Employer) which has engaged Envoy in in connection with a Matter.

“Device and Usage Information” is information about your device, internet connection, the equipment that you use to access our Platform, and how you use the Platform, such as (a) details of your visits to our Platform, including traffic data, location data, logs, other communication data, and the resources that you access and use on the Platform; (b) information about your computer and internet connection, including your operating system, and browser type; and (c) device identifiers, including your IP address and mobile device ID.

“Employer” means Envoy’s customer that uses the Platform to manage its Matters for one or more of its Business Petitioner Beneficiaries.

“Global Services” refers to immigration filing and processing services with respect to non-US immigration (e.g. immigration to a country in Europe).

“Individual Applicants” are individuals who engage Envoy in connection with their own Matter, such as family members of a Business Petitioner Beneficiary, dependents, and other individuals seeking an individual immigration application.

“Personal Data” means any information that relates to an identified or identifiable individual.

“Privileged Information” means the legal materials, documents, correspondence, and other kinds of information stored on the Platform associated with your Matter that are eligible for attorney-client privilege or equivalent protection in the context of your relationship with a U.S. Law Firm or Local Representative.

“Matters” refers to matters initiated through the Platform (a) for business immigration petitions and visa applications for nonimmigrant and immigrant visas, permanent residence, and citizenship status to the U.S. Citizenship and Immigration Services managed by a U.S. Law Firm (a “U.S. Matter”) or (b) Global Services managed and performed by Local Representatives (a “Global Matter”).

“Platform” means, collectively, the technology platform accessible through www.envoyglobal.com, app.envoyglobal.com, Envoy’s mobile applications and related technology and tools.

“Platform Data” is Personal Data collected by Envoy to administer the Platform and technical support for the Platform, such as login credentials and technical support inquiries.

“Billing Data” is Personal Data relating to billing and payment through Envoy Global, Inc. for its own services and services provided by others, such as the U.S. Law Firms and Envoy International Holdings, Inc.

“Controller” refers to the entity that has certain legal rights to determine the purposes for which Personal Data will be processed and the means by which that processing will happen. As used in this Privacy Policy, the term also includes entities considered to be “Businesses” under the California Consumer Privacy Act (“CCPA”).

“Processor” refers to an entity that processes Personal Data solely on behalf of its customer, and not for its own business or legal compliance purposes. As used in this Privacy Policy, the term also includes entities considered to be “Service Providers” under the CCPA.

“U.S. Law Firm” refers to the independent law firm, and its related attorneys and support staff, that has been trained to use the Platform and agreed to use the Platform as the client technology solution to provide you or your Employer with U.S. Legal Services. The U.S. Law Firms may include Global Immigration Associates, P.C., Corporate Immigration Partners, LLP, their respective successors and assigns or another law firm who has agreed to provide U.S. Legal Services to Envoy customers and that has been selected by you or your Employer to be its counsel.

“U.S. Legal Services” refer to the legal services performed by U.S. Law Firms in conjunction with their preparation and submission of visa applications for nonimmigrant and immigrant visas, permanent residence, and citizenship status to the U.S. Citizenship and Immigration Services and other governmental agencies regulating foreign persons entering the United States and related ancillary services of the U.S. Law Firm.

“Local Representatives” refer to Envoy International Holdings, Inc. personnel and its network of global immigration providers or local representatives, which manage and perform Global Services.

2. APPLICABILITY

This Privacy Policy applies to any information you provide to Envoy, that we collect through the Platform, or that we otherwise handle in connection with a Matter or the promotion of our business. This Privacy Policy covers only Envoy’s handling of the data. U.S. Law Firms, Local Representatives who are not subsidiaries or affiliates of Envoy, your Employer, and the governments involved in your Matters are not within the scope of this Privacy Policy.

3. ENVOY AS A DATA CONTROLLER AND DATA PROCESSOR

Data protection laws in certain jurisdictions make a distinction between Controllers and Processors. Different Envoy entities may act as either a Controller or a Processor of your Personal Data, depending on the circumstances, as follows:

For Business Petitioner Beneficiaries:

Envoy International Holdings, Inc. acts as a Controller with respect to your Matter Data for Global Matters it manages, as do other Local Representatives it uses for those Global Matters.
U.S. Law Firms act as a Controller with respect to your Matter Data for U.S. Matters they manage.
Your Employer acts as a Controller with respect to your Matter Data and your Platform Data.
Any entity that creates or collects Billing Data also acts as a Controller with respect to Billing Data.

For Individual Applicants:

Envoy Global, Inc. acts as a Controller of your Platform Data and a Processor with respect to storing your Matter Data for you and making it available on your behalf, as applicable, to the relevant U.S. Law Firm, Envoy International Holdings, Inc., or other Local Representatives. It also acts a Processor to U.S. Law Firms and Local Representatives with respect to Personal Data in records they ask us to store in order to comply with their professional and ethical record retention obligations.
Envoy International Holdings, Inc. acts as a Controller with respect to Matter Data for Global Matters it manages, as do other Local Representatives it uses for those Global Matters.
S. Law Firms act as a Controller with respect to Matter Data for U.S. Matters they manage.
Any entity that creates or collects Billing Data also acts as a Controller with respect to Billing Data.

Envoy Global, Inc. also acts as a Controller of Personal Data it receives about prospective users of its services, and Personal Data about individuals who sign up to receive marketing emails.

4. INFORMATION WE COLLECT AND HOW WE USE IT

4.1. Information Processed For Matters

While the exact Personal Data we handle in connection with particular Matters can vary widely depending on the country and on the life history of the applicants, we generally handle the following Personal Data in connection with Matters:

Nationality
Title/Position/Department
Business contact details (e.g., address, telephone, mobile, and email)
Dates of employment or prospective employment
Accreditations
Personal contact details (e.g., home address, home telephone number and personal mobile number)
Date of birth
Language preference
Education and qualifications
Family member information
Device information and other technical information relevant to information technology management
Login information for the Platform
Government Identification or Social Security number, Driver’s license number, state identification card number, passport number, alien registration number, taxpayer identification number, date of birth, mother’s maiden name, digital or electronic signature, or picture.
Application forms
Correspondence with government authorities
Billing Data, such as invoices and payment card data

The Controller managing your Matter can inform you what Personal Data is legally required or desirable for your particular Matter. Failure to provide legally required Personal Data will typically prevent the Controller from being able to successfully process your Matter.

While managing Global Matters, Envoy International Holdings, Inc. and other Local Representatives in the Envoy group may receive Personal Data from Employers, other Local Representatives, governmental authorities, and publicly available sources, such as applicants’ LinkedIn profiles. In connection with U.S. Legal Matters, Envoy Global, Inc. and the U.S. Law Firms may receive Personal Data from similar sources.

Where Envoy Global, Inc. acts as a Processor, it uses the Personal Data solely pursuant to the instructions of the person or entity for which it acts as a Processor unless other processing is legally required.

Where Envoy is a Controller, it uses the information:

To facilitate your Matter and otherwise provide and improve our services;
To identify and protect against fraud and other harms; and
To comply with law and otherwise address legal matters.

Where appropriate, Envoy may also use limited Personal Data for marketing purposes.

However, we do not use or disclose any Privileged Information except (i) solely as directed by you, the relevant U.S. Law Firm or Local Representative, or as otherwise legally required or (ii) to disclose the information as described in the “Service Providers” and “Business Transfers” portions of Section 5 of this Privacy Policy.

4.2. Other Information You Provide Us

4.3. Information Collected Through Automated Means

When you navigate through and interact with our Platform, we automatically collect Device and Usage Information. This information allows us to optimize the Platform to the internet connections and equipment that are used to access the Platform. We collect Device and Usage Information directly from you when you provide it to us and automatically as you navigate through and interact with our Platform.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies): A cookie is a small file placed on your computer or other device. We use session cookies to keep track of your login information. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Platform. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you use the Platform.
Pixel Tags / Web Beacons: Webpages on our Platform and our emails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email. We may also use these web beacons for other related Platform statistics (e.g., recording the popularity of certain content and verifying system and server integrity).
Tracking URLs: These are links that allow Envoy to determine the effectiveness of a particular part of the Platform. For instance, emails from a marketing campaign may include tracking URLs to help Envoy see how popular the page is. This helps us serve more relevant content and information.

5. WHEN AND HOW WE SHARE YOUR INFORMATION

We share Personal Data as follows:

Third parties involved in your Matter: We may share your Personal Data with, as applicable, a U.S. Law Firm, Local Representatives, your Employer, immigration authorities and other governmental entities, translation providers, education evaluation providers, and others that we or they involve to assist in processing your Matter.
Service Providers: We may share or disclose your information with vendors we use to provide or maintain the Platform or other aspects of our services, such as hosting providers and payment processors.
Business Transfers: In the event that Envoy is involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, your information held by us may be among the assets transferred.
Comply with Law and Prevent Harm: Notwithstanding anything to the contrary in this Privacy Policy, we may disclose or share your information in order to comply with any court order, law, or legal process, including to respond to any government, public authority or regulatory request, or if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Envoy, our customers, or others. This includes exchanging information with other companies and organizations via our service providers for the purposes of fraud protection and credit risk reduction. In certain situations, we may be required to disclose your information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Enforcement: We may disclose your information in order to enforce or apply our Terms and other agreements, including for billing and collection purposes.

We may disclose de-identified and aggregated information (which is information that cannot be used to personally identify you) about our users without restriction.

6. LEGAL BASES FOR PROCESSING PERSONAL DATA

Where an Envoy entity acts as a Controller, the laws in some jurisdictions require us to tell you about the legal grounds we rely on to use or disclose your Personal Data. To the extent those laws apply, our legal grounds for processing Personal Data are as follows:

Consent: Where required by law, and in some other cases, we handle Personal Data on the basis of consent. For example, we send newsletters to individuals on the basis of opt-in consent. We process certain sensitive Personal Data for Matters on the basis of explicit consent.
Performance of our contract with you: We process most Individual Applicant Personal Data, including all Matter Data, to perform our contract with you.
Legitimate interests: In many cases, we handle Personal Data on the ground that it furthers our legitimate interests in commercial activities, such as the following, in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals: Platform support; protecting the Platform and the rights and safety of our users, customers, and employees; analyzing and improving our business and services; and managing legal issues.
Legal compliance: We need to use and disclose Personal Data in certain ways to comply with our legal obligations.

7. YOUR RIGHTS AND CHOICES

7.1. Cookies and Communications

We strive to provide you with choices regarding the information you provide to us. You can exercise control over your information in the following ways:

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies entirely, please note that some parts of the Platform may then be inaccessible or not function properly, which may affect your ability to interact with your Law Firm or to receive the use or benefit of Envoy’s Support Services.
Email Newsletters from Envoy. If you do not wish to have your contact information used by Envoy to notify you of updates and educational opportunities related to immigration matters or to promote our own or third parties’ products or services, you can opt-out by unsubscribing to such emails.

7.2. Access, Deletion, and other Personal Data Rights

If you are a registered user of our Platform, you can review and in some cases change certain Personal Information Envoy holds by logging into the Platform and visiting your account’s My Login page.

Depending on your jurisdiction of residence and the location of the Envoy entity involved, you may have additional rights, such as the right to access, delete, and correct your Personal Data, to revoke your consent to processing of Personal Data (without affecting the lawfulness of prior processing), or to object to the processing of Personal Data.

To exercise these rights with respect to Personal Data for which the relevant Controller is your Employer, a U.S. Law Firm, or a Local Representative handling your Matter (other than Envoy International Holdings, Inc.), please contact them directly for the fastest response. We cannot independently act on requests related to such data, but we can assist you in contacting them.
If you wish to exercise these rights with respect to the information for which an Envoy entity is a Controller, you may email us at [email protected]with your request.

Please note that we require certain information to be able to provide the Support Services, and the U.S. Law Firms and Local Representatives may not be able to process your Matter without certain information. Additionally, any of the rights described above are subject to significant limitations and exceptions under applicable law. Every individual also has a right to lodge a complaint with the relevant supervisory authority in connection with the processing of Personal Data.

7.3. State-Specific Disclosures

7.3.1. California

If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)). This section applies only to personal information for which Envoy acts as a controller or “business,” as set forth in Section 3 above; it does not apply to personal information for which we act as a processor or “service provider” on behalf of another entity. This information supplements the information in the rest of our Privacy Policy.

Categories of information collected. Throughout this Policy, we discuss in detail the specific pieces of personal information we collect. Under the CCPA, we are also required to provide you with the “categories” of personal information we collect. The categories we collect are: identifiers (such as name, address, email address and other contact information); internet or other network or device activity, such as Device and Usage Information; geolocation information, professional or employment related data (such as title); other information that identifies or can be reasonably associated with you, and inferences drawn from any of the above.

Use and sharing of information. In the twelve months leading up to the effective date of this Privacy Policy, Envoy used the personal information as follows:

To respond to questions, concerns, or customer service inquiries, and to otherwise fulfill individuals’ requests;
To send information about our current and future services,
To analyze and improve our website;
To enforce the legal terms that govern our business and online properties;
To comply with law and legal process and protect rights, safety and property; and
For other purposes requested or permitted by you or by others acting on your behalf as part of your requested services, such as your Employer or Law Firm.

We share information with the entities and for the purposes set forth in Section 5 of this Privacy Policy.

“Sale” of information. California residents may opt out of the “sale” of their personal information. We do not “sell” personal information within the meaning of California law.

California Privacy Rights. If you are a California resident, California law may permit you to request that we:

Inform you of the categories of personal information we have collected about you in the last twelve months; the categories of sources of such information; the categories of personal information that we sold or disclosed about you for a business purpose; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties to whom we have “sold” or otherwise disclosed personal information for a business purpose.
Provide access to and/or a copy of certain information we hold about you.
Delete certain information we have about you.

Certain information is exempt from such requests under applicable law. You also may have the right to receive information about the financial incentives that we offer to you (if any). You also have certain rights under the CCPA not to be discriminated against for exercising CCPA rights. We will take steps to verify your identity before responding to your request, which may include requesting that you respond to an email that we send to you, or otherwise verifying your name, email address or other information that will help us to confirm your identity.

If you are an agent making a request on behalf of a consumer, you must verify that you are authorized to make that request, which may include requiring you to provide us with written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney. We also may require the consumer to verify their identity directly with us.

California Shine the Light Disclosure. California Civil Code Section § 1798.83 permits users of our Platform that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purpose. We do not share your personal information with third parties for their own direct marketing purposes.

8. HOW WE PROTECT YOUR INFORMATION

We have implemented measures designed to secure information we process from accidental loss and from unauthorized access, use, alteration, and disclosure. Additional details about the specific technologies used to secure information are available upon request by sending an email to [email protected].

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your information, we cannot guarantee the security of any information transmitted to our Platform.

We operate the Platform and manage the provision of the Support Services from the United States. If you are located outside of the United States, please be aware that information we collect will be transferred to and processed in the United States. By using the Platform, or providing us with any information, you fully understand and unambiguously consent to this transfer, processing and storage of your information in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen.

9. DATA RETENTION

We hold Personal Data for as long as necessary to fulfill the purposes set forth in this Privacy Policy and/or, where we act as a Processor, as required by our contracts with the relevant Controller, and also as required by applicable law. Information may persist in copies made for backup and business continuity purposes for additional time. Some Local Representatives in the Envoy group are legally required to retain copies of immigration application files for time periods that vary by jurisdiction and Matter type.

10. INTERNATIONAL DATA TRANSFERS

We are headquartered in the United States, and recipients of the data disclosures described in this Privacy Policy are located in the United States and elsewhere in the world, including where privacy laws may not provide as much protection as those of your country of residence.

Envoy Global, Inc. has certified certain of our services, for which we act as a data processor, under the EU-U.S. Privacy Shield Framework (the “Privacy Shield”). On July 16, 2020, Europe’s highest court, the CJEU, invalidated the EU-US Privacy Shield with respect to transfers of data between the European Economic Area (“EEA”) and the United States. Envoy is taking steps to address the CJEU decision, including by entering into Standard Contractual Clauses with third parties where appropriate, though the majority of the Personal Data we handle for Matters qualifies for one or more derogations under GDPR Article 49, obviating the need for additional steps. Additionally, Envoy Global, Inc. will continue to protect EEA and UK data in compliance with the Privacy Shield Principles, as described herein.

Envoy Global, Inc. complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries transferred to the United States pursuant to Privacy Shield. Envoy Global, Inc. has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is a conflict between the protections that Privacy Shield provides to individuals and the rest of this privacy policy, then the extra protections provided by Privacy Shield will govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Pursuant to the Privacy Shield Frameworks, individuals whose personal data is transferred to us under the Privacy Shield have the right to obtain our confirmation of whether we maintain Personal Information relating to them in the United States. They also have the right to access, correct, amend, or delete the data we hold about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.

Envoy Global, Inc.’s accountability for personal data that it receives from such data subjects under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Envoy Global, Inc. remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless Envoy Global, Inc. proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Envoy Global, Inc. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. As such, Envoy Global, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. Individuals with Privacy Shield inquiries or complaints should first contact Envoy Global, Inc. by email at [email protected].

Envoy Global, Inc. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.

If your complaint involves human resources data transferred to the United States under the Privacy Shield in the context of the employment relationship, and Envoy Global, Inc. does not address it satisfactorily, Envoy Global, Inc. commits to cooperate with the panel established by the EU data protection authorities (“DPA Panel”), as applicable and to comply with the advice given by the DPA Panel, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.

Contact details for the EU data protection authorities can be found at https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_en, and the United Kingdom Information Commissioner’s Office can be reached as described at https://ico.org.uk/global/contact-us/.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

11. CHANGES TO OUR PRIVACY POLICY

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat information for which we are a Controller, as determined in our sole discretion, we will notify you by email to the email address specified in your registered account and/or through a notice on the Platform.

The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you (where you are a registered user of our Platform), and for periodically visiting the Platform and this Privacy Policy to check for any changes.

12. CONTACT INFORMATION

To ask questions or concerns about this Privacy Policy and our privacy practices or if you would like to make a complaint pursuant to the Privacy Shield Principles, please contact us at [email protected].

INFORMATION WE COLLECT AND HOW WE USE IT

Information You Give Us. In order to provide the Platform and Support Services, we may request the following information about you, including:

Nationality
Title/Position/Department
Business contact details (e.g., address, telephone, mobile, and email)
Dates of employment or prospective employment
Accreditations
Personal contact details (e.g., home address, home telephone number and personal mobile number)
Date of birth
Language preference
Education and qualifications
Family member information
Device information and other technical information relevant to information technology management
Government Identification or Social Security number, Driver’s license number, state identification card number, passport number, alien registration number, taxpayer identification number, date of birth, mother’s maiden name, digital or electronic signature, or picture.

If Envoy is helping your Employer seek permission for you to work in the United States or otherwise in a jurisdiction that is not your home jurisdiction, Envoy is providing its Support Services to your Employer, and your Employer’s Law Firm and/or Authorized Representatives are providing your Employer with legal and/or immigration assistance. While Envoy does not provide services to you and your Employer’s Law Firm does not represent you (except in limited cases, such as the green card process), as an individual, in order to complete the process for applying for a work authorization, your Employer will need you to provide certain information to your Employer’s Law Firm or Authorized Representatives. Envoy collects and processes this information on behalf of your Employer and we may use your information to provide the Support Services and to facilitate your Employer’s Law Firm’s and the Authorized Representatives’ processing of their Matters. If you have any questions as to how this information (including any of your Personal Information) is used by your Employer (or on behalf of your Employer), please raise these with your Employer.

If you do provide Envoy with your information as part of the Support Services, we will use such information to provide the Support Services and as part of the process of applying for the work authorization requested by your Employer.

We may also use your information to contact you about our services or information that may interest you, and to provide you with information you have requested (such as if you contact us about the services we provide, or if you sign up for our email blog updates). You can opt-out of these communications by unsubscribing to such emails via the unsubscribe link found in the footer of each email.

Except as specifically stated in this Privacy Policy, we do not disclose your information to third parties.

Device and Usage Information. When you navigate through and interact with our Platform, we automatically collect certain information about your device, internet connection, the equipment that you use to access our Platform, and how you use the Platform. We refer to this information as “Device and Usage Information”. This information allows us to optimize the Platform to the internet connections and equipment that are used to access the Platform. We collect Usage Information directly from you when you provide it to us and automatically as you navigate through and interact with our Platform. Device and Usage Information includes:

details of your visits to our Platform, including traffic data, location data, logs, other communication data, and the resources that you access and use on the Platform;
information about your computer and internet connection, including your operating system, and browser type; and
device identifiers, including your IP address and mobile device ID.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies): A cookie is a small file placed on the hard drive of your computer. We use session cookies to keep track of your login information. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Platform. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you use the Platform.
Pixel Tags / Web Beacons: Webpages on our Platform and our emails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email. We may also use these web beacons for other related Platform statistics (e.g., recording the popularity of certain content and verifying system and server integrity).
Tracking URLs: These are links that allow Envoy to determine the effectiveness of a particular part of the Platform. For instance, emails from a marketing campaign may include tracking URLs to help Envoy see how popular the page is. This helps us serve more relevant content and information.

WHEN AND HOW WE SHARE YOUR INFORMATION

Sharing Information

We may disclose deidentified and aggregated information about our users without restriction. This information cannot be used to personally identify our users. We do not disclose your information that can personally identify you except in the circumstances described here:

Law Firm and Authorized Representatives: We may share or disclose your information to enable the provision of the Support Services. Specifically, we will share your information with your Employer’s Law Firm and Authorized Representatives in connection with processing of Matters on behalf of your Employer.
Service Providers: We may share or disclose your information with Service Providers in order to provide or maintain the Platform and as part of Envoy’s provision of the Support Services.
Business Transfers: In the event that Envoy is involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, your information held by us may be among the assets transferred.
Comply with Law and Prevent Harm: Notwithstanding anything to the contrary in this Privacy Policy, we may disclose or share your information in order to comply with any court order, law, or legal process, including to respond to any government, public authority or regulatory request, or if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Envoy, our customers, or others. This includes exchanging information with other companies and organizations via our service providers for the purposes of fraud protection and credit risk reduction. In certain situations, we may be required to disclose your information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Enforcement: We may disclose your information in order to enforce or apply our Terms and other agreements, including for billing and collection purposes.

YOUR CHOICES ABOUT YOUR INFORMATION

We strive to provide you with choices regarding the information you provide to us. You can exercise control over your information in the following ways:

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Platform may then be inaccessible or not function properly.
Email Newsletters from Envoy. If you do not wish to have your contact information used by Envoy to notify you of updates and educational opportunities related to immigration matters or to promote our own or third parties’ products or services, you can opt-out by unsubscribing to such emails.
We will not share your information with third parties for a purpose that is materially different from the purposes disclosed in this Policy without your consent.

Accessing and Correcting Your Information

If you are a registered user of our Support Services, you can review and change your Personal Information by logging into the Platform and visiting your account’s My Login page.

Depending on your jurisdiction of residence, you may have additional rights, such as the right to access, delete, and correct your information. If you are an individual employee or candidate, please contact your Employer, prospective Employer, Law Firm or Authorized Representative to exercise these rights. If you are a Law Firm, Authorized Representative or an Employer you may also contact your account manager or send us an email at [email protected] to request access to, correct or delete any personal data that we process on your behalf.

Please note that if you delete some or all of your information, we may not be able to provide the Support Services and your Employer’s Law Firm and Authorized Representatives may not be able to process the relevant Matters. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

California Shine the Light Disclosure

California Civil Code Section § 1798.83 permits users of our Platform that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purpose. We do not share your Personal Information with third parties for their own direct marketing purposes.

HOW WE PROTECT YOUR INFORMATION

Data Security

INTERNATIONAL DATA TRANSFERS

Envoy has certified certain of our services, for which we act as a data processor, under the EU-U.S. Privacy Shield Framework (the “Privacy Shield”). On July 16, 2020, Europe’s highest court, the CJEU, invalidated the EU-US Privacy Shield with respect to transfers of data between the European Economic Area (“EEA”) and the United States. Envoy is taking steps to comply with the CJEU decision, including by entering into Standard Contractual Clauses with its customers and subprocessors upon request. Additionally, Envoy will continue to protect EEA, UK, and Swiss data in compliance with the Privacy Shield Principles, as described herein.

Envoy complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries transferred to the United States pursuant to Privacy Shield. Envoy has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is a conflict between the protections that Privacy Shield provides to individuals and the rest of this privacy policy, then the extra protections provided by Privacy Shield will govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Pursuant to the Privacy Shield Frameworks, EU individuals have the right to obtain our confirmation of whether we maintain Personal Information relating to you in the United States. You also have the right to access, correct, amend, or delete the data we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.

Envoy’s accountability for personal data that it receives from EU data subjects under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Envoy remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless Envoy proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Envoy commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. As such, Envoy is subject to the investigatory and enforcement powers of the FTC. European Union individuals with Privacy Shield inquiries or complaints should first contact Envoy by email at [email protected].

Envoy has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your complaint involves human resources data transferred to the United States from the EU in the context of the employment relationship, and Envoy does not address it satisfactorily, Envoy commits to cooperate with the panel established by the EU data protection authorities (“DPA Panel”), as applicable and to comply with the advice given by the DPA Panel, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.

Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

CHANGES TO OUR PRIVACY POLICY

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our users’ information, as determined in our sole discretion, we will notify you by email to the email address specified in your registered account and/or through a notice on the Platform.

Contact Information

4852-6297-4192, v. 9