Skip to content
  1. Home
  2. Privacy Policy

Privacy Policy

Last Update: 11/26/2024

ENVOY GLOBAL PRIVACY POLICY

Envoy Global, Inc., together with its affiliates and subsidiaries including Envoy International Holdings, Inc. (collectively, “Envoy”, “we” or “us”), are committed to protecting the privacy of all users of our website and services, which may include employees or potential employees of our business customers, other individual clients of our associated U.S. Law Firms and Local Representatives, and the dependents and family members of such individuals (“you”).

Please review this policy to understand how we handle your information. If you do not agree to this Privacy Policy, please do not use the website, Platform or the Support Services.

Please take a moment to understand the different ways Envoy works with customers and others involved in the immigration process:

  • Envoy Global, Inc. provides the Platform, an online tool that facilitates management of Matters involving immigration.
  • The actual immigration petition or application process is managed by one of the following, not by Envoy Global, Inc.:
    • A U.S. Law Firm, for U.S. Matters (i.e., involves petitions and applications for nonimmigrant and immigrant visas, permanent residence, and citizenship status and related ancillary services into the U.S.); or
    • Envoy International Holdings, Inc., for Global Matters (i.e., involves immigration to a non-U.S. country).
  • For Global Matters, Envoy International Holdings, Inc. will handle the application process internally or retain the services of a Local Representative from a network of global immigration providers and representatives. Some Local Representatives are affiliates or subsidiaries of Envoy, and others are not.
  • In some cases, our customer is an Employer who uses Envoy services for a Matter involving an actual or prospective member of its workforce, i.e., a Business Petitioner Beneficiary.
  • In other cases, our customer is an individual who uses Envoy services for their own Matter, i.e., an Individual Applicant.
  • The U.S. Law Firms and Envoy International Holdings, Inc. use the Platform to manage the Matters.
  • Although Envoy Global, Inc. may offer administrative, clerical or technical assistance to U.S. Law Firms, Envoy International Holdings, Inc., Employers, Business Petitioner Beneficiaries, and Individual Applicants, Envoy Global, Inc. does not manage the Matters.
  • Envoy Global, Inc. also handles billing for the U.S. Law Firms and Envoy International Holdings, Inc.

This Privacy Policy contains the following sections:

  1.  DEFINITIONS
  2.  APPLICABILITY
  3.  ENVOY AS A DATA CONTROLLER AND DATA PROCESSOR
  4.  INFORMATION WE COLLECT AND HOW WE USE IT
    1.  Information Processed For Matters
    2.  Other Information You Provide Us
    3.  Information Collected Through Automated Means
  5.  WHEN AND HOW WE DISCLOSE YOUR INFORMATION
  6.  LEGAL BASES FOR PROCESSING PERSONAL DATA
  7.  YOUR RIGHTS AND CHOICES
    1.  Cookies and Communications
    2.  Access, Deletion, and other Personal Data Rights
    3.  State-Specific Disclosures
      1.  California
  8.  HOW WE PROTECT YOUR INFORMATION
  9.  DATA RETENTION
  10.  INTERNATIONAL DATA TRANSFERS
  11.  CHANGES TO OUR PRIVACY POLICY
  12.  CONTACT INFORMATION

1. Definitions

Billing Data” is Personal Data relating to billing and payment through Envoy Global, Inc. for its own services and services provided by others, such as the U.S. Law Firms and Envoy International Holdings, Inc.

“Business Petitioner Beneficiaries” are actual or potential members of the workforce of a business customer of Envoy (i.e., the Employer) which has engaged Envoy in in connection with a Matter.

“Controller” refers to the entity that has certain legal rights to determine the purposes for which Personal Data will be processed and the means by which that processing will happen. As used in this Privacy Policy, the term also includes entities considered to be “Businesses” under the California Consumer Privacy Act (“CCPA”), as may be amended from time to time.

“Device and Usage Information” is information about your device, internet connection, the equipment that you use to access our website and Platform, and how you use our website Platform, such as (a) details of your visits, including traffic data, location data, logs, other communication data, and the Platform that you access and use on the resources; (b) information about your computer and internet connection, including your operating system, and browser type; and (c) device identifiers, including your IP address and mobile device ID.

Employer” means Envoy’s customer that uses the Platform to manage its Matters for one or more of its Business Petitioner Beneficiaries.

Global Services” refers to immigration filing and processing services with respect to non-US immigration (e.g., immigration to a country in Europe).

“Individual Applicants” are individuals who engage Envoy in connection with their own Matter, such as family members of a Business Petitioner Beneficiary, dependents, and other individuals seeking an individual immigration application.

“Local Representatives” refer to Envoy International Holdings, Inc. personnel and its network of global immigration providers or local representatives, which manage and perform Global Services.

Matter Data” is Personal Data relating specifically to your Matter, such as the Personal Data you provide for possible inclusion in an immigration application, the actual application, supporting documentation such as an identity card, and correspondence about you that is received from the relevant governmental authority.  The term includes any Privileged Information.

Matters” refers to matters initiated through the Platform (a) for business immigration petitions and visa applications for nonimmigrant and immigrant visas, permanent residence, and citizenship status to the U.S. Citizenship and Immigration Services managed by a U.S. Law Firm (a “U.S. Matter”) or (b) Global Services managed and performed by Local Representatives (a “Global Matter”).

Personal Data” means any information that relates to an identified or identifiable individual.

“Platform” means, collectively, the technology platform used by our customers to manage their Matters, accessible through www.envoyglobal.com, app.envoyglobal.com, Envoy’s mobile applications and related technology and tools.

“Platform Data” is Personal Data collected by Envoy to administer the Platform and technical support for the Platform, such as login credentials and technical support inquiries.

Privileged Information” means the legal materials, documents, correspondence, and other kinds of information stored on the Platform associated with your Matter that are eligible for attorney-client privilege or equivalent protection in the context of your relationship with a U.S. Law Firm or Local Representative.

“Processor” refers to an entity that processes Personal Data solely on behalf of its customer, and not for its own business or legal compliance purposes. As used in this Privacy Policy, the term also includes entities considered to be “Service Providers” under the CCPA.

“U.S. Law Firm” refers to an independent law firm, and its related attorneys and support staff, that has been trained to use the Platform and agreed to use the Platform as the client technology solution to provide you or your Employer with U.S. Legal Services. The U.S. Law Firms may include Corporate Immigration Partners, P.C., its respective successors and assigns or another law firm who has agreed to provide U.S. Legal Services to Envoy customers and that has been selected by you or your Employer to be its counsel.

“U.S. Legal Services” refer to the legal services performed by U.S. Law Firms in conjunction with their preparation and submission of visa applications for nonimmigrant and immigrant visas, permanent residence, and citizenship status to the U.S. Citizenship and Immigration Services and other governmental agencies regulating foreign persons entering the United States and related ancillary services of the U.S. Law Firm.

2. Applicability

This Privacy Policy applies to any information you provide to Envoy, that we collect through our website and Platform, or that we otherwise handle in connection with a Matter or the promotion or operation of our business. This Privacy Policy covers only Envoy’s handling of the data.  U.S. Law Firms, Local Representatives who are not subsidiaries or affiliates of Envoy, your Employer, and the governments involved in your Matters are not within the scope of this Privacy Policy.

3. Envoy as a Data Controller and Data Processor

Data protection laws in certain jurisdictions make a distinction between Controllers and Processors. Different Envoy entities may act as either a Controller or a Processor of your Personal Data, depending on the circumstances, as follows:

For Business Petitioner Beneficiaries:

  • Envoy Global, Inc. acts as a Controller of Platform Data and a Processor with respect to storing Matter Data for your Employer and making it available on their behalf, as applicable, to the relevant U.S. Law Firm, Envoy International Holdings, Inc., or other Local Representatives, such as Envoy Global UK Ltd. (“Envoy UK”) and Envoy Global Immigration Pte. Ltd. (“Envoy Singapore”). It also acts a Processor to U.S. Law Firms and Local Representatives with respect to Personal Data in records they ask it to store in order to comply with their professional and ethical record retention obligations.
  • Envoy International Holdings, Inc. acts as a Controller with respect to your Matter Data for Global Matters it manages, as do other Local Representatives it uses for those Global Matters, such as Envoy UK and Envoy Singapore.
  • U.S. Law Firms act as a Controller with respect to your Matter Data for U.S. Matters they manage.
  • Your Employer acts as a Controller with respect to your Matter Data and your Platform Data.
  • Any entity that creates or collects Billing Data also acts as a Controller with respect to Billing Data.

For Individual Applicants:

  • Envoy Global, Inc. acts as a Controller of your Platform Data and a Processor with respect to storing your Matter Data for you and making it available on your behalf, as applicable, to the relevant U.S. Law Firm, Envoy International Holdings, Inc., or other Local Representatives, such as Envoy UK and Envoy Singapore. It also acts a Processor to U.S. Law Firms and Local Representatives with respect to Personal Data in records they ask us to store in order to comply with their professional and ethical record retention obligations.
  • Envoy International Holdings, Inc. acts as a Controller with respect to Matter Data for Global Matters it manages, as do other Local Representatives it uses for those Global Matters, such as Envoy UK and Envoy Singapore.
  • U.S. Law Firms act as a Controller with respect to Matter Data for U.S. Matters they manage.
  • Any entity that creates or collects Billing Data also acts as a Controller with respect to Billing Data.

Envoy Global, Inc. also acts as a Controller of Personal Data it receives about prospective users of its services, and Personal Data about individuals who sign up to receive marketing emails.

4. Information We Collect and How We Use It

4.1.  Information Processed For Matters

While the exact Personal Data we handle in connection with particular Matters can vary widely depending on the country and on the life history of the applicants, we generally handle the following Personal Data in connection with Matters:

  • Nationality
  • Title/Position/Department
  • Business contact details (e.g., address, telephone, mobile, and email)
  • Dates of employment or prospective employment
  • Accreditations
  • Personal contact details (e.g., home address, home telephone number and personal mobile number)
  • Date of birth
  • Language preference
  • Education and qualifications
  • Family member information
  • Device information and other technical information relevant to information technology management
  • Login information for the Platform
  • Government Identification or Social Security number, Driver’s license number, state identification card number, passport number, alien registration number, taxpayer identification number, date of birth, mother’s maiden name, digital or electronic signature, or picture.
  • Application forms
  • Correspondence with government authorities
  • Billing Data, such as invoices and payment card data

The Controller managing your Matter can inform you what Personal Data is legally required or desirable for your particular Matter. Failure to provide legally required Personal Data will typically prevent the Controller from being able to successfully process your Matter.

While managing Global Matters, Envoy International Holdings, Inc. and other Local Representatives in the Envoy group may receive Personal Data from Employers, other Local Representatives, governmental authorities, and publicly available sources, such as applicants’ LinkedIn profiles.  In connection with U.S. Legal Matters, Envoy Global, Inc. and the U.S. Law Firms may receive Personal Data from similar sources.

Where Envoy Global, Inc. acts as a Processor, it uses the Personal Data solely pursuant to the instructions of the person or entity for which it acts as a Processor unless other processing is legally required.

Where Envoy is a Controller, it uses the information:

  • To facilitate your Matter and otherwise provide and improve our services;
  • To identify and protect against fraud and other harms; and
  • To comply with law and otherwise address legal matters.

Where appropriate, Envoy may also use limited Personal Data for marketing purposes.

However, we do not use or disclose any Privileged Information except (i) solely as directed by you, the relevant U.S. Law Firm or Local Representative, or as otherwise legally required or (ii) to disclose the information as described in the “Service Providers” and “Business Transfers” portions of Section 5 of this Privacy Policy.

4.2. Other Information You Provide Us

We collect contact information for representatives of our customers in connection with our business relationship, such as name, email address, company address and phone number. To receive communications from Envoy such as our Email Newsletter, you may also voluntarily provide Envoy with certain information including your name, email, company name, job title, and phone number.

4.3. Information Collected Through Automated Means

When you navigate through and interact with our website or Platform, we or our third-party partners may collect Device and Usage Information depending on your location and the preferences you have expressed with respect to our use of tracking technologies. This information allows us to optimize our services, analyze your usage of the services, and serve you advertisements for our services on other platforms.

The technologies we use for this data collection may include:

  • Cookies (or browser cookies): A cookie is a small file placed on your computer or other device. For example, we use session cookies to keep track of your login information. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Platform. Unless you have adjusted your browser setting so that it will refuse cookies, or if you live in a jurisdiction such as the European Union that requires your consent to place cookies on your browser, our system will issue cookies when you use the Platform.
  • Pixel Tags / Web Beacons: Our website and emails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email. We may also use these web beacons for other related website statistics (e.g., recording the popularity of certain content and verifying system and server integrity).
  • Tracking URLs: These are links that allow Envoy to determine the effectiveness of a particular part of our website and Platform. For instance, emails from a marketing campaign may include tracking URLs to help Envoy see how popular the page is. This helps us serve more relevant content and information.

5. When and How We Disclose Your Information

We may disclose Personal Data as follows:

  • Third parties involved in your Matter: We may disclose your Personal Data to, as applicable, a U.S. Law Firm, Local Representatives, your Employer, immigration authorities and other governmental entities, translation providers, education evaluation providers, and others that we or they involve to assist in processing your Matter.
  • Service Providers: We may disclose your information to vendors we use to provide or maintain the Platform or other aspects of our services, such as hosting providers and payment processors.
  • Business Transfers: In the event that Envoy is involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, your information held by us may be among the assets transferred.
  • Comply with Law and Prevent Harm: Notwithstanding anything to the contrary in this Privacy Policy, we may disclose your information in order to comply with any court order, law, or legal process, including to respond to any government, public authority or regulatory request, or if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Envoy, our customers, or others. This includes exchanging information with other companies and organizations via our service providers for the purposes of fraud protection and credit risk reduction. In certain situations, we may be required to disclose your information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  • Enforcement: We may disclose your information in order to enforce or apply our Terms and other agreements, including for billing and collection purposes.
  • Interest-Based Advertising: Depending on your location and the preferences you have expressed with respect to our use of tracking technologies, we may disclose or make available data, such as hashed email derived from emails or other online identifiers, to our advertising partners. This allows our partners to recognize and deliver ads that are relevant to you across devices and browsers.

We may disclose de-identified and aggregated information (which is information that cannot be used to personally identify you) about our users without restriction.

6. Legal Bases for Processing Personal Data

Where an Envoy entity acts as a Controller, the laws in some jurisdictions require us to tell you about the legal grounds we rely on to use or disclose your Personal Data. To the extent those laws apply, our legal grounds for processing Personal Data are as follows:

  • Consent: Where required by law, and in some other cases, we handle Personal Data on the basis of consent. For example, we send newsletters to individuals on the basis of opt-in consent. We process certain sensitive Personal Data for Matters on the basis of explicit consent.
  • Performance of our contract with you:  We process most Individual Applicant Personal Data, including all Matter Data, to perform our contract with you.
  • Legitimate interests: In many cases, we handle Personal Data on the ground that it furthers our legitimate interests in commercial activities, such as the following, in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals: Platform support; protecting the Platform and the rights and safety of our users, customers, and employees; analyzing and improving our business and services; and managing legal issues.
  • Legal compliance: We need to use and disclose Personal Data in certain ways to comply with our legal obligations.

7. Your Rights and Choices

7.1.  Cookies and Communications

We strive to provide you with choices regarding the information you provide to us. You can exercise control over your information in the following ways:

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies entirely, please note that some parts of the Platform may then be inaccessible or not function properly, which may affect your ability to interact with your Law Firm or to receive the use or benefit of Envoy’s Support Services. Where required by applicable law, such as in the European Union, we seek your consent prior to placing cookies on your browser. If you are a resident of California, we do not place cookies on your browser for cross-context behavioral advertising purposes (within the meaning of California law) without your consent. If you are a resident of these jurisdictions, you can manage your cookie preferences by clicking “Manage Cookie Preferences” in the footer of our site.
  • Email Newsletters from Envoy. If you do not wish to have your contact information used by Envoy to notify you of updates and educational opportunities related to immigration matters or to promote our own or third parties’ products or services, you can opt-out by unsubscribing to such emails.

7.2. Access, Deletion, and other Personal Data Rights

If you are a registered user of our Platform, you can review and in some cases change certain Personal Information Envoy holds by logging into the Platform and visiting your account’s My Login page.

Depending on your jurisdiction of residence and the location of the Envoy entity involved, you may have additional rights, such as the right to access, delete, and correct your Personal Data, to revoke your consent to processing of Personal Data (without affecting the lawfulness of prior processing), or to object to the processing of Personal Data.

  • To exercise these rights with respect to Personal Data for which the relevant Controller is your Employer, a U.S. Law Firm, or a Local Representative handling your Matter (other than Envoy International Holdings, Inc.), please contact them directly for the fastest response. We cannot independently act on requests related to such data, but we can assist you in contacting them.
  • If you wish to exercise these rights with respect to the information for which an Envoy entity is a Controller, you may email us at privacy@envoyglobal.com with your request.

Please note that we require certain information to be able to provide the Support Services, and the U.S. Law Firms and Local Representatives may not be able to process your Matter without certain information. Additionally, any of the rights described above are subject to significant limitations and exceptions under applicable law.  Every individual also has a right to lodge a complaint with the relevant supervisory authority in connection with the processing of Personal Data.

7.3.  State-Specific Disclosures

7.3.1.   California

If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”), as may be amended from time to time). This section applies only to personal information for which Envoy acts as a controller or “business,” as set forth in Section 3 above; it does not apply to personal information for which we act as a processor or “service provider” on behalf of another entity. This information supplements the information in the rest of our Privacy Policy.

Categories of information collected. Throughout this Policy, we discuss in detail the specific pieces of personal information we collect. Under the CCPA, we are also required to provide you with the “categories” of personal information we collect. The categories we collect are: identifiers (such as name, address, email address and other contact information); internet or other network or device activity, such as Device and Usage Information; geolocation information, professional or employment related data (such as title); information which is considered “sensitive personal information” under California law, including username and password, characteristics of protected classifications, and professional- and employment-related information; as well as other information that identifies or can be reasonably associated with you, and inferences drawn from any of the above.

Use and disclosure of information. In the twelve months leading up to the effective date of this Privacy Policy, Envoy used the personal information as follows:

  • To respond to questions, concerns, or customer service inquiries, and to otherwise fulfill individuals’ requests;
  • To send information about our current and future services;
  • To analyze and improve our website;
  • To enforce the legal terms that govern our business and online properties;
  • With your affirmative consent, to serve you relevant advertisements for our services across online platforms;
  • To comply with law and legal process and protect rights, safety and property;
  • For other purposes requested or permitted by you or by others acting on your behalf as part of your requested services, such as your Employer or Law Firm; and
  • To recruit and hire employees, including to evaluate employment applications.

We may disclose certain information listed in “use and disclosure” above to the entities and for the purposes set forth in Section 5 of this Privacy Policy. Please note that we do not use “sensitive personal information” that we collect (which is limited to usernames and passwords) in ways that are restricted by the CCPA.

“Sale” or “Sharing” of information.  California law grants residents the right to opt out of the “sale” of their personal information or “sharing” of personal information for cross-context behavioral advertising purposes. Envoy makes personal information available to non-service provider third parties only when individuals have affirmatively agreed to such disclosure (for example, where we submit an immigration application to a government on behalf of the applicant, or where a site visitor has opted in to our use of advertising cookies) or where the disclosure of personal information is otherwise exempt from the CCPA (such as disclosing information to secure the Services). As such, we do not “sell” or “share” personal information within the meaning of California law.

California Privacy Rights. If you are a California resident, California law may provide you with the following rights, subject to certain exceptions:

  • Right to Know. You have the right to be informed of the categories of personal information we have collected about you in the last twelve months, the categories of sources of such information; the categories of information that we disclosed about you for a business purpose; the business or commercial purpose for collecting your personal information, and the categories of third parties to whom we have disclosed your personal information for a business purpose. Please note this policy is intended to satisfy this right.
  • Right to Access. You have the right to access and/or receive a copy of specific pieces of personal information we have about you.
  • Right to Delete. You have the right to request that we delete personal information we have collected from you.
  • Right to Correct. You have the right to correct inaccurate personal information we have about you.

Moreover, if you opted into allowing third-party cookies and non-cookie technologies or shared your email with us, please visit Section 7.1 of this Privacy Policy to learn how you can exercise control over this information.

Certain information is exempt from such requests under applicable law.  You also may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right not to be discriminated against for exercising CCPA rights. We will take steps to verify your identity before responding to your request, which may include requesting that you respond to an email that we send to you, or otherwise verifying your name, email address or other information that will help us to confirm your identity.

If you are an agent making a request on behalf of a consumer, you must verify that you are authorized to make that request, which may include requiring you to provide us with written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney.  We also may require the consumer to verify their identity directly with us.

California Shine the Light Disclosure. California Civil Code Section § 1798.83 permits users of our Platform that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purpose. We do not disclose your personal information to third parties for their own direct marketing purposes.

8. How We Protect Your Information

We have implemented measures designed to secure information we process from accidental loss and from unauthorized access, use, alteration, and disclosure. Additional details about the specific technologies used to secure information are available upon request by sending an email to privacy@envoyglobal.com.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to disclose your password to anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your information, we cannot guarantee the security of any information transmitted to our Platform.

We operate the Platform and manage the provision of the Support Services from the United States. If you are located outside of the United States, please be aware that information we collect will be transferred to and processed in the United States. By using the Platform, or providing us with any information, you fully understand and unambiguously consent to this transfer, processing and storage of your information in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen.

9. Data Retention

We hold Personal Data for as long as necessary to fulfill the purposes set forth in this Privacy Policy and/or, where we act as a Processor, as required by our contracts with the relevant Controller, and also as required by applicable law. Information may persist in copies made for backup and business continuity purposes for additional time. Some Local Representatives in the Envoy group are legally required to retain copies of immigration application files for time periods that vary by jurisdiction and Matter type.

10. International Data Transfers

We are headquartered in the United States, and recipients of the data disclosures described in this Privacy Policy are located in the United States and elsewhere in the world, including where privacy laws may not provide as much protection as those of your country of residence.

Envoy Global, Inc. receives transfers of personal data in Matter Data from certain enterprise customers (1) under the DPF, which is described below, (2) under Standard Contractual Clauses, or (3) through one or more derogations under GDPR Article 49 or its equivalent in UK or Swiss law, depending on the situation and our contract with our customer.

Envoy Global, Inc. commits to comply with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework (collectively, the “DPF”) with respect to the personal data in Matter Data that Envoy Global, Inc. receives as a “processor” from or on behalf of Envoy’s organizational customers in reliance on the DPF.

In more detail:

  • Envoy Global, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, i.e., personal data within the scope of that certification that we receive from enterprise customers in reliance on that certification.
  • Envoy Global, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF, i.e., personal data within the scope of that certification that we receive from enterprise customers in reliance on that certification.

As such, Envoy Global, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

For data Envoy Global, Inc. receives under our DPF certification, if there is any conflict between the terms in this Privacy Policy and the relevant DPF Principles, the relevant DPF Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Pursuant to the DPF, individuals whose personal data is transferred to Envoy Global, Inc. under the DPF have the right to obtain its confirmation of whether it maintains personal data relating to them in the United States. They also have the right to access, correct, amend, or delete the data it holds about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the DPF should direct their query to privacy@envoyglobal.com. Because Envoy Global, Inc. handles such information as a processor on behalf of our business customers, we typically will need to forward the request to that customer and follow their instructions or refer the individual to that customer.

The DPF Choice Principle requires participating companies to:

  • Provide a covered individual with an opportunity to choose (opt out) whether their DPF-covered personal data is (i) to be disclosed to a non-agent third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual; and
  • For personal data defined by the DPF as sensitive information (i.e., personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual), obtain the individual’s affirmative express consent (opt in) if such information is to be used for a purpose other than those for which it was originally collected or subsequently authorized by the individual through the exercise of opt-in choice.

Envoy Global, Inc. processes DPF-covered personal data as its customer’s “processor” pursuant to UK, EU, EEA, and Swiss law, which have similar obligations.  Accordingly, Envoy Global, Inc. complies with these DPF obligations by complying with its legal obligation to use and disclose such data only as instructed by its customer, who under applicable UK/EU/EEA/Swiss law is the party responsible for offering applicable opt-out and opt-in choices.

You can exercise these choices by contacting us at privacy@envoyglobal.com and through any additional method we specify in the context of your situation.  For example, certain opt-in choices will be available to you in our platform during onboarding for your particular customer-sponsored immigration matter.  Where appropriate, we will forward your request to the relevant customer for instructions regarding how to handle it, but you also may contact them directly.  You also can make certain choices by following the instructions in Section 7.1 and 7.2 of this Privacy Policy.

Envoy Global, Inc.’s accountability for personal data that it receives from such data subjects under the DPF and subsequently transfers to a third party is described in the DPF Principles. In particular, Envoy Global, Inc. remains responsible and liable under the DPF Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the DPF Principles, unless Envoy Global, Inc. proves that it is not responsible for the event giving rise to the damage.

In compliance with the DPF Principles, Envoy Global, Inc. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to DPF. Individuals with DPF inquiries or complaints should first contact Envoy Global, Inc. by email at privacy@envoyglobal.com.  If we do not respond to your DPF complaint within 45 days or resolve your DPF complaint to your satisfaction, Envoy Global, Inc. has further committed to cooperate with one of two different independent dispute resolution mechanisms for resolution of your DPF complaint (depending on the context), both of which are provided free of charge to you:

  • For DPF complaints not in the context of the employment relationship: Envoy Global, Inc. will cooperate with the dispute resolution mechanism operated by BBB National Programs. You can visit  https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint.
  • For DPF complaints in in the context of the employment relationship: In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Envoy Global, Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (“DPAs”), the UK Information Commissioner’s Office (“ICO”) and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF or the Swiss-U.S. DPF in the context of the employment relationship.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See EU-U.S. DPF Annex 1 at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf and the Swiss-U.S. DPF Annex 1 at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-sw-dpf.

11. Changes To Our Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat information for which we are a Controller, as determined in our sole discretion, we will notify you by email to the email address specified in your registered account and/or through a notice on the Platform.

The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you (where you are a registered user of our Platform), and for periodically visiting the Platform and this Privacy Policy to check for any changes.

12. Contact Information

To ask questions or concerns about this Privacy Policy and our privacy practices or if you would like to make a complaint, please contact our Chief Privacy Officer at privacy@envoyglobal.com.