Privacy Policy 

Intertek’s Website and Application are operated by Intertek France, a company located at Rue de la Fosse MORET, 27400 HEUDEBOUVILLE, France, registered under SIREN 302 607 486, and by its affiliated companies. 

The data collected by Intertek are intended for the Audit Department of Intertek France as well as its subcontractors and partners. 

In this Privacy Policy, the term “Intertek” refers to Intertek France and its affiliates, as the entity responsible for the processing of your personal data unless otherwise specified in this Privacy Policy, which generally is the entity that obtains your personal data. 

Personal data is information relating to an identified or identifiable natural person. 

A natural person is deemed to be identified or identifiable, either directly or indirectly, in particular by reference to an identifier, such as a name (surname, first name), identification number (telephone number), location data (GPS data, address), an online identifier (pseudonym, IP address), or to several specific elements specific to his or her physical, physiological, genetic, psychic, economic (banking information, income), cultural (way of life, religion) or social identity (information on family situation). 

The definition of personal data is very broad and covers many data. 

If you want to interact with Intertek via https://sharedaudits-public.intertek-iris.com/, or SHARED AUDITS SYSTEM https://sharedaudits.intertek-iris.com/, personal data will be collected about you in order to process your request and/or send you the desired information.  

Intertek processes the personal data you’ve directly provided for one of the following reasons: 

• you have answered a contact or application form on our website, 
• you have sent a solicitation by email or through professional social networks, 
• you have communicated your contact information during professional meetings or events, 
• you have visited this website, 
• you have subscribed to the newsletter of the Audit activity, 
• you are a partner of Intertek France, 
• you have a subscription to the Application, 
• you have applied to become a member of the Intertek auditor network 
  • you have sent your curriculum vitae, 
  • you have submitted documents using the “Other file” section of the application form that will allow Intertek to assess your professional expertise, in particular your list of audits and your professional training certificates. 

However, Intertek would like to draw your attention to the principle of minimization and asks you to provide only the data that you consider necessary for the processing of your application/request. 

The processing of your data will serve to respond to your requests. 

All along your application as a freelance auditor candidate, Intertek may collect the following information: 

• Your detailed professional background; 
• your training courses; 
• recommendations about you from your professional network; 
• other information related to your application that you can provide during the different phases of the recruitment process. 

Intertek encourages you to notify Intertek of any significant changes to the data you provided in your application. 

Auditor candidate:
Intertek may collect data about you from third parties, including from someone who provides us with your contact information in purpose of a partnership proposal that they believe may be interesting to you.
Intertek may also collect data about you from people whose you voluntarily provide us contact information during an interview in purpose to collect professional references.

Other users :
Intertek may receive personal data about you indirectly when you are referred to us by third parties or partners.
If you provide Intertek with personal data about someone else, you must ensure that you have the concerned person’s agreement to disclose such data to that person and that, without further action by Intertek as required by data protection law, Intertek may collect, use and disclose such data for the purposes described in this Privacy Policy. For example, you should ensure that the data subject is aware about this Privacy Policy.

Intertek processes your personal information on one or more of the following legal bases: 

• the processing is necessary for the execution of measures prior to the conclusion of a contract or the performance of a contract, with you or a relevant party; 
• the processing constitutes a legitimate interest of Intertek to constitute and maintain a pool of auditor or freelance consultant candidates; 
• the processing constitutes a legitimate interest of Intertek to establish and maintain a database of clients and auditees; 
• you have consented to the processing of your personal data (you can withdraw your consent at any time) 

Customers, Prospects, Auditees, Auditors and Partners, Visitors :

Intertek uses the data it has collected for the following purposes: 

• respond to your requests for information and contact on its site or application, keep you informed about the status of your requests/orders/partnerships based on its legitimate interest in communicating with its visitors, prospects, customers, auditors and partners,  
• to carry out commercial prospecting operations based on its legitimate interest in promoting its activity to a professional public, 
• provide and perform the services as described in its General Terms and Conditions (GTC) and, where applicable, based on contracts, 
• to improve and ensure the security of its site based on its legitimate interest in protecting its website from possible computer attacks, 
•  to send you our newsletter informing you of upcoming audits and audits performed on the basis of your consent. 

Candidate auditors:

Intertek uses the information it has collected for the following purposes: 

• respond to your application to become a freelance auditor partner on a pre-contractual basis, 
• assess your skills, qualifications, and suitability for the partnership to which you are applying, 
• reference checks as needed, 
• communicate with you about the recruitment process, 
• create and maintain our pool of auditors or freelance consultants; 
• forward your applications to other Intertek Group companies; 
• answer your questions, requests and suggestions; 
• defend its interests in court if necessary. 

Clients, Auditees, Auditors, and partners: 
Intertek retains your personal information for the duration of the contractual relationship plus five years for legal prescription reasons.

Prospects: 
Intertek retains your data, unless you object, for the purpose of prospecting, for three years from the last contact from you.

Freelance auditor candidates: 
Your personal data will be stored for 2 years from the last time you applied for a job with Intertek.
You may request that Intertek delete your data before these time limits expire. To do so, please contact Intertek using the contact information below (see “How to contact Intertek”).

All your personal data is strictly confidential and will only be accessed on a need-to-know basis by Intertek staff, other duly authorized Intertek group entities, customers, and audited sites, as well as by independent service providers acting on its behalf under appropriate technical and organizational security measures. 

The Intertek Group has security measures in place to protect your personal data from unauthorized access and use. Intertek follows appropriate security procedures in the storage and disclosure of your personal data to prevent unauthorized access by third parties and to prevent accidental loss of your data. Intertek limits access to your personal data to those who need to access it for business purposes. Persons who access your data will be subject to a duty of confidentiality towards Intertek. 

Intertek also has procedures in place to address any suspected data breach. Intertek will notify you and any relevant supervisory authority of a suspected data breach where required to do so by law. 

Intertek also requires those to whom it transfers your personal data to comply with the above. 

Unfortunately, the transmission of information via the Internet is not completely secure. Therefore, Intertek cannot guarantee the security of your personal data transmitted to Intertek via the Internet. Such transmission is at your own risk and you acknowledge and agree that Intertek will not be responsible for any unauthorized use, distribution, damage or destruction of your data, except to the extent that Intertek is required by law to assume such responsibility. Once Intertek has received your personal data, it will apply the security measures mentioned above. 

We do not sell your personal information. We do not disclose your personal data to third parties except where permitted or/and requested for auditing contract purpose, or where required by law. 

Clients, Auditees, Prospects: 

Intertek may transfer your personal data to the parties named below and for the following purposes: 

• to the audited sites that are authorized to process it for the purposes mentioned above and that undertake to respect its confidentiality, 
• to clients who are authorized to process it for the purposes mentioned above and who undertake to respect its confidentiality, 
• auditors and partners in charge of the execution of the audit service, 
• other Intertek departments within the Intertek Plc group of companies responsible for performing its audit, internal audit and IT management services. 

Intertek’s customers and auditees, partner auditors, subsidiaries of the Intertek Plc group and third parties acting on behalf of the Intertek group are located throughout the world. As a result, personal data may be transferred outside the country where you are located. This includes transfers to countries outside the European Union (“EU”). 

Where Intertek transfers personal data outside the EU to a country that is not designated by the European Commission as providing an adequate level of protection for personal data, transfers will be made under a contract that covers the obligations imposed by the EU for the transfer of personal data outside the EU, including the standard contractual clauses approved by the European Commission, or under other appropriate safeguards. To obtain a description of the appropriate safeguards, you may send Intertek your request using the information in the “How to Contact Intertek” section below. 

Partner auditors: 

Intertek may transfer your personal data to the parties named below and for the following purposes: 

• to its customers and auditees who are authorized to process it for the purposes mentioned above and who undertake to respect its confidentiality, and who are not authorized to use your personal data for any other purpose. 
• other Intertek departments within the Intertek Plc group of companies responsible for performing its audit, internal audit and IT management services. 

Intertek’s customers and auditees, subsidiaries of the Intertek Plc group and third parties acting on behalf of the Intertek group are located throughout the world. As a result, personal data may be transferred outside the country where you are located. This includes transfers to countries outside the European Union (“EU”). 

Where Intertek transfers personal data outside the EU to a country that is not designated by the European Commission as providing an adequate level of protection for personal data, transfers will be made under a contract that covers the obligations imposed by the EU for the transfer of personal data outside the EU, including the standard contractual clauses approved by the European Commission, or under other appropriate safeguards. To obtain a description of the appropriate safeguards, you may send us your request using the data in the “How to contact Intertek” section below. 

Freelance auditor candidates: 

Intertek may transfer your personal data to the parties named below and for the following purposes: 

• Intertek employees who are authorized to process it for the purposes mentioned above and who agree to keep it confidential, 
• Other Intertek departments within the Intertek Plc group of companies that handle application review, human resources, internal audit and IT management. This may include processing your application in the Intertek group companies where the partnership is open. 

Intertek Plc group subsidiaries and third parties acting on behalf of the intertek group are located throughout the world. As a result, personal data may be transferred outside the country where you are located. This includes transfers to countries outside the European Union (“EU”). Where we transfer personal data outside the EU to a country that is not designated by the European Commission as providing an adequate level of protection for personal data, transfers will be made under an agreement that covers the obligations imposed by the EU for the transfer of personal data outside the EU, including the standard contractual clauses approved by the European Commission, or under other appropriate safeguards. To obtain a description of the appropriate safeguards, you may send your request using the data in the “How to contact Intertek” section below. 

Finally, Intertek may be required by mandatory provisions of applicable law or in connection with legal proceedings or other legal requests, to disclose your personal data to authorities or third parties. Intertek may also disclose or process your personal data in accordance with applicable law to defend its legitimate interests (e.g. in civil or criminal proceedings).  

We reserve the right to transfer to relevant third parties any information we have about you in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution or liquidation) or other business combination. In such case, we will require the relevant third parties to provide comparable levels of protection as Intertek and its affiliates provides with respect to the information we share. 

Under the Data Protection Regulation, you have rights regarding the processing of your personal data, including: 

Your right of access: 

You have the right to ask Intertek for access certain personal information we process about you and request details of that processing; 

Your right of rectification: 

You have the right to request that Intertek update, correct, amend your personal information that you believe to be inaccurate. You also have the right to ask Intertek to complete information that you believe to be incomplete. 

Your right to erasure: 

You have the right to request Intertek to delete your data under certain circumstances. 

Your right to limit processing: 

You have the right to ask Intertek to limit the processing of information about you in certain circumstances. 

Your right to object to processing: 

You have the right to object at any time to the processing of your personal data on legitimate grounds relating to your particular situation, and in certain circumstances.  

Your right to withdraw your consent: 

You have the right at any time to withdraw your consent you previously provided to us. To do this, you can directly send us a request to exercise your right or use the link at the bottom of each newsletter. 

Your right to data portability: 

You have the right to request that Intertek make available to you all of the information about you that you have provided to Intertek and transfer it to another organization, under certain circumstances. 

To exercise any of these rights, you may contact Intertek using the contact information below (see “How to contact Intertek” section). To facilitate the processing of your request, it is preferable to indicate which right you wish to exercise. 

To help protect your privacy and maintain security, we may take steps to verify your identity before processing your request (a proof of identity may be requested in case of doubt and only to reduce the risks of fraud or usurpation. This document will be deleted immediately after verification). 

You are not required to pay a fee to exercise your rights. If you make a request, Intertek will respond to complaints within thirty days of receipt. In certain circumstances, Intertek may take longer depending on the complexity of your request. 

If you believe, after having contacted Intertek, that your rights on your data are not respected, you can address a complaint to the CNIL on their website: https://www.cnil.fr/plaintes or by mail to the following address 

CNIL – Complaints Department 

3 Place de Fontenoy 

TSA 80715 

75334 PARIS CEDEX 07 

If you have any questions about exercising your rights, or if you have any questions or concerns about this Privacy Policy or data processing, you can contact our Data Protection Officer : 

– By mail, to the address: Intertek France, Service de la protection des données, Ecoparc 2, Allée de la Fosse Moret, 27400 Heudebouville  

– By mail to the Data Protection Officer: rgpd.france@intertek.com 

This Privacy Policy reflects Intertek’s current practices and may be changed and updated from time to time. When changes to this Privacy Policy are posted, Intertek will change the “Effective Date” at the top of this Privacy Policy to indicate when such changes became effective.