EcoVadis is committed to creating a reliable CSR rating system that is consistent over time and offers comparability so that suppliers can be benchmarked across the wide variety of sectors and countries.
EcoVadis has developed a quality management system (QMS) which is certified ISO 9001. We actively pursue ever-improving quality through a process management system that enables each employee to do their job right the first time and every time in a safe and stimulating work environment. It is supported by our tailor made and self-developed IT platform which guides employees through the whole process. We constantly put our efforts into continuously improving the processes by being advised by specialized bodies like our methodology committee.
EcoVadis is committed to provide the highest level of Information Security and to continuously improve in order to protect all stakeholders’ data in an evolving landscape of information security threats. For this reason, EcoVadis has established an Information Security management system (ISMS) which is certified ISO27001 and which enables us to systematically operate and maintain information security in our business processes and services and to determine and apply the necessary security measures based on our risk evaluation.
The ISMS and QMS build an integrated management system allowing us to ensure the availability, integrity, confidentiality and traceability of information.
EcoVadis believes that the GDPR is an important step to strengthen and harmonize data protection of EU citizens’ personal data. As a data controller Ecovadis is committed to comply with regulations and to put in place the best practices.
Ecovadis uses the ISO 27001 standard, for which we are certified, as a framework and integrates personal data protection aspects in its management system.
There is no certification available yet to demonstrate GDPR compliance, but we have implemented our data protection practices and confirmed our good practices by a third party audit.
For the data processing performed outside of the EU, we have in place contractual clauses with our entities and Ecovadis is currently registered for the EU-U.S. Privacy Shield.
We always carefully select our providers and we require their acceptance of data protection clauses to be able to work for us. We use the following major processors:
|Legal Entity||Address||Transfer to Non-EEA: Transfer Safeguard||Additional Security Information|
|ZenDesk||1019 Market Street,
San Francisco, CA 94103 USA
|Privacy Shield if transfer to U.S.||https://www.zendesk.com/
|SFDC||2 Henry Adams St,
San Francisco, CA 94103 USA
|Privacy Shield if transfer to U.S.||https://trust.salesforce.com/|
|Microsoft Azure||Microsoft Campus,
Redmond, WA 98052 USA
|Privacy Shield if transfer to U.S.||https://azure.microsoft.com/
|1600 Amphitheatre Parkway
Mountain View, CA 94043 USA
|Privacy Shield if transfer to U.S.
Data Processing Amendment to G Suite
|Selligent||20 Place des Vins de France,75012 Paris FRANCE||Privacy Shield if transfer to U.S.||https://www.selligent.com/general-data-protection-regulation|
Learn more in our statement of data privacy
EcoVadis is committed to be in compliance with all applicable laws and regulations applicable to an operator of general purpose online services, including US and French export law, in terms of its own operating locations for the services.
Taking into account overall business risks, Ecovadis products and services are not available for export, reexport, transfer and/or use in the following countries/regions (subject to change without notice):
Additionally, transactions with or related to certain destinations that pose an elevated export control or sanctions risk are subject to enhanced due diligence requirements.
EcoVadis products and services are not available to entities and individuals with whom transactions are prohibited under applicable export control and sanctions laws, including those listed on any applicable sanctioned party lists (e.g., European Union Sanctions List, U.S. Specially Designated National (SDN) lists, OFAC, United Nations Security Council Sanctions, local lists where EcoVadis has its presence).
EcoVadis Services must not be used for any purposes prohibited by Applicable Export Laws, including, without limitation, for the development, design, manufacture or production of nuclear, chemical or biological weapons of mass destruction.
This web page is for general informational purposes only and does not constitute legal advice.