Minova Global Full Colour Logo

Minova Data Privacy Policy (“Privacy Policy”)

April 2026

Minova Group’s directly or indirectly affiliated companies recognize the importance of protecting the privacy and the rights of individuals in relation to their personal information in compliance with data protection laws. References in this privacy policy to “Minova,” “we,” “us,” and “our” refer to the entity responsible for processing your personal data, which is usually the entity that collects or holds your personal data.

This Privacy Policy applies to personal data that we collect and process through our Minova websites, mobile applications, and social media pages that link to this Privacy Policy, offline in connection with sales, marketing, partner, and supplier relationships, and from third-party sources, including advertising networks and lead brokers, in accordance with applicable law. This Privacy Policy does not apply to personal data collected through our career website, which is subject to the Candidate Privacy Notice, or to products and services for which separate privacy notices apply.

The laws governing collection and use of your personal information may vary from country to country. As we operate globally, we may adopt stricter practices to protect your personal information than is required by law in your country. This statement sets out general principles with respect to Minova’s practice on the collection, use and disclosure of personal information that apply to use of Minova websites and other interactions with Minova.

Our contact details are set out in section 9 below.

  1. Purposes and legal foundations upon which we process your data

We process personal data in accordance with the stipulations of the different data protection laws, mainly in line with the EU General Data Protection Regulation (GDPR). The details of which data are processed and how they are used, possibly also using artificial intelligence (AI),  depends largely on the services requested or agreed in each case. Further details or additions for the purposes of data processing can be found in the respective contract documents, forms, a declaration of consent and/or other information provided to you (e. g. in the context of the use of our website or our terms and conditions). This Privacy Policy may be updated periodically. We will indicate at the top of this Privacy Policy when it was most recently updated.

  • Purposes pursuant to fulfilment of an agreement or pre-contractual measures

The processing of personal data is carried out in order to carry out our contracts with you and the execution of your orders as well as to carry out measures and activities within the framework of pre-contractual relations, e.g. with interested parties, in particular, processing serves to fulfill your orders and requests and to provide the necessary services, measures, and activities.

This essentially includes contract-related communication with you, the corresponding billing and associated payment transactions, credit checks, the verifiability of transactions, orders and other agreements as well as quality control by means of appropriate documentation, goodwill procedures, measures to control and optimize business processes as well as the fulfilment of general duties of care, control and supervision by affiliated companies (e.g. parent company); statistical evaluations for corporate management, cost recording and controlling, reporting, internal and external communication, emergency management, accounting and tax assessment of operational services, risk management, assertion of legal claims and defense in the event of legal disputes; ensuring IT security (inter alia system and plausibility tests) and general security, including building and plant security, securing and exercising domestic authority (e.g. by means of access controls); guaranteeing the integrity, authenticity and availability of data, preventing and investigating criminal offences; control by supervisory bodies or supervisory authorities (e.g. auditing).

  • Purposes within the framework of a legitimate interest on our part or of third parties

Above and beyond the actual fulfilment of the (pre-) agreement, we process your data whenever this is necessary to protect legitimate interests of our own or of third parties, in particular for the following purposes:

  • advertising or market and opinion research, as far as you have not objected to the use of your data;
  • obtaining information and exchanging data with credit agencies, to the extent necessary for assessing legitimate business risks beyond contractual obligations;
  • the examination and optimization of processes for needs analysis;
  • the further development of services and products as well as existing systems and processes;
  • the training and (further) development of AI applications;
  • the disclosure of personal data within the framework of due diligence in the course of company sale negotiations;
  • for comparison with European and international anti-terrorist lists, insofar as this goes beyond the legal obligations;
  • the enrichment of our data, e. g. by using or researching publicly accessible data;
  • statistical evaluations or market analysis;
  • benchmarking;
  • the assertion of legal claims and defense in legal disputes which are not directly attributable to the contractual relationship;
  • the restricted processing of data, if a deletion is not possible or only possible with disproportionately high effort due to the special type of storage;
  • the development of scoring systems or automated decision-making processes;
  • the prevention and investigation of criminal offences, if not exclusively for the fulfilment of legal requirements;
  • the anonymization of personal data;
  • building and plant security (e.g. by means of access control and video surveillance), to the extent necessary beyond the general duties of care;
  • internal and external investigations, safety reviews;
  • internal fraud prevention in connection with the performance of a contract as well as pre-contractual measures, insofar as not exclusively for the fulfillment of legal requirements;
  • any monitoring or recording of telephone conversations for quality control and training purposes;
  • preservation and maintenance of certifications of a private-law or official government nature;
  • the seizure and exercise of domestic authority by means of appropriate measures as well as video surveillance for the protection of our customers and employees as well as for securing evidence in the event of criminal offences and their prevention.

Where we rely on legitimate interests as a legal basis, we ensure that such interests are not overridden by your interests or fundamental rights and freedoms. You have the right to object to such processing at any time (see Section 7).

  • Purposes within the framework of your consent

 Where processing is based on your consent, such consent will be obtained in a freely given, specific, informed and unambiguous manner. Your personal data can also be processed for certain purposes (e.g. use of company communication systems for private purposes; photographs/videos of you for publication in the Intranet/Internet) including as a result of your consent. You can withdraw your consent at any time, for example by contacting us using the contact details in Section 9. Where you provide consent, you will be clearly informed at the point of collection about the consequences of refusing or withdrawing consent. Withdrawal only applies to future processing; prior processing remains lawful.

 

  • Purposes relating to adherence to statutory requirements or in the public interest

Just like any actor which takes part in business life, we are also subject to a large number of legal obligations. These are primarily statutory requirements (e.g. commercial and tax laws), but also if applicable supervisory law or other requirements set out by government authorities. The purposes of processing may also include identity and age checks, prevention of fraud and money laundering (e.g. comparisons with European and international anti-terror lists), compliance with control and notification obligations under tax law as well as the archiving of data for the purposes of data protection and data security as well as for purposes of audits by tax advisors/auditors, fiscal and other government authorities. In addition, it may be necessary to disclose personal data within the framework of official government/court measures for the purposes of collecting evidence, law enforcement and criminal prosecution or the satisfaction of civil law claims.

 

  1. The categories of data that we process as long as we do not receive data directly from you, and its origin

If necessary for the contractual relationship with you and the activities performed by you, we may process data which we lawfully receive from other offices or other third parties (e.g. quality assessment or complaints by customers/suppliers/consumers). In addition, we process personal data that we have lawfully collected, received or acquired from publicly accessible sources (such as, for example, commercial registers and association registers, civil registers, the press, Internet and other media) if such is necessary and we are allowed to process this data in accordance with statutory provisions.

Relevant personal data categories may in particular be:

  • personal data (name, date of birth, place of birth, nationality, marital status, occupation/trade and comparable data)
  • contact data (address, e-mail address, telephone number and similar data)
  • address data (population register data and comparable data)
  • payment confirmation/confirmation of cover for bank and credit cards
  • information about your financial situation (creditworthiness data including scoring, i. e. data for assessing the economic risk)
  • customer history
  • data about your use of the digital service offered by us (e. g. time of access to our websites, apps or newsletter, clicked pages/links of us or entries and comparable data)
  • video data.

 

  1. Recipients or categories of recipients of your data

At our company, your data is received by those internal offices or organizational units that need such to fulfil our contractual and statutory obligations or that require such data within the framework of processing and implementing our legitimate interests.
Your data is disclosed/passed on to external offices and persons solely:

  • in connection with the execution of the contract;
  • for purposes where we are obligated or entitled to give information, notification or forward data (e.g. employer’s liability insurance association, health insurance schemes, fiscal authorities) in order to meet statutory requirements or where the forwarding of data is in the public interest (see number 1.4);
  • to the extent that external service-provider companies commissioned by us process data as contract processors or parties that assume certain functions (e.g. external data centers, support and maintenance of IT applications, archiving, document processing, call center services, compliance services, controlling, data screening for anti-money laundering purposes, data validation and data protection, plausibility check, data destruction, purchasing/procurement, customer administration, lettershops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing plants or companies for data disposal, courier services, logistics);
  • as a result of our legitimate interest or the legitimate interest of the third party within the framework of the purposes cited under number 1.2 (e.g. to government authorities, credit agencies, collection agencies, attorneys, courts of law, appraisers, companies belonging to company groups and bodies and control instances);
  • if you have given us consent to transmit data to third parties.

We shall moreover refrain from transmitting your data to third parties if we have not informed you of such separately. If we commission service providers within the framework of processing an order, your data will be subject there to the security standards stipulated by us in order to adequately protect your data. In all other cases, recipients may only use the data for purposes for which the data has been sent to them.

 

  1. Length of time your data is stored

We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract.

Above and beyond this, we are subject to various retention and documentation obligations.

If the data is no longer required to meet contractual or statutory obligations and rights, it is regularly deleted unless its further processing – for a limited period – is necessary to fulfil the purposes listed under number 1.2 due to an overriding legitimate interest. Such an overriding legitimate interest is deemed to be the case, for example, if it is not possible to delete the data as a result of the special type of storage or such is only possible at an unreasonably great expense and processing for other purposes is excluded by appropriate technical and organizational measures.

 

  1. Data Transfers

We are a global business and we interact with people all over the world. We may transfer the personal information we collect to, and store such data in, other countries, including the U.S., Australia, South Africa und Canada, which may have different data protection laws than the country in which the information was provided. If we do so, we will transfer the personal information only for the purposes described in this Privacy Policy. To the extent required by applicable law, when we transfer your personal information to recipients in other countries, we will take measures to protect that information. Information on the appropriate or adequate safeguards and on the possibility of obtaining a copy from you can be requested from the company data protection officer.

 

  1. Security

We are subject to a range of requirements which require us to take steps to protect the security of personal information, and take reasonable steps to ensure your personal information is protected from misuse, interference and loss, and from unauthorized access, modification or disclosure.

The measures we employ include firewalls, encryption secure premises and data access controls. 

Unfortunately, there is always risk involved in transmitting any data electronically, and any information which you transmit to us online is transmitted entirely at your own risk (you also need to take active steps to protect against security risks on any system that you use). Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted over the internet and we do not warrant the security of any information, including personal information, which you transmit to us over the internet.

Please contact us if you become aware of any breach of security or privacy of your personal information.

 

  1. Access your personal information and your other rights

In accordance with data protection laws, you may have various rights in relation to the information which we hold about you. We have described these below. To get in touch with us about any of these rights, please contact us using the contact details set out in section 9 below. If you are a contractor, you can also contact your Minova manager for your function or region. 

In particular, you may request access to any personal information we hold about you at any time by contacting us using the contact details set out in section 9 below. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it, for example, by mailing or emailing it to you. We will provide access to your personal data free of charge. We may charge a reasonable fee only for requests that are manifestly unfounded, excessive, or repetitive, or where permitted by applicable law. We will not charge for making any corrections to your personal information.

There may be instances where there are legal restrictions on granting you access to the personal information we hold. If that happens, we will give you written reasons for any refusal.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend or to delete it, or to restrict the processing. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.

If you are a contractor, we may provide you with access to Minova systems that allow you to self-serve your requests for access, correction as well as updating your personal information. Where you don’t have access to Minova systems, please contact us using the contact details set out in section 9 below.

To the extent provided by the law of your jurisdiction (e.g. General Data Protection Regulation – “GDPR”) you might have the following specific rights in relation to your personal information:

 

7.1. Right to object

This right enables you to object to us processing your personal information where we do so for one of the following reasons: 

  • because it is in our legitimate interests to do so (for further information please see section 1.2 above);
  • to enable us to perform a task in the public interest or exercise official authority; 
  • to send you direct marketing materials; or
  • for scientific, historical, research, or statistical purposes.

7.2. Right to withdraw consent 

Where we have obtained your consent to process your personal information for certain activities, you may withdraw this consent at any time and we will cease to use your information for that purpose unless we consider that there is an alternative legal basis to justify our continued processing of your information for this purpose, in which case we will inform you of this condition. 

 

  1. Cookies and Similar Technologies

We use essential technologies and – where you consent- optional ones (analytics, personalization, marketing). All vendors, purposes, retention periods, and legal bases are listed in the Consent Manager Tool, where you can change settings at any time.

Further information on the types of cookies used and their purposes is available in our Cookie Notice or Consent Manager Tool.

Any international transfers are protected by appropriate safeguards.
The details are provided in the cookie banner that appears when you visit our website.

 

  1. How to contact us

If you have any questions about this statement, any concerns or complaints regarding the treatment of your privacy or would like to notify us of a possible infringement of your privacy, please contact us at: 

  • Address: Minova International Ltd, Unit 5C, Ashroyd Business Park, Barnsley, S74 9SB, United Kingdom
  • Email: dataprivacy@minovaglobal.com

 

  1. Additional Information & Jurisdiction Specific Notices

 

10.1 Applicability and additional rights (California)

Even though our website and services target business customers only, California residents retain CCPA/CPRA rights, including Right to Know/Access, Deletion, Correction, and notice at or before collection (categories, purposes, and – where applicable – retention periods/criteria). You may submit requests via the contact details provided above.

No “sale”/“sharing”; no cross‑context behavioral advertising.
We do not “sell” personal information and do not “share” it for cross‑context behavioral advertising as defined by the CCPA/CPRA. Accordingly, a dedicated opt‑out link is not required; if our practices change, we will provide the required CCPA opt‑out mechanisms. You may contact us via the contact details above.

Cookies/Tracking
Any cookies or similar technologies we use are configured so that no sale/sharing occurs through.

 

10.2 Additional information (South Africa)

Where the POPIA applies, we process personal information in line with its conditions (including lawfulness, purpose limitation and security) and honor data subject rights (e.g., access, correction, deletion, objection). Electronic direct marketing is generally based on prior consent (or a POPIA‑permitted exception); you can unsubscribe at any time. Please use the contact details above to submit requests.

Cookies/Tracking
We deploy non‑essential cookies or similar technologies only with consent and provide clear opt‑out choices.

 

10.3  Additional information (Brazil).

For individuals in Brazil, we comply with the LGPD, which provides rights such as access, correction, deletion, and data portability, and requires transparency around international data transfers; the relevant information and criteria are set out in our main privacy notice. Please use the contact details above to submit requests. (Note: We do not process sensitive personal data and our online offering is B2B‑only.)  

Cookies/Tracking
We set non‑essential cookies or similar technologies only with consent. Any cross‑border transfers (if applicable) take place under LGPD‑compliant safeguards/mechanisms (e.g., contractual guarantees or adequate protections).

  1. Changes to our Privacy Policy

This Privacy Policy may be updated from time to time. Where changes are material, we will take appropriate steps to inform you, such as posting a notice on our website or contacting you directly if required by law. We will indicate at the top of this Privacy Policy when it was most recently updated.

Quick Links