Privacy Policy

Effective Date: March 15, 2026

This Privacy Policy describes the privacy practices of Enovix Corporation and its subsidiaries and affiliates (“Enovix,” “we”, “us” or “our”) and how we handle personal information that we collect through our websites that link to this Privacy Policy (collectively, the “Site”).  This Privacy Policy also describes your choices and rights with respect to your personal information. We will take reasonable measures to comply with applicable laws and regulations in the country or region in which you are located.

PERSONAL INFORMATION WE COLLECT
HOW WE USE YOUR PERSONAL INFORMATION
HOW WE SHARE YOUR PERSONAL INFORMATION
LEGAL BASIS FOR PROCESSING
AUTOMATED DECISION MAKING
YOUR CHOICES
OTHER SITES
SECURITY
DATA RETENTION
INTERNATIONAL DATA TRANSFERS
JOB APPLICANTS
CHILDREN
CHANGES TO THIS PRIVACY POLICY
HOW TO CONTACT US
REGION/COUNTRY SUPPLEMENTS

Personal Information We Collect

Information you provide to us. Personal information, personal data, or personally identifiable information, is any information relating directly or indirectly to an identified or identifiable natural person. Personal information you may provide to us through the Site or otherwise includes:

1. Business and personal contact information, such as first and last name, email and mailing addresses, phone number, professional title and company name.

2. Registration information, such as information that may be related to a service, an account or an event you register for.

3. Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.

4. Transaction information, such as information about products or services you have purchased from us.

5. Usage information, such as information about how you use the Site and interact with us, including information associated with any content you upload to the Site or otherwise submit to us, and information you provide when you use any interactive features of the Site.

6. Marketing information, such as your preferences for receiving communications about our products, activities, events, and publications, and details about how you engage with our communications.

7. Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.

Third party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as social media accounts that you use to log into or connect to the Site, which will allow us to collect the information you choose to make available in your settings on that social media account.

Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, your interaction over time with the Site, and our communications, such as:

1. Device data, such as your browser type, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), and general location information such as city, state or geographic area.

2. Online activity data, such as launches, taps, clicks, scrolling information, pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Site, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, whether you have opened our marketing emails or clicked links within them, and diagnostic data (such as crash logs, launch time, hang rate and energy use).

Cookies. Cookies are small data files that are placed on your computer or mobile device when you visit a website.  Cookies serve different purposes, like helping us understand how the Site is being used, letting you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience.  Our Site may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them).

We use two broad categories of cookies: (i) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Site; and (ii) third party cookies, which are served by service providers or business partners on our Site, and can be used by these parties to recognize your computer or mobile device when it visits other websites. Third party cookies can be used for a variety of purposes, including Site analytics, advertising and social media features.

Our Site may employ cookies and other tracking technologies in the following categories:

1. Advertising cookies. These cookies are used by advertising companies to collect information about how you use our Site and other websites over time.  These companies use this information to show you ads they believe will be relevant to you within our Site and elsewhere, and to measure how the ads perform.

2. Analytics cookies. These cookies help us understand how our Site is performing and being used. These cookies may work with web beacons included in emails we send to track which emails are opened and which links are clicked by recipients.

3. Essential cookies.  These cookies are necessary to allow the technical operation of our Site (e.g., they enable you to move around on a website and to use its features).

Other technologies

1. Browser Web Storage. We may use browser web storage (including via HTML5), also known as locally stored objects (“LSOs”), for similar purposes as cookies. Browser web storage enables the storage of a larger amount of data than cookies. Your web browser may provide functionality to clear your browser web storage.

2. Flash Technology.  We may use Flash cookies (which are also known as Flash Local Shared Object (Flash LSOs) on our Site to collect and store information about your use of our Site.  Unlike other cookies, Flash cookies cannot be removed or rejected via your browser settings.  If you do not want Flash LSOs stored on your computer or mobile device, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also control Flash LSOs by going to the Global Storage Settings Panel and following the instructions. Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our Site.

3. Web Beacons. We may also use web beacons (which are also known as pixel tags and clear GIFs) on our Site and in our HTML formatted emails to track the actions of users on our Site and interactions with our emails.  Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML formatted emails. Pixel tags are used to demonstrate that a web page was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of our Site, so that we can manage our content more effectively.

For information regarding your choices regarding the use of cookies and similar technologies on the Site, see the Your Choices section below.

The categories of personal information listed above may be linkable to your identity by us and the third parties described below in How We Share Your Personal Information.

How We Use Your Personal Information

We use your personal information for the following purposes or as otherwise described at the time of collection:

Site delivery. We use your personal information to:

1. provide, operate and improve the Site and our business;
2. enable the functionality of the Site, including to authenticate the user, enable features, prevent fraud, implement security measures, ensure server up-time, minimize app crashes, and improve scalability and performance;
3. communicate with you about the Site, including by sending announcements, updates, security alerts, and support and administrative messages;
4. understand your needs and interests, and personalize your experience with the Site and our communications; and
5. provide support for the Site, and respond to your requests, questions and feedback.

Research and development. We may use your personal information for research and development purposes, including to analyze user behavior, understand the effectiveness of existing features, plan new features, measure audience size or characteristics and otherwise analyze and improve the Site and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect.  We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Site and promote our business

Marketing and advertising. We and our service providers may collect and use your personal information for the following marketing and advertising purposes:

1. Direct marketing. We may send you Enovix-related or other direct marketing communications as permitted by law.  You may opt-out of our marketing communications as described in the Opt-out of marketing section below.

Compliance and protection. We may use your personal information to:

1. comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
2. protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
3. audit our internal processes for compliance with legal and contractual requirements and internal policies;
4. enforce the terms and conditions that govern the Site; and
5. prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

How We Share Your Personal Information

We may share your personal information with the parties below, with other third parties with your consent, and as otherwise described in this Privacy Policy or at the time of collection.

Affiliates. Our affiliates, for purposes consistent with this Privacy Policy.

Site providers. Companies and individuals that provide services on our behalf to help us operate the Site or our business (such as hosting, information technology, customer support, email delivery, marketing, and website analytics) to facilitate the provision of the Site.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Enovix or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Legal Basis for Processing

Our legal basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. To the extent that we process personal information as data controllers, where we determine the purposes and means of processing, we will do so based on our legitimate business interest (considering the fundamental privacy rights of individuals), the performance of a contract, compliance with a legal obligation, or consent, depending on the specific business activity involved.

Automated Decision Making

Automated decision making occurs when an electronic system uses personal information to make a decision about you, without human involvement. We use automated analysis and cybersecurity risk ratings to prevent theft, fraud, or other crime. In the event that our automated decision making would have a legal effect or significantly affect you, we will implement measures to safeguard your rights, freedoms and interests, including obtaining your explicit consent.

Your Choices

You have the following choices with respect to your personal information.

Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. You may continue to receive non-marketing emails.

Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings.  Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, our Site may not work properly. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.  If you do not accept our cookies, you may experience some inconvenience in your use of our Site.  For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Site.

Mobile device permissions. You can use your mobile device’s privacy settings to disable our access to any data granted through them.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online Sites that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Third party platforms. If you choose to connect to the Site through your social media account, you may be able to use your settings in your account with that platform to limit the information we receive from it.  If you revoke our ability to access information from a third-party platform, that choice will not apply to information that we have already received from that third party.

Declining to provide information. If you do not provide the information we identify as required or mandatory, we may not be able to provide those aspects of the Site.

Other Sites

The Site may contain links to websites, applications, and online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party.  We do not control websites, applications or online services operated by third parties, and we are not responsible for their actions.

Security

We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

Data Retention

We store information for as long as necessary to carry out the purposes for which we originally collected your information and for other legitimate business purposes, including meeting our legal, regulatory, or other compliance obligations.

International Data Transfers

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to other locations where privacy laws may not be as protective as those in your state, province, or country. Wherever we process your personal information, we take appropriate steps to ensure it is protected in accordance with applicable data protection laws. We use the European Commission’s Standard Contractual Clauses for transfers of personal information from the European Economic Area (EEA) between us and our business partners and service providers. We have equivalent measures for personal information transfers from other jurisdictions that have similar requirements.

Job Applicants

For information about Enovix processing of personal information related to job applications, see Enovix’s Candidate Privacy Notice.

Children

The Site is not intended for use by children under 18 years of age.  If we learn that we have collected personal information through the Site from a child under 18 without the consent of the child’s parent or guardian as required by law, we will delete it.

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time.  If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Site. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Site. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting).  In all cases, your use of the Site after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

How to Contact Us

Enovix Corporation
3501 W. Warren Avenue
Fremont, CA 94538
Phone: (510) 687-1330
[email protected]

Region/Country Supplements

Some additional privacy provisions may be relevant to your specific country of residence. The region/country supplements below must be read in conjunction with the sections described above in this Privacy Policy.

Supplemental Information for Residents in the United States

Where Enovix is subject to the requirements of the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively “CCPA”) or where other US state laws have similar requirements, the following applies:

You have the right as a consumer to:

• Know what personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of personal information we have collected about you.
• Delete personal information that we have collected from you.
• Correct inaccurate personal information that we maintain about you.
• Opt-out of any sharing of your personal information by us.
• Limit the use or disclosure of sensitive personal information by us.
• Receive non-discriminatory treatment for your exercise of these rights.
• Appeal any denial of your request to exercise these rights.

To exercise these rights, either directly or via an appropriately appointed agent, or to limit the sharing of your personal information, please email us at [email protected].

Supplemental Information for Residents in China

Where China’s Personal Information Protection Law (“PIPL”) requires a separate consent for the processing and transfer of personal information, Enovix will notify you separately and provide you with the details of the overseas recipient, the type of data disclosed, and the purposes.

Where personal information is transferred to countries that, according to Chinese authorities, do not offer an adequate level of protection in relation to PIPL, such transfers are covered by the Chinese Standard Contractual Clauses.

You may have the following additional rights under PIPL:

• You have the right to require Enovix to further explain the rules of processing of your personal information to the extent that they are unclear or not addressed in our privacy policies.
• You have the right to transfer the personal information Enovix holds about you to another personal information processor as long as it is compliant under PIPL.

Supplemental Information for Residents in India

References to “personal information” in this Privacy Policy are defined as “personal data” for purposes of India’s Digital Personal Data Protection Act 2023 (“DPDPA”).

We will conduct any transfer of your personal information outside India in compliance with the DPDPA. The transfer of personal information to any country or territory outside India is permissible unless restricted by the Central Government through official notification. 

Your additional rights under the DPDPA are listed below:

• If you wish to make a complaint or are unhappy with the way we process your personal information or handle the exercise of your rights, you may submit your grievance by contacting us at [email protected]. We will acknowledge and respond to your grievance within the prescribed timeframe as per applicable regulations.
• You have the right to nominate another individual who can exercise your rights in the event of your death or incapacity. If you would like to designate a nominee, please email [email protected] providing the nominee’s full name, contact number, email address, and relationship to you.

Please direct any requests/queries to exercise your rights to [email protected].  In India, after exhausting the opportunity of redressing the right of grievance, you may lodge a complaint to the Data Protection Board of India by contacting your local or national government office, or by contacting the Ministry of Electronics & Information Technology at https://www.meity.gov.in.

Supplemental Information for Residents in Malaysia

References to “personal information” in this Privacy Policy are defined as “personal data” for purposes of Malaysia’s Personal Data Protection Act 2010, as amended by the Personal Data Protection (Amendment) Act 2024 (“PDPA”).

Sensitive personal information under the PDPA includes information relating to an individual’s physical or mental health or conditions, political opinions, religious beliefs or other beliefs of a similar nature, commission or alleged commission of any offence, and biometric data. We do not generally collect or process any sensitive personal information unless explicit consent has been obtained from you, or where such processing is otherwise permitted or required under any applicable law. However, should you voluntarily provide us with any sensitive personal information, it will be deemed that you have given us your explicit consent by conduct to collect, use, disclose or process the sensitive personal information solely for the purpose for which it was provided if it is reasonable that you would voluntarily provide the information, and in accordance with the PDPA.

In conducting our international business operations, your personal information may be transferred to and processed in jurisdictions outside of Malaysia for the purposes described in this Privacy Policy. We conduct international transfers in accordance with PDPA requirements. This includes taking reasonable steps to ensure that the recipient country has in force laws which are substantially similar to the PDPA or provides an adequate level of protection in relation to the processing of personal information which is at least equivalent to the level of protection afforded by the PDPA.

You have the following rights under the PDPA: (i) right to access your personal information held by us; (ii) right to require the correction of your personal information; (iii) right to withdraw consent to the processing of your personal information; (iv) right to prevent processing likely to cause you damage or distress; (v) right to prevent processing for direct marketing purposes; and (v) right to data portability to transfer your personal information. If you would like to exercise your rights, have any enquiries, requests, or complaints regarding the processing of your personal information, please email our local Data Protection Officer at [email protected].

Enovix provides a Bahasa Malaysia version of this Privacy Policy and the Malaysia supplement [LINK]. The English version shall prevail should there be any inconsistencies between the two versions.

Supplemental Information for Residents in South Korea

Where Enovix is subject to the requirements of the South Korea Personal Information Protection Act (“PIPA”), the following applies:

• You may exercise rights related to the protection of personal information by requesting access to your personal information or the correction, deletion or suspension of processing of your personal information, etc., pursuant to the PIPA.
• Your personal information may be processed globally.  When personal information is processed across country borders, Enovix complies with the laws on the transfer of personal information between countries to keep your personal information protected. Your personal information may be transferred to, accessed or processed by the categories of third parties as described above in this Privacy Policy.
• With your consent, Enovix or our service providers may collect or use your biometric data.
• You can exercise your data protection rights or submit any enquiries or requests via email to [email protected].