Soft Touch Moving

divider

Data Protection

INTRODUCTION
Soft Touch Moving is committed to providing a superior experience for everyone we work with. We know that our users are committed to their success, and we are equally committed to ensuring that each interaction with our content is optimized for maximum potential. To enable us to do this, Soft Touch Moving gathers and uses certain information about individuals.

Individuals we gather information about include customers, affiliates, business contacts, employees, and others with whom the organization has a relationship or may need to contact.

This policy describes how personal data is collected, handled, and stored to meet the company’s data protection standards — and to comply with the law.

WHY THIS POLICY EXISTS
This data protection policy ensures Soft Touch Moving:

  • Complies with data protection law and follows industry best practices
  • Protects the rights of staff, customers, affiliates, and partners
  • Is open about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach

EU GENERAL DATA PROTECTION REGULATION (GDPR) PROTECTION LAW
The GDPR (General Data Protection Regulation) protection law describes how organizations that conduct business with individuals or entities located in EU (European Union) nations — including softtouchmoving.com — must collect, handle, and store personal information.

These rules apply regardless of whether data is stored electronically, on paper, or in any other manner.

To comply with the law, personal information must be collected and used fairly, stored safely, and not disclosed unlawfully.

The EU GDPR is underpinned by eight core principles. These state that personal data must:

  • Be processed fairly and lawfully
  • Be obtained only for specific, lawful purposes
  • Be adequate, relevant, and not excessive
  • Be accurate and kept up to date
  • Not be held for any longer than necessary
  • Be processed in accordance with the rights of data subjects
  • Be protected in appropriate ways
  • Not be transferred outside the European Economic Area (EEA), unless that country or territory ensures an adequate level of protection
 

Here’s an updated version of the policy with the new business name and domain:


1. POLICY STATEMENT

Every day at Soft Touch Moving, we receive, use, and store personal information about our customers, affiliates, partners, and colleagues. It is essential that this information is handled lawfully and appropriately, in line with the requirements of the Data Protection Act 2018 and the General Data Protection Regulation (collectively referred to as the ‘Data Protection Requirements’).

We take our data protection duties seriously, as we respect the trust placed in us to use personal information responsibly and appropriately.

2. ABOUT THIS POLICY

This policy, along with any other documents referred to in it, sets out the basis on which we will process any personal data that we collect or handle. This policy does not form part of any employee’s contract of employment and may be amended at any time.

The company, Soft Touch Moving, is responsible for ensuring compliance with the Data Protection Requirements and with this policy. Any questions regarding the operation of this policy or concerns about its adherence should first be directed to the Data Protection Officer.

3. WHAT IS PERSONAL DATA?

Personal data is any information, whether stored electronically or on paper, relating to a living individual who can be directly or indirectly identified from that data (or from that data combined with other information we possess).

Processing personal data involves any activity such as obtaining, recording, organizing, amending, retrieving, using, disclosing, erasing, or destroying data. It also includes transferring personal data to third parties under controlled privacy conditions.

Sensitive personal data includes contact information, addresses, session activity on the platform, IP location, etc. This type of data can only be processed under strict conditions and must be used solely for the purpose for which it was collected.

4. DATA PROTECTION PRINCIPLES

Anyone processing personal data must ensure that the data is:

  • Processed fairly, lawfully, and in a transparent manner.
  • Collected for specified, explicit, and legitimate purposes, with further processing only for compatible purposes.
  • Adequate, relevant, and limited to what is necessary for the intended purposes.
  • Accurate and kept up to date where necessary.
  • Stored in a form that permits identification for no longer than necessary for the intended purposes.
  • Processed in line with the individual’s rights and protected with appropriate security measures to prevent unauthorized or unlawful processing, accidental loss, destruction, or damage.
  • Not transferred to countries without adequate protection unless prior consent is obtained from the individual.

5. FAIR AND LAWFUL PROCESSING

The Data Protection Requirements are not intended to prevent the processing of personal data, but to ensure it is done fairly and without adversely affecting the rights of the individual.

In accordance with the General Data Protection Regulation (GDPR), we will only process personal data where it is required for a lawful purpose. The lawful purposes include (among others): whether the individual has given their consent, the processing is necessary for performing a contract with the individual, for compliance with a legal obligation, or for the legitimate interest of the business. When sensitive personal data is being processed, additional conditions must be met.

Collection of Information

We receive and store information about you, including:

  • Information you provide us: This includes your name, email address, address or postal code, payment method, and telephone number. We collect this information via manual entry during your use of our service, interactions with customer service, participation in surveys or marketing promotions, provision of reviews or ratings, taste preferences, preferences set in Your Profile/Account, or other information provided to us through our service or elsewhere.
  • Information we collect automatically: We collect information regarding your use of our service, your interactions with us, and our advertising, as well as information regarding your device used to access our service. This includes:
    • Your activity on our platform, such as course progress and search queries
    • Details about your interactions with customer service, including the date, time, and reason for contacting us
    • Transcripts of chat conversations initiated on our platforms
    • In the event of phone support, your phone number
    • Device IDs or unique identifiers, device and software characteristics (such as type and configuration)
    • Connection information, page views, referral URLs, IP address, and web log information
    • Information from cookies, web beacons, and other technologies, including ad data (e.g., impressions delivered to a cookie, the site URL where the impression was delivered, and the date and time).

For more details, see our Privacy Policy.

Use of Information

We use the information we collect to provide, analyze, administer, enhance, and personalize our services and marketing efforts. This includes processing your registration, orders, payments, and communications. Our primary aim is to improve user experience by using data to understand platform usage, complete required actions, and minimize effort on your part. We also analyze popular website content to create additional content that aligns with user preferences.

6. PROCESSING FOR LIMITED PURPOSES

We may collect and process personal data received directly from you or from other sources such as business partners, subcontractors, and credit reference agencies. Personal data will only be processed for the purposes specifically permitted by the Data Protection Requirements, and we will notify you of these purposes upon collecting the data.

7. NOTIFYING INDIVIDUALS

When collecting personal data directly from an individual, we will inform them about:

  • The purpose for processing their personal data, including the legal basis for processing
  • Any third parties with which their data may be shared
  • Whether their data will be transferred to a non-EEA country or international organization, along with any safeguards in place
  • How to limit the use and disclosure of their personal data
  • The storage period for their data
  • Their rights to request access, rectification, erasure, restriction of processing, data portability, and withdrawal of consent
  • The right to lodge a complaint with the Information Commissioner’s Office
  • Whether providing personal data is a contractual requirement and any consequences of not providing the data
  • The existence of automated decision-making, including profiling, and information about its logic and consequences.

If we receive personal data from other sources, we will provide the individual with this information as soon as possible, but at the latest within one (1) month.

We are the data controller with respect to this data. Our contact details regarding data protection can be found at https://softtouchmoving.com, and the Data Protection Compliance Manager can also be reached through this site.

8. ADEQUATE, RELEVANT, AND NON-EXCESSIVE PROCESSING

We will only collect personal data necessary for the specific purposes communicated to the data subject.

9. ACCURATE DATA

We will ensure that personal data is accurate and kept up to date. Accuracy will be checked at the point of collection and at regular intervals. Any inaccurate or outdated data will be amended or deleted.

10. TIMELY PROCESSING

We will not retain personal data longer than necessary for its intended purposes. Once the data is no longer required, we will take steps to securely delete or erase it from our systems.

11. PROCESSING IN LINE WITH DATA SUBJECT’S RIGHTS

We will process all personal data in line with data subjects’ rights, particularly their right to:

  • Confirm whether personal data concerning them is being processed.
  • Request access to any data held about them by a data controller.
  • Request rectification, erasure, or restriction on processing of their personal data.
  • Lodge a complaint with a supervisory authority.
  • Data portability.
  • Object to processing, including for direct marketing.
  • Not be subject to automated decision-making, including profiling, in certain circumstances.

12. DATA SECURITY

We will take appropriate security measures against unlawful or unauthorized processing of personal data and against accidental or unlawful destruction, damage, loss, alteration, unauthorized disclosure, or access to personal data that is transmitted, stored, or otherwise processed.

We will implement procedures and technologies to secure personal data from the moment of data collection to the point of destruction. Personal data will only be transferred to a data processor if they agree to comply with these procedures and policies or if they implement adequate safeguards themselves.

We will maintain data security by protecting the confidentiality, integrity, and availability of the personal data, defined as follows:

  • Confidentiality: Only authorized individuals can access the data.
  • Integrity: Personal data should be accurate and suitable for the purpose for which it is processed.
  • Availability: Authorized users should be able to access the data for authorized purposes. Therefore, personal data should be stored on the SoftTouchMoving.com central computer system & databases instead of individual PCs.

Our Security Procedures:

  • Entry controls: Any unidentified persons in entry-controlled areas will be reported.
  • Lockable desks and cupboards: Confidential information should always be stored in locked desks or cupboards.
  • Data minimization: We will limit the amount of personal data we collect to what is necessary.
  • Pseudonymization and encryption: Personal data will primarily be stored in pseudonymized or encrypted formats.
  • Disposal methods: Paper documents will be shredded, digital storage devices will be physically destroyed when no longer needed, and electronic data will be deleted once its intended purpose is fulfilled.
  • Equipment security: Staff must ensure confidential information is not visible to passers-by and that computers are locked when unattended.

Transferring Personal Data Outside of the EEA:

We may transfer personal data outside the European Economic Area (EEA) or to an international organization if one of the following conditions applies:

  • The receiving country ensures adequate protection of data subjects’ rights and freedoms.
  • The data subject has given consent.
  • The transfer is necessary for fulfilling a contract between us and the data subject or to protect vital interests.
  • The transfer is legally required for public interest reasons or for legal claims.
  • The transfer is authorized by a relevant data protection authority, with adequate safeguards in place.

Personal data may also be processed by staff outside the EEA, such as those working for our suppliers, to fulfill contracts, process payments, or provide support services.

14. DISCLOSURE AND SHARING OF PERSONAL DATA

We may share personal data we hold with any member of our group, including subsidiaries, the ultimate holding company, and its subsidiaries, as defined in Section 1159 of the Companies Act 2006.

15. SUBJECT ACCESS REQUESTS

We have a privacy statement outlining how we use data related to individuals.

Individuals must make formal requests for information we hold about them. Employees should forward such requests to the data department immediately.

For telephone inquiries, personal data will only be disclosed if:

  • The caller’s identity is verified.
  • If the caller’s identity cannot be confirmed, we may suggest putting the request in writing.
  • For electronic requests, data will be provided electronically when possible.

Support staff will refer requests to the data processing department or the Data Protection Compliance Manager if needed.

16. CHANGES TO THIS POLICY

We may modify this Privacy Policy at any time but will provide prominent advance notice of any significant changes. Notifications will be sent via email, posted on our website, or made through our Services to allow you to review the changes and decide whether to continue using the Services.

  1.