Move Right - Privacy Policy
Last Updated: September 4, 2025
1. Introduction
Karve Information Technology Ltd. ("Karve IT," "we," "us," "our") is committed to protecting the privacy of individuals. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal information when you use our Move Right customer relationship management platform and related services (collectively, the "Service").
This policy applies to the information we process through the Service. It is important to understand our role. Our clients are moving companies ("Clients") who use our Service to manage their business operations. In this relationship, our Client is the Data Controller, and Karve IT is the Data Processor. This means we process personal information on behalf of and under the instruction of our Clients.
This Privacy Policy explains our practices as a Data Processor, as well as our practices as a Data Controller for the information we collect directly from our Clients to manage their accounts.
2. Information We Collect and Process
We collect and process different categories of information in providing our Service.
- Client Account Information: When a Client signs up for the Service, we collect information necessary to create and manage their account. This includes the business name, contact person's name, business email address, phone number, physical address, and billing information.
- Client-Uploaded Data (Processed on behalf of Clients): Our Service is a platform for our Clients to store and manage their operational data. As such, we process personal information that our Clients and their authorized users choose to upload to the Service. This data may include, but is not limited to:
- End-Customer Information: Information about our Clients' customers, such as names, pickup and delivery addresses, email addresses, phone numbers, move dates, and specific details related to their move.
- Inventory Information: Detailed lists of items to be moved, which may be associated with an identifiable end-customer.
- Employee Information: Information about our Clients' employees or contractors, such as names, contact details, work schedules, and crew assignments.
- GPS Location Data: Real-time geographic location data from devices used by our Clients' crew members, if the Client enables and uses the crew tracking features of the Service.
- Usage and Technical Data: When anyone interacts with our Service, we may automatically collect technical information. This can include IP addresses, browser type and version, device identifiers, operating system, and information about how the Service is used (e.g., features accessed, time of access).
- Payment Information: We use third-party payment processors to handle payments. We do not store credit card details but may retain transaction information as necessary for our records.
3. How We Use Information (Our Purposes)
Our collection and use of personal information are purpose-driven, aligning with the "Identifying Purposes" and "Limiting Collection" principles of Canadian privacy law. We are transparent about why we process data.
| Type of Personal Information | Primary Purpose of Use | Legal Basis (under PIPA/PIPEDA) |
|---|---|---|
| Client Account Information | To create and manage Client accounts, provide customer support, process payments, and communicate about the Service. | Performance of a contract; Legitimate interest. |
| End-Customer Contact & Move Details (Processed on behalf of Client) | To enable the core functionality of the CRM for quoting, scheduling, and managing moves. | Processed under the instruction of the Data Controller (our Client). |
| End-Customer Inventory Lists (Processed on behalf of Client) | To facilitate accurate move estimation and planning within the Service. | Processed under the instruction of the Data Controller (our Client). |
| Employee Schedule & GPS Location Data (Processed on behalf of Client) | To enable crew tracking, dispatch, and logistics management features of the Service. | Processed under the instruction of the Data Controller (our Client). |
| Usage & Technical Data | To monitor and improve the performance, security, and functionality of the Service; for internal analytics. | Legitimate interest; Consent (for non-essential cookies). |
4. How We Share and Disclose Information
We do not sell personal information. We may share information in the following limited circumstances:
- With Sub-processors: We engage third-party companies and individuals to perform services on our behalf (e.g., cloud hosting services, payment processing, analytics services). These sub-processors are contractually obligated to protect the confidentiality and security of the data and are restricted to using it only to provide services to us. Our cloud infrastructure may be hosted on platforms such as Amazon Web Services (AWS) or Digital Ocean.
- As Directed by Our Clients: We will share and disclose the personal information within Client-Uploaded Data as directed and authorized by the respective Client. For example, if a Client uses an integration with a third-party service like QuickBooks or enables tracking pixels for Google or Facebook, we will facilitate the transfer of data to that service on the Client's behalf.
- For Legal Reasons: We may disclose personal information if we believe in good faith that it is required to comply with a law, regulation, legal process, or governmental request; to enforce our Terms of Service; to detect, prevent, or otherwise address fraud, security, or technical issues; or to protect the rights, property, or safety of Karve IT, our Clients, or the public.
- Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, personal information may be transferred as a business asset.
5. Data Security, Retention, and International Transfers
5.1. Security. We implement and maintain reasonable administrative, physical, and technical security safeguards to help protect personal information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. This is a core requirement under both PIPA and PIPEDA.
5.2. Retention. We retain personal information for as long as is necessary to fulfill the purposes for which it was collected, to provide our Service, to resolve disputes, to establish legal defenses, to enforce our agreements, and to comply with our legal obligations. Data processed on behalf of our Clients is retained according to the terms of our agreement with them.
5.3. International Transfers. Our Service and its data, including personal information, may be hosted on servers located in countries outside of your country of residence, including the United States. When we transfer personal information across borders, we take steps to ensure that the information receives an adequate level of protection in the jurisdictions in which we process it. By using our Service, Clients and their users acknowledge that personal information may be transferred to and stored in jurisdictions like the United States and may be subject to access by law enforcement or national security authorities in those jurisdictions.
6. Your Privacy Rights
Under British Columbia's PIPA and Canada's PIPEDA, individuals have certain rights regarding their personal information. These include:
- Right to Access: The right to request access to the personal information an organization holds about them.
- Right to Correction: The right to request that inaccurate or incomplete personal information be corrected.
- Right to Withdraw Consent: The right to withdraw consent to the collection, use, or disclosure of personal information, subject to legal or contractual restrictions.
How to Exercise Your Rights:
- If you are a Client: You may access and update your Client Account Information by logging into your account. For other requests, please contact our Privacy Officer.
- If you are an end-customer or employee of one of our Clients: Karve IT processes your data on behalf of our Client (the moving company). Therefore, you must direct any requests to access, correct, or withdraw consent for your personal information directly to the moving company that you have a relationship with. They are the Data Controller and are responsible for handling your request. We will assist our Clients in responding to such requests as required by law.
7. Use of Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. We use cookies to operate our Service, remember user preferences, and for security purposes. Users can instruct their browser to refuse all cookies or to indicate when a cookie is being sent.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify our Clients of any material changes by posting the new Privacy Policy on our website or through the Service, and by updating the "Last Updated" date at the top of this policy.
9. Contact Information
To comply with our accountability obligations under PIPA and PIPEDA, we have designated a Privacy Officer who is responsible for our compliance with this Privacy Policy. If you have any questions, concerns, or complaints about our privacy practices, please contact our Privacy Officer at:
Privacy Officer
Karve Information Technology Ltd.
204 - 1080 Mainland St
Vancouver, BC V6B 2T4
Canada
Email: [email protected]