Last updated July 8, 2020
At Shyft Moving, Inc. (“Shyft”, “we”, or “us”), we see privacy as essential to communication. We also understand that you are aware of and care about your own personal privacy interests, and we take that seriously.
You must be at least 18 years old to use Shyft’s website(s) and service(s). Shyft does not knowingly collect information from children under 18.
We ensure that your personal information is properly protected through physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. Shyft has carefully implemented privacy by design and default, which means that our systems have protection designed into them, and access to data is strictly controlled and only given to our employees when required. Shyft undertakes commercially reasonable precautions to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
Below you may find relevant information divided into the following sections:
- I. Who are we?
- II. What personal data do we collect from you?
- III. Why do we collect your personal data?
- IV. What is our legal basis for collecting your data?
- V. How long do we keep your personal data?
- VI. Where do we store the data?
- VII. Your rights
- VIII. Other information
I. WHO ARE WE?
Shyft is a controller, a legal entity responsible for personal data that you exchange with us, as well as a processor of your personal data.
Shyft Moving, Inc.,
548 Market St, PMB 57421, San Francisco, California 94104
Representative: Alex Alpert, CEO
II. WHAT PERSONAL DATA DO WE COLLECT FROM YOU?
“Personal data” that we collect from you relates to your personal information that can be used to identify you as an individual, such as:
- your name, company, email address, phone number, billing address, and shipping address;
- your Shyft username and password;
- credit card information;
- any account-preference information you provide us;
- your computer’s domain name and IP address, indicating where your computer is located on the Internet;
- session data for your login session, so that our computer can “talk” to yours while you are logged in.
- your name, email address, and phone number;
- your origin and destination home addresses, if provided;
- your computer’s domain name and IP address, indicating where your computer is located on the Internet;
- credit card information, if applicable;
- video and still images of you and your household goods items.
III. WHY DO WE COLLECT YOUR PERSONAL DATA?
Shyft collects, uses, and discloses personal data relating to customers and clients for the purposes of developing and managing processes and technologies for recording video surveys of household goods, preparing household goods’ inventories, communicating pricing and other useful information between people who need to move and moving industry service providers and facilitating the ‘booking’ of various services by such people with such service providers. If you provide personal data to us, either directly or through a reseller or other business partner, we will use or disclose your personal data for the following purposes:
- as necessary to provide survey and cubing services;
- as necessary to provide moving quotes and facilitate moving services from third parties (for example, for this purpose we may disclose your personal data to moving service provider (such as moving and truck companies, and companies that provide moving materials));
- as necessary to provide products you have ordered, such as providing it to a carrier to deliver products and services you have ordered (for example, for this purpose we may disclose your personal data to moving service provider (such as moving and truck companies, and companies that provide moving materials) and lifestyle partners (such as temporary housing));
- as necessary for tax withholding and payroll reporting, if you received a lump sum payment for your move from your employer (for example, for this purpose we may disclose your personal data to a third party that would perform the above mentioned financial services);
- use your contact information to provide you with information we believe you need to know or may find useful, such as news about our services and products and modifications to the Terms & Conditions;
- use it in the aggregate with other information in such a way so that your identity cannot reasonably be determined (for example, for statistical compilations);
- for technical administration of our website(s); research and development; customer and account administration.
- as required by law, for example, in response to a subpoena or search warrant;
- to outside auditors who have agreed to keep the information confidential;
- as necessary to enforce the Terms & Conditions;
- as necessary to protect the rights, safety, or property of Shyft, its users, or others; this may include exchanging information with other organizations for fraud protection and/or risk reduction;
We may provide your personal data only to contracted third parties for surveying and execution of your move. Shyft has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Shyft shall remain liable under the Privacy Shield Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Shyft proves that it is not responsible for the event giving rise to the damage.
IV. WHAT IS OUR LEGAL BASIS FOR COLLECTING YOUR DATA?
Depending on the purpose of use of your personal data, there can be following legal basis for processing of your personal data:
- Your consent;
- Shyft’s legitimate interest, such as improvement of our products and services, and prevention of fraud;
- Performance of our duties from the agreement concluded with you;
- Based on law.
V. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Some data we delete automatically after a specific period of time, while some are converted and preserved in anonymized form. When you request erasure of your data, we follow a strict deletion policy to make sure that your data is safely and completely removed from our servers, or retained only in anonymized form. We may need anonymized data for different business intelligence matters, such as analytics and statistical purposes, as mentioned in section III.
For more information on how long your personal data is stored, please contact us at email@example.com.
VI. WHERE DO WE STORE THE DATA?
All data on our web site and services, including your personal data, is stored on Amazon Web Services and Microsoft’s Azure servers, which are located in the United States. Therefore, if you reside outside of the U.S. and use our website, and wish to be provided with Shyft services, your personal data will be transferred outside of your home country.
Since the United States has not received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (“GDPR”), Shyft relies on derogations for specific transfer situations, as set forth in Article 49 of the GDPR. In particular, Shyft collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill Shyft’s compelling legitimate interest in a manner that does not outweigh your rights and freedoms.
Shyft also enters into data processing agreements and model clauses with its partners whenever feasible and appropriate.
The Article 29 Working Party has:
- approved the AWS Data Processing Agreement which includes the Model Clauses, and
- found that the AWS Data Processing Agreement meets the requirements of the GDPR Directive with respect to Model Clauses.
Having signed the Data Processing Addendum, we (Shyft) are also a part of the agreement with E.U. Model Contract Clauses.
VII. YOUR RIGHTS
You may also request information about who else outside Shyft might have received the data. You have a right to correct (rectify) the record of your personal data maintained by Shyft, if it is inaccurate. You may request that Shyft erases that data or ceases processing it, subject to certain exceptions. You may also request that Shyft ceases using your personal data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Shyft processes your personal data.
As Shyft is a company located outside of the European Union, to comply with Article 27 of the GDPR, GDPR-Rep.eu has been nominated as our representative in the European Union. If you want to make use of your data privacy rights, please visit: Our public Privacy dashboard.
In case you wish to contact GDPR-Rep.eu, please use the below information, and add the following subject to all correspondence “GDPR-REP ID: 18397074”:
GDPR-Rep.eu, Maetzler Rechtsanwalts GmbH & Co KG, Attorneys at Law, c/o Shyft Moving, Inc.
Schellinggasse 3/10, 1010 Vienna, Austria
VIII. OTHER INFORMATION
As is true of most other websites, Shyft’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Shyft’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.
Shyft uses “cookies” to store personal data on your computer. We may also link information stored on your computer in cookies with personal data about specific individuals stored on our servers. If you set up your web browser (for example, Google Chrome or Mozilla Firefox) so that cookies are not allowed, you might not be able to use some or all of the features of our website(s).
- Necessary purposes: To let you log in and to ensure site security. Without this type of technology, our Services will not work properly or will not be able to provide certain features and functionalities.
- Performance purposes: To analyze how visitors use a website, in order to provide a better user experience.
- Personalization purposes: To remember choices you have made — such as language or region, and facilitate your use of our services and website.
If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. The Help menu on the menu bar of most browsers also tells you how to prevent your browser from accepting new cookies, how to delete old cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether.
You can also visit http://www.aboutcookies.org for more information on how to manage and remove cookies across a number of different internet browsers.
Compliance with EU-U.S. and Swiss-U.S. Privacy Shield
Federal Trade Commission Jurisdiction
The Federal Trade Commission (FTC) has jurisdiction over Shyft’s compliance with the Privacy Shield. We may be required to disclose personal information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Your privacy responsibilities
To help protect your privacy, be sure:
- not to share your username or password with anyone else;
- to log off the Shyft website when you are finished;
- to take customary precautions to guard against “malware” (viruses, Trojan horses, bots, etc.), for example by installing and updating suitable anti-virus software.
Questions or comments?
European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at firstname.lastname@example.org. Shyft has further committed to refer unresolved Privacy Shield complaints to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit BBB EU Privacy Shield for more information or to file a complaint. Their services are at no cost to you. To learn more about BBB EU Privacy Shield dispute resolution or to refer a complaint visit www.bbb.org/EU-privacy-shield/for-eu-consumers/.
Individuals have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information on binding arbitration visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Thank you for choosing Shyft!