1. Introduction

This Privacy Notice describes how Relolink, LLC (“Relolink,” “we,” “us,” or “our”) handles personal data that we collect through our websites, tools, and mobile applications that link to this Privacy Notice (collectively, the “Service”), as well as through our marketing and other activities described in this Privacy Notice. Use of the Service is subject to our SaaS Terms of Use.

California residents: See our California privacy notice for information about your personal information and privacy rights.

Individuals in the EEA/UK/Switzerland: See our Notice to European users for information about your personal data and data protection rights.

APAC residents: See our APAC privacy notice for information about your personal data and privacy rights. If you have any questions or concerns about our use of your personal data, please contact us at privacy@relolink.io.

2. Scope of this Privacy Notice

Relolink provides businesses and individuals with a cloud-based global mobility platform for relocation and immigration management. The Service is designed for business and commercial use but also includes features accessible to individual consumers for personal use, such as connecting with service providers. This Privacy Notice applies to personal data collected from both business users and individual consumers unless specified otherwise.

Relolink operates as both a data controller and a data processor depending on the context:

• As a Data Controller: Relolink collects and processes personal data for its own purposes, including for account creation, marketing, billing, and providing access to the Service. This Privacy Notice describes how Relolink manages personal data in this capacity.
• As a Data Processor: Relolink processes personal data on behalf of its subscribed business customers who use the platform to deliver services to their clients. In this capacity, Relolink acts solely under the instructions of its customers, who are the data controllers responsible for ensuring compliance with data protection laws. This processing is governed by the terms of Relolink’s Data Processing Addendum (DPA), not this Privacy Notice.

Exclusions:

This Privacy Notice does not apply to:

• Personal data about Relolink personnel or job applicants.
• Personal data processed by Relolink on behalf of customers in its capacity as a processor, including data customers authorize us to access.
• Data inaccuracies or omissions resulting from customer or user inputs. Customers are solely responsible for ensuring the accuracy and completeness of the data provided.

Personal data processed by Relolink on behalf of customers is governed by the Relolink Data Processing Addendum (DPA), which defines Relolink’s obligations regarding security, confidentiality, and data handling in that context.

Third Party Services and Responsibility:

Relolink may engage third-party service providers to support the delivery and operation of the Services, including but not limited to hosting, communications, analytics, and payment processing.

These third-party providers process Customer Personal Data solely on behalf of Relolink and in accordance with contractual obligations that are designed to provide a level of data protection consistent with applicable data protection laws.

While such providers operate under their own systems and infrastructure, Relolink remains responsible for ensuring that they are engaged and managed in accordance with applicable data protection requirements, as outlined in its Data Processing Addendum.

Relolink does not control the independent policies or practices of third-party services outside the scope of the Services.

3. Personal Data We Collect

The personal data we may collect depends on how you interact with us and the Service. We may collect personal data from the following sources, but not limited to:

Information you provide to us:

• Contact Data: Name, professional title, organization name, email, phone number, mailing address, social media handles, and other contact details.
• Account Data: Name, email address, Service account password, country, and optional profile information (e.g., pronouns, hobbies).
• Payment and Transaction Data: Details of purchases made through the Service, including transaction amounts, payment methods, and purchase history. For secure payments, Relolink partners with third-party payment processors who adhere to industry standards, such as PCI DSS compliance.
• Communications Data: Content and metadata of communications (e.g., emails, surveys, support chats, or social media interactions).
• Referral Data: Contact information for referrals you provide or receive.

Information automatically collected:

• Device Data: Technical details about your device (e.g., operating system, IP address, unique identifiers).
• Usage Data: Information about interactions with the Service (e.g., time spent, pages viewed).
• Cookies and Similar Technologies: See our Cookie Notice for more details.

Third-party sources:

• Business contacts sharing professional details.
• Public sources, such as social media and public records.
• Authentication services (e.g., Google, Microsoft).
• Data brokers providing contact and professional data.

Relolink does not independently determine the purpose for processing sensitive personal data. Any sensitive personal data processed within the platform is provided and managed by subscribed business customers.

In such cases, Relolink acts strictly as a data processor, processing such data solely under the documented instructions of its customers and in accordance with applicable data protection laws and the Relolink Data Processing Addendum (DPA).

If and when Relolink expands to support individual consumer accounts:

• Relolink will collect only limited personal data directly from consumers (e.g., name, contact details, and payment information) for the purposes of account creation, platform access, and transaction facilitation.
• Relolink will not collect or process sensitive personal data directly for service delivery (e.g., immigration or health-related data). Any sensitive data required for services will be handled directly by service providers identified in the Relolink marketplace, who remain responsible for ensuring compliance with applicable laws and obtaining required consents.

Relolink customers and individual service providers are responsible for:

• Compliance: Ensuring their data collection and processing activities comply with applicable data protection laws.
• Consent Management: Obtaining necessary consents for collecting and processing sensitive personal data.

Data Collected Through Web Scraping Feature

• Relolink processes publicly available data through its web scraping functionality. Customers are responsible for ensuring that any data collected complies with applicable laws, third-party terms of service, and does not include restricted or unlawfully obtained personal data.
• Users are responsible for ensuring that any scraped data complies with third-party terms and is lawfully obtained.

Data Collected Through Request information Feature 

• The “Request Information” feature allows Customers to collect personal data, including PII, directly from external users. Relolink acts solely as a processor for this data and processes it strictly in accordance with the Customer’s instructions.
• Customers are the data controllers for all PII collected through the “Request Information” feature and are solely responsible for ensuring the lawfulness of their data collection activities, including obtaining appropriate consents and providing required notices to external users.
• Relolink does not actively monitor the business purpose of data requests made by Customers. However, Relolink implements technical and organizational safeguards, including access controls, logging, and security monitoring, to protect personal data and detect potential misuse or unauthorized access.

4. How We Use Your Personal Data

We use personal data for the following purposes:

1. Service Delivery: To register accounts, provide the Service, and send operational communications.
2. Business Operations: To maintain and troubleshoot IT systems, analyze performance, and generate reports.
3. Research and Development: To analyze and improve the Service, including through anonymized or aggregated data.
4. Benchmarking and insights: To aggregate and analyze de-identified data for benchmarking purposes, providing insights to users about industry trends and performance comparisons while ensuring no individual or organization can be identified.
5. Marketing Communications: To send relevant communications regarding Relolink’s services, updates, and industry content. Such communications are limited to business-related engagement and are not based on targeted advertising or profiling using personal data collected through the Service.
6. Compliance and Protection: To comply with laws, prevent fraud, and protect Relolink’s rights and interests.

Relolink does not sell, rent, or use Customer Personal Data for targeted advertising or third-party marketing purposes. Personal Data is used solely for the provision of the Services, account management, customer support, and related operational purposes.

5. How we share your personal data

Relolink may share personal data with the categories of recipients described below, only to the extent necessary to operate the Service, fulfill contractual obligations, and comply with applicable laws.

Affiliates

We may share personal data with Relolink affiliates and entities under common control for purposes consistent with this Privacy Notice, including service delivery, operational support, and business management.

Service Providers

We engage trusted third-party service providers to support the operation, delivery, and improvement of the Service. These providers are contractually bound to process personal data only on our behalf and in accordance with appropriate security and confidentiality obligations.

Service providers may include, but are not limited to:

• Cloud hosting and infrastructure providers
• IT and software support services
• Customer support and communication platforms
• Payment processing providers
• Authentication and identity verification services
• Data analytics and reporting providers
• Security and monitoring services

Personal data shared with service providers is limited to what is necessary for them to perform their services.

Payment Processors

Payment transactions are processed by third-party payment providers. These providers collect and process payment information directly in accordance with their own privacy and security policies. Relolink does not store full payment card details.

Authentication Services

If you choose to log into the Service using third-party authentication providers (such as Google or Microsoft), those providers may process certain personal data required to authenticate your identity. Their use of personal data is governed by their own privacy policies.

Professional Advisors

We may share personal data with professional advisors such as legal counsel, auditors, and financial advisors where necessary for compliance, risk management, and business operations.

Legal and Regulatory Authorities

We may disclose personal data to law enforcement, regulators, courts, or other authorized parties where required to comply with applicable laws, legal processes, or enforceable governmental requests, or to protect the rights, safety, and security of Relolink, its users, or others.

Business Transfers

In the event of a merger, acquisition, financing, reorganization, or sale of assets, personal data may be shared with relevant parties involved in the transaction, subject to appropriate confidentiality safeguards.

Customer-Directed Sharing

When customers use the Relolink platform to deliver services, they may direct the sharing of personal data with third parties (such as relocation providers, immigration professionals, or other service partners). In these cases, Relolink acts as a data processor and processes such data strictly in accordance with customer instructions.

Other Users and Public Content

Information you choose to share in publicly accessible areas of the Service (such as forums or community features) may be visible to other users or the public.

Targeted Ads

Relolink does not sell personal data and does not use personal data collected through the Service for targeted advertising purposes.

6. Your Options

This section outlines the options available to all users regarding their personal data. Additional rights may apply based on regional privacy laws.

1. Access or Update Information: You may update account information by logging into your Service account.
2. Opt-Out of Marketing Communications: Opt-out of marketing emails by following the unsubscribe link at the bottom of such emails or contacting us. Note that you will still receive non-marketing emails related to the Service.
3. Request Deletion: You may request deletion of your personal data by contacting us.
4. Cookies: Most browsers allow you to remove or reject cookies. See our Cookie Notice for further details..

Consumer Rights: If you are using the Service as an individual consumer, you have specific rights under applicable privacy laws, such as:

• Right to Know: You can request information about the categories of personal data we collect, the purposes of collection, and any data sharing with third parties.
• Right to Delete: You may request the deletion of your personal data, subject to certain exceptions.
• Right to Opt-Out: You can opt-out of the sale or sharing of your personal data for targeted advertising purposes.
• Right to Portability: You may request a copy of your personal data in a structured, machine-readable format.
• Right to Limit Use of Sensitive Information: In certain jurisdictions, you can limit the processing of sensitive personal data.

To exercise these rights, please contact us at privacy@relolink.io. Additional instructions for exercising your rights may be available in the regional privacy notices linked below.

7. Other Sites and Services

The Service may include links to third-party websites or services. These links are not endorsements of those third parties, and Relolink is not responsible for their privacy practices. We recommend reviewing the privacy policies of any third-party services you use.

8. Security and Retention

1. Security Measures: Relolink implements industry-standard technical and organizational security measures designed to protect personal data. These measures include encryption in transit and at rest, role-based access controls, multi-factor authentication, system monitoring, and secure infrastructure management practices.Relolink maintains audit logs of system activity and user interactions to support security monitoring, incident response, and compliance requirements.While Relolink is committed to maintaining a high level of security, no system or transmission over the internet can be guaranteed to be completely secure.Security is a shared responsibility. Users and customers are responsible for maintaining the confidentiality of their account credentials, implementing appropriate internal security practices, and ensuring that access to the Service is properly managed within their organizations.
2. Retention Periods: Relolink retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, regulatory, and contractual obligations. Retention periods may vary depending on the nature of the data and applicable requirements.

9. International Data Transfers

Relolink is headquartered in the United States and works with service providers across various countries. International transfers may involve jurisdictions with data protection laws differing from those in your country of residence.

For transfers from the EEA, UK, or Switzerland, Relolink relies on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses or other applicable mechanisms.

Relolink utilizes cloud infrastructure hosted in regions that support compliance with applicable data protection laws, including the European Economic Area (EEA).

Where international data transfers occur, Relolink implements appropriate safeguards in accordance with applicable laws, including Standard Contractual Clauses or equivalent mechanisms.

10. Age Restrictions and Verification 

The Service is not intended for users under 18 years of age unless parental or guardian consent is provided for specific B2C features. Relolink reserves the right to request age verification through identity documentation for individual accounts. If Relolink becomes aware that it has collected personal data from a child under 18 without the required consent, it will delete the data in accordance with applicable laws.

11. Changes to this Privacy Notice

Relolink reserves the right to modify this Privacy Notice at any time. Material changes will be communicated by updating the effective date and posting the revised version on the Service or through other appropriate channels. Your continued use of the Service signifies your acceptance of the updated Privacy Notice.

Relolink conducts regular reviews of this Privacy Notice to ensure its alignment with evolving legal, regulatory, and operational requirements. These reviews are conducted periodically and whenever new services, features, or data processing practices are introduced. Updates to this Privacy Notice will be communicated to users as outlined in the “Changes to this Privacy Notice” section.

12. How to Contact Us

For questions or concerns about this Privacy Notice, you can contact us at privacy@relolink.io.

13. Feedback on this Policy: 

Relolink is committed to maintaining transparent and user-friendly policies that align with regulatory standards and user needs. If you have feedback, suggestions, or concerns specific to this Policy, please contact us at legal@relolink.io.

Our legal team reviews feedback bi-annually or as needed and considers relevant suggestions for incorporation into future policy updates. While not all feedback will result in immediate changes—or changes at all—your input is invaluable in helping us refine our policies for clarity, compliance, and user satisfaction.

14. Language and Governing Version

Non-English translations of this Privacy Policy are provided for convenience only. In the event of any conflict, the English version will prevail.

Annex 1: California Privacy Rights (CCPA)

California Privacy Notice

This notice describes how Relolink, LLC (“Relolink”, “we,” “us,” or “our”) collects, uses, and discloses personal information of California residents in our capacity as a “business” under the California Consumer Privacy Act (“CCPA”). This annex also outlines your rights under the CCPA regarding your personal information.

Categories of Personal Information Collected

The following categories of personal information have been collected in the past 12 months and may be collected going forward:

• Identifiers: Contact data, account data, device data, referral data.
• Commercial Information: Transaction data, usage data.
• Internet or Network Information: Device data, usage data.
• Geolocation Data: Approximate and precise geolocation data.
• Audio, Visual, or Similar Information: Communications data, security data.
• Professional or Employment Information: Account data, contact data.

Relolink collects this information directly from you, your device, or your interactions with the platform. We use this information for business purposes, including delivering our services, improving user experiences, and complying with legal obligations.

Disclosure of Personal Information

We may disclose the categories of personal information listed above for business purposes to:

• Service providers (e.g., payment processors, analytics providers).
• Affiliates and subsidiaries.
• Third parties involved in your use of the platform.

Your Rights Under CCPA

As a California resident, you have the following rights:

1. Right to Know: Request details on the personal information we have collected, the categories of sources, and the purposes for collection.
2. Right to Access: Obtain a copy of your personal information.
3. Right to Deletion: Request the deletion of personal information collected from you.
4. Right to Correction: Request corrections to inaccurate personal information.
5. Right to Opt-Out of Sale/Sharing: Opt out of the sale or sharing of your personal information for targeted advertising.
6. Right to Non-Discrimination: Exercise your rights without being discriminated against.

Exercising Your Rights

To exercise your rights under the CCPA, contact us at legal@relolink.io. To verify your request, we may require proof of identity and residency.

Annex 2: European Union and UK Privacy Rights (GDPR)

Notice to European Users

This section applies to individuals in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland. Relolink processes personal data in compliance with the General Data Protection Regulation (GDPR) and applicable national data protection laws.

Controller Details

Relolink, LLC is the controller of your personal data. For inquiries or concerns, you can contact our Compliance Team at: Email: legal@relolink.io
Address: 1200 Brickell Ave Suite 1950 #1308 Miami, FL 33131

Legal Bases for Processing

Relolink processes your personal data under the following legal bases:

• Contractual Necessity: To deliver our services and manage your account.
• Legitimate Interests: To enhance platform functionality, ensure security, and improve user experience.
• Compliance with Law: To meet legal obligations and respond to regulatory inquiries.

Your Rights Under GDPR

You have the following rights:

1. Right to Access: Request information about how your data is processed and obtain a copy of your personal data.
2. Right to Rectification: Correct inaccuracies in your personal data.
3. Right to Erasure: Request deletion of your personal data under certain conditions.
4. Right to Restriction: Limit how your data is processed.
5. Right to Data Portability: Receive your data in a portable format.
6. Right to Object: Object to processing based on legitimate interests or direct marketing.
7. Right to Withdraw Consent: Withdraw consent where processing is based on your consent.

Exercising Your Rights

To exercise your rights, email legal@relolink.io. We may require additional information to verify your identity and respond appropriately.

International Data Transfers

If and when Relolink transfers personal data outside the EEA, UK, or Switzerland, we ensure compliance with GDPR by:

• Using Standard Contractual Clauses (SCCs).
• Transferring data to countries deemed adequate by the European Commission.

Annex 3: APAC Privacy Rights

Notice to APAC Users

This annex applies to individuals in the Asia-Pacific (APAC) region and outlines Relolink’s compliance with applicable data protection laws.

Processing Purposes

Relolink processes personal data for:

• Delivering platform services.
• Improving platform features and functionalities.
• Ensuring security and legal compliance.

Your Rights Under APAC Laws

Depending on your location, you may have the following rights:

1. Right to Access: Obtain information about your data processing.
2. Right to Correction: Request corrections to inaccurate data.
3. Right to Deletion: Request deletion of data under certain conditions.
4. Right to Data Portability: Request a copy of your data in a portable format.
5. Right to Object: Object to data processing for marketing purposes.

Data Transfers

For cross-border data transfers, Relolink ensures compliance with local laws, including:

• Implementing Standard Contractual Clauses (SCCs) where required.
• Adopting measures to protect data during transfers.

Contact Information

For questions or concerns, contact our Compliance Team at legal@relolink.io