Data Processing Agreement

Last updated: 13 June 2026

About this agreement

This Data Processing Agreement is between you — the removals business using Altus Move (the "Controller") — and Altus Move, operated as a UK sole-trader business based in Edinburgh (the "Processor", "we", "us").

It applies whenever Altus Move processes personal data on your behalf: the data you store about your own customers and staff. There, you are the controller and we only act on your instructions. For the limited data we hold as our own controller (your account details, your enquiries), see our Privacy Policy. This agreement is incorporated by reference into our Terms of Service and covers the requirements of UK GDPR Article 28(3); where they differ, the clauses below govern data-protection matters.

1. We process only on your documented instructions

We process your customers' personal data only to provide the Altus Move service to you, and only as instructed by you. Your use of the platform, these terms, and any written request you send us are your documented instructions. We will not use your customers' data for our own purposes, sell it, use it for advertising, or use it to train AI models. If a law ever requires us to process it otherwise, we will tell you first unless the law forbids that.

2. Confidentiality

Anyone authorised to handle your customers' data (today, the sole trader who operates Altus Move) is bound by a duty of confidentiality and only sees what is necessary to run and support the service.

3. Security measures

We take appropriate technical and organisational measures to keep your data secure:

  • Tenant isolation (row-level security): every record is scoped to your organisation, and database rules enforce that one operator can only ever read or write their own org's data — never another firm's.
  • Encrypted at rest: all data is stored encrypted at rest by our database provider.
  • Encrypted in transit: all connections use TLS (HTTPS).
  • Least-privilege access: day-to-day access is limited to your own org via the same rules; the privileged key that can bypass them is confined to server-side endpoints and is never exposed to browsers.
  • Hashed passwords and managed authentication.

4. Sub-processors

You give us general authorisation to engage the sub-processors listed below to help deliver the service. We impose data-protection terms on each of them no less protective than this agreement. If we add or replace a sub-processor, we will give you at least 14 days' notice (by email and/or by updating this page). If you have a reasonable objection on data-protection grounds, tell us and we will work to resolve it; if we cannot, you may stop using the affected feature or close your account.

Where a provider processes data outside the UK, the transfer is protected by a UK-approved safeguard — the UK Extension to the EU-US Data Privacy Framework ("UK Ext. to DPF"), the UK International Data Transfer Addendum ("IDTA"), or EU Standard Contractual Clauses ("SCCs"). Email us for a copy of any safeguard.

  • Supabase — database, authentication and file storage (US/EU) — UK Ext. to DPF + SCCs/IDTA.
  • Vercel — hosting and application platform (US) — UK Ext. to DPF + SCCs/IDTA.
  • Stripe — card payments (US) — UK Ext. to DPF + SCCs/IDTA.
  • Resend — transactional email (US) — UK Ext. to DPF + SCCs.
  • Anthropic — AI survey-dictation parsing, where you use that feature (US) — SCCs + UK IDTA.
  • Google — distance and drive-time calculation (US) — UK Ext. to DPF + SCCs.
  • OpenRouteService — distance and drive-time calculation (EEA) — covered by UK adequacy.
  • Sentry — error monitoring, configured to strip personal data before any report is sent (US) — UK Ext. to DPF + SCCs.
  • Ideal Postcodes — UK address lookup (UK) — no transfer mechanism needed.
  • Twilio — SMS notifications (US) — UK Ext. to DPF + SCCs — not yet active; this row applies once SMS is switched on.

5. Helping with data-subject requests

If one of your customers exercises a right (access, correction, deletion, objection, portability), you remain responsible for responding, and we will help. The app gives you self-service tools to do most of this yourself — you can export a customer's data and erase or anonymise their record directly in the app. Where you need more than the in-app tools provide, email hello@altusmove.com and we will assist within a reasonable time.

6. Breach notification

If we become aware of a personal-data breach affecting your customers' data, we will notify you without undue delay after becoming aware, with the information you need to meet your own ICO and 72-hour reporting duties, and we will help you assess and respond.

7. Deletion or return on termination

When you close your account or this agreement ends, you can export your data first using the in-app tools. After that, on your request — or in any event within 30 days of termination — we will delete your customers' personal data from the live system, except where law (for example, tax and accounting retention for invoices) requires us to keep specific records, in which case we keep only those, only for as long as required, and continue to protect them. Routine encrypted backups are overwritten on their normal cycle.

8. Audits and information

On reasonable written request (no more than once a year unless a regulator or a breach requires otherwise), we will give you the information you reasonably need to demonstrate compliance with this agreement — including this DPA, our list of sub-processors and their safeguards, and a description of our security measures. Given our scale, this is provided as written information rather than on-site audits.

What this covers (description of processing)

  • Subject matter: providing the Altus Move CRM and operations platform to you.
  • Duration: for as long as your account is active, then the deletion window in clause 7.
  • Nature and purpose: storing, organising, displaying, transmitting and deleting your customers' data so you can run enquiry to survey to quote to acceptance to payment to job to invoice to automation; sending emails and SMS on your behalf; calculating distances; address lookup; and optional AI parsing of survey dictation.
  • Categories of personal data: names; contact details (email, phone); addresses; move details and job notes; property photos; and payment status (paid/unpaid/amounts). Card numbers are not stored by us — they are handled directly by Stripe.
  • Categories of data subject: your removals customers, and your own staff whose accounts you create in the app.

Questions

If anything here is unclear, or you need a signed copy or a specific safeguard, email hello@altusmove.com and we will help.