Privacy Statement of Bristol Global Mobility, LLC

Effective September 2020

We at Bristol Global Mobility LLC and our affiliates Bristol Global Mobility LTD (UK), Bristol Global Mobility (Asia) PTE (Singapore) and Bristol Global Mobility LLC (Canada) (collectively, “Bristol Global Mobility”, “we”, “us”, “our”) know that your privacy is important. This Bristol Privacy Policy (“Privacy Policy”) is designed to assist you in understanding how we will collect, use, or otherwise process the personally identifiable information (“Personal Data”) we collect and use (1) in our Bristol ELITE web application and the Bristol ELITE mobile applications (i.e., Bristol ELITE Mobile for iOS® and Bristol ELITE Mobile for Android®) (collectively, the “Applications”); (2) when we provide you with professional services facilitating employee relocation (the “Professional Services”); and (3) on our global website located at, as well as in the course of selling our products and using other related services, as described in more details in this Privacy Policy (collectively, referred to as the “Website”) (collectively with the Applications and the Professional Services, the “Services”). Please read this Privacy Policy to learn more about the ways in which we collect and use your Personal Data. If we make any material changes to this Privacy Policy, we will notify you in accordance with the process described in the Changes to this Privacy Policy section below. By using our Services, you consent to our collection, use, disclosure, and all other types of processing of your Personal Data as described in this Privacy Policy.

Information We Collect

Categories of Personal Data

We may process the following types of Personal Data in our Applications:

  • biographical data, such as your age, first or last name, or those of your children (if applicable);
  • contact data, such as work, home, and temporary addresses, departure and destination address, contact phone numbers, business and personal e-mail addresses;
  • employment data, such as your employment number;
  • payment information, such as your credit card number;
  • financial data, including financial account numbers;
  • social security number;
  • education background and related data;
  • data contained on the biodata page of a passport; and
  • personal relocation benefits.

Under the California Consumer Privacy Act (the “CCPA”), the specific Personal Data points listed above is organized into distinct categories. For clarity, we process Personal Data that falls under the following CCPA categories: Identifiers, California Customer Records Personal Information Categories, Protected Classification Characteristics Under California or Federal Law, Professional or Employment Related Information, and Nonpublic Education Information.

With respect to our Professional Services and the Website, we may also process:

  • web analytics data; and
  • any other type of data, as submitted in the data subject’s sole discretion via email.

Under the CCPA categories, the web analytics data may fall under Internet or Other Similar Network Activity. Personal Data submitted by the data subject via email could fall under any of the CCPA categories.

How We Receive Personal Data

We may receive your Personal Data when:

  • you provide them to us – at the time of initiation of a call (conveyed verbally over the phone) or via our Services;
  • your spouse/partner provides them to us;
  • our clients (including their employees, contractors, and other representatives of the company) provide these data to us;
  • our service providers provide them to us; or
  • when a friend of yours or one of our partners, vendors, clients, or employees refers you to our Services by providing your Personal Data to us.

We may also receive your Personal Data from other third parties. If we receive your Personal Data from a third party, we will notify you, where required by applicable laws, without undue delay.


A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to enable us to track devices authorized by you for use as part of our two-stage authentication functionality. The use of cookies is industry standard so your browser may be set to accept cookies. If you would prefer not to accept cookies, you can alter the configuration of your browser to reject all cookies or some cookies. Note, if you reject certain cookies, you may not be able to access all of our Applications features. For more information please visit

Responding to Do Not Track Signals

Our Bristol ELITE web application is set to respond to “Do Not Track” signals received from various web browsers.

How We Use Your Information


In the context of this Privacy Policy, Bristol Global Mobility acts as a data controller for the Personal Data we process.

Basis of Processing:

Within the scope of this Privacy Policy, we may rely on one or more of the following legal grounds for processing your Personal Data:

  • your consent;
  • the need to perform our obligations under a contract or to perform related pre-contractual duties at your request;
  • the legitimate interests pursued by us or a third party, such as to facilitate the relocation of employees and their families;
  • the need to comply with a legal obligation to which we are subject; or
  • any other ground, as required or permitted by law in the specific respective context.

Please note that where we process your Personal Data based on your consent, you may withdraw your consent at any time. This will not affect the lawfulness of processing that was conducted based on consent given before the withdrawal, however, nor will it affect processing performed on other lawful grounds.

Where we receive your Personal Data directly from you for the purpose of providing you with our Services, we require such Personal Data to be able to perform our contractual obligations to you. Without the necessary Personal Data, we will not be able to provide Services to you.

Purposes of Processing:

In our Applications, we process Personal Data for the purposes of:

  • enabling the use of the Services;
  • providing our Professional Services, including the facilitation of relocation authorized by an employee's employer (our client);
  • responding to your inquiries, and/or other requests or questions; and
  • sending you email marketing communications relating to our business which we think may be of interest to you.

With respect to our Professional Services and the Website, we may also process your Personal Data for the purposes of:

  • measuring customer satisfaction;
  • accounting and human resources management; and
  • facilitating sales.

Data Retention Periods:

We are legally obliged to keep certain records for our clients for up to 7 years after the file (or employee) has been authorized for relocation services. Personal Data might be retained for longer periods for any audit or reporting purposes our clients may require.

We may also retain limited amounts of Personal Data for as long as we consider it potentially useful in contacting you about our Services, or as needed to comply with our legal obligations, resolve disputes, and enforce our agreements. However, we will always respect your request(s) that we delete your Personal Data, subject to the limitations described in this Privacy Policy.

Sharing Personal Data with Third Parties:

We may share your Personal Data with other entities. Such third parties may include those providing:

  • mobile and web app development purposes;
  • managed IT services; and
  • managed IT support services.

With respect to our Professional Services and the Website, we may also share your Personal Data with third parties providing:

  • customer relationship management software;
  • online survey tool services;
  • email marketing services;
  • accounting software services;
  • work management platform services;
  • domain services;
  • email services;
  • software for responding to requests for proposals and security questionnaires;
  • HR management;
  • colocation and cloud services; and
  • furniture rental services.

We will require that these third parties maintain at least the same level of confidentiality and data protection that we maintain for such Personal Data.

Some of our service providers who receive your Personal Data may be located in countries outside of the European Union or the European Economic Area ("EEA"). In some cases, the European Commission may not have determined that the legal environment in those countries provides a level of data protection that is essentially equivalent to the level of protection provided under European Union law. Transfers of your Personal Data to such service providers will typically be subject to appropriate safeguards, such as the Standard Contractual Clauses ("SCCs") for the transfer of Personal Data to third countries, as approved by, and available directly from, the European Commission.

Bristol Global Mobility remains liable for the protection of Personal Data that we transfer or have transferred to our service providers through our designated data transfer mechanism, such as the SCCs, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.

Other Disclosures of Your Personal Data:

We may disclose your Personal Data:

  • to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders;
  • if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change; or
  • to our subsidiaries or affiliates only if necessary for business and operational purposes.

We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any Personal Data, about our Services users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients, and customers.

If we must disclose your Personal Data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy or security of your Personal Data.

Disclosure of Your Personal Data under the CCPA

In the preceding twelve (12) months, Bristol Global Mobility has disclosed the following categories of Personal Data for a business purpose:

  • Identifiers
  • California Customer Records Personal Information Categories
  • Protected Classification Characteristics Under California or Federal Law
  • Professional or Employment Related Information
  • Nonpublic Education Information

Sale of Your Personal Data under the CCPA:

In the preceding twelve (12) months, Bristol Global Mobility has not sold Personal Data.

Data Integrity & Security

Bristol Global Mobility has implemented and will maintain technical, organizational, and physical security measures that are reasonably designed to help protect Personal Data from unauthorized processing, such as unauthorized access, disclosure, alteration, or destruction.

Access & Review

If you are a data subject about whom we store Personal Data, you may have the right to request access to, and the opportunity to update, correct, or delete, such Personal Data. You may also have the right to ask that we limit our processing of your Personal Data, to object to our processing of your Personal Data, or to ask to have your Personal Data exported in a machine-readable format. You may exercise such requests via your Bristol Global Mobility Advisor by e-mail. You may also submit such requests or raise any other questions related to the way we process your Personal Data by using the information provided in the Contact Us section of this Privacy Policy, or by contacting our European Union Representative or our Data Protection Officer, where applicable.


We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties
  • Provide you a different level or quality of goods or services
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Revoking or Limiting Consent and Opting Out

You may also have the right to opt out of having your Personal Data shared with third parties, and you may revoke your consent that you have previously provided for us to share your Personal Data with third parties, except as required by law. You also have the right to opt out if your Personal Data is used for any purpose that is materially different from, but nevertheless compatible with, the purpose(s) for which it was originally collected or subsequently authorized by you. To do this, you may send your request to our Privacy Officer using the information in the Contact Us section of this privacy policy.

Children’s Privacy

The Services are not directed at, or intended for use by, children under the age of 13. We do not knowingly allow anyone under 18 to provide any Personal Data when using our Services. Children should always get permission from a parent or guardian before sending their Personal Data over the Internet. If you believe your child may have provided us with their Personal Data, you can contact our Privacy Officer using the information in the Contact Us section of this Privacy Policy and we will delete these Personal Data.

Changes to this Privacy Policy

If we decide to make material changes in the way we use Personal Data, we will post those changes to this Privacy Policy, on our home page, or in other places we deem appropriate, prior to the change becoming effective so that you are aware of what Personal Data we collect, how we process it, and under what circumstances, if any, we disclose it.

By continuing to use our Services after we post any such changes, you accept the Privacy Policy as modified.

EU-U.S. and Swiss-U.S. Privacy Shield Frameworks

For Personal Data in the scope of this Privacy Policy that are processed in our Applications, Bristol Global Mobility complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (the "Privacy Shield"), as adopted and set forth by the U.S. Department of Commerce and the Swiss Administration regarding the processing of Personal Data transferred from Switzerland to the United States or otherwise received in reliance on the Privacy Shield.

Bristol Global Mobility commits to continue to adhere to and has certified to the Department of Commerce that it will continue to adhere to the Privacy Shield Principles with regard to Personal Data that was received in reliance on Privacy Shield. Bristol Global Mobility does not currently use the Privacy Shield as its data transfer mechanism from the EEA and uses the SCCs as its primary data transfer mechanism for EEA Personal Data.

To learn more about the Privacy Shield principles, and to view Bristol Global Mobility’s certification information, please visit and, respectively.

Data Transfer Mechanisms

Bristol Global Mobility uses the SCCs as its primary data transfer mechanism for transferring Personal Data from the EEA. The SCCs are formally integrated into our agreements with third parties from whom and on behalf of whom we receive EEA Personal Data.

In addition, Bristol Global Mobility regularly reviews and confirms its compliance with the most up-to-date guidance and obligations on valid data transfer under applicable privacy regulations. If we find it necessary to update the data transfer mechanism used, we will update this Privacy Policy accordingly.

VeraSafe Privacy Program

Bristol Global Mobility is a member of the VeraSafe Privacy Program, meaning that with respect to Personal Data in the scope of this Privacy Policy processed in our Applications, VeraSafe has assessed Bristol Global Mobility’s data governance and data security for compliance with the VeraSafe Privacy Program Certification Criteria. The certification criteria require that participants maintain a high standard for data privacy and implement specific best practices pertaining to notice, onward transfer, choice, access, data security, data quality, recourse, and enforcement.

Dispute Resolution

Where a privacy complaint or dispute relating to Personal Data that was received by us in reliance on the Privacy Shield cannot be resolved through Bristol Global Mobility’s internal processes, Bristol Global Mobility has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information here:

Binding Arbitration

If your dispute or complaint related to your Personal Data that we received in reliance on Privacy Shield can’t be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.

U.S. Regulatory Oversight

Bristol Global Mobility is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Data Protection Officer

VeraSafe has been appointed as Bristol Global Mobility’s data protection officer (DPO) in accordance with Article 37 of the General Data Protection Regulation of the EU (GDPR). VeraSafe can be contacted in addition to Bristol Global Mobility only on matters related to the processing of Personal Data and to exercise your rights under the GDPR. To make such an inquiry, please contact VeraSafe at:


          22 Essex Way #8203

          Essex, VT 05451 USA

          Phone: +1 (888) 376-1079

          Email:  experts@verasafe.comraSafe can be contacted at:

European Union (EU) Representative

VeraSafe has been appointed as Bristol Global Mobility’s representative in the EU for data protection matters, pursuant to Article 27 of the GDPR. VeraSafe can be contacted in addition to Bristol Global Mobility only on matters related to the processing of Personal Data. To make such an inquiry, please contact VeraSafe using this contact form: . Alternatively, VeraSafe can be contacted at:

Matthew Joseph

Zahradníčkova 1220/20A

Prague 15000

Czech Republic


VeraSafe Ireland Ltd

Unit 3D North Point House

North Point Business Park

New Mallow Road

Cork T23AT2P


EU Supervisory Authority Oversight

If you are a data subject whose Personal Data we process, you may also have the right to lodge a complaint with a data protection regulator in one or more European Union member states.

Contact Us

If you have any questions about this Privacy Policy or our treatment of your Personal Data, please write to our Privacy Officer by email or by postal mail at:

Attn: Privacy Officer

Bristol Global Mobility LLC

2001 N. 3rd Street, Suite 200

Phoenix, AZ 85004


You may also contact us via the following phone numbers:

Within the United States: +1 888 371 4297; Fax: +1 602 952 1557; Text: +1 972 839 7285

Outside the United States: + 1 602 952 0355;

EMEA (United Kingdom): + 44 020 7952 1050;

APAC (Singapore): + 65 66533421

Please allow up to 10 days for us to reply.


To request company and transferee information be removed from Bristol’s system, please submit the below form.

YOUR INQUIRY * Indicates Required Field

A quick summary of how your inquiry will be handled:

As you're likely aware, the purpose of this form is to help make it easier for you to get in touch with non-EU organizations that process your personal data. Given that, any data you submit on this form will be transferred to the foreign organization that you identify in the "Name of the organization that your inquiry relates to" field, above, with the aim of helping resolve your concern. Note that you likely won't hear any response to your inquiry from VeraSafe directly. Unless the foreign organization specifically authorizes us to respond to you directly, the foreign organization will be fully responsible for handling your inquiry on their own, without any involvement from VeraSafe. We act as a facilitator, and don't have any way to resolve your inquiry ourselves. We want to help you, but we have no power to force any foreign organization to respond to your inquiry, even if we (you and us) both think they should.

Since VeraSafe has a legal obligation to relay your inquiry to the foreign organization you identify above, your rights to request that we not use your data for this purpose are quite limited. Likewise, please be aware that we have a legal obligation to document how we handle your inquiries, which may prevent us from erasing your personal data upon your request. If you do not want VeraSafe to process your personal data, you must not submit such personal data to us in any way. You can always direct your concern to the foreign organization directly (instead of VeraSafe), and you have no obligation to send your inquiry to VeraSafe.

By clicking "Submit" you agree to our privacy policy

Stay in touch with Bristol