The smaller print

Privacy policy

Privacy Policy

This privacy statement is a legally binding agreement between you (“User”, “you” or “your”) and K2 Corporate Mobility Limited (“K2”, “we”, “us” or “our”).
We greatly respect your privacy and your trust and confidence in us. We are fully committed to protecting any personal data (personally identifiable information or PII) that you share with us.
This privacy statement (“Policy”) describes the types of information we may collect from you or that you may provide to us (“Personal Information”) either on our https://k2corporatemobility.com website (“Website” or “Service”) and any of our related products and services (collectively, “Services”). This policy explains our practices for collecting, using, maintaining, protecting, and disclosing that Personal Information. It also describes the rights afforded to you, our use of your Personal Information and how you can access, update or object to its processing.
If you do not agree to us processing your personal information in the way described in this policy, please cease to access our websites or services. By continuing to access our services you are accepting the terms described within this statement.

As the privacy laws may apply differently to individuals based within other counties, we have also outlined our responsibilities in respect to those laws and offer further guidance in section 15 of this policy.

1. Important Information on who we are

Data Controller

K2 Corporate Mobility Limited is the controller and responsible for your personal data.
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your rights, please contact our DPO using the details set out below.

Contact details

K2 Corporate Mobility Ltd
5th Floor,
Connaught House,
255 High Street,
Guildford,
GU1 3BS,
United Kingdom
Tel: +44 (0)1483 572550

2. What kind of personal information do we collect about you.

Whilst using, accessing or consuming any of our services, we may request that you provide personal information to deliver such services and this information may be used to identify you as a specific individual, directly or indirectly.

We commit to only requesting the minimal personal information required to deliver services including:

  • Basic personal data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact data includes billing address, delivery address, personal email address, personal telephone numbers, business email address, business telephone numbers and information relating to your next of kin.
  • Educational Information including Languages Spoken, Degree Certificate, Current school, school year, school reports, selected school, Professional Certifications, Education certification, Work History, School Status
  • Financial data includes bank account details, contracts of employment, salary information, payment card details, Housing Inventory, Customs Documentation, Shipping Inventories, Housing Budget and housing lease contracts.
  • Marketing and communications data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Personal identity information including Passport Details, Birth Certificate, Right to Work, Copy of Visa, Marriage Certificate, Social Security Number
  • Profile data includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
  • Technical data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, social media identifiers and other technology on the devices you use to access this website.
  • Transaction data includes details about payments to and from you and other details of products and services you have purchased from us.
  • Usage data includes information about how you use our website, products, and services.
3. Special Category Data.

We will only process your sensitive personal data when performing our relocation services or where a legal requirement exists, for example where we need to process visa applications or assist with meeting border entry requirements. Sensitive personal data can include but is not limited to your, ethnic origin, political opinions, religion or beliefs, trade union membership, genetic or health status, personal identity information for example, your passport, driver’s license or birth certificate, your sexual orientation, and details of any criminal convictions that may restrict entry.
If you choose to provide sensitive personal data to us for any reason, the act of doing so constitutes your explicit consent. Before sensitive personal data is provided by you, we ask that you first contact us. We will clarify to you whether the provision of the sensitive personal data is required by law or contract or is necessary for the conclusion of the contract, and whether there is an obligation to provide the sensitive personal data and the consequences of not providing any such data.
Do not provide sensitive personal data to us, unless you hereby consent to our use of that data for the purposes described or do not consent to the transfer and storage of any said information in our systems and databases.

4. How is your personal data collected?

We use different methods to collect data from and about you including through:

1. Direct interactions. You may give us your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • Apply for our products or services.
  • Request marketing to be sent to you.
  • Enter a competition, promotion, or survey; or
  • Give us feedback or contact us.

2. Automated technologies or interactions. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. For more information about the cookies we use, please see our cookie policy.

3. Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below.

Technical data from the following parties:

  • Analytics providers such as Google based outside the UK.
  • Advertising networks.
  • Search information providers.
  • Contact, financial and transaction data from providers of technical, payment and delivery services.

We may also obtain Identity and contact data from publicly available sources such as Companies House and the electoral register (UK Only).

5. How do we use the information we collect about you.

Any personal data shared with us will only be for specific business purposes and if permitted by law. If you do not provide the information that we request, we may not be able to provide you with the requested products or services.

Information we collect may be used for the following lawful bases:

  • Where we need to perform the contract, we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal obligation
  • Please see the information below to find out more about the types of lawful basis that we will rely on to process your personal data

Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us

Purposes for which we will use your personal data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground, we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose or activity Type of data Lawful basis for processing, including basis of legitimate interest
To register you as a new customer

(a)   Basic

(b)  Contact

 (a) Performance of a contract with you

To provide and deliver your relocation services as contracted and initiated by the client/ your employer.

 

 

 

 

(a)   Basic

(b)   Contact

(c)   Educational

(d)   Financial

(e)   Transaction

(f)    Identity Information

(g)   Marketing & communications

(a) Your consent

(b) Performance of a contract

(c)  Necessary to comply with a legal obligation

 

 

 

 

 
To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us

(a) Basic

(b) Contact

(c) Financial

(d) Transaction

(e) Marketing & communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

 

 
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey

(a) Basic

(b) Contact

(c)  Profile

(d) Marketing & communications

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c)  Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To enable you to complete a survey

(a) Basic

(b) Contact

(c)  Profile

(d) Usage

(e) Marketing & communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Basic

(b) Contact

(c)  Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Basic

(b) Contact

(c)  Profile

(d) Usage

(e) Marketing & communications

(f)  Technical

 (a) Necessary for our legitimate interests (to study how customers use our products or services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products or services, marketing, customer relationships and experiences

(a) Technical

(b) Usage

 (a) Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you

(a)  Basic

(b) Contact

(c)  Technical

(d) Usage

(e) Profile

(f)   Marketing & communications

 I.       Necessary for our legitimate interests (to develop our products or services and grow our business)

I. Reporting

We also use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

II. Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

III. Promotions

We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this ‘marketing’). You will receive marketing communications from us if you have requested information from us or purchased services from us and you have no topted out of receiving that marketing.

IV. OptingOut

You canask us or third parties to stop sending you marketing messages at anytime by following the opt-out links on any marketing message sent to you or by contacting us at any time.

V. Cookies

You can set your browser to refuse allor some browser cookies, or to alert you when websites set or access cookies.If you disable or refuse cookies, please note that some parts of this websitemay become inaccessible or not function properly. For more information about the cookies we use, please see our Cookie Policy

VI. Changeof purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent ,in compliance with the above rules, where this is required or permitted by law.

6. Your Rights

Under certain circumstances, you have rights afforded to you under data privacy protections laws. Details of these rights and how you can action them, can be found described below:

I. Access your personal information.

You have the right to access your personal Information (commonly known as a ‘data subject access request’). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. If you wish to access your data, you can do so by sending an email to privacy@k2corporatemobility.com We will respond to your access request within30-days.

II. Correct your personal information.

This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. You can submit a rectification request through the channels listed in “(I.) Access your Personal Information”.

III. Delete your Personal data

This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised yourright to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. You can submit a deletion request through the channels listed in “(I.) Access your Personal Information”.

IV. Object to Processing

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

You can submit a request to object to processing through the channels listed in “(I.)Access your Personal Information”.

V. Restrict automated decision-making by information systems.

This enables you to ask us to suspend the processing of your personal data in the following scenarios:

  • If you want us to establish the data’s accuracy.
  • Where our use of the data is unlawful, but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

You can submit a request to restrict data processing through the channels listed in“(I.) Access your Personal Information”.

VI. Data Portability

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you

You can submit a request to transfer your data to a different partner through the channels listed in “(I.) Access your Personal Information”.

VII. Withdraw consent.

You can withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. To do so, please submit a revocation request through the channels listed in “(I.) Access your Personal Information”.

VIII. Fees.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.Alternatively, we could refuse to comply with your request in these circumstances.

IX. Respond to your above-mentioned requests.

For security, you might be required to submit written requests or prove your identity by other means. We might ask you to verify your identity before handling your request.

We will respond to all requests within 30days.

If you are not entirely satisfied with our processes, then you have the right to complain. We take all complaints extremely seriously and would in the first instance request that you contact us by sending an email to privacy@k2corporatemobility.com. If you feel that your complaint has not been resolved to your satisfaction, you can also file a complaint directly with the authorities documented at the foot of this policy.

7. InternationalTransfers

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented as follows:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contracts incorporating standard contractual clauses as approved by the European Commission and approved for use in the UK which give personal data the same protection it has in the UK.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.

8. Data Sharing

We may share your personal data with the parties set out below for the purposes set out in the table above.

Internal third parties

Other companies in the K2 Group and provide IT and system administration services and undertake leadership reporting.

External third parties

These include:

  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services.
  • HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
  • Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

9. Privacy of children

We do not knowingly collect any PersonalInformation from children under the age of 16. If you are under the age of 16, please do not submit any Personal Information through the Website and Services.If you have reason to believe that a child under the age of 16 has providedPersonal Information to us through the Website and Services, please contact us to request that we delete that child’s Personal Information from our Services.

We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through theWebsite and Services without their permission. We also ask that all parents and legal guardians overseeing the care of children take the necessary precautions to ensure that their children are instructed to never give out PersonalInformation when online without their permission.

10. Links to other resources

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

11. Informationsecurity

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so

12. Changes and amendments

We reserve the right to modify this Policy, or its terms related to the Website and Services at any time at our discretion. When we do, we will revise the updated date at the bottom of this page. We may also provide notice to you in other ways at our discretion, such as through the contact information you have provided.

An updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Website and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.

13. Acceptance of this policy

You acknowledge that you have read this Policy and agree to all its terms and conditions. By accessing and using the Website and Services and submitting your information you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to access or use the Website and Services.

14. Retention of Personal Data

We will cease to retain documents containing personal data or remove the means by which the personal data can be associated with particular individuals, as soon as it is reasonable to assume that the Purpose for which that personal data was collected or further processed is no longer being served by retention of the personal data. Where data is retained for statutory purposes, data will not be retained for any period longer than 7 years.

15. Country-Specific Privacy Terms

K2 is a global company, and as such, our approach to privacy compliance is a global one. No matter where you are located, whether in Europe, United States, the European Economic Area (EEA), the United Kingdom (UK), Latin America, the Middle East or Africa, or the Asia-Pacific region, we remain committed to abiding by all applicable data protection laws. Below you'll find region-specific privacy terms that might apply to you in addition to the general terms of this Privacy Policy, depending on the country from where you're based.

I. United States

a. Your Privacy Rights

This section applies to the processing of Personal Information about US residents using our Site and/or services and addresses the specific requirements under the Wisconsin Data Privacy Act and North Carolina Consumer Privacy Act.
The Privacy Acts, provide consumers with specific rights regarding their Personal Information. If you are a resident of one of these states, this section describes your rights under these laws.
The categories of Personal Information we process, our purposes for processing your Personal Information, the categories of Personal Information that we share with third parties, and the categories of third parties with whom we share it are detailed above in our Privacy Policy.
You can submit your requests by following the steps outlined in the section "Your Rights" in our Privacy Policy.

b. Your Right to Appeal

If we decline to take action regarding a request that you have submitted, we will inform you of our reason for declining to take action and provide instructions for how to appeal the decision. In the event that we do not respond to a request that you make pursuant to one of the privacy rights set forth in this section, you have the right to appeal our refusal to take action within a reasonable period of time after you receive our decision. Within 60 days of our receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may contact your state attorney general’s office to submit a complaint.

II. China

a. Your Privacy Rights

If you are a resident of the People’s Republic of China ("PRC"), you have, in addition to the rights set forth in the “Your Rights” section of our Privacy Policy, the right to access, correct, and delete the Personal Information of a deceased close relative. These rights automatically pass to individuals as described within the Personal Information Protection Law ("PIPL").

b. Legal Basis

If you are a resident of the Republic of China, we collect and process information about you only where we have legal bases for doing in accordance with Article 13 of the personal information protection law. The table of processing activities has therefore been updated to show the lawful basis in accordance with the Personal Information Protection Law.

Purpose or activity Type of data Lawful basis for processing, including basis of legitimate interest
To register you as a new customer

(a)    Basic

(b)    Contact

(a)  Your Consent

(b)  Performance of a contract with you
To provide and deliver your relocation services as contracted and initiated by the client/ your employer.

(a)    Basic

(b)    Contact

(c)    Educational

(d)    Financial

(e)    Transaction

(f)     Identity Information

(g)    Marketing & communications

(a)  Your consent

(b)  Performance of a contract

(c)  Necessary to comply with a legal obligation
To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us

(a)  Basic

(b)  Contact

(c)  Financial

(d)  Transaction Marketing & Communications

(a)  Your Consent

(b)  Performance of a contract with you
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey

(a)  Basic

(b)  Contact

(c)  Profile Marketing & communications

(a)  Your Consent

(b)  Performance of a contract with you

(c)  Necessary to comply with a legal obligation
To enable you to complete a survey

(a)  Basic

(b)  Contact

(c)  Profile

(d)  Usage Marketing & communications

(a)  Your Consent

(b)  Performance of a contract with you
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a)  Basic

(b)  Contact

(c)  Technical

(a)  Your Consent

(b)  Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a)  Basic

(b)  Contact

(c)  Profile

(d)  Usage

(e)  Marketing & communications

Technical

 (a)  Your Consent
To use data analytics to improve our website, products or services, marketing, customer relationships and experiences (a)  Technical Usage (a)  Your Consent
To make suggestions and recommendations to you about goods or services that may be of interest to you

(a)  Basic

(b)  Contact

(c)  Technical

(d)  Usage

(e)  Profile

(f)   Marketing & communications

 a.   Your Consent

c. Transfer of information outside of China

K2 will transfer your personal information to the United Kingdom as mentioned in the "International Transfer" section of our Privacy Policy. K2 may also transfer your Personal Information to third parties located outside of the territory of China if this is necessary to fulfil our purposes as outlined in Section 5 and 13, II, B of this policy.

Before we transfer any Personal Information outside the territory of China or share with a 3rd party, we will make sure that we have your explicit consent for cross border transfer and have met all the requirements as set forth by the Provisions on Promoting and Regulating Cross Border Data Flows. Any data shared between our affiliated companies will be protected at the levels not lower than those required by applicable laws and regulations of China.

III. South Africa

a. Your Privacy Rights

If you are a resident within South Africa, we will ensure that your rights are upheld in accordance with Protection of Personal Information Act. The section entitled “Your Rights” as detailed in section 6 of this policy will explain how you can contact us in this regard.

b. Legal Basis

If you are a resident of South Africa, we collect and process information about you only where we have legal bases for doing in accordance with Section 11 of the Protection of Personal Information Act. Full details on how we process your personal data can be found described under Section 5 of this policy.

c. Transfer of information outside of South Africa

K2 will transfer your personal information to the United Kingdom as mentioned in the "International Transfer" section of our Privacy Policy. K2 may also transfer your Personal Information to third parties located outside of the territory of South Africa if this is necessary to fulfil our purposes as outlined in Section 5 of this policy.

Before we transfer any Personal Information outside the territory of South Africa, we will make sure that we have your explicit consent for cross border transfer and have met all the requirements as set forth by the Protection of Personal Information Act. Any data shared between our affiliated companies will be protected at the levels not lower than those required by applicable laws and regulations of South Africa.

IV. Sweden

a. Your Privacy Rights

If you are a resident of Sweden, we will ensure that your rights are upheld in accordance with the General Data Protection Regulation (GDPR). The section entitled “Your Rights,” as detailed in Section 6 of this policy, explains how you can contact us to exercise your rights. These include the rights to access your data, request rectification or erasure, restrict or object to processing, and the right to data portability. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).

b. Legal Basis

If you are a resident of Sweden, we collect and process your personal data only where we have a valid legal basis to do so under Article 6 of the GDPR. The table of processing activities has been updated to reflect the applicable lawful bases for each type of data processing activity, including your consent, performance of a contract, compliance with a legal obligation, protection of vital interests, performance of a task carried out in the public interest, or our legitimate interests.

c. Transfer of information outside of Sweden

K2 will transfer your personal data to the United Kingdom as described in the "International Transfers" section of this Privacy Policy. K2 may also transfer your personal data to third parties located outside of Sweden and the European Economic Area (EEA), if necessary, to fulfil the purposes outlined in Sections 5 and 6 of this policy.

Before transferring any personal data outside of the EEA, K2 will ensure that such transfers comply with the GDPR. This includes implementing appropriate safeguards, such as the European Commission’s Standard Contractual Clauses or other lawful transfer mechanisms. These safeguards ensure that your personal data is protected to a standard not lower than that required under Swedish and EU data protection laws.

V. Romania

a.    Your Privacy Rights

If you are a resident of Romania, we will ensure that yourrights are upheld in accordance with the General Data Protection Regulation(GDPR). The section entitled “Your Rights,” as detailed in Section 6 of thispolicy, explains how you can contact us to exercise your rights. These rightsinclude access to your personal data, rectification or erasure of data, restrictionof processing, objection to processing, and the right to data portability. Youalso have the right to lodge a complaint with the Romanian National SupervisoryAuthority for Personal Data Processing (Autoritatea Națională de Supraveghere aPrelucrării Datelor cu Caracter Personal – ANSPDCP).

b.    Legal Basis

If you are a resident of Romania, wecollect and process your personal data only where we have a valid legal basisto do so under Article 6 of the GDPR. The table of processing activities hasbeen updated to reflect the relevant lawful bases, which may include yourconsent, the performance of a contract, compliance with a legal obligation,protection of vital interests, the performance of a task carried out in thepublic interest, or our legitimate interests.

c.    Transfer of information outside of Romania

K2 will transferyour personal data to the United Kingdom as described in the"International Transfers" section of this Privacy Policy. K2 may alsotransfer your personal data to third parties located outside of Romania and theEuropean Economic Area (EEA), if necessary, to fulfil the purposes outlined inSections 5 and 6 of this policy.

Beforetransferring any personal data outside of the EEA, K2 will ensure thatappropriate safeguards are in place, in compliance with the GDPR. Thesesafeguards may include the use of the European Commission’s StandardContractual Clauses or other lawful transfer mechanisms. These measures ensurethat your personal data is protected at a level no lower than that requiredunder Romanian and EU data protection laws.

VI. Singapore

a. Your Privacy Rights

If you are a resident of Singapore, we will ensure that your rights are upheld in accordance with Protection of Personal Information Act. The section entitled “Your Rights” as detailed in section 6 of this policy will explain how you can contact us in this regard.

b. Legal Basis

If you are a resident of Singapore, we collect and process information about you only where we have legal bases for doing in accordance with Section 13 of the Protection of Personal Information Act. The table of processing activities has therefore been updated to show the lawful basis in accordance with the Personal Data Protection Act.

Purpose or activity Type of data Lawful basis for processing, including basis of legitimate interest
To register you as a new customer

(a)   Basic

(b)   Contact

(a)  Your Consent

(b) Performance of a contract with you

To provide and deliver your relocation services as contracted and initiated by the client/ your employer.

 

 

 

 

(a) Basic

(b) Contact

(c) Educational

(d) Financial

(e) Transaction

(f) Identity Information

(g) Marketing & communications

(a) Your consent

(b) Performance of a contract

(c) Necessary to comply with a legal obligation
To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us

(a) Basic

(b) Contact

(c) Financial

(d) Transaction Marketing & communications

(a) Your Consent

(b) Performance of a contract with you
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey

(a) Basic

(b) Contact

(c) Profile Marketing & communications

(a) Your Consent

(b) Performance of a contract with you

(c) Necessary to comply with a legal obligation
To enable you to complete a survey

(a) Basic

(b) Contact

(c) Profile

(d) Usage Marketing & communications

(a) Your Consent

(b) Performance of a contract with you
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Basic

(b) Contact

(c) Technical

(a) Your Consent

(b) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Basic

(b) Contact

(c) Profile

(d) Usage

(e) Marketing & communications

(f) Technical

 (a) Your Consent
To use data analytics to improve our website, products or services, marketing, customer relationships and experiences (a)  Technical Usage (a) Your Consent
To make suggestions and recommendations to you about goods or services that may be of interest to you

(a) Basic

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f) Marketing & communications

 a.   Your Consent

c. Transfer of information outside of Romania

K2 will transfer your personal information to the United Kingdom as mentioned in the "International Transfer" section of our Privacy Policy. K2 may also transfer your Personal Information to third parties located outside of Singapore if this is necessary to fulfil our purposes as outlined in Section 5 and 13, IV, B of this policy.

Before we transfer any Personal data outside Singapore, we will make sure that we have your explicit consent and have met all the requirements as set forth by the Personal Data Protection Act including the existence of a binding corporate contract. This contract is legally binding and ensures that any data shared between our affiliated companies will be protected at the levels not lower than those required by applicable laws and regulations of Singapore.

16. Contacting us

If you have any questions, concerns, or complaints regarding this Policy, the information we hold about you, or if youwish to exercise your rights, we encourage you to contact us using the details below:

Australia
Group Data Protection Officer
K2 Corporate Mobility Ltd,
Suite 7.04, St Martins Tower
31 Market Street,
Sydney
NSW 2000R.
privacy@k2corporatemobility.com		 South Africa
Data Protection Officer
K2 Corporate Mobility - Johannesburg
173 Oxford Rd
Rosebank
Johannesburg
South Africa
Zip code: 200021
Tel: +27 21 852 1031
privacy@k2corporatemobility.com
China
Data Protection Officer
Feng Ang Business Consulting (Shanghai) Co.,Ltd,
Executive Centre,
Level 23,
5 Corporate Avenue No. 150,
Hubin Road
Huangpu
Shanghai, China
Zip code: 200021
Tel: +86
china.privacy@k2corporatemobility.com		 Sweden
Group Data Protection Officer
K2 Corporate Mobility Ltd,
Davidshallsgatan 20
211 45 Malmo,
Sweden
+46 (0) 101511850
privacy@k2corporatemobility.com

 
France
Group Data Protection Officer
K2 Corporate Mobility Ltd,
1 Cour du Havre
75008
Paris
+33 (0)1 87 40 57 41
privacy@k2corporatemobility.com		 United Kingdom
Group Data Protection Officer
K2 Corporate Mobility Ltd,
5th Floor,
Connaught House,
255 High Street,
Guildford,
GU1 3BS,
United Kingdom
+44 (0)7530753501
privacy@k2corporatemobility.com
Romania
Group Data Protection Officer
K2 Corporate Mobility Ltd,
5th floor,
Metropolis Centre,
Strada Grigore Alexandrescu 89-97,
București 011736,
Romania
+44 (0)1483 572550
privacy@k2corporatemobility.com		 United States of America
Group Data Protection Officer
K2 Corporate Mobility Ltd,
10375 Richmond Avenue
Houston TX,
77042,
USA
+1 281 769 1655
privacy@k2corporatemobility.com
Singapore
Data Privacy Representative
36 Robinson Rd
#16-01 City House
Singapore
Zip code: 068877
Tel: +65 6415 6850
privacy@k2corporatemobility.com		  

17. Data Privacy Regulators

We will attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and, in any event, within the timescales provided by applicable data protection laws.

If you are not satisfied with our reply, especially if our processing of PI hurts your legal rights and interests, you can seek solutions through the following external channels

Australia
Office of the Australian Information
Commissioner
GPO Box 5288
Sydney NSW 2001
Tel: 1300 363 992 (Local)
+61 2 9942 4099 (International)
Website: Contact us | OAIC		 South Africa
Information Regulator
Woodmead North Office Park
54 Maxwell Drive
Woodmead
Johannesburg
South Africa
Zip code: 2191
Tel: +27 010 023 5200 (International)
Website: Information Regulator (South Africa)
China
Cyberspace Administration of China
225 Chaoyangmennei Da Jie
Beijing, China
Tel: +10 8805 0686
Website Cyberspace Administration China

Email: security@cac.gov.cn

 Sweden
Swedish Data Protection Authority
Box 8114,
104 20
Stockholm
Switchboard: +46 08-657 61 00

Website: https://www.imy.se/
France
Commission nationale de l'informatique et des libertés
3 Place de Fontenoy
TSA 80715
75334 Paris, Cedex 07
France
Tel: +33 (0)1 53 73 22 22
Website: https://www.cnil.fr/en		 United Kingdom
Information Commissioner's Office
Wycliffe House,
Water Lane
Wilmslow, Cheshire
SK9 5AF
Telephone: 0303 123 1113
Website: https://ico.org.uk/
Romania
Group Data Protection Officer
K2 Corporate Mobility Ltd,
5th floor,
Metropolis Centre,
Strada Grigore Alexandrescu 89-97,
București 011736,
Romania
+44 (0)1483 572550
privacy@k2corporatemobility.com		 United States of America
Office of the Attorney General of Texas
PO Box 12548
Austin,
TX 78711-2548
Telephone: (800) 621-0508

Website: Attorney General of Texas

 
Singapore
Personal Data Protection Commission (PDPC)
10 Pasir Panjang Rd
MBC,
Singapore
Zip Code: 117438
Telephone: +65 6377 3131
Website: https://www.pdpc.gov.sg/		  

This document was last updated on June 27, 2025

We are K2 Bespoke
Relocating business leaders, top-tier athletes, filmmakers, actors, musicians, high-net-worth individuals and government officials with a beyond exceptional experience.
© 2025 K2 Bespoke. All Rights Reserved
PrivacyCookiesTerms of use
Our socials:
LinkedInXInstagramYouTube