Privacy Policy Addendum for Canadian Residents

HomePrivacy Policy Addendum for Canadian Residents

Effective Date: June 3, 2026

Document Reference: CAN-SaaS-Compliance-v2

Overview for Canadian Clients

This document outlines how Moverbase protects Canadian personal information, details our technical security architecture, and defines the division of legal responsibilities under Canadian Privacy Laws (including PIPEDA and Quebec Law 25).

Section 1: Processor Role and United States Data Hosting

Moverbase is a United States-based Software-as-a-Service (SaaS) provider. Under Canadian privacy laws, Moverbase operates strictly as a Data Processor (or data custodian), while the Moving Company utilizing our platform operates as the Data Controller.

Data Storage Location

All data handled by the Moverbase platform is transferred to and hosted on secure servers located within the United States.

Legal Jurisdiction

Personal information transferred to the United States remains protected under the contractual commitments Moverbase makes to its Canadian clients (ensuring a “comparable level of protection” under PIPEDA). Concurrently, because the data resides on US soil, it is subject to lawful local US disclosures, subpoenas, or warrants issued by US authorities (such as the USA PATRIOT Act).

Data Access Requests

Moverbase does not own or control the data entered into its system. All individual data requests (access, correction, or deletion) must be submitted directly to the Moving Company.

Section 2: Data Subject Requests (DSR) Management

If an individual consumer (a customer of a Moving Company) contacts Moverbase regarding their personal data, Moverbase will implement the following protocols:

Redirection

Moverbase will not directly process, modify, or delete end-user data upon direct individual request. The individual will be redirected immediately to their respective Moving Company.

Controller Instructions

Moverbase will only act on data deletion, extraction, or correction requests when received through an authorized administrator of the Moving Company.

Processing Timelines

Moverbase commits to executing authorized data retrieval or deletion commands issued by the Moving Company within ten (10) business days.

Section 3: Security Safeguards

Moverbase maintains an administrative and technical security program designed to protect customer personal information against unauthorized access, loss, or disclosure.

Encryption in Transit

All data transmitted between user browsers and the Moverbase platform is encrypted using industry-standard Secure Sockets Layer / Transport Layer Security (SSL/TLS) protocols.

Data Storage Safeguards

To maintain system stability and high-performance operational throughput, data stored within our primary transactional databases is protected via network-level perimeter isolation rather than static encryption at rest.

Access Boundaries

Moverbase secures its hosting environments by enforcing strict perimeter controls:

  • Network Restriction: External traffic is strictly limited to public-facing access points required to run the application. Direct external connectivity to back-end data storage layers is completely disabled.
  • Administrative Access Control: System management access is restricted exclusively to authorized Moverbase technical personnel using secure authentication protocols.
  • Credential Hashing: Critical authentication data, including account passwords, is cryptographically salted and hashed prior to storage.

Section 4: Division of Responsibility

Responsibility Moving Company (Controller) Moverbase (Processor)
Obtaining Customer Privacy Consent Accountable Exempt
Ensuring Intake Data Accuracy Accountable Exempt
Setting Data Retention & Purge Rules Accountable Exempt
Responding to End-User Access Requests Accountable Supports
Perimeter Infrastructure Security Exempt Accountable
Data Breach Notification (Internal Platform) Exempt Accountable (48 Hours)

Section 5: Breach Notification & Incident Response

In the event that Moverbase identifies a confirmed security incident impacting our infrastructure that results in unauthorized access to Customer Personal Information, Moverbase will:

  1. Notify the Moving Company: Send a direct notification to the affected Moving Company account administrator within forty-eight (48) hours of confirmation.
  2. Regulatory Support: Provide necessary technical details regarding the scope of the incident to allow the Moving Company to fulfill its mandatory reporting obligations to the Office of the Privacy Commissioner of Canada (OPC).

Section 6: Contact Information

Moverbase Privacy Officer

Office of the Privacy Commissioner of Canada (OPC)

Moverbase is a Smart Move! Get Moverbase for FREE!

Sign Up Now

What We Do

Moverbase is powerful moving company software that manages the entire operations of a moving company. We empower our moving company clients with web and mobile apps to make them super efficient and profitable.
Learn More...

MOVERBASE APPS

Moverbase for iPhone, iPad & Mac:



Android Phones & Tablets

Our Moving Industry


State Moving Associations

Find your State Moving Association

State Mover Regulators

State moving licenses & regulators

All types of Movers

Haulers & Disposal Companies

Senior Moves & Organizers

Campus and College Movers

Compare Moverbase

Moverbase v Smartmoving

Moverbase v Move it Pro

Moverbase v Movegistics

Moverbase v Generic CRMs (Jobber, Housecall, Hubspot)

Documentation & Support

Guides

 

Widgets

 

Moverbase Knowledgebase:

Tons of Videos and How to’s: FAQs & Help

 

Developers? Leads Providers?
Integrate with Moverbase:
Moverbase API

Moverbase System Status
Platform Status 

Contact Support
Contact Us

 

Moverbase, LLC

USA & Canada:
(888) 938 5054
International Callers:
+1 (413) 206-6837

About Us
Features
Terms of Service
Privacy Policy

Google API Disclosure

Partners
Leads Providers
Websites for Movers

Global Movers & Removalist CRM

Copyright © Moverbase LLC