Data Security & GDPR Compliance
Your customs data deserves enterprise-grade protection. We have built ReloOps from the ground up with security and privacy at its core, ensuring full compliance with UK and EU data protection regulations.
Enterprise-Grade Security
We employ multiple layers of security to protect your sensitive customs and personal data at every stage of the declaration process.
AES-256 Encryption
All data is encrypted at rest and in transit using industry-standard AES-256 encryption. Your sensitive customs documents are protected with the same level of security used by financial institutions.
UK Data Residency
All customer data is stored exclusively in UK-based data centres, ensuring compliance with UK data sovereignty requirements and providing peace of mind for British businesses.
Access Control
Role-based access control (RBAC) ensures that only authorised personnel can access sensitive data. Multi-factor authentication is available for all user accounts.
Audit Logging
Comprehensive audit trails track all data access and modifications. Full transparency for compliance reporting and internal governance requirements.
Secure Data Flow
Understanding how your data moves through our system—from initial input to official customs submission.
Client Input
End-customer enters personal and goods data via secure, encrypted web portal
Encryption & Storage
Data encrypted with AES-256 and stored in UK data centres
Mover Review
Removal company reviews and validates declaration data
Secure Submission
Declaration submitted via encrypted API to HMRC CDS or Irish Revenue AIS
Client Input
End-customer enters personal and goods data via secure, encrypted web portal
Encryption & Storage
Data encrypted with AES-256 and stored in UK data centres
Mover Review
Removal company reviews and validates declaration data
Secure Submission
Declaration submitted via encrypted API to HMRC CDS or Irish Revenue AIS
End-to-End Encryption
Data is encrypted from the moment it leaves the user's browser until it reaches HMRC or Irish Revenue systems. At no point is unencrypted personal data exposed to potential interception.
UK & EU GDPR Compliance
As a Data Processor handling Transfer of Residence documentation, we adhere strictly to all principles of the UK and EU General Data Protection Regulations.
Lawful Processing
We process personal data only with valid legal basis, primarily for the performance of customs declarations as contracted by our clients.
Purpose Limitation
Data is collected solely for customs declaration purposes and is never used for marketing or sold to third parties.
Data Minimisation
We collect only the information necessary to complete Transfer of Residence declarations—nothing more.
Storage Limitation
Personal data is retained only for the period required by HMRC and Irish Revenue regulations, then securely deleted.
Integrity & Confidentiality
Technical and organisational measures ensure data remains accurate, secure, and protected against unauthorised access.
Accountability
We maintain detailed records of processing activities and can demonstrate compliance upon request.
Our Role as Data Processor
Under GDPR, ReloOps operates as a Data Processor on behalf of removal companies (the Data Controllers). This means we process personal data only according to the instructions of our clients and solely for the purpose of completing customs declarations.
- Data Processing Agreements (DPAs) available for all clients
- Clear documentation of processing activities
- Support for Subject Access Requests (SARs)
- 72-hour breach notification commitment
Data Responsibilities
Determines the purpose and means of processing client data for customs declarations.
Processes data on behalf of removal companies, following their instructions and GDPR requirements.
Receives declaration data for customs clearance processing under legal obligation.