Privacy Notice (Global Data Protection Policy)
Effective Date: July 06, 2025
Last Updated: July 06, 2025
1. Introduction
Welcome to Elsewhere Co. LLC’s Privacy Notice. This Privacy Notice explains how Soft Landing by Elsewhere Co. LLC (“Elsewhere,” “we,” “our,” or “us”) collects, uses, discloses, and protects personal information of users (“you” or “your”) when you use our website and services, and it describes your rights and choices regarding your information. We are committed to protecting your privacy and handling your personal data in a transparent and compliant manner, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws (including, where relevant, the California Consumer Privacy Act (CCPA) and similar laws). Elsewhere Co. LLC (the provider of Soft Landing) acts as the “data controller” for the personal information we process, which means we determine the purposes and means of processing your personal data. If you have any questions about this Privacy Notice or our data practices, please contact us at brandon@elsewhere-co.com. By using Soft Landing’s services or website, you acknowledge that you have read and understood this Privacy Notice. If you do not agree with our practices, please do not use our services. We may update this Notice from time to time (see Section 9 on Changes), and will notify you of any significant changes.
2. Information We Collect
We collect various types of personal information from or about you, depending on how you interact with us. “Personal information” (or “personal data”) means any information that relates to an identified or identifiable individual. The categories of information we may collect include:
● Contact Information: When you fill out forms on our site or contact us, we collect information such as your name, email address, phone number, and country of residence. For example, if you submit an inquiry or sign up for a consultation, you will provide your name and email.
● Profile and Content: If you engage our consulting services, we may collect details relevant to your situation – for example, your business idea or plan, your goals for relocation, employment background, or other details you choose to share with us. This could include personal anecdotes or preferences that help us tailor our advice.
● Transaction Information: If you purchase a guide or pay for a service, we (or our payment processor) collect information about the transaction. This includes billing name and address, and partial payment card information (note: full card numbers and sensitive payment data are handled by our third-party processor, not stored on our servers). We will record details of what you purchased and when.
● Website Usage Data: Like many websites, we use cookies and similar tracking technologies to collect information about how you use our site. This includes IP address, browser type, device identifiers, pages viewed, dates/times of visits, and referring page. We use analytics tools (e.g., Google Analytics) to help understand website traffic and improve user experience. This usage data may be linked to you if associated with your account or email via cookies, but generally we analyze it in aggregated form. (See Section 5 on Cookies for more.)
● Communication Records: If you correspond with us via email, chat, or phone, we may keep records of that correspondence (including email addresses or phone numbers, and the content of communications). For instance, if you email us with a question, we retain that email to track you inquiries and our responses.
● Employment/Application Data: (If applicable) If you apply for a job or partnership with us, we might collect information such as your resume/CV, employment history, education, and references. This Privacy Notice primarily addresses data of our clients and website users; additional notice will be provided if you interact with us in a different capacity.
● Sensitive Personal Data: We do not intentionally collect sensitive personal data unless necessary. Please avoid submitting any sensitive data (such as racial or ethnic origin, political opinions, religious or philosophical beliefs, health information, sexual orientation, or biometric identifiers) unless it is directly relevant and you consent to our processing of it. In limited cases, such as discussing a relocation, you might share some health or family information (e.g., needing special accommodations) – if so, we will treat it with extra care and only use it for that purpose. We collect personal information either directly from you (e.g., when you fill in a form or speak with us), automatically (e.g., through cookies when you browse our site), or from third parties (e.g., if you were referred by a partner or if we use third-party data enrichment for business client leads, though that is not typical for us). Where we need to collect personal data by law or under a contract with you and you fail to provide it, we may not be able to provide or continue providing certain services (for example, if you don’t provide contact details, we cannot respond to your inquiry).
3. How We Use Your Information
We use your personal information for the following purposes (each of which must have a legal basis under GDPR, as noted):
● To Provide Services and Fulfill Our Contract: We use contact and profile information to deliver the consulting services or products you have requested. For example, if you book a consultation, we use your info to schedule and conduct the session, tailor our advice, and send you any follow-up materials. If you purchase a digital guide, we use your email to deliver the download link or file. Processing your data for these purposes is necessary to perform our contract with you or to take steps at your request before entering a contract (GDPR Art. 6(1)(b)).
● To Process Payments: We (through our payment processors) use transaction information to collect payment and maintain proper financial records. Legal basis: performance of a contract (processing payment for your order) and our legitimate interest in maintaining business records.
● To Communicate with You: We use your contact details to send service-related communications, such as confirmations, reminders, updates to our terms or privacy policy, or customer support responses. For example, we might email you to confirm an appointment or to reply to a question you asked. Legal basis: our legitimate interests in providing timely information and support, and/or performance of contract (if communication is about fulfilling our services).
● Marketing (With Consent or Legitimate Interest): We may use your email to send newsletters, blog updates, or promotions about our services that we think might interest you, but only if you have opted in to such communications or if you are an existing customer where permitted by law. You can unsubscribe at any time. The legal basis for marketing emails is your consent (GDPR Art. 6(1)(a)) if you sign up, or our legitimate interest in promoting our services (GDPR Art. 6(1)(f)) for existing clients, subject to your right to opt-out. We will not spam you, and we do not sell your information to third-party marketers.
● To Improve Our Services and Website: We analyze usage data (website analytics, feedback, etc.) to understand how users interact with our site and offerings. This helps us troubleshoot issues, optimize content, and develop new features or services. For instance, we might see that many users are interested in a certain blog topic and decide to create more content around it. Legal basis: legitimate interests (to improve our offerings and user experience). When required by law (e.g., for placing certain analytics cookies), we will obtain consent.
● To Comply with Legal Obligations: We may process personal data to fulfill our legal obligations, such as maintaining financial records for tax purposes, handling data subject rights requests, or complying with a court order or regulatory inquiry. Legal basis: compliance with a legal obligation (GDPR Art. 6(1)(c)).
● To Protect Rights and Prevent Misuse: We may use data as necessary to enforce our terms of service, prevent fraud or abuse, address technical security issues, or protect the rights, property, and safety of Elsewhere Co., our users, or others. For example, we might log IP addresses to detect multiple failed login attempts or retain data if needed to investigate a breach. Legal basis: legitimate interests (protecting our business, preventing fraud) or, if legal claims are involved, our establishment or defense of legal claims (GDPR Art. 6(1)(f) and Art. 9(2)(f) for any sensitive data in such context). We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related purpose that is compatible with the original purpose. If we need to use your data for an unrelated purpose, we will notify you and explain the legal basis, or ask for your consent if required.
4. How We Disclose or Share Information
We value your privacy and do not sell your personal information to third parties for money or other valuable consideration. However, we may share your information with certain categories of recipients in order to operate our business and provide our Services, as described below:
● Service Providers: We share information with third-party service providers who perform functions on our behalf. These include:
○ Payment Processors: (e.g., Stripe or PayPal) to handle secure payment transactions. Your billing info is processed by them under strict obligations.
○ Scheduling and Email Platforms: (e.g., Calendly or Google Calendar for booking appointments, email service providers for sending communications) so we can effectively
schedule sessions and send notifications.
○ Analytics and Web Hosting: (e.g., Google Analytics for site usage stats, our web hosting company) which may process usage data and IP addresses to help us run our website.
○ Consultants or Subcontractors: In some cases, we may involve trusted subcontractors or partners to assist in delivering Services (for instance, a local expert in a country you plan to move to). Such parties will only receive the information necessary for their role and are bound by confidentiality and data protection obligations.
● All service providers are contractually required to only use your data for the purpose of providing services to us and to protect your data in compliance with applicable laws.
● Business Transfers: If Elsewhere Co. is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be disclosed or transferred as part of that transaction, in accordance with applicable law. We would seek to ensure the successor honors the commitments we have made in this Privacy Notice regarding your personal data.
● Legal Requirements and Protection: We may disclose personal information if required to do so by law or in the good-faith belief that such action is necessary to: (i) comply with a legal obligation, legal process, or governmental request (for example, a court order or subpoena); (ii) enforce our terms and agreements; (iii) detect, prevent, or address fraud, security, or technical issues; or (iv) protect the rights, property, or safety of Elsewhere Co., our users, or the public. This may include exchanging information with law enforcement or regulators, or pursuing or defending legal claims. We will only disclose what is necessary and will object to overbroad requests if appropriate.
● With Your Consent: We may share your information in other ways if you have expressly asked us to do so or have given consent. For example, if you want an introduction to a third-party service (like an immigration lawyer or bank), and you ask us to refer you, we might share your contact info with them upon your request.
● Aggregated or De-Identified Data: We may also share data that has been aggregated or de-identified, so it can no longer be associated with you personally. Such data is not considered personal information and may be used for analytics, research, or marketing purposes (e.g., “X% of our clients relocated to Europe”). We do not engage in selling personal data for advertising or monetary gain. We also do not share personal information with third parties for their own direct marketing purposes unless you have provided consent.
5. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance user experience and analyze usage. Cookies are small text files that websites place on your device to store information about your preferences. We use the following types of cookies:
● Essential Cookies: These are necessary for the website to function. For example, they help load pages correctly or enable you to move around the site and use its features. Without these, certain services (like remembering your cookie preferences) cannot be provided.
● Analytics Cookies: We use Google Analytics and similar tools to collect information about how visitors use our site. This includes data on page visits, time spent, browser type, etc. The information is aggregated and helps us improve our content and site functionality. We have configured Google Analytics to anonymize IP addresses (when applicable) and we honor “Do Not Track” signals where feasible.
● Functional Cookies: These cookies remember choices you make (such as your language or region, or other preferences) to provide a more personalized experience.
● Advertising Cookies: Currently, we do not use third-party advertising cookies on Soft Landing’s site, as we do not run third-party ads. If this changes, we will update this notice and obtain any required consents. You can control or delete cookies through your browser settings. Most browsers allow you to refuse new cookies or delete existing ones. However, please note that blocking all cookies may impair your ability to use certain features of our site. We provide a cookie consent banner where required by law, allowing you to opt-in or opt-out of non-essential cookies. We may also use other tracking technologies like web beacons in our email communications (e.g., to know if an email was opened or links clicked), solely to measure campaign effectiveness and improve our outreach. You can disable image loading in your email client to prevent some of this tracking. For more detailed information, please see our Cookie Policy (if a separate one is maintained) or contact us.
6. Data Retention
We will retain your personal information only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. The exact duration depends on the type of information and the context in which it was provided:
● Client Data: If you engage our Services, we will retain your contact and profile information for the duration of our relationship plus a reasonable period thereafter (e.g., up to 7 years) to maintain records for legal/tax purposes, handle any post-engagement queries, and as necessary to have an accurate historical record of services provided. Content or deliverables we created may be retained indefinitely as part of our business records (but will not be disclosed except as allowed).
● Prospective Customer Inquiries: If you contacted us but did not become a client, we may retain your contact info and inquiry for a shorter period (e.g., 1-2 years) in case you return or to follow up on interest, unless you ask us to delete it sooner.
● Marketing Communications: We retain your email on our marketing list until you unsubscribe or if emails bounce repeatedly. Once you opt-out, we may keep your email on a suppression list to ensure we respect your opt-out.
● Website Analytics: Analytics data is typically retained in aggregate form. Google Analytics data may be retained for 14 months (or as configured) before deletion.
● Legal Compliance: We may retain certain information for longer if required to by law (for example, transaction records for 7 years under tax laws, or information relevant to litigation holds). If there is a dispute or investigation, we will retain data until it is resolved and no longer subject to legal hold. When we no longer need personal information, we will securely delete or anonymize it. For example, we may delete inactive user accounts and associated data. Backup copies might persist for a short time, but we have processes to eventually purge those as well. We continuously review our data retention schedules to ensure we are not retaining data longer than necessary.
7. International Data Transfers
Elsewhere Co. LLC is based in the United States, and our website is hosted in the U.S. If you are using Soft Landing from outside the U.S. (for example, in the European Economic Area or the United Kingdom), be aware that your personal information will likely be transferred to and processed in the United States. The U.S. may not have the same level of data protection laws as your home country, but we will take steps to ensure appropriate safeguards are in place to protect your information. GDPR International Transfers: For personal data collected in the EEA/UK that is transferred to the U.S. or another country not deemed adequate by the European Commission, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) or other legally approved mechanisms to ensure your data is protected. We also commit to comply with GDPR requirements for such data. You may contact us to learn more about any transfer safeguards we have in place. By using our services or providing us information, you explicitly consent (where required) to the transfer of your data to the U.S. and other jurisdictions as described in this Notice. We will ensure any third-party service providers that process EU/UK personal data outside of those areas also have appropriate transfer mechanisms or agreements in place.
8. Your Rights and Choices
Your Rights under GDPR (for EU/EEA/UK residents): If you are located in the European Union, United Kingdom, or certain other jurisdictions with similar laws, you have specific rights regarding your personal data, subject to legal limitations:
● Right to Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to request a copy of the data along with information about how we use it. This is commonly known as a subject access request.
● Right to Rectification: You have the right to ask us to correct or update any inaccurate or incomplete personal data we hold about you. We rely on you to provide accurate information, and we will honor requests to ensure data is up to date and correct.
● Right to Erasure: You can request that we delete your personal data, in certain circumstances (for example, if the data is no longer necessary for the purposes it was collected, or if you withdraw consent and no other legal basis applies). This is sometimes called the “right to be forgotten”. Note there are exceptions – we may retain data if needed for compliance with a legal obligation or for establishing or defending legal claims, among other reasons.
● Right to Restrict Processing: You have the right to ask us to suspend or limit the processing of your personal data in certain cases – for instance, if you contest the accuracy of the data, or you object to our processing and we are considering your request, or if processing is unlawful but you do not want erasure. When processing is restricted, we will still store your data but not use it until the issue is resolved (except to, for example, secure the data or with your consent).
● Right to Data Portability: Where processing is based on your consent or a contract and carried out by automated means, you have the right to obtain a copy of your personal data in a structured, commonly used, machine-readable format for transfer to another controller, if technically feasible. For example, if you provided us with a lot of data and want to take it to a different service, we will help with an export.
● Right to Object: In certain situations, you have the right to object to our processing of your personal data. You can object to direct marketing at any time, and we will stop using your data for that purpose. You can also object if you believe our processing (based on legitimate interests) impinges on your rights; we will then consider your objection and whether our legitimate grounds override your rights or not. If you object to analytics cookies, you can do so through our cookie banner or browser settings as explained above.
● Rights related to Automated Decision-Making: We do not make any decisions about you that have legal or similarly significant effects based solely on automated processing (no profiling for e.g. credit scoring or such). However, you have the right not to be subject to such decisions if we ever implement them.
● Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. For instance, you can opt-out of marketing emails by clicking the unsubscribe link or contacting us. Withdrawal of consent will not affect the lawfulness of processing that was done based on consent before its withdrawal. To exercise any of these rights, please contact us at brandon@elsewhere-co.com. We may ask you to verify your identity to ensure that we do not disclose data to an unauthorized person. We will respond to requests within one month (or inform you of any extension if needed). Note that some requests may be refused or limited where a legal exception applies – for example, we might refuse deletion if we need the data to comply with a legal obligation, or we might decline a request if it jeopardizes others’ privacy or poses an unreasonable burden. In any case, we will explain our decision.
Your Rights under CCPA (for California residents): If you are a California resident, you have rights under the CCPA (California Consumer Privacy Act) as amended by the CPRA.
These include:
● The right to know what personal information we have collected about you in the past 12 months, including categories of data, sources, business purposes, and third parties with whom we shared it.
● The right to access specific pieces of personal information we have collected about you (you can request a copy in a portable format).
● The right to request deletion of your personal information (with similar exceptions as under GDPR).
● The right to correct inaccurate personal information.
● The right to opt-out of “sale” or “sharing” of personal information. Note: Elsewhere Co. does not sell personal info as defined by the CCPA, nor do we share it for cross-context behavioral advertising, so this is generally not applicable.
● The right to limit use of sensitive personal information (if we collected any, which we typically do not, except possibly contact data which is not considered sensitive under CCPA).
● The right not to receive discriminatory treatment for exercising your privacy rights. California users can make requests by emailing brandon@elsewhere-co.com with “CCPA Request” in the subject. We will verify your identity (which may involve providing information we already have on file, or if you have an account, using that authentication). You can also designate an authorized agent to make requests on your behalf, but we will require proof of the agent’s authorization and your identity verification. We will respond within 45 days as required by law (or communicate any need for extension). For a full description of our practices as required by CCPA: in the past 12 months, we have collected identifiers (name, contact info), customer records (for services provided), internet activity (analytics), and potentially professional information (if B2B contact). The sources are directly from consumers or their devices, and the purposes are those outlined above (providing services, marketing, analytics). We have disclosed personal information to service providers (e.g., payment, IT support) for business purposes, but have not sold or shared personal information to third parties. We do not have actual knowledge of selling data of anyone under 16. We do not use sensitive personal data except for the necessary purpose it was provided (and we do not use or disclose it in ways that would trigger a “Right to Limit” choice under CCPA). Other Jurisdictions: If you are in other regions (e.g., Canada, Australia, etc.), you may have similar rights such as access and correction. We will strive to honor any legitimate requests to the extent required by applicable law.
Managing Your Information: In addition to formal rights, you have a lot of control over your information:
● You can always choose not to provide certain data (bearing in mind it may limit the services, e.g., no email means no consultation).
● You can opt-out of marketing communications by using the unsubscribe link or contacting us (we’ll then only send non-promotional emails, like those about your transactions or legal updates).
● You can disable cookies through browser settings or our cookie banner preferences for non-essential cookies.
● If at any time you want to deactivate an account or stop using our service, contact us and we can assist and/or delete associated data as appropriate.
● If you want to update information (like your email or name if it changed), simply let us know and we’ll correct it.
We are committed to enabling you to exercise your rights and choices. If you have any questions about your privacy rights or need assistance, please reach out to us.
9. How We Protect Your Information
We implement reasonable and appropriate security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. This includes administrative, technical, and physical safeguards:
● Encryption: Our website is secured via HTTPS, which encrypts data in transit between your browser and our site. Sensitive data (such as payment details) is handled by PCI-compliant processors that use strong encryption. If we store any passwords or keys, they are encrypted or hashed.
● Access Controls: Internally, we restrict access to personal information to employees and contractors who need to know it in order to operate, develop, or improve our Services. These persons are subject to confidentiality obligations. We employ access controls to our systems (such as multi-factor authentication, unique user accounts, and the principle of least privilege).
● Training and Policies: Our team is trained on data protection best practices and committed to safeguarding client information. We have policies in place to handle data securely and respond to potential incidents.
● Network Security: We maintain firewalls and monitoring to guard against external attacks. Regular software updates and security patches are applied to our systems to mitigate vulnerabilities. We may also perform periodic security assessments or use third-party experts to test our defenses.
● Data Minimization: We collect only what we need and keep it only as long as needed (as discussed in Section 6), which inherently reduces risk.
● Backups and Recovery: We securely backup key data to prevent loss, and those backups are protected. In case of any physical or technical incident, we have disaster recovery procedures to restore availability of personal data in a timely manner. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. You should also play a part in protecting your information – for example, do not share any account passwords (if applicable) and use unique strong passwords, be cautious of phishing attempts asking for personal details, and so on. In the event of a data breach that affects your personal information, we will notify you and the relevant authorities as required by law. We have a Breach Response Plan that outlines steps for containment, assessment, notification, and remediation. If you have reason to believe that your interaction with us is no longer secure (for instance, if you feel that the security of your account or personal data has been compromised), please immediately notify us at brandon@elsewhere-co.com so we can investigate and address the issue.
10. Children’s Privacy
Our Services are not directed to children under the age of 16 (and in some jurisdictions under 13), and we do not knowingly collect personal information from children. Soft Landing is geared towards adults (such as entrepreneurs or families planning relocations, where the parents would engage us, not the kids). If you are under the applicable minimum age in your jurisdiction, please do not use our website or send us any personal information. If we learn that we have inadvertently collected personal data from a child without appropriate consent, we will take steps to delete such information promptly. If a parent or guardian becomes aware that their child has provided us with personal information, they should contact us at brandon@elsewhere-co.com, and we will delete the information and terminate any account that the minor has created. We recognize the importance of protecting children’s privacy. If in the course of providing services a child’s information might be involved (for example, a family relocating might mention their children’s names or needs), we will treat that information with utmost confidentiality and only use it for the necessary purpose (e.g., advising on school options, etc.), with the parent’s consent.
11. Third-Party Links and Services
Our website or communications may contain links to third-party websites or services that are not operated by Elsewhere Co. For example, our blog might link to an external resource, or we might recommend a partner’s site for additional services. This Privacy Notice does not apply to those third-party sites or services, and we are not responsible for their content, privacy practices, or how they handle your data. We encourage you to review the privacy policies of any third-party websites or services before providing your personal information to them. For instance, if you click a link to an article on another site, that site may collect data from you under its own rules (and may have its own cookies). Similarly, if you choose to engage with a third-party referred by us, any data you provide to them will be governed by their policies. Nonetheless, we aim to only partner with or reference reputable third parties. If you have any feedback about information security or privacy issues with third-party sites we link to, feel free to let us know.
12. Changes to this Privacy Notice
We may update this Privacy Notice from time to time to reflect changes in our practices, legal requirements, or other factors. When we make changes, we will revise the “Last Updated” date at the top of this Notice. If the changes are significant, we will provide a more prominent notice (e.g., by posting a banner on our website or sending an email notification) to inform you of the update. We encourage you to review this Privacy Notice periodically to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this Notice constitutes your acceptance of the updated terms, to the extent permitted by law. If you do not agree to the changes, you should discontinue use of the Services and contact us if you want to remove your data as per Section 8. For material changes that require your consent (under GDPR or other law), we will seek that consent separately. For example, if in the future Elsewhere Co. were to engage in new processing that requires consent, we would notify you and obtain consent as needed.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Notice or how we handle your personal information, please contact us at:
Elsewhere Co. LLC – Soft Landing Email: brandon@elsewhere-co.com
We will do our best to address and resolve any issues you may have about your privacy. If you are in the EU/EEA and feel we have not adequately addressed your concerns, you have the right to lodge a complaint with your country’s supervisory authority (data protection regulator). For example, in the UK it’s the Information Commissioner’s Office (ICO), in Ireland the Data Protection Commission (DPC), etc. In California, you can contact the California Attorney General’s office. We would, however, appreciate the chance to deal with your concerns before you approach a regulator, so please consider reaching out to us first.
Thank you for reading this Privacy Notice. We value your trust and are committed to safeguarding your personal information as you pursue new journeys with Soft Landing.