Privacy And Policy
Your privacy is critically important to us.
Visadb.io is an Internet visa database indexing 300,000 visa, residency and citizenship routes for 200 countries. Through our website at visadb.io and its contents and functionalities (hereinafter referred to collectively as “Visadb’s Platform” or the “Platform”) we offer among others an opportunity for people intending on travelling or moving to a different country to look up that country’s visa policies, flights, hotel booking as well as citizenship acquisition procedures (the “Services”). The Platform also enables its users to get into contact with immigration lawyers, visa agencies and other similar entities (the “Partners
Personal data means any information relating to an identified or identifiable natural person (“You”, the “User”). All the terms and expressions used herein, in particular regarding the following terms: “personal data”, “data subject”, “processing”, “controller”, “processor” and “supervisory authority” have the meanings given in the GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”), unless otherwise defined herein.
COLLECTING PERSONAL DATA
VISITORS OF THE WEBSITE
In order to fully access the contents of the Platform you have to register and create a User Account (the “Account”), which requires accepting the Visadb’s Terms of Service as well as any other provisions of relevant documents, including the provisions of this Policy. The above allows You to fully access and use the contents and functionalities of the Platform and use the services offered through it by Visadb as well as the Partners. During registration we demand certain personal data necessary to authenticate You, so we can identify You as a person able to access and use the Platform and its contents in their full capacity, as well as necessary for communication with You.
PERSONAL DATA PROCESSED AND THE PURPOSES AND LEGAL BASIS FOR PROCESSING
We mainly process your personal data for the purpose of concluding and performing an agreement regarding the use of the Platform’s functionalities and contents (pursuant to Section 6.1 (b) GDPR). This includes providing customer support and contacting you through the Platform (including by push notifications). For the foregoing, we process the following personal data:
- identification data (e.g. name);
- contact information (e.g. e-mail, phone number, postal address);
- passport number;
- payment details.
We may also process personal data in connection with our legitimate interests in order to monitor and analyze how the Platform is used, improve the user experience, improve the quality or develop our services, for marketing communication and advertising, to ensure the safety of users, combat fraud and abuse or if it is necessary to establish, exercise or defend legal claims (pursuant to Section 6.1 (f) GDPR).
We process personal data based on and as part of our obligations under applicable law (e.g. accounting or tax laws or when requested to share personal data with the competent authorities in compliance with our legal obligation) (pursuant to Section 6.1 (c) GDPR).
PROCESSING ON THE BASIS OF CONSENT
We may also process your personal data on the basis of your consent (pursuant to Section 6.1 (a) GDPR), e.g. for direct marketing purposes. From time-to-time, we may ask for your consent for processing your personal data for purposes that may not be related to the use of the Platform, its contents and functionalities or the services.
When processing is based on consent, you can withdraw consent at any time by contacting us on the contact details below, setting your device not to share this data with us or adjusting the settings on your account.
AUTOMATIC DATA PROCESSING (INCLUDING THROUGH PROFILING)
Personal data can also be processed automatically, in particular for the purpose of sending reminders and personalized offers. Processing data in this way will not affect your rights or have any legal effects.
Links To External Sites
Partners. We can share your personal data with the Partners offering their services through the Platform in connection with your use of the Platform’s functionalities, according to and for the purpose of performing our agreement, i.e. in particular to enable You to enter into agreements and use the services provided by the Partners.
Data processors. We use service providers in order to make it possible and effective to use and provide the functioning of the Platform and its contents. We remain responsible for your personal data and take all necessary measures to protect your personal data as provided in this Policy.
In particular We use the following categories of data processors: hosting service providers (_____________), database providers (Google Cloud), user relationship management and client service orientated live chat software providers (_____________), payment service providers (Stripe.com and MangoPay.com), analytics software providers (Google Tag manager and Google Analytics), email service providers (GetGist.com) as well as other service providers necessary or supportive of business to ensure high quality customer service, satisfaction and security.
We may also share personal data with entities providing for us: accounting, HR and payroll services, marketing services, IT services, financial services, legal services, consulting services and other services related to running our business. Entities processing personal data as part of our services are required to ensure their protection and respect your rights in accordance with applicable law.
Other third parties. We only disclose your personal data to third parties without your prior consent if provided in this Policy or the law. We may disclose your personal data to the following third parties:
- an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. The legal basis for such disclosure and transfer are our legitimate interests, provided your interests or fundamental rights and freedoms do not override them;
- competent administrative, supervisory and law enforcement authorities, institutions and other authorized entities in the country and abroad if required by applicable law, as well as at their request under procedures provided for by law. We may also transfer personal data to authorities, institutions and third parties to ensure the safety of users, combat fraud and abuse or if it is necessary to establish, exercise or defend legal claims;
- our lawyers, auditors, and other professional service providers. The legal basis for such disclosure are our legitimate interests to protect our rights or complying with our legal obligation, as applicable.
WHERE DO WE STORE YOUR PERSONAL DATA?
personal data will be stored in the countries of the European Economic Area ("EEA"). However, some of the services we use may require data transfer and processing outside the EEA. Any such transfer of personal data will comply with applicable regulations and will be based on appropriate legal safeguards, i.e. (i) the recipient is in a country which provides an adequate level of protection for personal data (including in the U.S. if the recipient is certified under the Privacy Shield programme), or (ii) under an instrument which covers the GDPR requirements for the transfer of personal data to recipients outside the EEA.
HOW LONG DO WE STORE YOUR PERSONAL DATA?
We only store your personal data as long as necessary for the purposes of performing rights and obligations arising from concluded agreements (taking into account the limitation periods), as well as for the implementation of legal obligations required of us by the applicable provisions of law. After the aforementioned terms expire the collected data shall be deleted, unless its further keeping is required by the provisions of law or is necessary to fulfill contractual obligations.
HOW WE PROTECT YOUR PERSONAL DATA
We implement appropriate organizational, technical and physical safeguards to protect your personal data, taking into account (i) the state of art, (ii) costs of implementation, (iii) nature, scope, context and purposes of the processing, and (iv) risks posed to you.
In connection with the processing of your personal data you benefit from many rights provided by applicable law, including:
- right to request access to your personal data (as well as to obtain a copy of your personal data);
- right to transfer your personal data;
- right to rectify inaccurate or incomplete personal data;
- right to erase personal data;
- right to restrict the processing of personal data;
- right to withdraw consent for the processing of personal data;
- right to object to processing of personal data;
- right to not consent to direct marketing;
- right to lodge a complaint with a data protection authority.
The provisions of law do not require a specific form or method of communication for the purpose of exercising your rights. We attach great importance to ensure effective implementation of your rights – please contact us on the contact details below. Please note that you can exercise some rights (e.g. review and update your personal data) already by logging into your Account at the Platform.
Should you believe that your personal data is incorrectly processed, we kindly ask you to contact us on the contact details below. You also have the right to lodge a complaint with the data protection authority (President of the Personal Data Protection Office of the Republic of Poland).
Processing of personal data by Visadb.io is governed by the laws of the Republic of Poland.
The Platform is owned and operated by Visadb.io sp. z o.o. (private limited liability company of the Polish law) with registered office in Gdańsk, Poland, Lęborska Street 3B, 80-386 Gdańsk, NIP (TIN): 5842780656, REGON: 382363873, registered in the registry of entrepreneurs of the National Court Register kept by the District Court for Northern Gdańsk in Gdańsk, VII Commercial Division of the National Court Register under the registration number KRS 0000767405 (“Visadb.io”, “Visadb”, “We”, the “Company”).
If you have any questions, comments, complaints or requests related to this Policy or the processing of your personal data within the Platform, you can contact us on the following contact details:
Visadb.io sp. z o.o.
Lęborska Street 3B,