Privacy statement
Privacy Statement
Privacy Statement Visa Service Desk B.V.
Date: August 2024, version 5
Summary
Visa Service Desk processes your information in order to provide you with the services that you have requested as a customer. This processing is based on the delivery of our services, research into how we can improve our service, and our legitimate interest in ensuring the security and efficiency of our operations. In addition to your consent, we also use the service contract agreed with you or your employer, the employment contract, as well as other legal bases, for the processing of personal data. We only share this information with others if it is necessary for the execution of our services or if we are legally obliged to do so.
1. Preface
Visa Service Desk processes your personal data carefully, securely, and reliably. We believe that it is important for you to have confidence in our organization and trust all of our products and services. That is why we are happy to ensure that your privacy and personal information are protected. The rules for protecting your privacy and personal data are laid down in the General Data Protection Regulation (GDPR), whereby the Dutch Data Protection Authority supervises compliance with the law. Visa Service Desk acts within the framework of the law.
1.1 Structure of the privacy statement
Visa Service Desk is the organization responsible for the processing of your data. In the paragraphs below, we describe which personal data we process and for what purposes we do this. We also explain for which services we process this data and on what legal bases we are allowed to do this, including consent, contractual necessity, legitimate interests, and legal obligations. The sharing of data with other parties is discussed, as is the processing of personal data outside the EU. The security of personal data is discussed together with the handling of retention periods. Finally, a section has been added about what rights you have as a data subject and the possibility to file a complaint or contact Visa Service Desk.
1.2 What is Personal Data?
Personal Data is all data that can be traced back to a person. Examples include your name, address, telephone number, and bank account number. Sometimes we aggregate or anonymize your personal data so that it can no longer be traced back to a person. In addition, there is also special personal data. This includes personal data such as fingerprints, religion or belief, and medical data. It is prohibited by law to process special personal data, unless the organization can invoke a specific exception. An example of this is the use of a fingerprint or medical information for the application for a travel document (visa) with permission or during the execution of a service contract.
1.3 Who is responsible for the processing of personal data?
Visa Service Desk is legally responsible for the processing of personal data.
1.4 Who is the data protection officer, privacy officer or contact person for privacy?
The Data Protection Officer (DPO) for Visa Service Desk is Michael Pols. For questions, you can contact him via the following email address: privacyofficer@visaservicedesk.com.
2. Which personal data do we use for our services and products?
We use and process the following personal data to perform our services and products:
2.1 - What information do you provide to us?
Personal data can be divided into categories for convenience. We use the following categories for your personal data:
- Name and contact details: These are the first and last names of the contact person and traveler(s), house and/or office address, e-mail address, and telephone number.
- Payment Information: This concerns the bank account number from which you have made or will make the payment to Visa Service Desk.
- Information on marital status and nationality: This concerns information such as passport number, date of birth, nationality, photo, marital status, information about your parents, and other family information.
- Financial data: This is data such as your bank account number, your salary, and bank statements.
- Information about work and education: This is data about your education, diplomas, and employers.
- Travel history and data: The data about your upcoming travel, destination(s), reason for travel or nature of visit, and your travel history.
- Other specific data depending on country: Depending on the destination country or countries for which we provide our travel document and legalization services to you, more detailed personal data or information may be requested from you. This includes: social media data, insurance(s), health data, and criminal record.
2.2 - What information do we collect about you?
Visa Service Desk does not collect data from third parties. We process only the data that we receive from the data subjects themselves.
3. For which purposes do we use your data?
We use the aforementioned personal data for various purposes. For the sake of convenience, we have split this into generic main purposes and more specific sub-purposes:
- Providing Services: Registering in our systems, drawing up the agreement/contract for the delivery of our services, providing data to embassies or third parties engaged for the processing of travel documents, visas, and legalizations, customer service, authentication of the customer, and completing financial transactions and sending bank statements.
- Research and Statistics: Keeping track of the number of new customers, analyzing this data, and improving our website and systems.
- Legal Disputes: Dealing with files in a legal dispute.
- Employees: We process personal data of employees for various purposes in connection with the employment contract, the employer-employee relationship, and applicant data.
4. On what basis do we use your data?
Visa Service Desk processes your personal data based on the following legal bases:
- Consent: Visa Service Desk uses consent as the basis for sending our newsletter. This permission is requested via our website, where the customer can enter their e-mail address and tick a box. Visa Service Desk stores the permission for registration to our newsletter.
- Agreement: Visa Service Desk uses personal data for the execution of service agreements/contracts for the application and provision of travel documents, visas, and legalizations. Before this agreement is initiated, a customer is registered in our system. This is regarded as the pre-contractual phase.
- Legitimate Interests: Visa Service Desk may also process your data based on our legitimate interest in improving our services, ensuring the security of our operations, and complying with legal obligations.
- Legal Obligations: We may process personal data when required to comply with applicable laws and regulations.
5. Existence of automated individual decision-making
Visa Service Desk does not use automated individual decision-making, as this is not necessary for our services. This means that we do not, for example, use profiling.
6. Do we share your data with other parties?
Visa Service Desk shares personal data with organizations that are engaged in the execution of the service agreement. These third parties include embassies, website managers, and hosting parties. They process personal data on our behalf in order to provide you with the correct service.
Visa Service Desk also provides personal data to the embassies of countries or organizations designated by the embassies/governments of countries that facilitate the application for and provision of travel documents, visas, and legalizations.
In addition to this, Visa Service Desk uses a number of suppliers of software programs. These suppliers have access to the personal data and make backups for us. These suppliers are our programmers, and we have entered into a processing agreement to establish agreements about the careful handling of your data.
Visa Service Desk ensures that the data exchange with third parties falls within the relevant legal framework. This means, among other things, that we make agreements with these third parties to ensure that they take appropriate organizational and technical measures to assure our customers that their privacy is guaranteed. However, such agreements cannot be made with the governments, embassies, and third parties engaged by these governments or embassies for the application and processing of, among other things, visa applications. These governments, embassies, and the third parties engaged by them determine their own national legislation and regulations, and the entry and visa conditions to be set by these countries on the basis of their own national rules.
7. Will your data be transferred outside of the EU?
In order to provide the services that we offer in the field of travel documents and legalizations, it is necessary for us to provide your personal data to the embassy of the country of your intended travel destination. This means that in order to fulfill the service agreement, it is necessary for us to provide data to these countries for the application or provision of the travel documents, visas, or legalizations. Depending on your travel destination, this can also be a country outside the EU. These countries and agencies are independently competent for this on the basis of their own national laws and regulations.
Visa Service Desk ensures that any other third parties that are not governments, embassies, or the third parties engaged by those governments or embassies, only process personal data within the EU. When transferring your data to countries outside the EU, Visa Service Desk ensures that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect your personal data.
8. How do we protect your data?
The security of personal information and data is very important to us, and due to this, Visa Service Desk has very strict policies. As detailed in point 7 of this statement, we must provide personal data to the destination countries of our customers, which may be located outside of the EU. These countries, governments, embassies, and the third parties engaged by them are themselves responsible for the security of the personal data that they receive. Aside from this, Visa Service Desk only uses third parties that process personal data within the EU on our behalf. Visa Service Desk ensures that the parties engaged by us process all personal data in accordance with our strict policies.
In addition, we use various technical and organizational measures to ensure that personal data cannot be misused or otherwise end up in the wrong hands. Examples of these measures include the use of encryption and the training of our employees in the field of privacy and data security. We ensure that if we forward any of your personal details to other organizations, such as our programmers, that these organizations adhere to our high standards.
9. How long do we keep your data?
Visa Service Desk ensures that your personal data is not stored longer than is necessary, unless we are obliged to keep this personal data longer for legal reasons or due to specific regulations.
10. What rights do you have on the basis of the processing of personal data?
Visa Service Desk believes it is important that our customers can properly exercise their rights based on the law. These rights are guaranteed under the General Data Protection Regulation (GDPR). That is why we have made it very easy to contact us:
- The right of access: You have the right to inspect which of your personal data we process.
- The right of correction: If the personal data we process about you is incorrect, you have the right to have it changed.
- The right to erasure: If we no longer need your personal data for the purpose for which we received it, you have the right to ask us to erase it. There are a number of exceptions to this, such as our obligation to keep certain data for, among others, the tax authorities.
- The right to restriction: During the period that we are in the process of determining whether your data needs to be rectified, determining if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead, or determining whether your data should be deleted or if you have objected to the processing of your data, you have the right to request the restriction of processing.
- The right to data portability: At your request, we must transfer all personal data that we have about you to you or another organization of your choice. You can only exercise this right if the data is processed on the basis of consent or agreement.
- The right to object: If we process your data on the basis of legitimate interest or public interest, it is possible to object, after which a weighing of interests will follow. In the case of direct marketing, you always have the right to object.
11. Submission of a complaint to the relevant authority: The Dutch Data Protection Authority
Visa Service Desk strives to ensure that all of our customers are satisfied. Even though we do everything we can to achieve this, it may occur that you as a customer are not satisfied. If this concerns the protection of personal data, then it is possible for you to file a complaint with the Dutch Data Protection Authority. This can be done via this link: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
12. How can you contact us?
If you have any questions or if you would like any additional information regarding your data security rights, please contact us via the following methods:
- Email: privacyofficer@visaservicedesk.com
- Mailing Address: Visa Service Desk B.V., info@visaservicedesk.com
- Telephone: +31 85 051 2525
13. Version Control and Updates
Visa Service Desk reserves the right to update this Privacy Statement. We will notify users of significant changes via email or a notice on our website. The date of the latest version will always be indicated at the top of this statement.