Privacy Policy
Welcome to the website of eVisa by Online Visa Limited (“Data Controller” “eVisa,” “we,” “us,” “Company” or “our”). This Privacy Policy (the “Policy”/”Privacy Policy”) describes how we collect, use, and disclose the information we collect from our website(s) while provided the Services as described in our Terms and Conditions (the “Services”), and information we collect offline.
Before using the Services or otherwise providing us with information, please carefully review this Policy and the Terms and Conditions. By accessing or using the Service, or otherwise providing us with information, you fully acknowledge the applicability of this Policy.
We may update this Privacy Policy according to new legislative or jurisprudential requirements and/or business needs, among others. Any update or modification of the present Privacy Policy will be considered applicable from the moment of its publication on the website. Therefore, it is recommended to review this Privacy Policy regularly.
Please note that to access and use our website you must be over 18 and/or have legal capacity to enter into contracts, according to the applicable national laws and regulations of your birth and/or residence country. If you have reason to believe that a minor has provided us with personal information, please contact us, and we will endeavour to delete that information from our databases where required by Applicable Data Protection Law.
Our website may contain icons and/or links to redirect you to websites of third parties. In this sense, please note that these third-party websites are not operated by us, so we cannot assume any responsibility for the information and content provided on them and/or the correct provision of the functionalities and/or services offered by these third parties, since we have no control over this. These third-party websites are bound by their own Cookie and Privacy Policies.
General Terms
Affiliate of a Company means any party that is owned or controlled by, or which owns or controls, or is under common control with the Company, either directly or, through one or more intermediaries;
Applicable Data Protection Law
Depending on the Destination Country and your residency country, our Policy is covered by and in compliance with the following laws:
- Data Protection Act 2018 (as amended) (UK Law);
- the General Data Protection Regulation (Regulation (EU) 2016/679) (as amended) (EEA/EU Law);
- California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”) (collectively US Law); and
- And any other relevant law(s), effective in the Destination Country that is in compliance with UK Law, EU Law and US Law.
In case of the conflict between UK Law, EU Law and US Law, UK Law shall prevail unless otherwise explicitly required by the Government of the Destination Country.
Destination Country means the Republic of Azerbaijan.
Data Processor means any third party, Affiliates, individual(s) any other company and their employees we may disclose Personal Data only if it is necessary to provide the Service and fulfil our obligations to you under our Terms and Conditions. Should you require further information, please contact us as outlined below.
Personal Data means personal information, personal data and personally identifiable information and such terms shall mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual, household or device.
Processing Personal Data encompasses any operation or set of operations performed on Personal Data, whether by automated means or not. This includes activities like Collection, Recording, Organization, Storage, Adaptation or Alteration, Retrieval, Use, Disclosure by Transmission or Dissemination.
Why We Process Your Personal Data
We only Process your Personal Data to the extent necessary in order to provide our Service or are required by the Government of the Destination Country in order to get Electronic Travel Document.
Furthermore, we may process your Personal Data for the following purposes:
- To send you up-to-date information according to Government updates and/or operational communications regarding the status of your application.
- To properly address your informational request, claims or queries about us and/or our professional service;
- For administrative purposes related to the process and management of our professional, such as verification of your payment information (fraud control), accountancy and billing tasks;
- To comply with our legal obligations and/or to respond to judicial, police or to the corresponding authorities’ requirements;
- To communicate with you about transactions initiated with us;
- To improve your user experience on our website and improve our services and customer support by analysing your behaviour while navigating through this website;
- To carry out periodic checks against fraudulent, unauthorized or illegal activity on/or through our website;
- To request your feedback; and
- To protect eVisa, our Affiliates, our employees, or third parties.
We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, sponsors, and/or others.
Information We Process
The processing of Personal Data regularly only takes place with the consent of the User. Exceptions include cases where a) prior consent technically cannot be obtained and where the processing of the data is permitted by Applicable Data Protection Law; b) when it is necessary to process Personal Data for the performance of a task carried out in the public interest or in the exercise of official authority; and c) if the Processing of the Personal Data is necessary to safeguard the legitimate interests of our Company or its Affiliates, and your fundamental rights and freedoms.
We may collect information in different ways, such as when you provide information directly to us, we obtain information from third parties or when we passively collect information from you through a browser or device, information like your IP address, the sections you consult on our website or the time that you remain on our website by using cookies, whether our own or from third parties.
We will only request your payment information once you have completed your application form and you have accepted our Terms and Conditions. The captured data will be sent securely to our certified payment service providers for the authorization of the transaction. In no case we visualize or access the complete data of your credit or debit card. It is your responsibility not to enter, provide or send your card information through channels not authorized by the Company.
Information You Provide
We may collect information from you when you provide such information directly to us, in the following situations:
- When you register for access to our Service;
- When you initiate to apply for our Service;
- When you contact us with inquiries;
- When you respond to one of our surveys (if any);
- When you otherwise communicate with us or provide information, including through our support channels (email, or phone);
Information we request from you may depend on how you use our Service, type of the Electronic Travel Document you require and Government local requirements. The information you provide directly to us may include, but is not limited to the following about you or others:
- Full Name
- Phone number
- Travel details, such as arrival date, place of arrival, reason for travel
- Residence Address
- Accommodation information in the Destination Country
- Date of birth
- City and country of birth
- Citizenship
- Gender
- Passport information, such as a passport number, issue and expiration date, photo, and place of issue
- ID number
- Professional details, such as occupation and employer name; and
- Financial information, such as payment-related information you provide to us and/or our payment processors.
If you provide us with personal data of third parties, whether these minors or adults, you guarantee us that you have informed them about the purposes for which their personal data will be processed by the Company and that you have obtained their prior and express consent to communicate us their personal data.
If you provide us with the personal data of a minor, you guarantee us that you are his/her parent and/or legal guardian.
Please be informed that you only be required to provide those personal data and information strictly necessary to provide the Service. In this sense, if you provide us with more information that the ones expressly required, you consent the processing of them for the informed purpose/s for which you’re sending it.
Providing information through third parties. If you access the Services through a third-party account or follow us on social media, you may allow us to have access to certain information in your social media profile. This may include your name, profile picture, gender, networks, user IDs, list of friends, location, date of birth, email address, photos, videos, people you follow and/or who follow you, and/or your posts or “likes.”
Our Disclosure of Your Personal Data
Your Personal Data may be processed and/or communicated in the following assumptions and circumstances:
Government of the Destination Country. To the Government of the Destination country as it is the competent body to approve or deny your application and respectively your Electronic Travel Document.
Business Transfers. In the event of a corporate sale, merger, reorganization, dissolution or similar event, or during negotiations or due diligence in contemplation of such an event, information we collect may be disclosed.
Related Companies. We may also share your information with our Affiliates, and other related companies for purposes consistent with this Privacy Policy.
Data Processors. For the provision of our Service, we may engage third parties to perform certain services on our behalf. Examples of such functions include mailing information, maintaining databases, our technology service providers etc.
Payment Service. To our payment service providers to process the payments of the costs of the Electronic Travel Authorization applications process and to carry out fraud controls, as well as to your bank entity credit/debit card companies when you have initiated a dispute of the charges made.
Consent. We may disclose your information to any third parties based on your consent to do so, unless otherwise explicitly outlined in this Privity Policy.
Legal Requirements. We may disclose information about you if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of eVisa, (iii) act in urgent circumstances to protect the personal safety of our users or the public, or (iv) protect against legal liability.
Marketing Emails. Subject to applicable laws, we may send you marketing emails. To opt out, you may click on the “unsubscribe” link in such emails. Please note that we may still send you transactional communications, such as about the status of your Electronic Travel Document, even if you opt out of marketing emails.
The third parties mentioned above may have their headquarters outside the European Economic Area or UK, therefore the personal data will be object of an international transfer. In this regard, we inform you that we only transfer personal data to recipients located in countries that offer a level of personal data protection comparable to the Applicable Data Protection Law, in order to ensure the privacy and security of your Personal Data and that your individual rights and freedoms are guaranteed.
Security
We have implemented administrative, technical, and physical security measures to protect against the loss, misuse and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information since despite our efforts, no Internet and/or other electronic transmissions can be completely secure.
Also, we have taken reasonable measures to guarantee that all our staff, as well as the Data Processors and our Affiliates with access to your personal data, have received adequate information and/or training regarding their obligations how to process your Personal Data for the specific purposes as defined in this Privacy Policy.
Although we will do our best to guarantee the protection of your personal data transmitted through our website and/or that you may provide us by others means such as email or phone, please note that you should also take precautions to keep safe your Personal Data and you must not enter or confirm bank details by means of fake messages and/or websites.
Retention of the Personal Data
We will process your Personal Data for as long as necessary to fulfil the purposes for which they were collected or until you delete or modify your information. Beyond that, your Personal Data will be retained, duly securely blocked, for the necessary period we need to keep them. We also reserve the right to retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements under Applicable Data Protection Law.
For example, it will be kept for as long as necessary to comply with our legal obligations and/or address possible claims related to the Service we have offered; to finish the investigation of a fraudulent or illicit activity detected etc. Once the necessary retention period has ended, your personal data will be securely deleted from our information systems.
Furthermore, if you had provided us with your consent to process your Personal Data for specific purposes, note that you can withdraw said consent at any time. Upon receiving your withdrawal request, we will proceed to delete your Personal Data.
Know Your Rights
You may, with any cost, exercise your rights of access, rectification, to erasure, restriction of the processing, to object, as well as the right to the portability of your personal data, by a written request addressed to us, sent by email to the contact information set out below.
Your data protection right request will be responded to within one (1) month; but occasionally, this period may be extended by two (2) further months where necessary, taking into account the complexity and/or number of requests you may have made. In this case, we will notify you of such an extension together with the reasons for the delay.
Right to Information. You may request from the Data Controller to confirm whether your personal data is processed by them. If such processing is the case, you can request the following information from the data controller:
- The purpose for which the Personal Data is processed;
- The categories of Personal Data being processed;
- The recipients or categories of recipients to whom the Personal Data relating to you have been disclosed or are still being disclosed, especially in the case of recipients in third countries or international organisations;
- Whether your personal data will be transmitted to a third country or an international organisation.
The Data Controller will provide you with a copy of the Personal Data that is the subject of the processing. For any additional copies you request, the data controller may charge a reasonable fee based on administrative costs. If you make the request electronically, the information must be provided in a common electronic format unless you specify otherwise.
Right to rectification. You have the right to obtain from the Data Controller the rectification without delay of inaccurate personal data concerning you and the right to obtain the completion of incomplete personal data.
Right to be forgotten
Obligation to erase. If you request from the data controller to delete your Personal Data with immediate effect, they are required to do so immediately given that one of the following applies:
- Personal data concerning you is no longer necessary for the purposes for which they were collected or processed;
- You revoke your consent, to which the processing is allowed pursuant;
- you object to the processing of the data given that the processing of the data is justified by a legitimate interest;
- Your Personal Data has been processed unlawfully;
- The act of deleting your Personal Data will invoke a legal obligation under UK Law to which the data controller is subject.
Exceptions. The right to deletion does not exist if the processing is necessary:
- To exercise the right to freedom of speech and information;
- To fulfil a legal obligation required by local data protection regulations to which the representative is subject, or to perform a task of public interest or in the exercise of public authority delegated to the representative;
- For reasons of public interest in the field of public health pursuant to Applicable Data Protection Law;
- For archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to UK Law; and
- To enforce, exercise or defend legal claims.
Right to the restriction of processing. You may request the restriction of the processing of your Personal Data under the following conditions:
- If you challenge the correctness of your personal data for a period of time that enables the data controller to verify the accuracy of your personal data;
- The processing is unlawful, and you refuse the erasure of the personal data and instead demand the restriction of the use of the personal data;
- The representative no longer needs the personal data for the purpose of processing, but you need it to assert, exercise or defend legal claims; or
- If the processing of personal data concerning you have been restricted, this data may with the exception of data storage only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest.
- If the processing has been restricted according to the beforementioned conditions, you will be informed by the data controller before the restriction is lifted.
Right to revoke the data protection consent. You have the right to withdraw your consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Right to complain to a supervisory authority. Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, if you believe that the processing of the personal data concerning you violates the UK Law.
If you are located in the United Kingdom, you shall have the right to complain to the Information Commissioner’s Office (ICO). The ICO´s contact details as follows:
Information Commissioner’s Office
Wycliffe House Water Lane,
Wilmslow
Cheshire SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Contact Us
If you have any concerns, inquires or require information in relation to this Policy or Processing your Personal Data, please use the following contact information: info@azerbaijanevisaonline.com