visasfinder · policy
Privacy Policy
Last updated July 2026
Immigration work means handling some of your most sensitive information. This policy explains, in plain language, what we collect, why we're allowed to, how we keep it safe, who ever sees it, and the rights you have. We aim to hold only what the work actually requires.
1. Who we are
visasfinder is a visa-application platform operated from the United Arab Emirates. The immigration advice and filing on your matter are delivered by licensed practitioners regulated by the relevant authority — the College of Immigration and Citizenship Consultants (CICC) in Canada, the Office of the Migration Agents Registration Authority (MARA) in Australia, or the Immigration Advisers Authority (IAA) in New Zealand.
For the personal data we handle to run the platform and process your matter, we act as the controller. The licensed practitioner handling your file also has professional record-keeping duties over your case data.
2. What we collect
Identity and background details: your name, date of birth, nationality, marital and family details, and immigration history.
Official documents: passport details, and documents you upload — passports, education and employment records, police certificates, financial evidence, and similar.
Contact details: email, phone number, and mailing address.
Payment information: processed by our payment provider Nomod. We do not store your full card number on our own systems.
Usage data: basic technical information (such as device and page interactions) needed to run the site securely.
3. Why we use it, and our lawful basis
To deliver the service you engaged us for — preparing and, where permitted, submitting your application. Lawful basis: performance of our contract with you.
To act on your explicit consent where you give it — for example, uploading a specific document or authorising a particular submission.
To meet legal obligations, including anti-money-laundering (AML) identity and record-keeping duties that require us to retain certain records for a set period.
To keep the platform secure and to support and communicate with you about your matter (our legitimate interest, balanced against your rights).
4. How we store and protect it
Your data and documents are held in access-controlled private storage (Supabase), encrypted at rest and in transit.
Access is limited to the licensed practitioner working on your file and the staff who need it to support your matter. We apply access controls and keep the footprint as small as the work allows.
No system is perfectly secure, and we don't claim otherwise — but we take reasonable technical and organisational measures to protect your information.
5. Who we share it with
The licensed practitioner (CICC / MARA / IAA) handling your file, who needs your information to advise on and prepare your application.
The relevant destination government authority — the immigration department you are applying to — as required to actually file your application.
Our payment processor, Nomod, to take payment.
Service providers who help us run the platform (such as our storage provider) under confidentiality obligations, and where required by law.
We do not sell your personal data.
6. International transfers
Immigration by nature crosses borders. Your data may be transferred to and processed in the country you are applying to, and in the jurisdiction your licensed practitioner is regulated in.
Where we transfer data internationally, we take steps to ensure it remains appropriately protected in line with applicable data-protection standards.
7. How long we keep it
We keep your data for as long as needed to deliver your matter and support you afterwards.
Certain records are held for a longer, fixed period to meet AML and professional record-keeping obligations, even after your matter closes. After that, we delete or anonymise the data.
8. Your rights
You can ask to access the personal data we hold about you, to correct it if it's wrong, to have it deleted, to receive a portable copy, or to object to or restrict certain processing.
These rights are subject to our legal record-keeping duties — for example, we may not be able to delete records we are required by AML law to retain for a period.
To exercise any of these rights, contact us using the details in the site footer. We'll respond within the timeframe required by applicable law.
9. Cookies and analytics
We use a small number of cookies and privacy-conscious analytics to keep the site working and understand how it's used, so we can improve it.
We don't use your uploaded documents or case data for advertising.
10. Contact for data requests
For any privacy question or data request, contact us via the details in the footer. You can also verify our practitioners on the public registers (CICC · MARA · IAA) linked there.
Questions about this policy? Contact us via the details in the footer. You can verify our practitioners on the public registers (CICC · MARA · IAA) linked in the footer.