VISARIGHT
VISARIGHT
Политика конфиденциальности

Privacy Policy

Protecting your personal information is our top priority, which is why we only use your data in strict compliance with applicable data protection principles, in particular with the provisions of the EU General Data Protection Regulation ("GDPR"). We want to keep you fully informed now about how VISARIGHT processes personal data in accordance with this new regulation (see Article 13 ff. GDPR). Please read our privacy policy carefully. If you have any questions or comments about our privacy policy, you can always contact us at the email address below.

1. General
The following privacy policy informs you about the nature and extent of the processing of personal data by VISARIGHT GmbH (hereinafter "VISARIGHT", "we", "us" or "our"). Personal data is any information that allows an individual to be identified directly or indirectly. The use of our services, products, technologies or features, and all related pages, applications, and services (collectively referred to as the "Services"), is governed by this Privacy Policy.

When you register for the first time, or log on in the case of existing customers, you declare by means of a simple notification that you accept this privacy policy and expressly consent to the handling, use and disclosure of your personal data in the manner described herein.

The data gathered by VISARIGHT can be divided primarily into two categories:

● All data required for the processing, preparation, and performance of an agreement with VISARIGHT. If other service provides are involved in the performance of the agreement, e.g., visa authorities, optimization services or hosts, your data will be forwarded to them to the extent required.
● When you access our Services, some information is exchanged between your device and our server, or the server of the services we use. This may include personal information. One of the ways in which the information gathered in this way will used is to further improve our Service.

Our Services are only available to users who are 18 years of age or older. If you are not at least 18 years old, you may only use our Services if your parents have given their consent herein, and you have provided sufficient proof of this consent.

If you have any questions about our Privacy Policy, you may contact our data protection officer by email at: datenschutz@lgd-data.de.

2. Name and Contact Information


2.1. Controller
This privacy policy applies to the use of data by

VISARIGHT GmbH
Liebigstraße 10
39104 Magdeburg

as the controller under the GDPR. The company may be reached at the aforementioned address or by email at privacy@visaright.eu.

2.2. Data protection officer
The data protection officer can be reached at the following contact details:

Joelle Hirsch
LGD Datenschutz GmbH
Rogätzer Straße 8
39106 Magdeburg
Tel.: 0391 5568632-5
Email: datenschutz@lgd-data.de

3. Own Services

3.1. If you contact us with a request
You can contact us at any time with your concerns. You can do this by phone, letter, email, fax or in person. You always give us the data that you send us with your request voluntarily. Depending on how you contact us, we process the following personal data in accordance with Art. 6 para. 1 lit. b GDPR or Art. 6 para. 1 lit. f GDPR to process your request:

● Name
● Company, if applicable
● Subject
● Telephone number
● Email address
● Message

We generally do not pass your personal data on to third parties, but only process them internally. If we pass the data on to third parties for the purpose of answering your request, this will always only take place with your consent.

We store your personal data until it is no longer required for the purposes, that means until we have processed your request. We then save your personal data for the periods specified by law. Depending on the request, the data will be deleted immediately after processing. We store correspondence that is subject to retention requirements under commercial law for 6 years.

Provided that the data processing is the preservation of our legitimate interests, you have a right to object to the processing. Please send your objection in writing to the address mentioned or by email to privacy@visaright.eu. In the event of an objection, your request cannot be processed.

3.2. Application Processing

In order to carry out our services, namely, to process our customers' visa application, we process to information required on basis of Art. 6 para. 1 lit. b GDPR and Art. 9 para. 2 lit. a GDPR. This includes:

● Email address
● First and last name
● Residential address
● Citizenship
● Gender
● Date and place of birth
● Marital status
● Education
● Occupation
● Information you enter yourself

In addition, we use your contact details to send you information about your application process. The information provided will be transmitted to the competent authority in order to file the visa application. Unless we use your contact information for customer support or customer service, the information required to process your application is stored until it is no longer needed for this purpose. Subsequently, we retain the required personal information for the periods established by law. During this retention period (usually 6 to 10 years after conclusion of the agreement), the information is used only in the case of an audit by the tax authority.

3.3. Simplified Scheduling
In order to simplify the scheduling of a customer and consultation call, on the basis of Art. 6 para. 1 lit. b GDPR, we use the services of Calendly LLC, 1315 Peachtree St NE, Atlanta, GA 30309, USA ("Calendly"). Calendly offers an external platform in order to arrange and schedule appointments. If you choose the function "Schedule a call", we store the information provided as well as collected during this process on Calendly’s servers in the USA. This includes:

● The email address you provide
● Your name
● Your IP address
● Your given phone number
● The time of the appointment
● The agreed date
● The agreed time.

We have concluded a data processing agreement and standard contractual clauses with Calendly, with which Calendly undertakes to process the data received only in accordance with our instructions and to comply with the EU data protection level. The data provided will not be passed on to third parties and are only used for scheduling and scheduling appointments.

For more information on protecting your privacy in relation to Calendly, see Calendly's privacy policy.

3.4. Business Partners and Service Providers
Most of our business partners and service providers name one of their employees as a contact person. There is no obligation to transmit this data. Processing is not necessary for the service. However, without a specified contact person, the effort involved in making agreements is disproportionately high and there is a risk of misunderstandings. Therefore, there is a legitimate interest according to Art. 6 para. 1 lit. f GDPR in this processing. We process the data of the contact persons as follows:

● First and last name
● Company
● Telephone number
● Email address

In case of visa applications, the data will be transmitted to the competent authority. A transfer to third parties only takes place if this is necessary for legal reasons or if we have the consent of the person concerned. The data is stored until they are no longer required for the purposes of the order. We then store the personal data for the legally stipulated periods; in cases of visa applications, these are usually 2 to 5 years. In addition, the retention requirements of the HGB apply. The legal retention periods are 2 to 10 years.

4. Data processing as part of the website visit

In this section we inform you about the processing of your personal data when you visit our website:

4.1. Accessing our Service
If you access our Services, especially by visiting our website, the browser used on your device automatically sends information to our server and temporarily stores it in a log file. The following information is collected without your intervention and stored until it is automatically or manually deleted in the log file:

● Your device's IP address
● Date and time of access
● The name and URL of the retrieved file, the website from which access was made (referrer URL)
● Your browser's unique identifier
● The name of your Internet provider

The processing of the aforementioned data
is based on Art. 6 Abs. 1 lit. f GDPR. Our legitimate interest arises from the uses listed below. At this point, we note that we are unable and do not attempt to draw any conclusions about your identity from the data collected. Your device's IP address and the other information listed above are used by us for the following purposes:

● To ensure that a trouble-free connection can be established
● To ensure the convenient use of our Services
● To evaluate system security and stability
● Other administrative purposes

The data is automatically deleted after 7 days.

4.2. Cookies
We use cookies on our website in compliance with Art. 6 para. 1 lit. f GDPR. Cookies are small files generated automatically by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you use our Services. Cookies do not harm your device, and do not contain viruses, Trojans, or other malware. Cookies contain information downloaded by the specific device. This does not mean, however, that we receive direct knowledge of your identity. One purpose of cookies is to make it more convenient for you to use our Services. For example, we use session cookies to track your use of the individual pages of our website or when you have logged on to your customer account. When you use our Services again at a later time, the cookie automatically recognizes your previous visit to the website, as well as your input and settings, so that you do not have to enter them again. To make the site more user friendly, we also use temporary cookies, which are stored on your device for a predetermined period of time. These cookies are automatically deleted when you log off.
If you already have a customer account and are logged on, the information stored in the cookies are associated with that account.
Another reason we use cookies is to gather statistics on the use of our Services and evaluate them in order to optimize your experience and to display information tailored to you. These cookies allow us to automatically recognize that you have visited our site before. The cookies are automatically deleted after a predefined period. Most browsers accept cookies automatically. However, you can disable cookies on your browser or choose to be notified when a new cookie is created. However, disabling cookies completely may mean that not all features of our Services will be available to you. The storage period of cookies depends on their purpose and may vary.

You can find an overview of the cookies, their purposes and storage duration in the cookie settings.

4.3. Cookiebot
We use the consent management tool Cookiebot on our website. Cookiebot is a tool from Cybot A / S, Havnegade 39, 1058 Copenhagen, Denmark. We use Cookiebot to inform you about the cookies and technologies that we use on our website and to obtain, manage and document your consent to the processing of your personal data, if necessary. The following personal data are processed:

● IP address
● Date and time of the declaration
● Browser and operating system of the end device
● Encrypted and anonymous key
● Information on consent behaviour

Cookiebot sets a cookie to recognize the user and his or her consent behaviour for the next visit. The processing of this personal data takes place in accordance with Art. 6 para. 1 lit f GDPR. We have a legitimate interest in data processing for the purpose of obtaining the necessary consent and managing and documenting the declarations made. The processed data will be deleted after 12 months.

For more information, see the Cookiebot privacy policy.

4.4. AWS CloudFront und AWS S3
We use AWS CloudFront and AWS S3 to properly provide the content of our website. AWS CloudFront and AWS S3 are Content Delivery Networks (CDN) of Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA (AWS). A CDN helps to provide the content of our website faster with the help of regionally or internationally distributed servers. This results in a faster loading time for the website, greater reliability, and increased protection against data loss.

When you access the website, a connection to AWS servers is established, whereby your IP address and, if applicable, browser data and your user agent are transmitted. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of AWS CloudFront and AWS S3. Since the content is made available on internationally distributed servers, transmission to third countries cannot be ruled out. We have concluded a data processing agreement and standard contractual clauses with AWS, with which AWS undertakes to process the data received only in accordance with our instructions and to comply with the EU data protection level.

The data processing within the framework of the CDN is based on our legitimate interests, i.e., interest in a secure and efficient provision as well as the optimization of our online offer in accordance with Art. 6 para. 1 lit. f GDPR.

For more information, see the AWS privacy policy.

4.5. Google Fonts
On our website, we use web fonts provided by Google for the uniform representation of fonts. The use of Google Fonts takes place in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. As soon as you access our website, a connection to Google servers in the USA is automatically established. In doing so, Google is informed that our website has been accessed via your IP address.

For more information on how your personal data is handled by Google, see the Google Privacy Policy.

4.6. Google Tag Manager
We manage website tags (website code) with Google Tag Manager. The Google Tag Manager is used in accordance with Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in managing and continuously improving our services and reducing your loading time. Google Tag Manager only implements a website code. Google Tag Manager itself does not generate cookies and does not collect any personal data. It only integrates the website code that we have saved elsewhere and that can be used to collect data. It is therefore only used to facilitate the administration of the respective code but does not itself access the data processed by the code.

4.7. Google Analytics
We use the web analysis service Google Analytics from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google") for the individual design and continuous improvement of our services in accordance with Article 6 para. 1 lit. a GDPR. Google creates pseudonymised usage profiles with the help of cookies. The information that the cookies generate for users includes:

● IP address
● Browser type/version
● Operating system
● Referrer URL (previously visited page)
● Host name of the accessing computer (IP address)
● Time of the server request
● IP address
● Information on website visits (clicks and length of stay)

This information is sent to a Google server in the USA, stored there and deleted after 24 months. We have concluded a data processing agreement and standard contractual clauses with Google, with which Google undertakes to process the data received only in accordance with our instructions and to comply with the EU data protection level. The information is used to evaluate the use of our services, to compile reports on the activities and to provide other related services for the purposes of market research and customized design. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an assignment is not possible (IP masking).

You can change your settings for the use of Google Analytics at any time in the cookie settings.

Further information on the protection of your privacy in relation to Google Analytics can be found on the Google Analytics website.

4.8. LinkedIn Insights Tag
We use the individual Insights Tag (visitor action pixel) from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland for the needs-based setup, continuous improvement and tracking of the conversion of our LinkedIn campaigns in accordance with Art. 6 para. 1 lit. a GDPR (hereinafter "LinkedIn"). This pixel is integrated into the code of our website. In this way, we ensure that the LinkedIn advertisements we initiate are only displayed to LinkedIn users who have shown interest in our services. This way we know that our LinkedIn ads are in line with the potential interest of the respective users and not disturb them. It also enables us to track the actions of LinkedIn users after they have viewed or clicked on one of our LinkedIn ads. At the same time, it helps us to track the implementation of the respective campaign for statistical, market research and accounting purposes. The following information is collected during use:

● IP address
● Time stamp
● URL
● Campaign-related information (particularly impression, form field and activated button specifications)

Your personal data will be stored on the LinkedIn servers in the USA and deleted after 90 days. We have concluded a data processing agreement and standard contractual clauses with LinkedIn, with which LinkedIn undertakes to process the data received only in accordance with our instructions and to comply with the EU data protection level.

The storage duration of the cookies set depends on their respective purpose. Further information on the storage period can be found in the cookie settings.

Please note that LinkedIn can save and process your personal data if you log in to your LinkedIn account after placing the pixel or if you visit our website while you are logged in. LinkedIn can link this data to your LinkedIn account.

You can change your settings for the use of LinkedIn Insight Tag in the cookie settings at any time. You can also use the following link to set an opt-out cookie to prevent tracking: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

For more information, see the LinkedIn privacy policy.

4.9. Google (Re-) Marketing Services
We use the marketing and remarketing services (“Google Marketing Services” for short) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”) on the basis of the consent of the user (Art. 6 para. 1 lit. a GDPR), in order to analyse the actions of the users and to optimize our online offer and to operate it economically. The data collected is stored on Google servers in the USA. We have concluded a data processing agreement and standard contractual clauses with Google, with which Google undertakes to process the data received only in accordance with our instructions and to comply with the EU data protection level.

The Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner in order to only present users with advertisements that potentially correspond to their interests. If, for example, a user is shown advertisements for products that he was interested in on other websites, this is referred to as "remarketing". For these purposes, when our and other websites on which Google Marketing Services are active are accessed, Google immediately executes a code from Google and so-called (re-) marketing tags (invisible graphics or code, also known as "web beacons”) integrated into the website. With their help, an individual cookie is stored on the user's device. These cookies record which websites the user has visited, which content he is interested in, and which offers he has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer. A user ID and the IP address of the user may also be recorded. The IP address is not merged with the user's data within other Google offers.

The Google Marketing Services we use include the “Google Ads” online advertising program. In the case of Google Ads, each user receives a different "conversion cookie" or "_gid cookie". Cookies cannot be tracked via our website. The information obtained with the help of the cookie is used to compile conversion statistics on website visits for us. We find out the total number of users who clicked on the ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.

The cookies are stored for 3 months and then automatically deleted.

Further information on the use of data by Google for marketing purposes can be found in the Google Privacy Policy and Terms of Use.

You can change your settings for the use of Google (Re-) Marketing Services at any time in the cookie settings.

4.10. Google DoubleClick
This website uses the online marketing tool DoubleClick from Google. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereinafter "DoubleClick"). DoubleClick is used to show you interest-based advertisements across the entire Google advertising network. DoubleClick uses cookies to place ads that are relevant to users, to improve reports on campaign performance, or to prevent a user from being shown ads multiple times. Google uses a cookie ID to record which ads are played in which browser and can thus prevent them from being displayed multiple times. In addition, Google can use cookie IDs to record what are known as conversions, i.e., whether a user sees an advertisement and later visits the advertiser's website and purchases something there. According to Google, these cookies do not contain any personal information. This information is summarized in a pseudonymous user profile in order to display interest-based advertising to the user concerned.
Due to the marketing tools used, your browser automatically establishes a connection with Google servers. As a result, Google receives the information that you have accessed the relevant part of our website or clicked on the ad from us. Your data will be stored on servers in the USA. The necessary guarantees for the transfer of personal data to third countries are offered by Google through the standard contractual clauses approved by the European Commission.
Google DoubleClick is used in the interest of targeted advertising. The legal basis for processing is Art. 6 para. 1 lit. a GDPR. You can find the specific lifespan of cookies in our cookie settings.

You can change your settings for the use of DoubleClick at any time in the cookie settings. You can also prevent participation in the tracking process in various ways:

● by setting your browser accordingly, in particular by suppressing third-party cookies, you will not receive any advertisements from third-party providers, although this setting will be deleted when you delete your cookies,
● by deactivating the cookies for conversion tracking by setting your browser at https://www.google.de/settings/ads so that cookies are blocked by Google, whereby this setting is also deleted when you delete your cookies,
● by deactivating the interest-based advertisements of the providers who are part of the self-regulation campaign “About Ads” via the link http://www.aboutads.info/choices, whereby these settings are also deleted if you delete your cookies,
● by permanent deactivation with a browser add-on that you can find at http://www.google.com/settings/ads/plugin for Firefox, Internet Explorer, or Google Chrome.

You can find more information about DoubleClick at www.google.de/doubleclick

4.11. Integration of YouTube videos
We have integrated videos from the YouTube portal on our website. The operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. The data processing takes place in the interest of an appealing presentation of our online offers based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. With your consent, the following data will be processed:

● IP address
● Information that your browser automatically transmits (operating system of your device, browser name, browser version, date, and time)
● Language settings, login information, location / area information

By integrating the video, a connection to Google servers is established with your consent so that Google receives your personal data. Google also processes your personal data in the USA. A connection to the Google DoubleClick advertising network in the USA is also established.

You can find the specific lifespan of cookies in our cookie settings.

You can change your setting for using YouTube at any time in the cookie settings.

4.12. Stripe

We use a payment tool from the American technology company and online payment service Stripe on our website. Stripe Payments Europe (Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) is responsible for customers within the EU. With Stripe it is possible to accept credit and debit card payments in our web shop. The following data, which are necessary for the payment process, are forwarded to Stripe and stored:

● Payment method (i.e., credit card, debit card or account number),
● Bank code,
● Payment amount,
● Date of payment.

In a transaction you can also
● your name,
● your email address,
● your billing address will be sent.

These data are necessary for authentication. Stripe can also record your name, address, telephone number and your country in addition to technical data about your device (such as IP address) for fraud monitoring, prevention and detection and activities to ensure conformity. Stripe also uses cookies to collect data.

The legal basis is Art. 6 para. 1 lit. b GDPR. Personal data is generally stored for the duration of the service provision, at least until the payment has been processed. To fulfil legal and official obligations, Stripe stores your personal data even after the end of the service provision. In addition, Stripe stores personal data for tax and auditing purposes, as well as for financial reporting, if necessary. In any case, data is stored in accordance with the statutory requirements and retention periods.

Since Stripe is a global company, the data can also be stored in every country in which Stripe offers services. We have concluded a data processing agreement and standard contractual clauses with Stripe, with which Stripe undertakes to process the data received only in accordance with our instructions and to comply with the EU data protection level.

You can find more information about Stripe at https://stripe.com/de/privacy

4.13. Google reCAPTCHA
We use Google reCAPTCHA from Google, Inc. to protect against misuse of forms. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. With reCAPTCHA we can determine whether you are human and not a robot or other spam software. We understand spam to mean any unwanted information sent electronically. The following data are processed:

● Referrer URL
● IP address
● Browser and operating system of the end device
● Mouse and keyboard behaviour
● Date and time the page was viewed
● Language settings
● Screen resolution

When using Google reCAPTCHA, your browser downloads the required data from Google. Your browser will connect to Google servers in the USA. We have a legitimate interest in using Google reCAPTCHA to optimize our online service and make it more secure. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR.

Further information on processing by Google can be found in Google's privacy policy.

5. Social Media

5.1. Facebook
Meta (Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, hereinafter referred to as Meta) as the Facebook operating company is solely responsible for the processing of personal data when visiting our Facebook presence (hereinafter referred to as Fanpage). We would like to point out that you use our fan page and its functions on your own responsibility. We operate the fan page in order to present content to you so that you can communicate with us or to link you to other interesting online content. The legal basis for the processing is Art. 6 para. 1 lit. f DSGVO.

When you visit our fan page, we do not process any personal data. In particular, we do not operate the servers on which the contents of the fan page and the associated communication are stored and processed. If you communicate with us via the fan page, we process your message and can view your user name and current profile picture. We delete the messages transmitted in connection with our fan page as soon as the purpose of storage has been fulfilled, you request us to delete them or the purpose for storage no longer applies. Messages that are subject to retention periods under commercial or tax law are stored for 6 years.

When you access our fan page, your IP address is transmitted to Meta. According to information from Meta, this IP address is anonymised. Meta also stores information about the end devices of the users (e.g. as part of the "registration notification" function). The data may also be transmitted by Meta to countries outside the European Union. In particular, it is conceivable that some of the personal data collected may also be processed outside the European Union by Meta Platforms, Inc. based in the USA. We ourselves do not pass on any personal data.

Meta describes which data it processes in detail, for what purposes and on what legal basis, and which contact and configuration options exist, in the legal basis for processing data at https://www.facebook.com/about/privacy/legal_bases and in the Facebook data policy. This applies to all offers of Meta products. We are not aware of how Meta uses the personal data generated from visits to fan pages for other purposes of its own and to what extent certain data may be assigned to specific users by Meta.

Meta provides us with anonymised page summaries for our fan page (so-called page insights). Page insights are an overview of all key figures within a certain period of time. In this way, we can learn more about our target group and find out which content is best received.

With Insights, we can only carry out anonymous evaluations based on aggregated data on the use of our fan page. Beyond that, we do not collect any further data from the visit to our fan page. This processing of personal data is carried out by Meta and us as joint controllers.

If you are logged in to Facebook, there is a cookie with your Facebook ID on your end device. This enables Meta to track that you have visited our fan page and how you have used it. If you wish to avoid this, you should log out of Facebook or deactivate the "stay logged in" function and delete the cookies present on your device. This deletes Facebook information that can be used to directly identify you. This allows you to use our fan page without revealing your Facebook identification. If you access interactive functions of the fan page ("Like", comment, share, send messages, etc.), a Facebook login screen will appear. After logging in, you will again be recognisable to Facebook as a specific user.

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in evaluating visits to our fan page and improving our fan page based on these findings. We have reached an agreement with Meta on processing as joint controllers, which specifies the distribution of data protection obligations between us and Meta. It essentially follows from the joint responsibility agreements with Meta that requests for information and the assertion of further data subject rights, in particular objections, are sensibly asserted directly with Meta. This is because as the provider of the social network, Meta alone has direct access to the necessary information and can also take any necessary measures and provide information directly. Should our support nevertheless be required, we can be contacted at any time. Your right to assert corresponding claims directly against us remains unaffected. For details on the processing of personal data for the creation of site insights and the essential contents of the agreement concluded between us and Meta, please refer to the information on site insights.

If you have any further questions regarding the processing of your personal data, please contact Meta's data protection officer using the form provided or our data protection officer using the contact information above.

For more information, please see Facebook's data policy.

5.2. Instagram
Meta (Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, hereinafter referred to as Meta) as the operator of Instagram is solely responsible for the processing of personal data when visiting our Instagram presence (hereinafter referred to as Fanpage). We would like to point out that you use our fan page and its functions on your own responsibility. We operate the fan page to present content to you so that you can communicate with us or to link you to other interesting online content. The legal basis for the processing is Art. 6 para. 1 lit. f DSGVO.

When you visit our fan page, we do not process any personal data. In particular, we do not operate the servers on which the contents of the fan page and the associated communication are stored and processed. If you communicate with us via the fan page, we process your message and can view your user name and current profile picture. We delete the messages transmitted in connection with our fan page as soon as the purpose of storage has been fulfilled, you request us to delete them or the purpose for storage no longer applies. Messages that are subject to retention periods under commercial or tax law are stored for 6 years.

When you access our fan page, your IP address is transmitted to Meta. According to information from Meta, this IP address is anonymised. Meta also stores information about the end devices of the users (e.g. as part of the "registration notification" function). The data may also be transmitted by Meta to countries outside the European Union. In particular, it is conceivable that some of the personal data collected may also be processed outside the European Union by Meta Platforms, Inc. based in the USA. We ourselves do not pass on any personal data.

Meta describes which data it processes in detail, for what purposes and on what legal basis, and which contact and configuration options exist, in the legal basis for processing data at https://www.facebook.com/about/privacy/legal_bases and in Instagram's privacy policy. This applies to all offers of Meta products. We are not aware of how Meta uses the personal data generated from visits to fan pages for its own purposes and to what extent certain data may be assigned to specific users by Meta.

Meta provides us with anonymised page summaries for our fan page (so-called page insights). Page insights are an overview of all key figures within a certain period of time. In this way, we can learn more about our target group and find out which content is best received.

With Insights, we can only carry out anonymous evaluations based on aggregated data on the use of our fan page. Beyond that, we do not collect any further data from the visit to our fan page. This processing of personal data is carried out by Meta and us as joint controllers.

If you are logged in to Instagram, a cookie with your Instagram ID is located on your end device. This enables Meta to track that you have visited our fan page and how you have used it. If you want to avoid this, you should log out of Instagram or deactivate the "stay logged in" function and delete the cookies present on your device. In this way, Instagram information through which you can be directly identified is deleted. This allows you to use our fan page without revealing your Instagram account. When you access interactive features of the fan page (like, comment, share, send messages, etc.), an Instagram login screen will appear. After any login, you will again be recognisable to Instagram as a specific user.

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in evaluating visits to our fan page and improving our fan page based on these findings. We have reached an agreement with Meta on processing as joint controllers, which specifies the distribution of data protection obligations between us and Meta. It essentially follows from the joint responsibility agreements with Meta that requests for information and the assertion of further data subject rights, in particular objections, are sensibly asserted directly with Meta. This is because as the provider of the social network, Meta alone has direct access to the necessary information and can also take any necessary measures and provide information directly. Should our support nevertheless be required, we can be contacted at any time. Your right to assert corresponding claims directly against us remains unaffected. For details on the processing of personal data for the creation of site insights and the essential contents of the agreement concluded between us and Meta, please refer to the information on site insights.

If you have any further questions regarding the processing of your personal data, please contact Meta's data protection officer using the form provided or our data protection officer using the contact information above.

For more information, please see Instagram's privacy policy.

5.3. LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, is solely responsible for the processing of personal data when you visit our LinkedIn page. When you visit our LinkedIn page, your personal data will be processed by LinkedIn as follows:

We do not process any personal data when you visit our LinkedIn page. We do not operate the servers on which the content of the profile and the associated communication are stored and processed. If you communicate with us via LinkedIn, we will receive your message including your profile. The categories of personal data that LinkedIn processes can be found in LinkedIn's privacy policy.

We use LinkedIn to present content to you so that you can communicate with us or to link other interesting online content to you. The legal basis for processing is Art. 6 para. 1 lit. f GDPR.

We delete the messages transmitted in connection with our LinkedIn page as soon as the purpose of storage has been fulfilled, users ask us to delete them or the purpose for storage no longer applies. Messages that are subject to retention periods under commercial or tax law are stored for 6 years. The storage period of the data processed by LinkedIn can be found in LinkedIn’s privacy policy.

When you visit our LinkedIn page, follow the page or are busy with the page, LinkedIn provides us with statistics and insights for our page in anonymised form, with the help of which we can obtain information about the types of actions that people take on our page (so-called "page insights"). We do not receive any personal data through the page insights, nor can we assign the information received to individual accounts. This processing of personal data is carried out by LinkedIn and us as jointly responsible. The processing serves our legitimate interest in evaluating the visit to our site and improving our site based on this knowledge. The processing takes place in accordance with Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in evaluating your visit to our site and improving our site based on this knowledge.

We have reached an agreement with LinkedIn on processing as jointly responsible, in which the distribution of data protection obligations between us and LinkedIn is specified. Details about the processing of personal data for the creation of page insights and the essential contents of the agreement concluded between us and LinkedIn can be found in the page insights addendum for jointly responsible parties.

5.3. YouTube
YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA is responsible for our YouTube channel. YouTube LLC belongs to the Google Group and is represented by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you visit our YouTube profile, your personal data will be processed by YouTube or Google as follows:

We do not process any personal data when you visit our YouTube channel. We do not operate the servers on which the content of the channel and the associated communication are stored and processed. If you communicate with us via the YouTube channel, we will receive your message including your username. The categories of personal data that YouTube processes can be found here in Google's privacy policy.

We use YouTube to present content to you so that you can communicate with us or to link other interesting online content to you. The legal basis for processing is Art. 6 para. 1 lit. f GDPR.

We delete the messages transmitted in connection with our YouTube channel as soon as the purpose of storage has been fulfilled, users ask us to delete them or the purpose for storage no longer applies. Messages that are subject to retention periods under commercial or tax law are stored for 6 years.

6. Your Rights

You have the following rights regarding this processing of your personal data:
● Right of access by the data subject (Art. 15 GDPR)
● Right to rectification (Art. 16 GDPR)
● Right to erasure (Art. 17 GDPR)
● Right to restriction of processing (Art. 18 GDPR)
● Right to data portability (Art. 20 GDPR)
● Right to object (Art. 21 GDPR)
● Right to withdraw consent (Art. 7 para. 3 GDPR)

7. Data Security. Data Security

We apply the highest standards to data security for our infrastructure and the processing of your data. For example, we use protection mechanisms for computers such as firewalls and data encryption. Our buildings and data are subject to physical access controls. Access to the personal information of our customers is only possible for those employees who need them to carry out their activities.
All personal data sent by you, including your payment information, is also transmitted using the generally accepted and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard, e.g., it is also used for online banking. You will recognize a secure SSL connection with the placement of an "s" at the end of http (i.e., https: // …) in the address bar of your browser, or with the lock icon at the bottom of the browser.
We also apply suitable technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss, and against unauthorized access by third parties. Our security measures are continuously monitored using the latest technology, and regularly adapted to the relevant risk, and improved if necessary.
If personal data is compromised as a result of a breach of security, we will promptly notify those persons whose personal data has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law.

8. Children's Privacy

Protecting the privacy of young children is especially important. For that reason, we do not knowingly collect or solicit personal information from anyone under the age of 16 or knowingly allow such persons to register. If you are under 16, please do not send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 16 is allowed to provide any personal information to or on the Services. If we learn that we have collected personal information from a child under age 16 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at privacy@visaright.eu.

9. Notification Procedures

It is our policy to provide notifications, whether such notifications are required by law or are for marketing or other business-related purposes, to you via email notice, written or hard copy notice, or through conspicuous posting of such notice on our website page, as determined by us in our sole discretion. We reserve the right to determine the form and means of providing notifications to you, if you may opt out of certain means of notification as described in this Privacy Policy.


10. Changes to our Privacy Policy

If we change our Privacy Policy and procedures, we will post those changes on our platform to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on our platform.

This Privacy Policy was last modified in May 2022.