PRIVACY POLICY

INTRODUCTION

This Privacy Policy (“Policy”) applies to the securing and processing of personal data by GetAVisa operating the website GetAVisa.com (hereinafter “GetAVisa”) in connection with personal data provided by any person (“User”) who has purchased, intends to purchase, or inquires about any product(s) or service(s) made by GetAVisa through any of GetAVisa's interface channels including the website, mobile site, and mobile app (collectively referred herein as “Sales Channels”). For the purpose of this Privacy Policy: References to “you” or “your” are references to 'User'. References to “we,” “us,” or “our” are references to 'GetAVisa.' References to “website” mean references to 'website(s),' 'mobile site(s),' and 'mobile app(s).'

PURPOSE OF THIS POLICY

We respect your need to understand how and why information is being collected, used, disclosed, transferred, and stored. Thus, we have developed this Policy to familiarize you with our practices. This Policy outlines the way in which we process your information when you use our Website or other digital platforms in accordance with applicable data protection laws. It is important that you read this Policy together with any other policies we may provide on specific occasions when we are collecting or processing your personal data, so that you are fully aware of how and why we are using your personal data. This Policy supplements other notices and is not intended to override them.

DEFINING CONTROLLER OF PERSONAL DATA

A “Controller” is a person or organization who alone or jointly determines the purposes for which, and the manner in which, any personal data is or is likely to be processed. This notice is issued on behalf of GetAVisa as the controller. A Processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the Controller. As the circumstances warrant, GetAVisa may act as either the Controller or Processor of your personal data.

TYPE OF PERSONAL DATA WE COLLECT

Personal data includes any information about a user from which that person can be identified. It does not include personal data where the identity has been removed (anonymous data). You may be asked for personal data whenever you are in contact with GetAVisa directly or indirectly through a third party.Aggregated Data:

• We collect, use, and share aggregated data such as statistical or demographic data for any purpose.
• Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
• For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.
• However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.

• We do not collect any special categories of personal data about you through our Website (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, or genetic and biometric data).
• Nor do we collect any information about criminal convictions and offenses.

• Contact Data: Including your residential address, work address, email address, and telephone numbers.
• Identity Data: Including your first name, last name, username or similar identifier, title.
• Website User Data: Usernames, passwords, and other security-related information used by you in relation to our services.
• Transaction Data: Transactional history about your e-commerce activities, buying behavior, information pertaining to any other traveler(s) for whom you made a booking through your registered GetAVisa account.
• Marketing and Communications Data: Including your marketing and communication preferences.
• Public Domain or Third-Party Data: Data available in the public domain or received from any third party including social media channels, including but not limited to personal or non-personal information from your linked social media channels.
• Profile Data: Including information collected progressively when you visit our site, including your referral website, pages you visit, actions you take, and patterns of page visits.
• Technical Data: Includes information collected when you access our website, mobile site, or mobile app, such as your internet protocol (IP) address, login data, browser type, and version, time zone setting, location, and other device-related data.
• Usage Data: Information about how you use our Website.
• Any other Personal Data: Copies of your passport, bank statements, originals of the filled-in application forms, photographs, and other information required by the respective embassy to process your visa application.

MODES OF COLLECTING PERSONAL DATA

We will collect personal data only when you choose to provide it to us in the following circumstances: Direct Interaction: When you make an inquiry, quotation request, or make a reservation or purchase from our ‘Website’ or through our customer service team - by email(s), letter(s), fax, on the phone, or in a physical store. Cookies and Other Technologies: We receive Technical Data about your equipment, browsing actions, and patterns by using cookies, server logs, and other similar technologies. Third Parties or Publicly Available Sources: We receive Technical Data from analytics providers such as Google.

GROUNDS FOR PROCESSING OF DATA

“performance of a contract”: where we need to perform a contract which we are about to enter into or have entered into with you as a party or to take steps at your request before entering into such a contract; “legal or regulatory obligation”: where we need to comply with a legal or regulatory obligation that we are subject to; “legitimate interests”: where necessary for our interests provided that your fundamental rights do not override such interests. This can mean, for instance, that it is in our interest, to monitor how you are using our Website or client portals to ensure that the security of our Website or client portals or systems is maintained. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests; and “consent”: We rely on consent as a legal basis for processing your personal data in relation to sending direct marketing communications to you via email or text message. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

USE OF PERSONAL DATA

We will only process (i.e. use) your personal data when the law allows us to, that is, when we have a legal basis for processing. We generally use the information to establish and enhance our relationship with our users for the following purposes:

• While you make a booking: We may use your Personal Information available with us to ease your booking process. This information may include all the data provided by you earlier i.e. contact data. We may also use the information of travelers list as available in or linked with your account. This information is presented to the User at the time of making a booking to enable you to complete your bookings expeditiously.
• We may also use your Personal Information for several reasons including but not limited to:
  • Keep you informed of the transaction status
  • Send booking confirmations either via SMS or WhatsApp or any other messaging service
  • Send any updates or changes to your booking(s)
  • Allow our customer service to contact you, if necessary
  • Confirm your reservations with respective service providers
  • Customize the content of our website, mobile site and mobile app
  • Request for reviews of products or services or any other improvements
  • Send verification message(s) or email(s)
  • Validate/authenticate your account and to prevent any misuse or abuse
  • Contact you on your birthday/anniversary to offer a special gift or offer
  • Send you important notices and communications regarding our products and services availed or changes to the terms and conditions and/or policies
  • Send information about products and services offered by GAV and its affiliates
  • Send you payment reminders and/or travel vouchers
  • Newsletters to keep you updated on the travel sector. In the event that you don’t wish to receive such intimation, you may unsubscribe this facility in the email message you receive
• We may share your personal data to third parties for reasons cited below but not limited to:
  • Where it is necessary to process your booking, enquiry or participation.
  • To fulfil the service offering and/or to make booking, reservation, blocking and any such activity initiated by user.
  • We may share personal data with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information.
• We may use your personal information for Marketing Promotions, Research and other programs. As a registered user, you will receive our latest product and service announcements, offers, promotions and event updates. If you wish to unsubscribe, you can choose to do so.
• We may also use the personal data to improve our product offering, develop and deliver products, services, content and advertising. Personal data may also be used internally for research, analysis and auditing.
• GAV may from time to time launch promotions to give its Users an opportunity to win great travel and travel related prizes. During such activity the personal information collected by us may include contact information and survey questions. We will use such information to notify contest winners and survey information to develop promotions and product improvements.
• GAV may launch travel referral or reward programs from time to time by way of which users would win travel related rewards or other rewards. We may use your personal information to enrol you in the rewards program. Depending on the reward program, each time you win a reward, GAV may share your personal information with a third party that will be responsible from fulfilling the reward to you. You may however choose to opt out of such reward program if you choose to do so. Here too while rewarding any user we at times may verify information of customers on selective basis for various purposes such as fraud protection or any other purpose.

COLLECTION AND USE OF NON-PERSONAL DATA

Non-personal data is data which can never be used to identify an individual. We may collect information regarding customer activities on our various portals. This aggregated information is used in research, analysis, to improve and monitor products and for various promotional schemes. It may be shared in aggregated, non-personal form with third party to enhance customer experience, products offering or services.

COOKIES AND OTHER TECHNOLOGIES

We use cookies and other technologies to enhance your experience when you use our Website. To that effect, we have developed a cookie policy to familiarize you with our practices. You can access the cookie policy

LINKS

For your convenience, our Website provides links to other sites. When you click on one of these links, you are leaving our Website and entering another site. We are not responsible for such third party sites. You should carefully review the privacy statements of any other sites you visit, because those privacy statements will apply to your visit to such other sites.

DISCLOSURE OF INFORMATION

Where required, we will (subject to our professional obligations and any terms of business which we may enter into with you) disclose your personal data to: any person or entity to whom we are required or requested to make such disclosure by any court of competent jurisdiction or by any governmental, taxation or other regulatory authority, law enforcement agency or similar body; our professional advisers or consultants, including lawyers, bankers, auditors, accountants and insurers providing consultancy, legal, banking, audit, accounting or insurance services to us; and Service-providers who provide information technology and system administration services to us.

INFORMATION PROTECTION AND SECURITY

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing, including:

• The pseudonymisation and encryption of personal data
• The ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
• The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
• A process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing

• We have put in place appropriate security measures and certifications to protect your personal data and prevent unauthorized access.
• We have an SSL site, and users should use it to protect information transmission while transacting online.
• We require any third parties processing your information to implement the same levels of protection with respect to your data.
• While no system is foolproof, including ours, we will continue using internet security procedures to ensure your data remains safe with us.

• We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, regulatory, accounting, or reporting requirements.
• We will retain your personal data in our databases in accordance with our document management, retention, and destruction policy and applicable laws.
• This period may extend beyond the end of your relationship with us, but it will be only as long as necessary for us to have sufficient information to respond to any issues that may arise later.
• In some circumstances, we may anonymise your personal data for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

1. Send an Email Request - Send an email to support@getavisa.com with the subject line: "Account and Data Deletion Request."
2. Provide Necessary Details - In the body of your email, include the following information:
   • Your full name
   • The contact information you used during registration (e.g., email address or phone number)
   • A brief statement confirming that you want your account and data to be deleted
3. Verification Process - To ensure the security of your data, we may request additional details to verify your identity before processing your request.
4. Confirmation of Deletion - Once your identity is verified, we will proceed to delete your account and associated data. You will receive an email confirmation once the deletion process is complete.
5. Processing Time - Please allow up to [specify the time, e.g., Upto 30 days] for your request to be processed.
6. Exceptions - In certain cases, we may retain specific data to comply with legal obligations or legitimate business interests, as outlined in our Privacy Policy.