Privacy Policy
Last updated: 8 November 2025
VisaFlow.ie ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.
Information We Collect
Personal Information
When you use VisaFlow.ie, we collect information you provide directly including: name, email address, nationality, date of birth, passport information, contact details, travel information, financial information, and employment details needed for visa applications.
Account Information
We collect your Google account information (name, email, profile picture) when you sign in using Google OAuth authentication.
Usage Information
We automatically collect information about your use of our service including: pages visited, features used, time spent on pages, and technical information like browser type, IP address, and device information.
Payment Information
Payment card details are processed securely by Stripe, our payment processor. We do not store your full credit card information on our servers.
How We Use Your Information
Service Delivery
We use your information to: provide our visa application assistance services, generate personalized documents, assess application strength, send service-related communications, and process payments.
Service Improvement
We analyze usage patterns to improve our service, develop new features, understand user needs, and enhance the accuracy of our AI document generation.
Legal Compliance
We may use your information to comply with legal obligations, enforce our Terms of Service, protect our rights and the rights of others, and respond to lawful requests from public authorities.
Data Security
Encryption
All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols. Data stored in our databases is encrypted at rest.
Access Controls
We implement strict access controls to ensure only authorized personnel can access user data. All access is logged and monitored.
Secure Infrastructure
We use enterprise-grade cloud infrastructure with built-in security features, regular security updates, and continuous monitoring for threats.
Data Sharing
We Do Not Sell Your Data
We never sell, rent, or trade your personal information to third parties for marketing purposes.
Service Providers
We share data with trusted third-party service providers who assist us in operating our platform: (1) Google (authentication), (2) Stripe (payment processing), (3) OpenAI/Azure (AI document generation), (4) Cloudflare (file storage), (5) Resend (email communications). These providers are contractually obligated to protect your data.
Legal Requirements
We may disclose your information if required by law, court order, or government request, or to protect our rights, safety, or property.
Your Rights (GDPR)
Access & Portability
You have the right to access your personal data and receive a copy in a portable format.
Correction
You can update or correct your personal information at any time through your account settings.
Deletion
You have the right to request deletion of your personal data. Contact support@visaflow.ie to request account deletion. We will delete your data within 30 days, subject to legal retention requirements.
Objection & Restriction
You can object to certain data processing activities or request restriction of processing in specific circumstances.
Withdraw Consent
Where we process data based on consent, you have the right to withdraw that consent at any time.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. After account deletion, we retain certain information for:
- Legal compliance (tax records, payment records): 7 years
- Fraud prevention and security: 2 years
- Anonymized analytics data: indefinitely (cannot be linked back to you)
Cookies and Tracking
We use essential cookies to operate our service (authentication, session management, security). We do not use third-party advertising cookies or tracking pixels.
You can manage your cookie preferences at any time on our Cookie Preferences page.
International Data Transfers
Your data may be processed in countries outside the European Economic Area (EEA), including the United States, where our service providers operate. We ensure appropriate safeguards are in place through:
- Standard Contractual Clauses approved by the European Commission
- Service providers certified under the EU-U.S. Data Privacy Framework
- Other legally recognized transfer mechanisms
Children's Privacy
Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@visaflow.ie.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our website. Your continued use of the service after changes become effective constitutes acceptance of the revised policy.
Contact Us About Privacy
If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your data:
Email: privacy@visaflow.ie
Data Protection Officer: dpo@visaflow.ie
Right to Lodge a Complaint
You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws. In Ireland, you can contact the Data Protection Commission at www.dataprotection.ie.