Table of Contents
PERSONAL INFORMATION YOU PROVIDE: When you use our services, create an account, or place an order, we collect information you voluntarily provide, including: full name, email address, phone number, mailing address, nationality, visa type, and payment information (processed securely through Stripe — we never store your full card number, CVV, or card expiration date).
DOCUMENTS: When you submit documents for translation, business plan preparation, or credential evaluation, we receive and process the contents of those documents. These may include birth certificates, diplomas, transcripts, marriage certificates, court documents, and other personal records.
AUTOMATICALLY COLLECTED INFORMATION: When you visit our website, we automatically collect certain technical information, including: IP address, browser type and version, operating system, referring URL, pages visited, time spent on pages, and device identifiers. This information is collected through cookies, web beacons, and similar technologies.
COMMUNICATION DATA: When you contact us via email, phone, chat, or our feedback form, we retain records of those communications, including the content of messages and any attachments.
ACCOUNT INFORMATION: If you create a client account, we store your login credentials (password is encrypted using industry-standard hashing — we never store passwords in plain text), order history, and account preferences.
We use the information we collect for the following purposes:
SERVICE DELIVERY: To process your orders, prepare certified translations, write immigration business plans, conduct credential evaluations, and deliver completed work to you.
PAYMENT PROCESSING: To process payments securely through Stripe, send invoices, and manage refunds when applicable. Stripe's privacy policy governs their handling of your payment data.
COMMUNICATION: To send you order confirmations, status updates, delivery notifications, and respond to your inquiries. We may also send you service-related announcements (e.g., changes to our terms or services).
MARKETING: With your consent, to send you promotional emails about our services, special offers, and immigration-related content. You can opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email or contacting us at [email protected].
IMPROVEMENT: To analyze usage patterns, improve our website and services, develop new features, and enhance user experience. This analysis uses aggregated and anonymized data whenever possible.
LEGAL COMPLIANCE: To comply with applicable laws, regulations, legal processes, or governmental requests. To protect the rights, property, and safety of Vis Vantage, our clients, and the public.
FRAUD PREVENTION: To detect, prevent, and address fraud, security breaches, and other potentially prohibited or illegal activities.
WE DO NOT SELL YOUR PERSONAL INFORMATION. We have not sold personal information in the preceding 12 months and do not intend to sell personal information in the future.
We may share your information with the following categories of third parties, solely for the purposes described in this policy:
PAYMENT PROCESSOR (Stripe): To process your payments securely. Stripe is PCI DSS Level 1 certified, the highest level of certification in the payment card industry. Visit stripe.com/privacy for their privacy practices.
CLOUD STORAGE (Amazon S3): To securely store your uploaded documents and completed deliverables. Files are encrypted at rest and in transit using AES-256 encryption.
CREDENTIAL EVALUATION PARTNERS: When you order a credential evaluation, we share your academic documents with our evaluation partners (e.g., AACRAO Edge) to complete the evaluation. These partners are bound by their own privacy policies and professional standards.
GOOGLE WORKSPACE: We use Google services for email communication and document management. Google's privacy policy applies to data processed through their services.
LEGAL REQUIREMENTS: We may disclose your information if required by law, subpoena, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
BUSINESS TRANSFERS: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections described in this policy.
We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:
ENCRYPTION: All data transmitted between your browser and our servers is protected by 256-bit SSL/TLS encryption. Documents stored in our cloud infrastructure are encrypted at rest using AES-256.
ACCESS CONTROLS: Access to personal information is restricted to authorized personnel who need it to perform their job functions. All access is logged and monitored.
SECURE PAYMENT: All payment processing is handled by Stripe, which is PCI DSS Level 1 certified. We never store, process, or transmit your full credit card information on our servers.
PASSWORD SECURITY: Account passwords are hashed using bcrypt with salt, making them unreadable even in the event of a data breach. We never store passwords in plain text.
REGULAR AUDITS: We regularly review our security practices and update them to address new threats and vulnerabilities.
INCIDENT RESPONSE: In the event of a data breach that affects your personal information, we will notify you and the relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach.
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law:
ORDER DATA: Order records, including client information and service details, are retained for 3 years after service completion for warranty, support, and legal compliance purposes.
DOCUMENTS: Client-submitted documents and completed deliverables are retained for 12 months after service completion to facilitate corrections, re-deliveries, or related orders. After this period, documents may be securely deleted upon request.
ACCOUNT DATA: If you have a client account, your account information is retained for as long as your account is active. You may request account deletion at any time.
COMMUNICATION RECORDS: Email and support communications are retained for 2 years for quality assurance and dispute resolution purposes.
FINANCIAL RECORDS: Payment and transaction records are retained for 7 years as required by U.S. tax and financial regulations.
ANONYMIZED DATA: Aggregated, anonymized data that cannot be used to identify you may be retained indefinitely for analytical and statistical purposes.
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information:
RIGHT TO KNOW: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, the business purpose for collecting the information, and the categories of third parties with whom we share the information.
RIGHT TO DELETE: You have the right to request that we delete any personal information we have collected from you, subject to certain exceptions (e.g., if the information is needed to complete a transaction, detect security incidents, or comply with legal obligations).
RIGHT TO OPT-OUT OF SALE: You have the right to opt out of the sale of your personal information. As stated above, we do not sell your personal information.
RIGHT TO NON-DISCRIMINATION: We will not discriminate against you for exercising any of your CCPA rights. We will not deny you services, charge you different prices, or provide a different level of service because you exercised your rights.
To exercise any of these rights, please contact us at [email protected] with the subject line "CCPA Request" or call us. We will respond to your request within 45 days. We may need to verify your identity before processing your request.
AUTHORIZED AGENTS: You may designate an authorized agent to submit requests on your behalf. We may require the agent to provide proof of authorization and may still require you to verify your identity directly.
If you are located in the European Union or European Economic Area, the General Data Protection Regulation (GDPR) provides you with the following rights:
RIGHT OF ACCESS: You have the right to obtain confirmation of whether we process your personal data and to access that data.
RIGHT TO RECTIFICATION: You have the right to request correction of inaccurate personal data or completion of incomplete data.
RIGHT TO ERASURE (Right to Be Forgotten): You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
RIGHT TO RESTRICT PROCESSING: You have the right to request restriction of processing of your personal data under certain circumstances.
RIGHT TO DATA PORTABILITY: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
RIGHT TO OBJECT: You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
RIGHT TO WITHDRAW CONSENT: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
LEGAL BASIS FOR PROCESSING: We process your personal data on the following legal bases: (a) Contract performance — to deliver the services you ordered, (b) Legitimate interests — to improve our services and prevent fraud, (c) Consent — for marketing communications, (d) Legal obligation — to comply with applicable laws.
To exercise any of these rights, please contact us at [email protected] with the subject line "GDPR Request". We will respond within 30 days.
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at [email protected] so we can take appropriate action.
Vis Vantage is based in the United States. If you access our services from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.
By using our services, you consent to the transfer of your information to the United States. We take appropriate safeguards to ensure that your personal information is protected in accordance with this Privacy Policy, regardless of where it is processed.
For EU/EEA residents, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for data transfers outside the EEA.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on our website and updating the "Last Updated" date at the top of this page.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated terms.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [email protected]
Subject Line: For CCPA requests, use "CCPA Request". For GDPR requests, use "GDPR Request". For general privacy inquiries, use "Privacy Inquiry".
We will respond to all privacy-related inquiries within 30 days (or 45 days for CCPA requests, as permitted by law).
If you are not satisfied with our response, you have the right to lodge a complaint with a supervisory authority in your jurisdiction.