- The Information that we Collect
- How the Information we Collect is Used
- CIBT’s EU GDPR Compliance Statements
- CIBT’s EU-U.S. Privacy Shield Statement and Accountability for Onward Transfers
- How We Collect Information
- How CIBT Protects Your Information
- How to Opt out of Further Communication
- How to Contact CIBT
- Links to Other Websites
- CIBT’s stance on Collecting Personal Information from Children
The Information We Collect
By using our websites and/or our services we may collect and request information from you which includes your name, title, company, address, telephone number, date of birth, e-mail address and service payment details.
If CIBT is handling your visa or immigration matter, additional information may be requested by the application forms of destination country. These additional items can include items such as your personal and family information, educational background, employment history, travel history, and financial records. As required by relevant visa or governmental authorities such additional sensitive information can include ethnicity, race, religion, trade union membership, health related information, biometrics and information about criminal history.
Other information we collect may include marketing information and web interaction information such as:
- Data from marketing opt-in lists, consumer surveys, or publicly available information.
- Unique IDs such as a cookie placed on a computer, mobile or device IDs.
- Internet Protocol address (‘IP address’)
- Information about a device such as information contained in HTTP headers or other internet transfer protocol signals, browser or device type and version, operating system, user-agent strings and information about or from the presence or use of ‘apps’ on mobile devices.
- The web search term(s) a consumer used to locate and navigate to a website.
How Information Is Used
CIBT may share the personal information with third parties for the following purposes:
- To complete your visa, document legalization, or immigration process request as necessary to provide visa and immigration services to you and your family, including disclosure to government agencies in the form of applications, photographs, and petitions for visa requests and/or immigration benefits. This may include providing sensitive data required for immigration process request to Visa Application Centers, Logistics Companies, Invitation Providers and/or Translators/Solicitors.
- Share data with companies that provide services to assist us with our business activities in visa and immigration request fulfillment. Any sharing of data is subject to both EU-US Privacy Shield and EU GDPR requirements outlined below.
- To improve our products and services, provide superior customer service, and identify market opportunities.
- As required by law in response to requests by public authorities including meeting national security or law enforcement requirements.
CIBT may also use the information to communicate with you directly via survey, e-mail or direct mail, such as to inform you about newsworthy topics and upcoming events that may be of interest to you, or to confer with you regarding your visa or passport request, or immigration case. We may also use your email address to send you reminders of expiring visas, passports, or immigration status. If you would like to discontinue receiving this information see the How to Opt-out of Further Communication section below.
EU Global Data Protection Regulation (GDPR) Compliance statements
Lawful Basis for Collecting Personal Information: CIBT collects and processes personal information in order to fulfill your visa, passport, document legalization, or immigration process request and our contract with you. This information is collected and processed in accordance with local laws including GDPR regulations in the European Union. For those individuals to whom the GDPR applies, general personal information is collected and processed on the basis of the contract formed or to be formed between us but the additional sensitive personal information is collected and processed under the lawful basis of consent. By placing the order and giving your consent, you are giving CIBT the following rights:
- The right to collect your personal information
- The right to process your personal information
- The right to share your personal information with third party providers and government entities as needed, such as Government Authorities, Visa Application Centers, Logistics Companies, Invitation Providers and/or Translators/Solicitors relevant to your request for services.
You maintain the right to revoke consent at any time
The Right to Have Your Personal Information Erased: At any time, you have the right to request that CIBT erases the personal information you have provided to us. CIBT will erase any data as long as it is legally allowed to according the laws and regulations in the countries in which we operate. You may make this request by clicking here The following will then occur:
- CIBT will acknowledge your request.
- CIBT will review your specific request and the country of its origin, and determine if we are lawfully allowed to oblige the request.
- CIBT will then either:
- inform you that your data has been removed from our systems or
- inform you as to the date that CIBT is legally allowed to remove said data from our systems give the nature of said data and the country of its origin.
The Right to Access Your Personal Information: At any time, you have the right to access your personal information held by CIBT. To make a request for access to your data, a personal appearance is required at a CIBT location with a government issued ID . After validating the identity of the requestor, CIBT will provide your personal information in accordance with our policies.
International Transfer of Your Personal Information: Your information may need to be transferred outside the EU region to Government Authorities and Logistics Companies in the countries for which you have requested travel documentation in order to successfully process your service request. Such countries may not have data protection laws equivalent to countries in the EU. We will use all reasonable endeavors to ensure that your personal information remains confidential when transferred to such countries. You may withdraw your consent at any time but if the consent is withdrawn prior to the provisioning of the service, we will then be unable to complete the provision of the services.
Complaint to Supervisory Authority: If you consider that we have breached your rights under GDPR you may complain to the data protection authority in the country in which you reside or to the lead supervisory authority at https://ico.org.uk/concerns/ or by phone at +44 303 123 1113
EU-US Privacy Shield Compliance & Accountability for Onward Transfers
CIBT complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. CIBT has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. To learn more about the Privacy Shield, and to view our certification, please visit https://www.privacyshield.gov.
If CIBT transfers personal data to one of its affiliated entities within its corporate group, CIBT will take steps to ensure that such personal data is protected within the same level of protection that the Privacy Shield Principles require
Recourse, Enforcement and Liability
CIBT has mechanisms in place designed to help assure compliance with the Privacy Shield Principles. CIBT conducts an annual self-assessment of its consumer personal data practices to verify that the attestations and assertions the company makes about its Privacy Shield privacy practices are true and that the company’s privacy practices have been implemented as represented and in accordance with the Privacy Shield Principles.
Consumers may file a complaint concerning CIBT’s processing of their Personal Data. CIBT will take steps to remedy issues arising out of its alleged failure to comply with the Privacy Shield Principles. Consumers may contact CIBT as specified below about complaints regarding the company’s Consumer Personal Data practices.
If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, you can also submit your complaint to PrivacyTrust, an independent third party. Visit https://www.privacytrust.com/drs/cibt to file a complaint.
Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
CIBT’s compliance with the Privacy Shield Principles is subject to the investigatory and enforcement powers of the Federal Trade Commission.
How We Collect Information
We may collect information from you in the following ways:
- By Asking: We may collect personal information from you by asking that you provide it to us. CIBT will only collect information that is needed to help us provide the service you request.
- Web Beacons: A web beacon is an electronic file on a web page that allows us to count and recognize users who have visited that page. Among other things, a web beacon can be used in HTML-formatted email to determine responses to our communications and measure their effectiveness. For instance, if you get an email from us and click on a link in that email to go to the Website. You can generally avoid web beacons in email by turning off HTML display and displaying only the text portion of your email.
- Web Server Logs: Web server logs are records of activity created by the computer that delivers the webpages you request to your browser. For example, a web server log may record the search term you entered or the link you clicked to bring you the webpage. The web server log also may record information about your browser, such as your IP address and the cookies set on your web browser by the server.
Protecting Your Information
Protecting personal information we receive from you is of crucial importance to CIBT. While there is always some risk involved with transmitting information over the internet, we strive to protect against the misuse of any personal information that we receive from you via our website. CIBT data is protected by Industry endorsed Transport Layer Security (TLS) technology. TLS is the most widely deployed security protocol used today, and is used for Web browsers and other applications that require data to be securely exchanged over a network. This technology ensures the safe transmission of all data, including personal and credit card information. By taking such measures, CIBT customers can feel secure in the knowledge that their data is protected when using our website.
Deleting Your Information
We generally delete personal data within 90 days after our services conclude; however, we will retain and use your information as necessary to comply with our legal obligations, government auditing requirements, resolve disputes, and enforce our agreements. At the end of such period, we may, at our discretion, destroy such personal data without notice to you.
How to Opt-Out of Further Communication
We provide users the opportunity to opt-out of receiving further communications from us at their request. To opt-out of further communications contact us by email at firstname.lastname@example.org or call 800-455-5166
How to Contact CIBT
Links to Other Websites
Personal Information From Children
We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not to allow your children to submit personal information without your permission.
While every effort is made to provide accurate information, travel visa and passport requirements are constantly changing and there may be a delay before we are advised of such changes. Therefore, we are unable to guarantee complete accuracy at all times. Processing times and charges given are solely for guidance purposes and cannot be guaranteed. Where ‘no’ travel visa is indicated, we recommend this information be confirmed by the carrier and the relevant embassy or consulate. CIBT recommends that travel visas be obtained before travel. Where information for travel visas upon arrival are given, we always recommend confirmation of this information with the airline and embassy or high commission prior to travel. Travel arrangements should not be confirmed prior to the visa or passport being issued, unless they are a specifically required for that consulate. In such cases, refundable arrangements should be made.