We only collect information which you voluntarily provide to us, and which is required for processing an ESTA application. We only use it for the purpose of processing your application, and not for any other purpose.
This is information that identifies or is associated with you personally, such as your name, address, telephone number, and passport number. This information is only necessary for the ESTA application process. We may also use details about you to identify your billing information to refund you the processing fee (if necessary).
You, the customer, provides us with all of the information requested. This means that you will know exactly what information about you we have used for an ESTA application, as well as when and in what form you gave it to us, and for what purpose. This includes information which you enter when you register for our services, billing information, and information which you provide through communication response and feedback.
Additional information that we collect cannot be connected with you personally or used to identify you. Some of this information is technical (your type of web browser, for example), and may be used to track down technical problems, or to improve the functionality and quality of our website.
Some of the pages at our site may include special tags which send information to third parties. These tags are called "web beacons". The information that they send generally involves things such as your type of browser and IP address, information about the page itself and when it was accessed, and information sent by any cookies which the third party may have set on your computer.
Under some circumstances, we may share or transfer user information. These circumstances include:
- Transfer to affiliated businesses, or as the result of changes to our business. If a business is owned or controlled by us, or if we are owned by it, or if we are both controlled by another business, we may share information with that business. If our business is acquired or merges with another company, or if some or all of our assets are sold to another company, user information may be included in that transfer or sale.
- Legally permitted sharing of information: There may be situations in which we share user information with third parties which are not associated with us, as permitted by law.
- Legally required sharing of information, and cooperation with law enforcement and other government agencies: We may share both user information and individual access information with law enforcement agencies in response to requests from those agencies, and with courts of law in response to subpoenas, other orders, or requests from those courts.
Accepting credit card payments and receiving personal information through our website is a trust all customers put on our company and servers to ensure their data is secure. To safeguard all personal data and ensure a safe transfer of information, we utilize HTTPS ( HTTP Over SSL - Secure Socket Layer) for all such transfers. Further, the Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card brands including Visa, MasterCard, American Express, Discover, and JCB. This is a mandatory feature for credit card payments and sensitive data storage that applies to private and public companies. Our systems are scanned on a monthly basis to ensure they are PCI compliant. We also utilize server monitoring systems to ensure that all user experiences and visits are error-free and responsive.
We may make alterations to our Privacy Policies if and when circumstances call for such changes. If we do make such changes, we will post them on our website, along with the date of the changes. We will also change the content of this page to be consistent with our changed policies.
In addition to the policy provisions described above, there are several US federal laws, state laws and third-party initiatives which we recognize:
Personal Identifiable Information (PII) Guidelines As outlined in several United States Government policy documents, these guidelines set out the principles, responsibilities, and practices required to protect the security of Personal Identifiable Information.
Federal Trade Commission Fair Information Practices The United States Federal Trade Commission has formulated a set of Fair Information Practice Principles. These principles cover a) notifying the public of an organization's information-gathering practices, b) providing individuals with the choice to consent or not consent to those practices, c) providing individuals with access to the data which has been collected regarding them, d) ensuring the accuracy and security of the data, and e) means of enforcing these policies and providing remedies if they are violated.
Children's Online Privacy Protection Act (COPPA) COPPA is a federal law of the United States which regulates the collection of personal information from children under 13 years of age. It sets out the responsibilities which website operators have with regard to obtaining consent from parents or guardians, as well as the actual collection of data. While COPPA does not prohibit the collection of personal data from children under 13 with parental consent, it places strict limits on what is allowed.
The CAN-SPAM Act The CAN-SPAM act is a federal law regulating commercial email messages, including unsolicited (spam) messages. It requires options for consumers to unsubscribe, and sets legal standards for both content and the methods by which such messages are sent.