Privacy Policy
Privacy is important to B.O.Managers S.L This statement contains the practices related to the treatment of personal information on the B.O.Managers S.L Web sites, such as the type of data collected, tracking, use and disclosure of such data.
At B.O.Managers S.L we understand that the privacy and security of your personal information is extremely important. Therefore, this policy sets out what we do with your information and what we do to keep it secure. It also explains where and how we collect your personal information, as well as your rights to any personal information we hold about you.
This policy applies to you whether you use through our mobile applications or otherwise using any of our websites or interacting with us on social media (our «Services»). This policy defines our firm commitment to protecting your personal information. Therefore, we strongly recommend that you read and accept our privacy policy before continuing browsing. This Privacy Policy was last updated on August 22, 2018
1. Identification of the business name of the data controller
In accordance with the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter RGPD), we hereby inform you that personal data obtained as a result of your transmission of personal data will be processed by the following controller:
- Company name: B.O.Managers S.L
- Residence: Spain
- Telephone: 910821072
- E-mail: info@usa-esta-visa.com
- Address: Calle Hermosilla, 48 1 D de Madrid (28001)
- N.I.F/C.I.F.: B40518755
2. General privacy principles.
If and when we collect and process your personal information, we follow the following practical principles:
- Personal data is treated in a fair, legal and transparent manner.
- Personal data are collected for specific, explicit and legitimate purposes and are not processed in a manner incompatible with those purposes.
- Personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which the processing takes place.
- Personal data must be accurate and up to date. Inaccurate data will be updated or deleted.
- Personal data must be kept in an identifiable format for no more than necessary
- Personal data are kept secure through appropriate and effective technical and organisational measures against unauthorised or unlawful processing and against accidental loss, destruction or damage, through the application of appropriate technical or organisational measures («integrity and confidentiality»).
- We are committed to the principles of data protection by design and data protection by default.
3. How we collect your personal data and how it is used.
- From you directly: You can visit our website without telling us who you are and without revealing any personal information about yourself. However, to provide a complete service, personal information is most often collected. For example, we collect information about you when you make an inquiry using the contact forms or when you are assigned an access account. The types of Information we collect may include email address, first and last name, location and telephone number.
- Cookies: We may also collect cookie information that we may store on your computer or mobile device. Cookies are small data files stored on your hard drive or in the memory of your device. For more information on the use and purposes of the cookies we use on the website www.usa-esta-visa.com you can access our cookie policy. However, you can change your browser settings to stop accepting cookies or ask before accepting a cookie from websites you visit. However, if you do not accept cookies, you may not be able to use all aspects of our services.
- Records: We may record certain information and store it in log files when you interact with our Services. This information may include Internet Protocol (IP) or other device addresses or identification numbers, as well as the type of browser, Internet service provider, etc.
4. Assumptions where our website requests your personal data
- When you subscribe to the newsletter of www.usa-esta-visa.com.
- When you make comments on posts posted on the blog.
- When inquiries are made through the contact form.
- When any of the services and/or products we offer are requested.
- When registering on the «work with us» form
5. Purposes for which we process your personal data.
In B.O.Managers S.L we treat the data necessary to manage and optimize our services and business relationships with our users and customers. In addition, we also use this information to send advertising of interest to users, related to our products, news, offers and promotions.
The data is collected and processed for the following purposes:
5.1 Information on the processing of the’Complete ESTA Application’ form
TREATMENT: Management and processing of visas
1. For what purpose do we process your personal data?
The purpose of the processing is the management and processing of the visa requested by the interested party, as well as the invoicing of the service.
2. How long will we keep your data?
The data shall be kept during the visa procedure and, once formalised, the visa data shall be kept for a period of two years until the visa itself is time-barred. If the processing of the visa has been refused, these will be cancelled within a maximum period of 2 days. The invoicing data will be kept for 6 years, due to the obligation established in the Commercial Code and the General Tax Law.
3. Are There Automated Decisions or Profiling?
No automated decisions will be made about your data
4. What is the Legitimacy for the treatment of your data?
The legal basis of the treatment in the execution of a contract for the provision of personal services under the terms and conditions set out on the website
5. To which Recipients will your data be communicated?
5.1. Disposals:
Hosting services: Provider of services contracted by the Organization
Visa Control Authority: approval of the visa issued by the visa control authority itself.
5.2. International Data Transfers:
International transfers of personal data of the data subject and of third parties that he/she represents to a third country outside the European Union will be carried out. These will be transferred to the Visa Control Authority of the country in which the applicant has applied for the visa. Such international transfer of data is occasional and necessary in connection with the performance of the contract between the data subject and the controller or for the performance of pre-contractual measures taken at the request of the data subject.
The personal data transferred are essential and necessary for the fulfilment of the contract.
6. Where does your personal data come from?
The personal data come directly from the data subjects themselves or their legal representative.
In order to process the visa application it may be necessary for applicants to provide copies or scans of different types of documentation including: passport, identity card, residence card, birth certificate, bank statement, letter of invitation and letter of authorization from parents (in relation to a minor).
7. What information do we process?
– Identifying information:
- Name and surname
- Nif/dni
- Address
- Telephone
- Signature/Fingerprint
- Email address
- Passport No.
- Other standard data: Personal characteristics / Goods and services transactions / Details of employment
- Specially protected data: In order to process a visa application, it may be necessary to provide certain information considered highly sensitive relating to your gender, ethnicity, religion, beliefs, health, sexual health, and family and criminal history.
8. Are data collected from children?
B.O.Managers S.L only collects information from children who are provided by parents or legal representatives to proceed with the processing of the visa. The information requested is essential for the processing of the visa.
5.2 Information on how to use the «Contact us for any questions» form
TREATMENT: Web contact management
1. For what purpose do we process your personal data?
The purpose of the treatment is to attend and answer the communications or requests received either through the e-mail or the contact form of the WebSite.
2. How long will we keep your data?
The data will be kept for as long as your relationship with the Organisation is active (and you do not request its deletion) and, in any event, for as long as the regulations applicable to the processing described above stipulate.
3. Are There Automated Decisions or Profiling?
No automated decisions will be made about your data
4. What is the Legitimacy for the treatment of your data?
The legal basis of the processing is the legitimate interest pursued by the data controller in attending to the queries and requests of the data subject through our website. We justify the legitimate interest on the basis of the existence of an interest shown by the interested party in contacting us and receiving information from us, a minimum interference with their privacy and the use of limited data (contact details).
5. To which Recipients will your data be communicated?
5.1. Disposals:
Data will not be passed on to third parties, unless legally obliged to do so.
5.2. Transfers:
Your data will not be transmitted to third countries without your explicit consent.
6. Where does your personal data come from?
No data have been or will be collected by other means than those of the data subject himself.
7. What information do we process?
The data provided by the interested party or his representative.
6. Legitimate databases that we use to process your personal data.
This website uses various systems for collecting personal data that will always be treated in a lawful, fair and transparent manner. In each treatment described in point 5 «Purposes for which we process your personal data» the legitimate bases of the treatment are described.
However, in those processing operations where we rely on your consent as the legal basis for processing your personal data, we remind you that you have the right to withdraw such consent at any time by contacting us using the contact details set out in this Privacy Policy.
7. How we share your personal information.
B.O.Managers S.L is not engaged in the sale of your personal information. We consider this information to be a vital part of our relationship with you. However, there are certain circumstances in which we may share your personal information with third parties, as described below:
1. With your express consent: We will not share your personal information with companies, organizations or individuals that are not associated with B.O.Managers S.L unless we have your affirmative consent to do so.
2. In sale, merger, acquisition or similar transactions: If we are involved in a merger, acquisition, sale of all or a substantial part of our assets or other similar sale transaction, your information may be transferred as part of that transaction. We will notify you by email and/or prominent notice on our website about such transfer and any decisions you may have regarding your information.
3. To comply with our legal obligations: when disclosure is necessary to comply with our obligations under laws, regulations, legal processes or governmental requests that affect us.
4. For the formulation, exercise or defence of claims or when courts are acting in the exercise of their judicial function: In certain circumstances, disclosure of personal data may be mandatory because it is subject to a court order, injunction or summons.
5. In order to process your visa application, we share with the supervisory authority of the government where the visa is requested that information necessary to approve or reject the visa application.
6. For the provision of services by providers acting on our behalf, we occasionally enter into carefully selected contracts with third parties so that they may assist us in providing the services on the Site such as:
- Housting Platforms for the purpose of carrying out your hosting and e-mail services.
- Web platform: to offer technical support on the code created for the Web.
- Payment Gateways: to process credit card payments,
7. Aggregate or Non-Personally Identifiable Data: We may share aggregated or other non-personally identifiable information with third parties to enhance the overall experience of our Services.
8. Retention of personal data
We will retain your personal information as necessary to fulfill the purposes for which it was collected. We will retain your personal data as necessary to meet our business or contractual requirements. At the end of this period, the personal data processed will be kept for the legally established periods or for as long as a judge or court may require them, taking into account the period of limitation of legal actions.
9. Sending and registration of personal data
The sending of personal data is compulsory according to the purposes described in point 5. Failure to provide the personal data requested or to accept this data protection policy means that it is impossible to subscribe to, register or receive information about B.O.Managers S.L products and services.
10. Security measures adopted in relation to the processing of personal data
B.O.Managers S.L informs that it implements and applies appropriate technical and organisational security mechanisms and measures to guarantee a level of security of treatment appropriate to the risk.
To this end, B.O.Managers S.L, on the basis of an objective evaluation, has identified, analysed and evaluated the risks of variable probability and seriousness for the rights and freedoms of individuals (risk assessment phase) and, consequently, B.O.Managers S.L has applied timely and effective security mechanisms and measures to eliminate or mitigate the risks identified in the risk assessment phase. In particular, appropriate and effective technical and organisational measures are taken to mitigate the risks of accidental or unlawful destruction, loss or alteration of, or unauthorised access to, personal data transmitted, stored or otherwise processed.
Likewise, B.O.Managers S.L guarantees the user the fulfilment of the duty of professional secrecy and confidentiality with regard to the personal data of the users and the duty to keep them.
11. Rights of the Stakeholder
As a user, you may address your communications and exercise your ARCO rights in accordance with the formalities imposed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
In all our operations related to your privacy, we strive to comply with current regulations, which list a number of rights for the data subject listed below:
Right to information
You have the right to be presented with clear, concise, transparent and easy to understand information about how we use your personal information and about your rights. We provide such information to you in this Policy at point 5.
Right of access
You have the right to access the personal data we hold about you (subject to certain limits). Manifestly unfounded, excessive or repetitive requests may not be granted. To exercise this right, please contact us by any of the means indicated below.
Right of rectification
Right of rectification You have the right to have your personal data rectified when they are inaccurate or no longer valid or to have them completed when they are incomplete. To exercise this right, please contact us by any of the means indicated below. If you have an account, it may be easier for you to correct them yourself by modifying your profile.
Right of Withdrawal/Right to Forget
In certain cases, you have the right to have your personal data deleted or deleted. It should be noted that this is not an absolute right, as we may have legal or legitimate grounds for retaining them. If you wish us to delete your personal data, please contact us by any of the means indicated below.
Right to withdraw consent at any time when data processing is based on consent
In the event that consent has been granted for any of the purposes informed and determined in the treatments to which we refer, we inform you that you have the right to withdraw consent at any time, without this affecting the legality of the treatment based on the consent prior to its withdrawal. For information on which treatments are based on consent, please refer to point 5 of this policy. If you wish to withdraw your consent, please contact us by any of the means indicated below.
Right to object to processing based on the satisfaction of legitimate interests
You may object at any time to our processing of your data where the processing is based on the satisfaction of legitimate interests. For information on which treatments are based on consent, please refer to point 5 of this policy.
Right to lodge a complaint with a supervisory authority
We also inform you that when you have not obtained satisfaction in the exercise of your rights or the manner of exercising them, you may file a complaint with the Control Authority. For more information on this right and how to exercise it, please contact the AGPD: http://www.agpd.es/ Tel. 901 100 099 and 91.266.35.17. C/Jorge Juan,6 28001-Madrid.
Please do not hesitate to contact us by any of the means listed below before filing a complaint with the competent data protection authority.
Right to data portability
You have the right to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format so that it can be transmitted to another controller when processing is based on the performance of a contract or on your consent and processing is carried out by automated means. For information on which treatments are based on consent, please refer to point 5 of this policy.
Right of limitation on processing
your data. If you exercise this right, the processing of your data will be subject to limitations, so we may store it, but we may not continue to use or process it.
This right can only be exercised in certain circumstances defined by the General Data Protection Regulation, as follows:
- the data subject contests the accuracy of the personal data during the period of time during which the data controller is able to verify the accuracy of the data;
- the processing is unlawful and the data subject objects to the deletion of the personal data and instead requests the limitation of their use;
- the controller no longer needs the personal data for the purposes of processing, but the data subject needs them for the purposes of formulating, exercising or defending claims;
- the data subject has opposed processing pursuant to Article 21(1) while it is being verified whether the data controller’s legitimate reasons prevail over those of the data subject.
If you wish to exercise this right, please contact us by any of the means indicated below.
Right to deactivate Cookies
Cookies can be deactivated at any time. As a general rule, the settings of Internet browsers are usually set to accept Cookies by default, but you can easily disable them by changing your browser settings.
Many of the cookies are used to improve the usability or functionality of websites, therefore, if you disable them you may not be able to enjoy all or part of the services provided through our website, you may have usability problems or you may have problems with your session if you start one.
If you wish to limit or block all cookies set by our websites (which may prevent you from using certain parts of the website) or by any other websites/applications, you can do so through your browser settings
How can you exercise your data protection rights?
To exercise your rights, please send a e-mail: info@usa-esta-visa.com indicating’RGPD’ in the subject line. It must specify which of the rights it requests to be satisfied and, in turn, must be accompanied by a photocopy of the ID card or equivalent identification document. If you are acting through a legal or voluntary representative, you must also provide a document that certifies the representation and an identification document of the same:
- Use an official Agency model: http://www.agpd.es/portalwebAGPD/CanalDelCiudadano/derechos/index-ides-idphp.php
- or ask for a model: info@usa-esta-visa.com
12. Links to Other Websites
13. Quality of the data
In order to comply with the principles of privacy, especially the quality of the data B.O.Managers S.L we inform you that you must only provide us with your own personal data and not those of another person, unless you legally represent them. In order to optimise the quality of the information we also need your data to be correct, current, accurate and truthful.
In the event that the information you provide us with is that of another person you do not represent or that your own information or that of the other person you represent is false, erroneous, not current, or inappropriate, you will be liable for any direct and/or indirect damage you cause to third parties or to B.O.Managers S.L
The data requested by the User, indicated with an asterisk (*), will be strictly necessary to contact the User. In no case will the fact of not providing more data than is strictly necessary imply a reduction in the quality of the service.
14. Data of minors or incapable of
The use of the Service is not allowed to minors, so if you are under 16 years of age, you are kindly requested to refrain from using the services of our website.
However, www-usa-esta-visa.com may collect data from children in order to process visa applications and serve requested services. This information will always be provided by parents or legal guardians. As specified in our terms and conditions and in this privacy policy, parents and guardians consent to the collection and use of data from children by providing their data.
B.O.Managers S.L may request additional information or documentation in order to verify the age of the interested party, taking into account the available technology.
16. Updating data
The user is the only source of information of his personal data, so B.O.Managers S.L., asks him, in order to keep his data updated and updated at all times in accordance with the principles of the RGPD, to communicate to the address indicated for the exercise of the rights of access, rectification, cancellation and opposition, any variation of them, as well as the cessation of their activity in the entity he represents in his case, to proceed to the cancellation and / or historical treatment of them.
17. Consent for advertising mailings
18. Modification of this privacy policy
B.O.Managers S.Lreserves the right to modify the present policy in order to adapt it to future legislative or jurisprudential novelties, as well as to industry practices, previously informing the users of the changes that take place in it.
The uninterrupted use of B.O.Managers S.L by the User will constitute a ratification of this document, with the modifications and changes that have been introduced.
For the same reasons mentioned above,B.O.Managers S.L reserves the right to modify or interrupt the B.O.Managers S.LService in whole or in part, having mediated or not notified the user. B.O.Managers S.L will not be liable to the User or to third parties for having exercised their right to modify or interrupt the B.O.Managers S.L Service.