Privacy Notice

Introduction

TLScontact and its worldwide companies (hereinafter “TLScontact”, “we”, “us”, “our”) is committed to protecting the privacy and security of the customers who use TLScontact websites and services (hereinafter “Customers”, “you”, “your”). The purpose of this privacy notice (hereinafter the “Privacy Notice”) is to explain how and why we use your personal data to ensure you remain informed and in control of your information.

TLScontact processes your personal data in compliance with the applicable legal requirements and, in particular, the European General Data Protection Regulation 2016/679 (“GDPR”) dated on April 27, 2016 applicable as of May 25th, 2018 in the European Union. 

This Privacy Notice applies to all TLScontact services and by using our services you acknowledge having been informed that TLScontact collects, uses and discloses your personal data in accordance with this Privacy Notice.

Any questions you have in relation to this Privacy Notice or how we use your personal data should be sent to our Data Protection Officer:

TLScontact Data Protection Officer:

Email:

DPO@tlscontact.com

Address:

Attn: Data Protection Officer

TLScontact

67, rue Saint Lazare

75009 Paris, France       


About us

TLScontact is a pioneering company specialising in providing Customer relationship management within a face-to-face environment. Our core business is to operate visa application centres on behalf of government authorities (“our Clients”, “Diplomatic mission”).

TLScontact is part of the Teleperformance Group, the worldwide leader in outsourced omnichannel customer experience management, providing excellent customer experience at every opportunity, serving governments and companies.

Your personal data (i.e. any information allowing to identify you directly or indirectly) is collected on the behalf of our clients (i.e. hereinafter the “Clients”) for the provision of a visa service and/or immigration service, and to perform administrative and non-judgmental tasks related to the aforementioned services (see Section 1 of this Privacy Notice). Your personal data may also be collected by TLScontact on its own behalf for the provision of specific services (not related to the aforementioned services), for its business needs and/or to ensure the security of its premises, employees and visitors (see Section 2 of this Privacy Notice).

Our Clients are data controllers within the meaning of the GDPR and TLScontact may either act as a data controller or a data processer depending on the nature of the services/processing concerned. When TLScontact acts as a data processor it collects and processes personal data only on behalf and under the instructions of its Clients.

1. For personal data concerning your visa/immigration application and related services (TLScontact acting as a data processor

1.1. How do we collect your personal data?

We obtain personal data about you when you use our website or use our services to apply for a visa or use our visa application services.

Representatives may submit personal data about you on your behalf. We will always verify and validate any individuals claiming to be your representative before accepting any information about you.

1.2. What do we collect?

We will only collect personal data required by our Clients to submit a visa application or provide a related service. The type and categories of personal data that we collect is dependent on what visa/service you are applying for.

We collect in particular the following categories of personal data:

Personal details: name, nationality, gender, details of your travel document (i.e. passport or ID), email address, telephone number, marital status, postal address, place, date of birth, photographs, etc.

Sensitive personal data: health related information, biometric data (fingerprints, DNA swabs) records of criminal activities, legal proceedings etc.

Personal details of people related to you: children, parents, spouse, personal details of inviting party etc.

Business, education: business and/or employment activities, student activities, employer/student address and contact details.

Financial data: payment card details, bank account details, national insurance details, proof of salary, taxes etc.

Electronic media data: Video and audio recordings.

This list may vary depending on a Client’s requirements and the services you request from us.

If you want to know exactly what personal data will be collected for your visa/immigration service, please contact the relevant Diplomatic Mission for more information.

1.3. How is your personal data used?

We will never sell your personal data or use it in any way without your direct knowledge. We will only use your personal data on behalf of our Client and according to its instructions in order to process the specific service that you require relating to the visa application.

We may use your personal data to:

  • Validate who you say you are;
  • Book an appointment for you to one of our Visa Application Centre (VAC);
  • Assist you in your visa application or other application;
  • Carry out further verification procedures in relation to your visa or other application;
  • Provide you with additional services that you request relating to the visa application, we may in particular use your personal data to process any added value services (AVS) that you request, relating to your visa application, for example a courier delivery service to ship your application documents to your address of choice;
  • Enable you to track the progress of your application;
  • Perform our obligations under our mandate from our Clients;
  • Send you communications and notifications concerning the status of your chosen service.  

Such data processing are based on the execution of the contract between TLScontact and its Client and on the compliance with legal obligations.

For more information regarding the purposes of the data processing we implement on behalf of our Client, please contact the relevant Diplomatic Mission.

1.4. How long we store personal data?

We keep your personal data in accordance with our legal obligations and with our Client’s instructions. Most of the time we do not maintain any personal data once the visa application process is over. We will hold your personal information on our systems only for as long as is necessary to provide the service.  

For more information about how long the Client keeps your personal data, please contact the relevant Diplomatic Mission.

1.5. Who has access to your personal data?

TLScontact companies

We may share your personal data with companies belonging to TLScontact where it is necessary to process your requests and to provide you with the relevant services.

Government Authorities and Diplomatic Missions

When applying for a visa or other related service, your personal data will be sent to our Client, i.e. the foreign Diplomatic Mission that represents the country you are applying to and that acts as the data controller. This Diplomatic Mission may share your personal data with an applicable governmental, regulatory, or enforcement authority for the prevention of crime or terrorism. We cannot control or direct how your personal data is used after transferring it to the relevant Diplomatic Mission since it acts as the data controller. We strongly recommend you read their privacy notices too (including the information provided in the visa application forms).

Third parties for legal reasons

We may share personal data with third parties to comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.

Third party service providers working on our behalf

We may pass your personal data to our third-party service providers, subcontractors and other associated organizations for the purposes of completing tasks and providing services to you on our behalf (for example to deliver your documents to you by courier). We will only disclose personal data that is necessary to deliver the services concerned. Before sharing any personal data we make sure that all service providers are contractually obliged to and can prove that your personal data:

  • Will be kept secure and confidential;
  • Is stored for only as long as required to process service;
  • Will never be used for anything other than to process the requested service; 
  • Will never be used for any marketing purpose by the third party. 

Other Third parties

We work with third-party product providers to provide you the best customer experience. For example, a third-party provider need to process your personal data to allow the payments of the services you have requested and to meet the applicable legal requirements.

1.6. Overseas transfer of your personal data

Due to the nature of our business, your personal data may be transferred beyond the borders of your Country. By applying for a visa or other related service your personal information will be transferred to the country or with the Government Authority you are applying to. We will never transfer your personal data in an unsafe or unsecure way.

If we transfer your personal data from the EEA to other countries in which applicable laws do not offer the same level of data privacy and protection, we take measures to provide an appropriate level of data privacy and protection by using our Binding Corporate rules or by entering into Standard Contractual Clauses approved by the European Commission with the data importers.

Through the implementation of our Binding Corporate Rules you can rest assured that your personal data is protected when transferred internationally within Teleperformance Group.

2. For personal data concerning TLScontact specific services/processing (TLScontact acting as a data controller)

2.1. How do we collect your personal data?

We obtain personal data about you when you use our website, when you come to our Visa Application Centre (VAC) as a visitor and/or when you use some of our added value services (AVS).

2.2. What do we collect?

We will use, store or otherwise process any of your personal data in accordance with the terms of this Privacy Notice, including but not limited to:

  • Personal details: name, email address, telephone number, postal address, etc.
  • Financial data: payment details.
  • CCTV images for general surveillance.

When we collect personal data through forms, including but not limited to electronic forms, we will indicate the mandatory fields via asterisks. Failure to provide the data marked with an asterisk could prevent you from accessing a service of ours.

2.3. How is your personal data used?

We will never sell your personal data or use it in any way without your direct knowledge.

We may use your personal data to:

  • Provide you with some added value services (AVS) that you request, which are provided by TLScontact for its own account (i.e. service not directly linked to the visa application), and process your payments;
  • Ensure the security of TLScontact’s employees, visitors, customers and premises;
  • Answer your inquiries and/or resolve any dispute relating to TLScontact specific services;
  • Request feedback to improve the quality of our services;
  • Send you marketing communications (with your consent) - we will not share your personal data with third parties for marketing purposes unless you have explicitly consented. You can withdraw this consent at any time by contacting us on-line where applicable.

To process your personal data lawfully we need to rely on one or more valid legal grounds. The grounds we may rely upon are:

  • Where we process your personal data to provide you with the services requested, to deal with your enquiries and claims relating to such services, to handle your payments, etc., the legal basis of the processing is the performance of the agreement between us and you.
  • Where we process your personal data to deal with your enquiries that are not related to a specific service, to send you marketing communications, to request feedback or to protect our employees, visitors and premises, the legal basis of the processing is the legitimate interests pursued by TLScontact (except where your interests or fundamental rights override these), more specifically its economic/business interest in making you personalized offers, in responding to your needs and offering you adapted services, and in ensuring its security.
  • Where the processing is necessary for compliance with a legal obligation to which we are subject, the data processing is based on such legal obligation.

2.4. How long we store personal data?

We review our retention periods for personal data on a regular basis. We generally keep your personal data for as long as it is necessary for the purpose for which the personal data is processed (i.e. for the duration of the provision of the service, during your presence in our premises, for maximum 1 month regarding CCTV images and for 1 year from the last contact with you regarding marketing communications, where applicable and permitted by the local legislation). We may however be required to hold some types of personal data longer to fulfil our statutory obligations or in accordance with the applicable statute of limitations.

2.5. Who has access to your personal data?

TLScontact companies

We may share your personal data with companies belonging to TLScontact where it is necessary to process your requests and/or to provide you with the relevant services.

Third parties for legal reasons

We will share personal data with third parties:

  • To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.
  • In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
  • To protect our rights, users, systems, and services.

Third party service providers working on our behalf

We may pass your personal data to our third-party service providers, subcontractors and other associated organizations for the purposes of completing tasks and providing services to you on our behalf. We will only disclose personal data that is necessary to deliver the service. Before sharing any personal data we make sure that all service providers are contractually obliged to and can prove that your personal data:

  • Will be kept secure and confidential;
  • Is stored for only as long as required to process service;
  • Will never be used for anything other than to process the requested service; 
  • Will never be used for any marketing purpose by the third party. 

2.6. Overseas transfer of your personal data

Due to the nature of our business, your personal data may be transferred beyond the borders of your Country. By applying for a visa or other related service your personal information will be transferred to the country or with the Government Authority you are applying to. We will never transfer your personal data in an unsafe or unsecure way.

If we transfer your personal data from the EEA to other countries in which applicable laws do not offer the same level of data privacy and protection, we take measures to provide an appropriate level of data privacy and protection.

Through the implementation of our Binding Corporate Rules you can rest assured that your personal data is protected when transferred internationally within Teleperformance Group.

2.7. Use of cookies

Our website is no different from other websites and uses cookies to function properly and make your browsing experience easier. For example cookies can help the website remember you and during your next visit you won’t have to choose your preferred language again. 

Our websites also use Google Analytics, a service which transmits website traffic data to Google servers. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

You can turn off cookies for our website through the settings page on your browser.

3. Keeping you in control

We want to ensure you remain in control of your personal data. Part of this is making sure you understand your rights, which are as follows:

  • Access – the right to access your personal data, obtain a confirmation of your personal data we currently hold.
  • Rectify – the right to inaccurate data rectified.
  • Erase – the right to have your data erased (however, this is not an absolute right and TLScontact may have legal or legitimate grounds for keeping such personal data).
  • Restrict – the right, in some cases, to restrict processing of your personal data.
  • Object – the right to object to the processing of your personal data for direct marketing, or in any other situation in compliance with local laws.
  • Give instructions concerning the use of your data after your death - the right to give us instructions concerning the use of your personal data after your death.
  • Withdraw – you may withdraw your consent, at any time, for the processing of your personal data for which you have provided consent by following the Subject Access request described in this Notice. Please note that withdrawing your consent or failing to provide personal data described in this Privacy notice will impact and may stop the processing of any services that you requested or are currently enrolled in.

To exercise your rights to your personal data, all you need to do is contact us directly or through the Feedback and Complaints page, fill in the short request form and choose the “Personal Data Request” category in the “Reason for contact” field. You can also exercise theses rights by contacting the Diplomatic Mission when such rights relate to the visa/immigration application.

All requests are free of charge.

When the request is submitted to TLScontact, we will send you a confirmation of acknowledging your request and will process or hand over your request to our Client without undue delay.

We or our Client may contact you to clarify your request, seek additional information or to verify your identity before processing.

If you feel that your right have been impacted, please contact our Data Protection Officer.

You also have the right to complain to a supervisory authority in your country or any country in the EEA.

4. Profiling

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements

TLScontact does not do profiling. The aforementioned Data Controllers (our Clients i.e. Diplomatic Missions) may, however, use profiling.

For more information about potential use of profiling by the Client, please contact the relevant Diplomatic Mission.

5. Links to other sites

Our website may contain links to other websites. We are not responsible for the content or functionality of any of those external websites.

If an external website requests personal data from you (e.g. in connection with an order for goods or services), the data you provide will not be covered by this Privacy Notice. We suggest you read the privacy notice of any website before providing any personal data.

When purchasing goods or services from any of the businesses that our site links to, you will be entering into a contract with them (agreeing to their terms and conditions) and not with TLScontact.

6. Changes to this Privacy Notice

We will amend this Privacy notice from time to time to ensure it remains up-to-date and accurately reflects how and why we use your personal data. The current version of our Privacy notice will always be posted on our website. In case of material changes we will inform you by any appropriate means.


Copyright © 2013-2017 Magento, Inc. All rights reserved.