Privacy Notice
1. Introduction
At VFS Global, we’re committed to protect and respect your privacy.
This Privacy Notice explains how [ VFS GCC LLC ] (“VFS Global,” “we,” or “us”) handle your personal data (also known as personal information in certain jurisdictions).
This Privacy Notice does not intent to conflict with applicable local privacy laws. In case there is a conflict, the applicable local privacy laws will prevail.
We may change this Privacy Notice (also known as Privacy Policy in certain jurisdictions) from time to time. We will always make the latest Privacy Notice available to you via this page. Any changes to this Privacy Notice will apply to you and your data immediately.
With respect to the services provided by VFS Global, this Privacy Notice describes:
2. Who are we? (VFS Global)
VFS Global is the world's largest outsourcing and technology services specialist for governments and diplomatic missions worldwide.
VFS Global manages the administrative and non-judgmental tasks related to visas, passports, travel documents, identity management, and other citizen services such as passport renewals for its client governments and diplomatic missions. This enables them to focus entirely on the critical task of judgemental assessment and decision-making.
VFS Global only provides certain logistic support to visa/ permit or travel document applications on behalf of its client governments and in accordance with the respective contracts with them regarding such services/ support.
Apart from visa/ permit or travel document application processing services and citizen services, VFS Global also provides additional services called Valued Added Services (VAS).
3. Services provided by VFS Global
VFS Global is the outsourced partner of client governments and diplomatic missions for managing administrative and non-judgmental tasks related to visas, passports, travel documents, identity management, and other citizen services. In this capacity, VFS Global (through its visa application centers (VACs)) is merely responsible for the receipt of visa/ permit or travel document applications, collection of biometric data where applicable, collection of documents to accompany applications on behalf of the respective client government/ diplomatic mission; submission of applications and biometric data to the client government/ diplomatic mission for their consideration collecting passports from visa applicants and returning passports.
VFS Global has no role in deciding what documents are to be appended or what comments or details need to be made in the visa, passport, or travel documents application process.
VFS Global also offers an additional range of Value Added Services (VAS) to its customers who wish to procure this directly from VFS Global.
Please note that our Valued Added Services (VAS) availability may vary from country to country. The services are completely independent of your visa/ permit or travel document application procedure and might be purchased as per your needs.
The Valued Added Services (VAS) offered by VFS Global are purely optional/ discretionary services, which are offered by VFS Global to the customer directly available under a contract between VFS Global and the customer at an additional service charge.
Availing of this service does not affect or guarantee the decision or processing time of your visa/ permit or travel document in any manner, as it is completely dependent on the client’s government/ diplomatic mission decision.
4. Data Controllers
[Emirates Health Services (EHS) and Federal Authority For Identity, Citizenship, Customs & Port Security] is the responsible party for the use of the personal data you provide in the visa / permit or travel document application form and, consequently, for the data received from your side in connection with the processing of your visa / permit or travel document application. Please see this link https://www.ehs.gov.ae/en/privacy-policy and https://icp.gov.ae/en/privacy-policy ] for more information about how they process your personal data.
This role is known as “Data Controller” as established in Regulation (EU) 2016/679 (General Data Protection Regulation). However, it can have different names such as “Organisation,” “Data Fiduciary,” “Responsible Party,” “Data Handler,” or similar, depending on your country of residence.
When VFS Global provides additional services requested by you, such as but not limited to appointment scheduling at a Visa Application Centre (VAC), application/ document tracking and transmittal, provision of self-service visa application workstations, document courier delivery services, etc., VFS Global acts as the Controller specifically for the data used to facilitate these services. For example, when the VAS pertains to facilitating the collection of your application data, such as Medical Examination at your Doorstep, VFS is the Controller of the data used to provide you with the convenience you purchased, such as your address, but remains the Processor for the data collected for the application process itself.
5. How do we collect your personal data?
VFS Global collects personal data about you when you request our services either as part of your visa/ permit or travel document application process or when you purchase any of VFS Global’s Valued Added Services (VAS).
VFS Global is authorized by the client government/ diplomatic mission we work on behalf of to perform administrative support, biometric and medical collection services related to the processing of visa/ permit and travel document applications.
Depending on the country you applied a visa/ permit or travel document for, the personal data required from you may change, but it is always determined by the client government/ diplomatic mission which determines the purpose of the processing of the personal data that, is to be collected, used, and transferred by VFS Global as part of the visa application process.
A list of the data required from you for each of the different visas/ permits or travel applications is included in VFS Global’s dedicated website for the respective visa/ permit or travel application routes at “Visas, e Visas & Permits”.
When you contact a VAC to submit your visa/permit application form or to provide your biometrics as requested by the client government/diplomatic mission you applied for a visa/permit or travel document for, a member of the VFS Global staff or authorized partners will collect your personal data from you, your guardian, or legally appointed representative.
When you contact our customer support center, provide these details in a web form on our websites or request any of VFS Global’s Valued Added Services (VAS), VFS Global collects and processes the personal data provided by you in order to deliver the service requested. Such information may consist of the following:
Please note that it is not mandatory to provide your personal data for requested Value Added Services (VAS). However, without providing the required personal data, we may not be able to deliver these services.
Our services are not designed for, or intentionally targeted at children. When we process data from children, we will require parental or guardian consent.
6. Lawful basis for processing your personal data
In respect of the lawful basis used by the respective client government / diplomatic mission as Data Controllers of the visa/ permit application process, you may need to provide your consent as part of the visa /permit application process. For further details on the content of this consent you are required to provide, please check the visa application/ permit form where the same is explained.
Please note that each client government/ diplomatic mission has its own application form, which means that there is no unique consent and the same may vary depending on the country you applied for a visa/ permit or travel document.
If the data protection law in your country of residence allows, VFS Global will use the lawful basis of “performance of a contract.” What this means in plain terms is that when you purchase a Valued Added Service (VAS) from VFS Global, you enter into a contract with us to deliver that service. We could not deliver that service without using some personal data from you, by entering into that contract implies you have given your permission for us to process that personal data. For example, in order to provide the courier service, we will need a delivery address.
If the data protection law in your country of residence does not have the lawful basis of “performance of a contract,” then VFS Global will ask for your consent for the processing of your personal data for one or more specific purposes.
7. How is your personal data used?
As per the visa /permit or travel document application process, the information collected by VFS Global on behalf of the client government/ diplomatic mission is submitted to them for the purpose of assessing your visa/ permit or travel document applications.
Please note that VFS Global (or any member of its group of companies or staff) does not take any part in the decision-making process and the grant or refusal of any visa/ permit or travel document application.
This assessment is carried out at the sole discretion of the client government/ diplomatic mission as the Data Controller (in respect of any personal data processed in connection with this process), which reserves the right to ask for further documentation and information for the visa/ permit or travel document you have applied for and, to refuse any visa/ permit application. You must supply such further documentation and information if you wish the application to continue to be considered.
Please do note that VFS Global’s role (as a Data Processor), as defined in the Regulation (EU) 2016/679 (General Data Protection Regulation), of the respective client government/ diplomatic mission regarding the visa/ permit or travel document process, is restricted to handle documentation solely on behalf of the concerned client government/ diplomatic mission, purely as an administrative/logistics measure and we cannot comment on the documents shared by you for forwarding to the concerned client government/ diplomatic mission.
When providing Valued Added Services (VAS), VFS Global will use your personal data in order to provide additional services to you, including for the following purposes:
8. How long do we hold your data?
VISA application
Your visa application data is deleted from VFS Global’s systems after its transmission to the client government/diplomatic mission.
Only your name and contact details, as well as your passport number, are retained for the purposes of the appointment arrangements.
For visa applications for Schengen countries, this personal data is kept until the return of the passport to the applicant and deleted five (5) days thereafter.
For visa applications for all other countries, this personal data is kept until the return of the passport to the applicant and deleted thirty (30) days thereafter.
If you contact us with follow-up questions or a complaint, we may retain your contact information and any other information provided for the time it takes to resolve your matter.
We may be legally required to hold some types of information for a longer period of time to fulfil our statutory or contractual obligations (for example, invoices for taxation legislation).
Value Added Services:
For Valued Added Services (VAS), we retain and hold, for a limited time, a small amount of personal contact information in order to be able to perform a requested service, such as courier delivery of your travel documents. This information consists of the following: your full name, date of birth, email address, phone number, alternative phone number and delivery address (if requested). This information is retained by VFS Global for thirty (30) days after the collection or delivery of the travel documents or visa to the applicant. It is retained for 30 days in order for us to deal with any queries or issues that may occur. After 30 days, this information is automatically purged from our systems.
9. Who do we share your personal data with?
We share or disclose your personal data with the respective client government/ diplomatic mission that we are an authorized or contracted service provider. This information includes the personal data supplied by you to support your visa/ permit or travel document application, consular service, or other services that we provide on behalf of a client government/ diplomatic mission.
We may also share or disclose your personal data with the client government/ diplomatic mission whose visa, consular service, or any other services you applied for, in connection with a complaint, request, or data access request, received from you.
We may share or disclose your contact information with our suppliers and partners where it is necessary for the processing of your requests or to deliver an additional service that you have requested. For example, if you have asked us to deliver your travel document to your home or office, we will need to provide the courier company with your name, delivery address, and a contact phone number.
We only use suppliers and partners that have sufficient privacy and data protection measures in place.
We do not sell your personal data to third parties.
10. Transferring your personal data offshore
As part of the visa/ permit or travel document application process, the information collected by VFS Global on behalf of the client government/ diplomatic mission you applied for a visa/ permit or travel document for will be transferred offshore, from the country of your application to the home country of the client government/ diplomatic mission.
In order to provide a service to support your visa application, such as appointment scheduling, tracking your application, and invoicing, we will transfer your personal data, internally within VFS Global, to one of our data centers located in Europe, Canada, or Russia , as applicable.
The sharing of your personal data with certain recipients may imply transfers of your data out of the European Economic Area (EEA). We pay particular attention to the protection of your personal data. Thus, where such transfers out of the EEA shall take place, we first implement appropriate safeguards by signing the standard contractual clauses of the European Commission with the entity out of the EEA, which processes your personal data.
11. Your rights
As an authorized contractor of the client governments/ diplomatic missions we work with, VFS Global has no access to the information submitted by you as part of your visa/ permit or travel document application. This includes copies of your visa application, or any information submitted by you in connection with your visa application.
If you require this information, you need to directly contact the Data Controller of the respective client government/ diplomatic mission of the country whose visa you applied for, which details are provided in the respective privacy notice of the specific website route of the visa/ permit or travel document you applied for.
Under many data protection laws, you have rights with regard to how your personal data is handled. These privacy rights vary from country to country; however, in VFS Global, we enable you, subject to all relevant laws, to exercise a full range of data protection rights depending on the applicable jurisdiction. It includes, among others:
You can exercise your rights by contacting VFS Global at:
DATA SUBJECT ACCESS RIGHTS FORM
In order to protect your privacy and to authenticate that the request is genuinely from you and not from anyone else masquerading as you, we might request some additional details of your last interaction with VFS Global, some details that nobody else would know about.
This is to ensure that it is really you who is making the request and not someone else. We will only request enough information to enable us to identify you properly.
12. How VFS Global protects your personal data?
We are committed to protecting all personal data that we hold about you. When you give us personal data, we take steps to ensure that it is safeguarded and held securely. Any sensitive information is encrypted and protected.
On our websites, when you are on a secure page, a lock icon will appear in the address bar of most web browsers. This means the transfer of information from your browser to our web servers is encrypted to keep it safe.
Please bear in mind that emails may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, please do not include personal data in an email when you communicate with us. If you do, you do so at your own risk.
13. Monitoring
Please note that at VFS Global’s premises we maintain strong security standards in place for our staff and customers. For this reason, you will find that VFS Global uses CCTV systems where the law permits so.
The required CCTV signs are deployed in our VACs and offices and indicate that you are being recorded. This CCTV footage is kept for a certain period of time in line with our client governments / diplomatic missions’ requirements and applicable local laws.
As part of our security standards, you may find deployed in our VACs and offices guarding services. In certain locations, you will be required to identify yourself prior to accessing our VACs and premises.
14. Technology
Like many other websites, the VFS Global websites use Cookies. 'Cookies' are small pieces of information sent by an organization to your browser and stored on your device. We use them is to help collect statistical information about your browsing actions and patterns. Other uses are to set your preferred language and tell your browser what pages you have already visited so that you can use the "Back" function. Cookies help us to improve our websites and deliver a more personalized service.
We provide the choice for you to accept or refuse the use of cookies when you visit our websites, and you can change the cookie settings at any time.
Please note that disabling cookies may result in a loss of functionality when using our website. For more detailed information about how VFS Global uses cookies, please see our cookies disclosure notice.
Our websites may contain links to other websites run by other organizations. This Privacy Notice applies only to this website, so we encourage you to read the relevant Privacy Notices on the other websites you visit.
Please note that if you link from our website to another website, or if you follow a link to arrive at our website, we cannot be responsible for the content or practices of those third-party websites. We recommend that you check the Privacy Notices and statements of that third-party website.
We always perform a check of other websites before publishing a link to it.
15. Questions, complaints, and contact details
We are committed to protecting your privacy. If you wish to contact us or if you have any questions or wish to lodge a complaint about our privacy practices or the way we have handled your personal data, including if you believe that there has been a possible breach of any relevant privacy principles, you may contact us at:
For any complaint, please include details about your complaint. On receipt of a complaint, we will endeavour to carry out any necessary investigations in a timely manner. We will respond to all complaints within a reasonable time, or such earlier time as required by law.
16. Latest Update
This Privacy Policy was last updated in May 2024