Last Updated: March 27, 2026

Privacy Policy – How We Protect Your Data

JUMP TO SECTION
1

Introduction

ReservationPoints.com (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services, including flight itineraries, hotel reservations, cover letters, travel plans, visa application form filling, full visa application & processing services, and eVisa application services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2

Data Controller Information

Company Name: ReservationPoints.com

Contact Email: [email protected]

Website: https://test.reservationpoints.com

3

Information We Collect

3.1 Personal Information

When you use our services, we collect the following personal data:

Identity Information: Full name, date of birth, nationality, passport number, passport expiry date

Contact Information: Email address, phone number, postal address

Travel Information: Travel dates, destination countries, departure and arrival cities, accommodation preferences

Payment Information: Billing address, payment method details (processed securely through our payment processors)

Visa Application Data: Employment details, purpose of travel, previous travel history, supporting documents uploaded by you

Identity Documents: Copies of passport, photographs, and other identification documents as required for our services

3.2 Technical Information

We automatically collect certain technical data when you visit our website:

Device Information: IP address, browser type and version, operating system, device identifiers

Usage Data: Pages visited, time spent on pages, click patterns, referral sources

Cookies and Tracking Technologies: Information collected through cookies, pixels, and similar technologies

3.3 Marketing Information

With your explicit consent, we collect:

  • Communication preferences
  • Marketing consent status
  • Response to marketing campaigns
  • Newsletter subscription status

3.4 Visa Application Data

When you use our visa application & processing, eVisa, or visa form filling services, we collect additional sensitive information required to process your application:

Passport Documents: Scanned copies of your passport (including data page, photo page, and any pages with previous visas)

Biometric Photographs: Passport-size photographs conforming to specific embassy requirements

Employment Information: Employer name, job title, salary details, employment history, and business registration documents

Travel History: Previous visa details, travel history, and countries visited

Accommodation Details: Hotel reservations, host information, and accommodation addresses at your destination

Held Visa Information: Details of visas currently held for cross-visa eligibility purposes

Additional Traveler Data: For group or family applications, personal and passport details of co-travelers

Supporting Documents: Bank statements, invitation letters, insurance documents, and any other documents required

Notification Preferences: Your preferred communication channel for application updates (email, WhatsApp, or both)

4

How We Use Your Information

4.1 Service Delivery

We use your personal data to:

  • Process and fulfill your orders for flight itineraries, hotel reservations, cover letters, travel plans, and visa assistance
  • Generate booking confirmations and travel documents
  • Communicate with you about your orders and services
  • Provide customer support and respond to your inquiries
  • Verify your identity and prevent fraud

Legal Basis (GDPR): Performance of contract, legitimate interests

4.2 Payment Processing

We process payment information to:

  • Complete transactions for our services
  • Detect and prevent fraudulent transactions
  • Comply with financial regulations

Legal Basis (GDPR): Performance of contract, legal obligation

4.3 Marketing Communications

With your explicit consent, we use your data to:

  • Send promotional emails about our services and special offers
  • Share travel tips and visa application guidance
  • Conduct surveys and request feedback
  • Personalize marketing content based on your preferences

Legal Basis (GDPR): Consent (which you can withdraw at any time)

4.4 Website Improvement

We use technical and usage data to:

  • Analyze website performance and user behavior
  • Improve our website functionality and user experience
  • Conduct A/B testing and optimize conversion rates
  • Identify and fix technical issues

Legal Basis (GDPR): Legitimate interests

4.5 Legal Compliance

We may use your data to:

  • Comply with legal obligations and regulatory requirements
  • Respond to legal requests from authorities
  • Enforce our Terms and Conditions
  • Protect our rights and prevent misuse of our services

Legal Basis (GDPR): Legal obligation, legitimate interests

4.6 Visa Application Processing

For visa application & processing and eVisa services, we use your data to:

  • Prepare and submit visa applications to embassies, consulates, and government eVisa portals on your behalf
  • Fill out visa application forms accurately using the information you provide
  • Verify your eligibility for specific visa types
  • Upload supporting documents to official application portals
  • Track your application status and communicate updates
  • Process group or family applications including additional traveler information
  • Coordinate appointment scheduling at visa application centers

Legal Basis (GDPR): Performance of contract, consent

5

Data Sharing and Disclosure

5.1 Third-Party Service Providers

We share your data with trusted service providers who assist us in operating our business:

Payment Processors: To process payments securely

Email Service Providers: To send transactional and marketing emails

Cloud Hosting Providers: To store data securely

Analytics Providers: To analyze website traffic and user behavior

Customer Support Tools: To provide efficient customer service

Booking Partners: Airlines, hotels, and travel service providers

All third-party providers are contractually obligated to protect your data and use it only for the specified purposes.

5.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes, court orders, or government requests
  • Enforce our Terms and Conditions
  • Protect the rights, property, or safety of ReservationPoints.com, our users, or others
  • Investigate and prevent fraud, security issues, or technical problems

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you of any such change and ensure continued protection of your data.

5.4 No Sale of Personal Data

We DO NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

5.5 Visa Processing Partners

When you use our visa application services, we share your data with the following parties as required to process your application:

Embassies and Consulates: Submitted directly to the relevant embassy

Government eVisa Portals: Submitted to official government electronic visa portals

Visa Application Centers: Organizations such as VFS Global, TLScontact, and BLS International

Communication Platforms: WhatsApp (Meta Platforms, Inc.) for sending application status updates

Data shared with embassies, consulates, and government portals is subject to the privacy policies and data protection practices of those government entities. We have no control over how government authorities process your data once submitted.

6

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Transactional Data: Retained for 7 years for accounting and legal compliance

Marketing Data: Retained until you withdraw consent or request deletion

Technical Data: Retained for 24 months for analytics and improvement

Identity Documents: Deleted within 30 days after service delivery

Visa Application Documents: Securely deleted within 90 days after visa application completion

Visa Application Records: Retained for 12 months for customer support and reference

After the retention period, we securely delete or anonymize your personal data.

7

Your Rights Under GDPR

If you are located in the European Economic Area (EEA), UK, or other GDPR-applicable regions, you have the following rights:

7.1 Right to Access – You can request a copy of the personal data we hold about you.

7.2 Right to Rectification – You can request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure (“Right to be Forgotten”) – You can request deletion of your personal data.

7.4 Right to Restriction of Processing – You can request that we limit how we use your personal data.

7.5 Right to Data Portability – You can request your data in a structured format.

7.6 Right to Object – You can object to processing based on legitimate interests.

7.7 Right to Withdraw Consent – You can withdraw consent for processing at any time.

7.8 Right to Lodge a Complaint – You can file a complaint with your local data protection authority.

To exercise any of these rights, contact us at: [email protected]

We will respond to your request within 30 days.

8

Data Security

We implement industry-standard security measures to protect your personal data.

8.1 Technical Measures

  • Encryption: Data transmitted is encrypted using SSL/TLS technology
  • Secure Storage: Stored on encrypted, secure servers
  • Access Controls: Restricted access on a need-to-know basis
  • Regular Security Audits: Vulnerability testing and security assessments

8.2 Organizational Measures

  • Staff training on data protection and privacy
  • Strict confidentiality agreements
  • Incident response procedures for data breaches
  • Regular backup and disaster recovery protocols

8.3 Payment Security

We do NOT store complete credit card information on our servers. Payment processing is handled by PCI-DSS compliant payment processors.

9

International Data Transfers

If you are located outside the country where our servers are located, your data may be transferred internationally. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Ensuring third-party processors comply with GDPR or equivalent standards
  • Implementing appropriate safeguards for international transfers
10

Cookies and Tracking Technologies

10.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. We use cookies to improve your experience and analyze website usage.

10.2 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for website functionality and security.
  • Performance Cookies: Help us understand how visitors use our website.
  • Functional Cookies: Remember your preferences and settings.
  • Marketing Cookies: Deliver personalized advertisements and measure campaign effectiveness.

10.3 Managing Cookies

You can control cookies through your browser settings:

  • Most browsers allow you to refuse or delete cookies
  • Disabling certain cookies may affect website functionality
  • You can opt out of targeted advertising through industry tools
11

Marketing Communications

11.1 Consent

We only send marketing emails if you have explicitly consented by:

  • Checking the marketing opt-in box during registration
  • Subscribing to our newsletter
  • Requesting promotional offers

11.2 Unsubscribing

You can unsubscribe from marketing communications at any time by:

  • Clicking the “Unsubscribe” link in any marketing email
  • Contacting us at [email protected]
  • Managing preferences in your account settings

You will continue to receive transactional emails related to your orders even after unsubscribing from marketing.

12

Children's Privacy

Our services are NOT intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we discover that we have collected data from a child, we will delete it immediately.

If you believe we have collected data from a child, please contact us at [email protected].

13

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

14

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify affected users within 72 hours of becoming aware of the breach
  • Report the breach to the relevant supervisory authority (if required by GDPR)
  • Provide information about the breach and steps being taken to address it
15

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will:

  • Post the updated policy on this page with a revised “Last Updated” date
  • Notify you of material changes via email or prominent website notice
  • Obtain fresh consent if required by law

We encourage you to review this policy periodically.

16

Contact Us

Our Support & Privacy Team

[email protected]

https://test.reservationpoints.com/contact-us

Response Time: We aim to respond within 48 hours

17

Supervisory Authority

If you are located in the EEA or UK and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.

By using ReservationPoints.com, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.