Privacy Policy

Last updated: February 2026

The protection of your personal data is of particular concern to us. We use your data exclusively in accordance with applicable data protection principles, in particular the provisions of the EU General Data Protection Regulation (GDPR). This privacy policy explains how VISARIGHT processes personal data in accordance with Art. 13 ff. GDPR.

1. General Information

The following privacy policy informs you about the nature and scope of the processing of personal data by VISARIGHT GmbH (hereinafter “VISARIGHT”, “we”, “us” or “our”). Personal data is any information that enables the direct or indirect identification of a person. The use of our services, products, technologies or functions as well as all associated pages, applications and services (collectively “Services”) is subject to this privacy policy.

The data collected by VISARIGHT can essentially be divided into two categories:

  • All data required for the processing, preparation, and fulfillment of a contract with VISARIGHT. If other service providers are involved in the fulfillment of the contract (e.g., visa authorities, optimization services, or hosting providers), your data will be shared with them to the extent necessary.
  • When you access our services, certain information is exchanged between your device and our server or the servers of the services we use. This may include personal data. The information obtained in this way is used, among other things, to improve our services.

Age requirement: Our services are only available to users who are at least 18 years old. If you are not yet 18 years old, you may only use our services with the consent of your parents.

2. Data Controller

Responsible for data processing:

VISARIGHT GmbH
c/o orangery Magdeburg
Breiter Weg 232a
39104 Magdeburg
Germany

Email: support@visaright.eu

3. Own Services

3.1 Contact Requests

You can contact us at any time by phone, in writing, by email, fax, or in person. The data you provide with your request is always provided voluntarily. We process the following personal data in accordance with Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR:

  • Name
  • Company (if applicable)
  • Subject
  • Phone number
  • Email address
  • Message

We generally do not share your personal data with third parties but process it internally. We store your personal data until it is no longer required for the respective purposes. Correspondence subject to commercial retention obligations is stored for 6 years.

3.2 Application Processing

To provide our services, particularly for processing visa applications, we process the following data in accordance with Art. 6(1)(b) GDPR and Art. 9(2)(a) GDPR:

  • Email address
  • First and last name
  • Residential address
  • Nationality
  • Gender
  • Date and place of birth
  • Marital status
  • Education
  • Occupation
  • Information entered by you

The submitted data is forwarded to the responsible authority. The data required for application processing is stored until it is no longer needed for this purpose. During the retention period (usually 6 to 10 years after conclusion of the contract), the data is only used in the context of a tax audit.

3.3 Business Partners and Service Providers

Most of our business partners and service providers designate an employee as a contact person. We process the following data in accordance with Art. 6(1)(f) GDPR:

  • First and last name
  • Company
  • Phone number
  • Email address

In the case of visa applications, the data is transmitted to the responsible authority. The data is stored for the legally prescribed periods (usually 2 to 5 years for visa applications).

4. Data Processing During Website Visits

4.1 Server Log Files

Each time you access our website, the hosting provider (Vercel Inc.) automatically collects information in so-called server log files that your browser automatically transmits. This includes:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of server request
  • IP address

Processing is carried out on the basis of Art. 6(1)(f) GDPR. The data is not merged with other data sources. Collection is technically necessary for providing the website.

4.2 Cookies and Local Storage

This website uses technically necessary cookies for language settings and session management. No marketing or tracking cookies are used. Technically necessary cookies are set on the basis of Art. 6(1)(f) GDPR.

4.3 Hosting

This website is hosted by Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA). Vercel processes the above-mentioned data on our behalf. The transfer to the USA is based on the EU Commission's standard contractual clauses. Further information can be found in Vercel's privacy policy.

Vercel Privacy Policy

4.4 Database Service

For the management of service data, we use Supabase, Inc. (65 Chulia Street #38-02/03, OCBC Centre, Singapore 049513), a company incorporated in the USA (Delaware). Data processing takes place exclusively on EU servers (AWS eu-west-1, Ireland); personal data does not leave the EU/EEA. Supabase processes exclusively publicly accessible administrative data, not personal user data. Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest in the reliable and secure provision of the website). Further information can be found in Supabase's privacy policy.

Supabase Privacy Policy

5. Your Rights

You have the following rights regarding the processing of your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)

To exercise these rights, please contact us at support@visaright.eu.

You also have the right to lodge a complaint with a data protection supervisory authority.

6. Data Security

We apply the highest standards of data security for our infrastructure and the processing of your data. We use protective mechanisms such as firewalls and data encryption. All personal data transmitted by you is transferred via the secure SSL standard (Secure Socket Layer).

7. AI-Assisted Content

Parts of the service descriptions on this website are created with the support of artificial intelligence (AI). The AI exclusively processes publicly available administrative data from the City of Berlin (PVOG interface) and no personal user data. Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest in the understandable preparation of administrative information).

No personal data of website visitors is processed, stored, or transmitted to third parties as part of the AI-assisted content creation.

AI processing is carried out via the service Anthropic (Claude). Further information can be found in Anthropic's privacy policy. Anthropic Privacy Policy

8. Protection of Minors

Protecting the privacy of children and young people is particularly important to us. For this reason, we do not knowingly collect or request personal data from persons under 16 years of age. If you are under 16 years of age, please do not send us any information about yourself. If we determine that we have collected personal data from a child under 16 years of age without parental consent, we will delete this data immediately.

9. Changes to the Privacy Policy

Changes to this privacy policy take effect upon publication on this page. If we change our privacy policy, we will publish the changes on this page to inform you about the data collected, its use, and the circumstances of any possible disclosure.

If you have any questions about our privacy policy, you can reach us at any time at support@visaright.eu.