• ru
  • ru

    • Terms of use

    This Privacy Policy explains how the administration of the website citipassport.com (hereinafter referred to as the “Company”, “we”) collects, uses, stores, and protects the personal data of users of the website citipassport.com (hereinafter referred to as the “Website”).

    We comply with the requirements of the General Data Protection Regulation (GDPR) and guarantee that the processing of information is carried out lawfully, transparently, and in the interest of protecting your rights.

    1. What data we collect

    When submitting an application on our Website, you provide:

    • surname, first name, patronymic;
    • telephone number;
    • email address.

    2. Purposes for which the data are used

    We use your personal data exclusively for lawful and specific purposes, including:

    Processing of the request — to confirm receipt of your application, review it, and ensure further interaction.

    Communication with you — to call you back or respond to your email, clarify the details of your situation, and provide the necessary information.

    Consulting — to arrange consultations on immigration law matters and prepare proposals for possible legal solutions.

    Conclusion and performance of a contract — to prepare the text of the contract, execute it, and perform the obligations provided for under the agreement for legal services.

    Preparation of documents — to prepare procedural materials, applications, submissions to government authorities and other bodies required for the provision of legal assistance.

    Financial administration — to issue invoices, maintain accounting and tax records, and fulfill payment-related obligations.

    Compliance with legislation — to comply with the requirements of the legislation of the European Union and the country of registration of the Company, as well as to provide information upon lawful requests of government authorities.

    Ensuring security — to prevent fraud, unlawful access, cyberattacks, and other unlawful acts.

    Protection of rights and interests — to protect the legitimate interests of the Company in the event of disputes or claims, as well as to ensure legal protection in judicial and administrative proceedings.

    Improvement of service quality — to analyze requests and feedback in order to improve the quality of client service and develop the service.

    3. Legal grounds for processing

    We process your personal data exclusively on lawful grounds provided for in Article 6 of the General Data Protection Regulation (GDPR):

    • Consent of the data subject (Article 6(1)(a) GDPR).
      When you voluntarily submit an application on our Website and provide your contact details, you express your consent to their processing for the purpose of communicating with you and providing information about our services. You are entitled to withdraw your consent at any time, without prejudice to the lawfulness of processing carried out prior to such withdrawal.
    • Necessity for the conclusion and performance of a contract (Article 6(1)(b) GDPR).
      We process your personal data where this is necessary for the preparation and execution of an agreement for the provision of legal services, as well as for the performance of its terms (for example, correspondence, preparation of documents, provision of legal assistance, and invoicing).
    • Compliance with legal obligations (Article 6(1)(c) GDPR).
      In a number of cases, we are required to retain and use your data in order to comply with legal requirements (for example, tax, accounting, immigration law, and rules on the prevention of money laundering and terrorist financing).
    • Protection of vital interests (Article 6(1)(d) GDPR).
      In exceptional cases, we may process your personal data to protect your vital interests or those of other persons if this is expressly provided for by law.
    • Legitimate interests of the Company (Article 6(1)(f) GDPR).
      We may process your data in order to protect our rights and legitimate interests (for example, in dispute resolution, where it is necessary to prove the fact of provision of services or communication with the client, as well as to ensure information security and prevent fraud).

    4. Storage and protection of information

    We attach paramount importance to the security of your personal data and take all necessary measures to ensure their proper protection.

    4.1. Retention periods

    • Personal data are stored only for as long as is necessary to achieve the purposes for which they were collected.
    • Data provided when completing an application on the Website (full name, telephone number, email) are stored until the completion of communication with you and a decision is made regarding the conclusion of a contract, but for no longer than [for example: 12 months] if no contract is ultimately concluded.
    • Data used for the performance of the contract are stored for the entire term of the contract and the subsequent period necessary to comply with legal requirements (for example, accounting or tax retention periods).
    • Upon expiry of the retention periods, the data shall be securely deleted or anonymized.

    4.2. Technical and organizational security measures

    To protect personal data, we apply a set of measures including:

    • use of secure servers and communication channels (for example, SSL/TLS for data transmission through the Website);
    • restriction of access to data solely to authorized employees and partners who have signed confidentiality undertakings;
    • application of access control, authentication, and user activity logging systems;
    • regular updating of software and information protection tools to prevent unauthorized access;
    • backup copying and storage of data in encrypted form;
    • training of employees in the fundamentals of handling personal data and information security rules.

    4.3. Processing by third parties

    Where data are transferred to contractors or partners (for example, IT providers, translators, accountants), we conclude confidentiality and data protection agreements with them (Data Processing Agreement), guaranteeing that processing is carried out strictly in accordance with GDPR requirements.

    4.4. Storage location

    The data are stored on servers located within the European Union / EEA.

    If it becomes necessary to transfer data to a country outside the EU / EEA, we ensure the existence of appropriate safeguards (for example, standard contractual clauses approved by the European Commission).

    5. Transfer of data to third parties

    Your data may be transferred to:

    • government authorities within the framework of lawful procedures;
    • contractors or partners (for example, translators), where this is necessary for the performance of the contract;
    • cases expressly provided for by law.
    • Transfer of data outside the EU / EEA is carried out only subject to compliance with GDPR requirements and the provision of an adequate level of protection.

    6. Your rights

    You have the right to:

    • access your personal data;
    • correct or update them;
    • request deletion (“right to be forgotten”);
    • restrict processing;
    • transfer the data to another controller;
    • withdraw consent to processing at any time;
    • lodge a complaint with a data protection authority.

    7. Contact details

    For matters related to the processing of personal data, you may contact us:

    • HillSide Offices. Budapest, Alkotás u. 55-61, 1123 Hungaria
    • Бизнес център Platinum. Old City Center, ul. "Bacho Kiro" 26, 28, 1000, 1000 Sofia, Bulgaria
    • City Gate. Piața Presei Libere 3-5, București 013702, Romania
    Blog