This privacy policy applies between you, the user of this website and A&A Immigration Onestep Services Ltd., the owner and provider of this website. This privacy policy applies to the use of any and all data collected by us or provided by you in relation to your use of the website.

1. Definition of Terms in this Policy

a. In this privacy policy, the following definitions are used:

data: Collectively all information that you submit to Onestep Visa via the website.

cookies: a small text file placed on your computer by this website when you visit certain parts of the website and/or when you use certain features of the website. Details of the cookies used by this website are set out in the clause below (cookies);

Onestep Visa, we, our or us: A&A Immigration Onestep Services Ltd., a company incorporated in Cyprus whose registered office is at 41-43 Spyrou Kyprianou, Patroclos Tower, 2nd Floor, P.C.6051, Larnaca, Cyprus;

EU Cookie Law: the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011;

EU-U.S. Privacy Shield: the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce;

User, you or your: any third party that accesses the website and is not either (i) employed by Onestep Visa and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Onestep Visa and accessing the website in connection with the provision of such services; and

website: the website that you are currently using at, and any sub-domains of this site unless expressly excluded by their own terms and conditions.

domain: and

data controller: the data controller determines the purposes for which and the means by which personal data is processed. For purposes of the General Data protection Regulation, Onestep Visa is the “data controller”.

b. In this privacy policy, unless the context requires a different interpretation:

  • the singular includes the plural and vice versa;
  • references to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this privacy policy;
  • a reference to a person includes firms, companies, government entities, trusts and partnerships;
  • “including” is understood to mean “including without limitation”;
  • reference to any statutory provision includes any modification or amendment of it;
  • headings and sub-headings do not form part of this privacy policy.

2. Personal Data

a. What is personal data and why do we collect it?

Personal data is any information that allows us to identify who you are (e.g. your full name), or a combination of identification elements such as physical characteristics, pseudonyms, occupation, address etc. that, as a whole, points back to you. As a data controller we can identify you either from the data itself or from the data in conjunction with other information we already have about you (e.g. your country or operating system).

b. What Data do we collect?

For the smooth operation of this website and any service provided to you, we may collect the following data, which includes personal data, from you:
[1] Name
[2] Date of Birth
[3] Gender
[4] Job Title
[5] Profession
[6] Contact information such as email addresses and telephone numbers
[7] Demographic information such as post code, preferences and interests
[8] Financial information such as credit / debit card numbers
[9] IP address (automatically collected)
[10] Web browser type and version (automatically collected)
[11] Operating system (automatically collected)
[12] A list of URLs starting with a referring site, your activity on this website, and the site you exit to (automatically collected)
[13] Company contact and invoicing information
[14] Coordinates or google place ids for acting users
[15] Name and contact information for 3rd Party providers

c. How is the data we collect stored?

We store the data we collect in 128bit encrypted form in private, secured servers.

d. How do we use your personal data?

[1] We will retain any data you submit for up to 24 months
[2] Unless we are obliged or permitted by law to do so, and subject to any third party disclosures specifically set out in this policy, your data will not be disclosed to third parties. This includes our partners, affiliates and / or any other person.
[3] All personal data is stored securely. For more details on security see “Security & Encryption”
[4] Any or all of the above data may be required by us or our partners and affiliates on our behalf in order to provide you with the best possible service and experience when using our website. Specifically, data may be used by us for the following reasons:

  1. creating and maintaining your personal account
  2. billing;
  3. contact for communication purposes which may be done using email, telephone, online chat, fax or mail.
  4. internal record keeping;
  5. improvement of our products / services;
  6. transmission by email of promotional materials that may be of interest to you;

e. Point of Contact

We have appointed a Data Protection Officer (the “DPO”) who can be contacted using the details set out below:


41-43 Spyrou Kyprianou
Patroclos Tower, 2nd Floor
P.C.6051, Larnaca, Cyprus
Alternatively you may click here to contact us via our Contact Form.

3. Your Rights

a. Consent

Before we collect any personal data from you we will require your consent on the time of the request.

b. The right to be forgotten

You maintain your right to ask us to delete your personal data from our servers at any time by contacting our DPO (see 2. e. Point of contact, above). However, in some cases this can make it impossible for us to continue to provide you with our services as some of that data is essential for the operation of those services (e.g. your name, billing information etc.). If this is the case we will notify you as soon as possible.

c. How can you access your data?

If you are a registered user you can download your data directly in .csv format through your account (please access our Help Centre to see how). Otherwise you may request a copy of any personal data you have either submitted or we that we have collected by contacting our DPO (see 2. e. Point of contact, above).

d. Moving your personal data to a new service provider

You have a right to move your personal data from Onestep Visa to another service provider at any given time. To do so you will need to contact our DPO (see 2. e. Point of contact, above) requesting a copy of your data, and subsequently send it to your new service provider according to their data insertion policy.

e. Object to decisions taken by automated processes

We collect information that may constitute personal data, through automated processes in order to provide you with our services effectively and problem-free (e.g. security verification, geolocation, website statistics etc.). The following information is collected by us through automated processes:

[1] IP address
[2] Web browser type and version
[3] Operating system
[4] Mobile device information (IMEI, coordinates, speed, altitude )
[5] A list of URLs starting with a referring site, your activity on this website, and the site you exit to.

You may object to any automated processes used on this website by contacting our DPO (see 2. e. Point of contact, above). However in some cases this can make it impossible for us to continue to provide you with our services as some of that data is essential for the operation of those services. If this is the case we will notify you as soon as possible.

4. Your Obligations

[1] You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.
[2] If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
[3] Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
[4] This Agreement will be governed by and interpreted according to the law of Cyprus. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the Cypriot courts.

5. Our Obligations

[1] For your convenience we aim to review our privacy and security processes every 6 months. The review is currently carried out by our DPO, which you may contact directly with any concerns you may have (see 2. e. Point of contact, above).
[2] We have processes in place such as this Privacy Policy, our Terms and Conditions, online user notices on this website, training and detailed documentation which ensure that users, management and third parties confirm their understanding of the company’s privacy policy and procedures.
[3] We are legally obliged to notify the data protection authorities of any personal data breaches within 72 hours. Should this affect your account or any services we provide you with on this website, we will contact you prior to notifying any third parties.

6. Cookies

[1] This website may place and access certain cookies on your computer. Onestep Visa uses cookies to improve your experience of using the website and to improve our range of products and services. We have carefully chosen these cookies and have taken steps to ensure that your privacy is protected and respected at all times.
[2] All cookies used by this website are used in accordance with current EU Cookie Law.
[3] Before the website places cookies on your computer, you will be presented with a message bar requesting your consent to set those cookies. By giving your consent to the placing of cookies, you are enabling Onestep Visa to provide a better experience and service to you. You may, if you wish, deny consent to the placing of cookies; however certain features of the website may not function fully or as intended.
[4] This website may place the following cookies that may fall into one or more of the categories set below:

  • Strictly necessary cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
  • Analytical/performance cookies: They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies: These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Third party cookies: Some of the website’s functionality is implemented by our partners on our behalf. These partners have integrated their services into our website to provide you with the best experience possible, and might use cookies in order to do so.
  • Test Cookies: From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.

[5] You can choose to enable or disable cookies in your internet browser. By default, most internet browsers accept cookies but this can be changed. For further details, please consult the help menu of your internet browser.
[6] You can choose to delete cookies at any time; however you may lose any information that enables you to access the website more quickly and efficiently including, but not limited to, personalisation settings.
[7] It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.

7. Security & Encryption

All personal data is collected and stored securely in accordance with the principles of the General Data Protection Regulation (GDPR).

8. Other (third party) websites and services

[1] We may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the website. The providers of such services have access to certain personal data provided by users of this website.
[2] Any data used by such parties is used only to the extent required by them to perform the services that we request. Any use for other purposes is strictly prohibited. Furthermore, any data that is processed by third parties will be processed within the terms of this privacy policy and in accordance with the General Data Protection Regulation (GDPR).
[3] This website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.

9. Transfers outside the European Economic Area

[1] Data which we collect from you may be stored and processed in and transferred to countries outside of the European Economic Area (EEA). For example, this could occur if our servers are located in a country outside the EEA or one of our service providers is situated in a country outside the EEA. We also share information with our partners in order to effectively provide you with our services, some of which may be located outside the EEA. These countries may not have data protection laws equivalent to those in force in the EEA.
[2] If we transfer data outside the EEA in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected as outlined in this privacy policy and according to the EU-U.S. Privacy Shield Framework. You expressly agree to such transfers of data.

10. Changes of business ownership and control

[1] We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of Onestep Visa. Data provided by users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the data for the purposes for which it was originally supplied to us.
[2] We may also disclose data to a prospective purchaser of our business or any part of it.
[3] In the above instances, we will take steps with the aim of ensuring your privacy is protected.

11. Changes in our Privacy Policy

We reserve the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the website and you are deemed to have accepted the terms of the privacy policy on your first use of the website following the alterations.