OIS Services

DISCLAIMER:

The following disclaimer outlines the roles and responsibilities of Online Integrated Solutions (OIS) regarding VISA appointments and processing, Visa applications documents pick-up/drop-off and the no refund policy. This disclaimer is intended to provide clarity and transparency to users of the OIS website:

1. NIGERIAN IMMIGRATION SERVICE (NIS) VISA PROCESSING

Appointment Booking: OIS facilitates the booking of VISA appointments on behalf of customers. Customers are advised to accurately provide all necessary information during the appointment booking process.

Processing Responsibility: While OIS assists in booking VISA appointments with the NIS, it is important to note that the processing and issuance of the VISA are solely the responsibility of the Nigerian Immigration Service. In all respects, OIS provides non-judgemental services and therefore does not have control over the VISA processing timelines or any decision regarding VISA issuance in any manner whatsoever.

Processing Times: OIS makes reasonable efforts to provide customers with estimated processing times based on information available from the NIS. However, the actual processing times may vary due to factors beyond OIS's control, such as changes in regulations, volume of applications, individual and or other unforeseen circumstances.

Information Accuracy: OIS strives to provide accurate and up-to-date information regarding VISA requirements and appointment procedures. However, customers are advised to independently verify the information provided and consult official sources, such as the NIS website, for the most current information.

Disclaimer of Liability: OIS shall not be held liable for any delays, denials, or other issues arising from the VISA application and processing. OIS's role is limited to facilitating the appointment booking process and conveying customer information to the NIS.

Indemnification: Users of the OIS website agrees to indemnify and hold OIS harmless from any claims, demands, actions, suits, or proceedings arising from or related to the VISA application process.

While OIS endeavours to provide a seamless and efficient appointment booking experience, it is important for users to understand that the Nigerian Immigration Service is solely responsible for VISA processing, including processing times, decisions, and issuance. Users are encouraged to exercise due diligence and seek official information from the NIS regarding VISA processing.

2. US Visa Application Documents Pickup / Drop-off Service

Important Notice:

Delivery Timing: The delivery timeframe begins once the U.S. Embassy releases your passport. Deliveries occur only on business days.

Scope of Responsibility: OIS Services is responsible solely for the transport and delivery of documents to and from U.S. Embassy personnel. We do not handle visa application evaluations or issuance processes. We are also not liable for any visa application rejections or revocations by the U.S. Embassy. The applicant acknowledges that OIS Services holds no responsibility in these matters.

Accuracy of Information: Providing incorrect information on your application profile or form may result in delays. OIS Services is not liable for delivery failures due to applicant-provided inaccuracies or unforeseen events such as natural disasters, civil disturbances, strikes, transportation disruptions, fuel shortages, epidemics, criminal actions, government restrictions, or similar circumstances.

Reimbursement Policy:

Document Loss: If a document is lost due to OIS Services' or its partners' fault, OIS Services will reimburse the applicant for the direct cost of issuing a new passport. OIS Services will not cover any additional costs or liabilities, and the applicant will not be entitled to extra compensation. The applicant agrees to hold OIS Services harmless from any third-party claims related to such loss.

Delivery Delays: OIS Services will not be liable for any additional costs or compensation for delays in document delivery. The applicant agrees to indemnify OIS Services against any third-party claims related to these delays.

Governing Law and Jurisdiction:

This agreement shall be governed by the laws of the jurisdiction where the service is provided.

Any disputes or claims arising from this agreement will be subject to the exclusive jurisdiction of the courts in the location where the service is provided.

3. No Refund Policy

Overview：

Our service is committed to delivering high-quality support and ensuring customer satisfaction. However, once a service has been rendered or a purchase has been completed, we adhere to a strict no-refund policy.

Applicability：

This no-refund policy applies to all services, products, and transactions conducted through our platform. This includes, but is not limited to, service fees, processing charges, and any other associated costs.

Conditions：

Completed Services: Once a service has been performed or a product has been delivered, no refunds will be issued, regardless of the outcome or customer satisfaction.

Pre-Paid Services: For services or products paid in advance, refunds will not be provided if the service is cancelled or if the product is not used.

Service Interruptions: In the case of service interruptions due to unforeseen circumstances or force majeure events, no refunds will be issued. We will, however, make reasonable efforts to rectify the situation.

Exceptions：

No exceptions will be made to this policy unless mandated by law. Any changes or requests for refunds outside of this policy will be reviewed on a case-by-case basis, and the decision will be at our sole discretion.

Dispute Resolution：

Any disputes related to this no-refund policy will be handled in accordance with the applicable laws of the jurisdiction where the service is provided. The client agrees to submit any claims or disputes to the exclusive jurisdiction of the courts in the country where the service is provided.

Policy Updates：

We reserve the right to modify or update this no-refund policy at any time. Any changes will be communicated through our website or other appropriate channels.

Acknowledgment：

By using our services or making a purchase, you acknowledge that you have read, understood, and agreed to this no-refund policy.

For questions or further information regarding this policy, please contact us.

Disclaimer and Terms of Use

1. Important Notes

OIS recommends that you do not purchase tickets or make bookings which cannot be cancelled without cost prior to the issuance of a visa, except where it is a specific requirement stated as part of the visa application.

These terms contain a disclaimer which limits our liability to our refund policy stated below. Except where covered in our refund policy below, all fees are non refundable, and may be retained by us on payment by you, even if you do not make or proceed with a visa application, and whether or not a visa is granted.

You are responsible for the accuracy of your application form, and for checking your application form. We do not guarantee that we will find any errors, and we do not verify information you have provided.

2. Service Provider

OIS is a visa processing centre for Nigerian visa applications with officess at:

Abuja (Passport Premium Lounge) Yobe Investment House, 3rd Floor Ahmadu Bello Way, Central Business District, Abuja.
Amsterdam (Kingsfordweg 151, 1043GR, Amsterdam Netherlands)
Ankara (Danismanlik Ltd. Sti. Kazim Ozalp Mahallesi Koza Caddesi 35/3 Cankaya, Ankara Turkey)
Atlanta (918 Holcomb Bridge Road, Suite 204, Roswell, Atlanta, GA USA 30076 )
Beijing (Unit 1 Suite 1801, Kun Sha Building, 16 Xin Yuan Li Str, Chaoyang District, Beijing PRC)
Beirut (Jnah-Beirut Opposite Rafik Hariri University Hospital Mais 6 Building- 3Rd Floor P.O.Box 9 UNESCO, Beirut, Lebanon)
Guangzhou (Unit 27/28, 41st Floor, R&F To-Win Building,30 Huaxia Rd, Tianhe District, Guangzhou PRC)
Houston (9894 Bissonnet Street, Suite 745 Houston TX 77036 USA)
Johannesburg (6 Bolton Road Parkwood Rosebank, 2193, Johannesburg, South Africa)
Kuala Lumpur (36.01 Level 36 Menara Citibank, 165 Jalan AmpangÂ 50450Â Kuala Lumpur Malaysia)
Leicester (St Georges House, 6 St Georges Way, Leicester LE1 1SH, UK)
London (56-57 Fleet Street City of London London EC4Y 1JU United Kingdom )
Los Angeles (11222 S. La Cienega Blvd Inglewood, Suite 302, CA. 90304 USA )
London (56-57 Fleet Street City of London London EC4Y 1JU United Kingdom )
Mumbai (Quest Offices Pvt. Ltd., 8th Floor, Parinee Crescenzo, C38 & 39, G Block, Bandra Kurla Complex, Bandra (East) Pin:400051, Maharashtra, India )
New Delhi (C/O central Board of Irrigation & Power Plot No. 4, Ground Floor, Institutional Area Opp.: Sarvodaya School Malcha Marg Chanakyapuri New Delhi 110021, Delhi, India)
New York (370 Lexington Ave, Suite 1505 New York, NY 10017 USA)
Paris (7 Rue Daru 75008 Paris, France)
Pretoria (3rd Floor, Building 2, Brooklyn Bridge Office Park, Pretoria 570 Fehrsen, South Africa)
Rome (S.R.L., Via Sicilia, 30 00187 Rome, Italy)
Shanghai (Room 2025, 20/F, Catic Building, 212 Jiangning Road, Jing'an District, Shanghai, PRC)
Washington DC (11900 Parklawn Drive Suite 160, Rockville MD 20852, Washington DC USA)

3. Application of These Terms

These terms and conditions govern your use of the services of the OIS, all visa applications you make, and all enquiries you make for advice or information concerning Nigerian visas. Each applicant for a visa hereby accepts and confirms that, prior to submitting a visa application, they have read, understood and agreed to be bound by, without limitation or qualification, all of these terms and conditions. No employee of OIS has any authority whatsoever to change, amend, amplify or withdraw any or all of these terms and conditions without prior written approval from OIS.

4. The Visa Application Service

4.1 Scope

OIS is the outsourced partner of the Nigeria High Commission in the United Kingdom. In this capacity, OIS is responsible for scheduling appointments, receipt of visa applications for travel to Nigeria and submission of applications at the Nigeria High Commission in London, collecting the processed passports and returning passports back to applicants.

4.2 Acceptance and Rejection of Applications

The assessment of visa applications is carried out by the Nigeria High Commission and the grant or refusal of visas is at their sole discretion. The Nigeria High Commission reserve the right to ask for further documentation and information from the applicant, and to refuse any visa application. The applicant must supply such further documents and information if they wish their application to continue to be considered.

4.3 Fees

The fees payable by you comprise the Nigeria High Commission administrative fee for the visa, which we forward on to the High Commission and our fees, comprising our service fee and other fees such as bank charges and fees.

Fees stated are only valid on the day that they are quoted or provided by us. If you decide to make your application on a later date, the fees may change.

All costs of returning passports, visas and documents to you are included in the final total fee based on information provided by you and the delivery methods selected by you.

All fees must be received in full under the available payment options.

Except where covered in our refund policy below, all fees are non refundable, and all fees are payable and may be retained by us on payment by you, even if you do not make or proceed with a visa application, and whether or not a visa is granted.

4.4 General Obligation

OIS will process all visa applications with reasonable attention and skill and in line with all procedures and guidelines set by the Nigeria High Commission. However, whilst we use reasonable attention to check your application form for obvious errors on the face of the form, we do not guarantee to detect errors with your form, and we do not undertake to verify any information you provide, which you are responsible for ensuring is accurate.

4.5 Applicant's Responsibility

It is the responsibility of all applicants to complete all applications forms truthfully, to provide correct and accurate information and documentation, to ensure that they have a valid passport, and on receipt of visa to check the validity of the visa issued to ensure that it covers the period of stay requested, the number or entries required, and that it is valid for the purpose of the trip.

4.6 Processing Times

The processing times for visas applications are estimates only. These are based on information and experience of the Nigeria High Commission. The processing of your application is subject to the procedures and processing timescales of the Nigeria High Commission over which OIS have no control.

4.7 Changes to Procedures and Fees

The procedures and fees of the Nigeria High Commission for the processing of visas and related services are outside the control of OIS and subject to change without prior notice. OIS does not accept responsibility for any changes in procedures or fees and reserves the right to pass on any increased fees.

4.8 Cancellation

If you commence a visa application process, including by submitting an online application, but do not complete the visa application process, including where you fail to send your visa application documentation to us or to attend in person at a visa application centre to complete your visa application, within 12 months of commencing the visa application process, then your visa application shall be considered to have expired and we may retain the visa fee paid by you, as well as all service fees, bank fees and other fees. We shall not be obliged to notify you of this.

Your right above is the only cancellation right you have. Once you have submitted your application to us, you will be taken to have agreed that we may immediately commence processing your application and providing any services, and as a result you will not have any right to cancel under the Consumer Protection (Distance Selling) Regulations 2000. This is because, under Regulation 13(1)(a), you lose your right to cancel if you agree that we can start providing the services within the cancellation period.

5. Refund Policy

5.1 Refund of Visa Application Fee

If OIS is in breach of contract or negligent in relation to any visa application submitted, resulting in the visa not being granted or loss of applicants passport with valid visas, in each case, wherein the applicant has to apply for a new passport or cannot travel to Nigeria at the times stated by the applicant in his/her visa application, then OIS will refund to the applicant the visa fee, but not any service fee, bank fee or other fee.

5.2 Loss or damage to passports and other travel documents

OIS takes every reasonable precaution while handling an applicant's passport & documents, and if due to any breach of contract or negligence on the part of OIS, the applicant's submitted passport or documents are lost or damaged beyond a useable condition, then OIS will pay to the applicant the amount of the fees charged by the government of the applicant's home country, for the replacement of the lost or damaged passport or other documents through their normal replacement procedure, and OIS will assist the applicant with the same within its capacity. Such payments will be made by OIS to the applicant on the presentation of the payment receipt issued by the government of their respective home country for the replacement of such lost or damaged passport or documents.

6. Disclaimer

Except for the refund or reimbursements of fees as stated in the section above, OIS excludes its liability in connection with any visa applications, including liability in or under contract, negligence, tort, statute or otherwise howsoever, and including liability for any delay or failure of OIS in handling or processing visa applications, loss of or delay to passports and other documents, delays involving the Nigeria High Commission and rejections of visa applications for any reason.

And for the avoidance of doubt

6.1 No Liability for Incorrect Information

OIS shall have no liability for loss, delays or non-issuance of any application arising from or in connection with (to include but not restricted to) incomplete application forms, incorrectly or falsely completed application forms, and inaccurate or incomplete supporting documentation.

6.2 No Liability for Events Not In Our Control

OIS shall not be considered to be in breach of contract or negligent or otherwise liable in any way for any delay or failure of any application or loss, damage or delay to any passport or other documents due to accident, theft, natural calamities (act of god) or any other reason outside the control of, and not arising out of a wilful default of, OIS, or for the loss or damage to any passport or other document after it has been handed over to the applicant.

6.3 No Liability for Postal and Courier Service

OIS shall have no liability for any delays, or for loss of or damage to any visa application, passport or other documents, caused by, or occurring whilst any application, passport or document is in the possession of, any third party postal or courier service, including transportation of visa applications, passport or other documents between OIS and the Nigeria High Commission and when being returned by OIS to the applicant.

6.4 No Liability for Assessment of Visa Applications

OIS is not involved in the process of assessment of visa applications, or their grant or refusal, and shall not be liable or responsible for any delay by the Nigeria High Commission in assessing, granting or refusing any visa application.

6.5 No Liability for Wasted Costs and Expenses

OIS shall have no liability to any visa applicant, or any other person relying on or benefiting from any visa application, for any commitment, cost or expenditure incurred in reliance on or anticipation of receiving a Nigerian visa, whether within a particular timescale or at all, including but not limited to air travel, hotel, and other travel and accommodation arrangements, and any other arrangements made.

OIS recommends that you do not purchase tickets or make bookings which cannot be cancelled prior to the issuance of a visa, except where it is a specific requirement stated as part of the visa application, in which case open tickets should be obtained.

6.6 General Exclusion of Loss and Damage

OIS shall have no liability (including in contract or for negligence) to any visa applicant, or any other person relying on or benefiting from any visa application, for any direct, indirect, punitive, incidental, special, consequential damages or any damages whatsoever, including where caused by delay, misplacement, loss or damage of visa applications, passports and other documents, other than as stated in Section 5 above.

OIS shall have no liability (including in contract or for negligence) to any visa applicant or any other person relying on or benefiting from any visa application for any loss of profit, revenue, or contract, or business, profession, or other occupation, including where caused by delay, misplacement, loss or damage of visa applications, passports and other documents.

7. General

7.1 Third Party Rights

Nothing in these Terms and Conditions shall benefit or be enforceable by any person other than the visa applicant, and the Contracts (Rights of Third Parties) Act 1999 shall not apply.

7.2 Changes to these terms

OIS, in its sole discretion, may change, amend, cancel or withdraw any or all of these terms and conditions at any time without any prior notice.

7.3 Applicable Law

These terms and conditions and any visa applications shall be governed and construed in accordance with the laws of the countries we have presence. Any claims or disputes arising in relation to the services provided by OIS to the applicant shall be subject to the exclusive Jurisdiction of the courts in the country.

8.Complaints

Please address any complaints to the customer relationship department through email at

info@oisservices.com

1. Introduction

At OIS, we are committed to protecting the privacy and confidentiality of our customers' personal data. This Privacy Policy outlines how we, use, disclose, and protect the personal data we obtain from individuals who use our services. We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), and strive to ensure the highest standards of privacy and data security.

2. Data Collection and Use

2.1 Personal Data Collection

We collect personal data from individuals in various ways, including when they create an account, make a payment, contact us, complete surveys, interact with our websites or applications, or utilize our services. The types of personal data we may collect include, but are not limited to:

Name, address, and contact information
Passport and visa details
Biometric data
Bank verification numbers
Payment transaction details
Health information (for e-health services)
Interactions with our services and websites
Houston (9894 Bissonnet Street, Suite 745 Houston TX 77036 USA)
Employment or professional details (for recruitment purposes)

2.2 Purpose of Data Processing

We process personal data for the following purposes:

To communicate with individuals and fulfil their service requests or purchase orders.
To provide customer support and respond to inquiries.
To improve and personalize individuals' experience with our services.
To process payments and verify financial transactions.
To comply with legal obligations, including reporting obligations to relevant authorities.
To manage our systems and processes, including data analysis, auditing, and troubleshooting.
To conduct investigations and exercise legal rights, including fraud prevention and detection.
To develop and improve our products and services.

2.3 Legal Basis for Processing

We process personal data based on one or more of the following legal bases:

The necessity of processing for the performance of a contract or to take pre-contractual steps at the individual's request.
Compliance with legal obligations to which we are subject.
Consent provided by individuals for specific processing activities.
Legitimate interests pursued by OIS or a third party, provided that such interests are not overrid den by the individual's rights and interests.

3. Data Sharing and Disclosure

3.1 Third-Party Service Providers

We may share personal data with trusted third-party service providers who assist us in delivering our services and fulfilling our obligations. These service providers are contractually bound to only process personal data on our behalf and in accordance with our instructions.

3.2 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred to the relevant third party as part of the transaction. We will take reasonable steps to ensure the security and confidentiality of personal data during such transfers.

3.3 Legal and Compliance Requirements

We may disclose personal data if required to do so by law, court order, or governmental authority. We may also share personal data to protect our rights, privacy, safety, or property, or those of others.

4. Data Retention

We retain personal data for the minimum period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. The criteria used to determine the appropriate retention period include the nature of the personal data, the purposes for which it was collected, and legal and regulatory requirements.

5. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to, encryption, access controls, regular security assessments, and staff training on data protection.

6. Individual Rights

Individuals have certain rights regarding their personal data. Subject to applicable law, individuals have the right to:

Access their personal data and request a copy of it.
Rectify inaccurate or incomplete personal data.
Erase personal data under certain circumstances.
Restrict or object to the processing of personal data.
Data portability (receive personal data in a structured, commonly used, and machine-readable format).
Withdraw consent (if processing is based on consent).

To exercise these rights or to make a privacy-related complaint, individuals can contact us using the information provided in Section 8.

7. Marketing Communications and Cookie Policy

We may send marketing communications to individuals who have provided their consent. Individuals can opt-out of receiving such communications at any time by following the instructions provided in the communication or by contacting us.

Our Cookie Policy outlines the use of cookies and similar technologies on our websites and provides information on managing cookie preferences.

8. International Data Transfers

As a global organization, we may transfer personal data to countries outside the European Economic Area (EEA) or other regions with different data protection laws. In such cases, we will ensure appropriate safeguards are in place to protect the personal data, such as using standard contractual clauses approved by the European Commission or relying on the recipients' Privacy Shield certification (where applicable).

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect or solicit personal data from children. If we become aware that we have collected personal data from a child without verifiable parental consent, we will take steps to delete that information.

10. Updates to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices or legal obligations. We encourage individuals to review this Privacy Policy periodically for any updates. The revised Privacy Policy will be effective from the date it is posted on our website.

11. Contact Information

For any privacy-related concerns, questions, requests, or complaints, please contact our Data Protection Officer at:

dataprotection@oisservices.com

We take privacy matters seriously and will respond promptly to address any concerns or inquiries. Please note that this Privacy Policy is provided in English for ease of understanding. In the event of any conflict between the English version and a translated version, the English version shall prevail.

GDPR & Related Data Protection Policy

1. Introduction

In its everyday business operations Online Integrated Solutions (OIS) makes use of a variety of data about identifiable individuals, including data about:

Current, past and prospective employees
Customers
Users of its websites
Subscribers
Other stakeholders

In collecting and using this data, the organisation is subject to a variety of legislation controlling how such activities may be carried out and the safeguards that must be put in place to protect it.

The purpose of this policy is to set out the relevant legislation and to describe the steps OIS is taking to ensure that it complies with it.

This control applies to all systems, people and processes that constitute the organisation's information systems, including board members, directors, employees, suppliers and other third parties who have access to OIS systems.

The following policies and procedures are relevant to this document:

Data Protection Impact Assessment Process
Personal Data Analysis Procedure
Legitimate Interest Assessment Procedure
Information Security Incident Response Procedure
GDPR Roles and Responsibilities
Other stakeholders

2. Use of Cryptography

Where appropriate to the classification of information and the storage medium, cryptographic techniques were used to ensure the confidentiality and integrity of records.

Absolute care have been taken to ensure that encryption keys used to encrypt records are securely stored for the life of the relevant records and comply with the organisation's policy on cryptography.

2.1 The EU General Data Protection Regulation - GDPR

The General Data Protection Regulation 2016 (GDPR) is one of the most significant pieces of legislation affecting the way that OIS carries out its information processing activities. Significant fines are applicable if a breach is deemed to have occurred under the GDPR, which is designed to protect the personal data of citizens of the European Union. It is OIS's policy to ensure that our compliance with the GDPR and other relevant legislation is clear and demonstrable at all times.

2.2 Definitions

There are a total of 26 definitions listed within the GDPR and it is not appropriate to reproduce them all here. However, the most fundamental definitions with respect to this policy are as follows:

Personal data is defined as:

any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

'processing' means

any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

'controller' means

the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

2.3 Principles Relating to Processing of Personal Data

There are a number of fundamental principles upon which the GDPR is based.
These are as follows:

1. Personal data shall be:

(a) processed lawfully, fairly and in a transparent manner in relation to the data subject ('lawfulness, fairness and transparency');

(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes ('purpose limitation');

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimisation');

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay ('accuracy');

(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject ('storage limitation');

(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality').

OIS will ensure that it complies with all of these principles both in the processing it currently carries out and as part of the introduction of new methods of processing such as new IT systems.

2.4 Rights of the Individual

The data subject also has rights under the GDPR. These consist of:

The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling

Each of these rights are supported by appropriate procedures within OIS that allow the required action to be taken within the timescales stated in the GDPR.

These timescales are shown in Table 1.

Data Subject Request	Timescale
The right to be informed	When data is collected (if supplied by data subject) or within one month (if not supplied by data subject)
The right of access	One month
The right to rectification	One month
The right to erasure	Without undue delay
The right to restrict processing	Without undue delay
The right to data portability	One month
The right to object	On receipt of objection

Table 1 - Timescales for data subject requests

2.5 Lawfulness of Processing

There are six alternative ways in which the lawfulness of a specific case of processing of personal data may be established under the GDPR. It is OIS policy to identify the appropriate basis for processing and to document it, in accordance with the Regulation. The options are described in brief in the following sections.

2.5.1 Consent

Unless it is necessary for a reason allowable in the GDPR, OIS will always obtain explicit consent from a data subject to collect and process their data. In case of children below the age of 16 (a lower age may be allowable in specific EU member states) parental consent will be obtained. Transparent information about our usage of their personal data will be provided to data subjects at the time that consent is obtained and their rights with regard to their data explained, such as the right to withdraw consent. This information will be provided in an accessible form, written in clear language and free of charge. If the personal data are not obtained directly from the data subject then this information will be provided to the data subject within a reasonable period after the data are obtained and definitely within one month.

2.5.2 Performance of a Contract

Where the personal data collected and processed are required to fulfil a contract with the data subject, explicit consent is not required. This will often be the case where the contract cannot be completed without the personal data in question e.g. a delivery cannot be made without an address to deliver to.

2.5.3 Legal Obligation

If the personal data is required to be collected and processed in order to comply with the law, then explicit consent is not required. This may be the case for some data related to employment and taxation for example, and for many areas addressed by the public sector.

2.5.4 Vital Interests of the Data Subject

In a case where the personal data are required to protect the vital interests of the data subject or of another natural person, then this may be used as the lawful basis of the processing. OIS will retain reasonable, documented evidence that this is the case, whenever this reason is used as the lawful basis of the processing of personal data. As an example, this may be used in aspects of social care, particularly in the public sector.

2.5.5 Task Carried Out in the Public Interest

Where OIS needs to perform a task that it believes is in the public interest or as part of an official duty then the data subject's consent will not be requested. The assessment of the public interest or official duty will be documented and made available as evidence where required.

2.5.6 Legitimate Interests

If the processing of specific personal data is in the legitimate interests of OIS and is judged not to affect the rights and freedoms of the data subject in a significant way, then this may be defined as the lawful reason for the processing. Again, the reasoning behind this view will be documented.

2.6 Privacy by Design

OIS has adopted the principle of privacy by design and will ensure that the definition and planning of all new or significantly changed systems that collect or process personal data will be subject to due consideration of privacy issues, including the completion of one or more data protection impact assessments.

The data protection impact assessment will include:

Consideration of how personal data will be processed and for what purposes
Assessment of whether the proposed processing of personal data is both necessary and proportionate to the purpose(s)

Assessment of the risks to individuals in processing the personal data
What controls are necessary to address the identified risks and demonstrate compliance with legislation
Use of techniques such as data minimization and pseudonymisation will be considered where applicable and appropriate.

2.7 Contracts Involving the Processing of Personal Data

OIS will ensure that all relationships it enters into that involve the processing of personal data are subject to a documented contract that includes the specific information and terms required by the GDPR. For more information, see the GDPR Controller-Processor Agreement Policy

2.8 International Transfers of Personal Data

Transfers of personal data outside the European Union will be carefully reviewed prior to the transfer taking place to ensure that they fall within the limits imposed by the GDPR. This depends partly on the European Commission's judgement as to the adequacy of the safeguards for personal data applicable in the receiving country and this may change over time.
Intra-group international data transfers will be subject to legally binding agreements referred to as Binding Corporate Rules (BCR) which provide enforceable rights for data subjects.

2.9 Data Protection Officer

A defined role of Data Protection Officer (DPO) is required under the GDPR if an organisation is a public authority, if it performs large scale monitoring or if it processes particularly sensitive types of data on a large scale. The DPO is required to have an appropriate level of knowledge and can either be an in-house resource or outsourced to an appropriate service provider.

Based on these criteria, OIS appointed Data Protection Officer, below are the contact details:

Name: Archibald Coker
Email: acoker@oisservices.com
Contact: +44 (0) 207 832 0001

2.10 Breach Notification

It is OIS's policy to be fair and proportionate when considering the actions to be taken to inform affected parties regarding breaches of personal data. In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant supervisory authority will be informed within 72 hours. This will be managed in accordance with our Information Security Incident Response Procedure which sets out the overall process of handling information security incidents.

Under the GDPR the relevant DPA has the authority to impose a range of fines of up to four percent of annual worldwide turnover or twenty million Euros, whichever is the higher, for infringements of the regulations.

2.11 Addressing Compliance to the GDPR

The following actions are undertaken to ensure that OIS complies at all times with the accountability principle of the GDPR:

The legal basis for processing personal data is clear and unambiguous
A Data Protection Officer is appointed with specific responsibility for data protection in the organisation (if required)
All staff involved in handling personal data understand their responsibilities for following good data protection practice
Training in data protection has been provided to all staff
Rules regarding consent are followed
Routes are available to data subjects wishing to exercise their rights regarding personal data and such enquiries are handled effectively
Regular reviews of procedures involving personal data are carried out
Privacy by design is adopted for all new or changed systems and processes

The following documentation of processing activities is recorded:

Organisation name and relevant details
Purposes of the personal data processing
Categories of individuals and personal data processed
Categories of personal data recipients
Agreements and mechanisms for transfers of personal data to non-EU countries including details of controls in place
Personal data retention schedules
Relevant technical and organisational controls in place

These actions are reviewed on a regular basis as part of the management process concerned with data protection.

Related Data Protection

Data Protection Principles

There are 8 data protection principles which ensure that organisations collect, store and process personal data in a way that protects the confidentiality of customers. These principles are set out in schedule 1 of the Act and are as follows:

i. Data must be handled fairly and lawfully
We have legitimate grounds to obtain, store and process customers' data, namely, to assist you obtain a passport, visa and for other purposes authorised by the law and contracts between us and our customers. We ensure that your data will not be used for anything unlawful.

ii. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
Due to the nature of our job, the purpose for which you are giving us your personal data is obvious to you and us. We will not use your data for any other purpose incompatible with the original purpose unless you first give us your consent or we are compelled by law to do so.

iii. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
We will only take information we consider relevant and sufficient to deliver our contract with you.

iv. Personal data shall be accurate and, where necessary, kept up to date.
We ensure that the personal data you give us is correct and not misleading. We achieve this by giving you the opportunity to confirm the information you give us and also by requesting documentary proof when necessary. If there are relevant changes in your personal data, eg, change of name or nationality, please let us know as soon as possible so that we can update your record.

v. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
We will, from time to time, review our data base to see if some personal data are still needed to be stored by us. If the purpose for which they were stored has been achieved and we consider that it is no longer necessary to continue storing them, we will securely delete them.

vi. Personal data shall be processed in accordance with the rights of data subjects under this Act.
We will process your personal data in such a way that it will enable you to do any of the following:

a right of access to a copy of your personal data, popularly known as 'subject access request'. The current fee for that is £10 per standard request and we aim to provide this within 14 days. Subject Access Request should be made to info@oisservices.com by email or by post The Head of Centre, OIS Services, 56-57 Fleet street, EC4Y 1JU, London
a right to object to processing your personal data in a way that is likely to cause damage or distress to you;
a right to prevent processing your personal data in a way that is incompatible to the original purpose or purposes;
a right to object to decisions being taken by automated means;
a right, when appropriate, to have inaccurate personal data rectified, blocked or deleted, and
a right to claim compensation for damages caused by a breach of the Act.

vii. Personal data security
Your personal data are held in a very secure environment both physically and technically. The areas where personal data are kept are out of bounds for all non-authorised persons. Access to these parts of the premises can only be gained by electronic key issued only to authorised persons. Your personal data can only be accessed on the system by authorised persons. Only such authorised persons can alter, disclose or destroy your personal data. Further, such authorised persons can only carry out any of those functions in the course of their lawful duties. Therefore, the chances of your personal data being unlawfully processed or accidentally damaged, destroyed or lost are very minimal. Further, it is our policy to ensure that:

each authorised employee who has access to personal data has his own password which is not shared with other persons,
approved security software and firewall are used to protect our data,
printed personal data not in use are shredded,
we discourage personal data being stored on laptops and other mobile devices and media but if they do, should be locked securely and not taken out of the office.

viii. Transfer of personal data outside the European Economic Area
Your personal data will not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. There are only few counties outside the EEA that have been accepted as having adequate levels of protection for the processing of persona data comparable to the EEA countries. When we are transferring personal data to the USA, we ensure that the recipient is a signatory to the US Department of Commerce Safe Harbour Scheme. This scheme is recognised by the European Commission as providing adequate protection for data subjects. In relation to other countries outside the EEA that have not been accepted as having equivalent security and safeguards in place for processing personal data, we either sign a separate contract, the terms of which are approved by the European Directives or ensure that there is a clause in the contract that protects the processing of personal data of all our clients.

Hello, how can i help you?

- Visa application

- Passport application

- BVN application

- General information

Cookie Notice

OIS Services

This website uses cookies to enhance user experience and site performance, and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising, affiliates, and analytics partners. Where required by applicable law, we will obtain your consent before we place any cookies on your device that are not strictly necessary for the functioning of our websites. By clicking "Accept All Cookies", you agree to our use of cookies. Learn about our Privacy Notice and cookies and how to modify and set your preferences by clicking here.

More Information https://cookiepedia.co.uk/giving-consent-to-cookies

Click on: