top of page
8f25ff51-9cc7-4b61-b4e5-62ad7eb54587 copie.png

Last updated: April 14, 2025
 

We are One Border Ltd. (“ETA Fast”, “us”, “we”, “our”). We are a limited company registered in England and Wales under registration number 16350527 and have our registered office at Devonshire House, 1 Mayfair Place, London, England, W1J 8AJ.

 

Unless we notify you otherwise, we are the controller of the Personal Data we process about you. This means that we decide what Personal Data to collect and how to process it.

 

The purpose of this privacy notice is to explain what Personal Data we collect about you and how we process it. This privacy notice also explains your rights, so please read it carefully. 

If you have any questions, you can contact us using the information provided below under the Contact section.

1. Who Does This Notice Apply To?

This privacy notice applies to you if:

  1. You visit our website

  2. You purchase goods or services from us

  3. You enquire about our products and/or services 

  4. You sign up to receive newsletters and/or other promotional communications from us
     

2. What is Personal Data 

‘Personal Data’ means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier. 

 

‘Special Category Personal Data’ is more sensitive Personal Data and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purposes of uniquely identifying someone, data concerning physical or mental health or data concerning someone’s sex life or sexual orientation.  

 

3. Personal Data We Collect

The type of Personal Data we collect about you will depend on our relationship with you. 

 

However, as part of our assistance in applying for an Electronic Travel Authorisation (ETA) for the United Kingdom, we collect the following data, exclusively during the call:

 

  • Passport photograph

  • Facial photograph

  • Contact email address

  • Phone number
     

Please note, none of our calls are recorded and no audio or video is stored by ETA Fast following our consultation.

 

4. How We Collect Your Personal Data

We collect most of the Personal Data directly from you in person, by telephone, text or email and/or via our website. 

However, we may also collect your Personal Data from third parties such as: 

  • reputable companies who provide lead generation contact lists;

  • others to whom you have provided consent;

  • publicly available sources such as social media platforms;

  • sub-contractors in technical, payment and delivery services;

  • advertising networks;

  • analytics providers; and

  • search information providers.
     

5. How We Use Personal Data

We will only use your Personal Data when the law allows. Most commonly, we will use your Personal Data in the following circumstances:

Where Personal Data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.

 

6. Data Retention Period

We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.

Typically, photographs and any other facial images are deleted from our systems within 24 hours of the ETA application being submitted. ne

 

7. Sharing Your Data

We may disclose your information to third parties in connection with other purposes set out in this privacy notice. These third parties may include:

  • business partners, suppliers and sub-contractors who may process information on our behalf

  • advertisers, social media platforms, and advertising networks

  • analytics and search engine providers

  • IT service providers

This site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our site, we encourage you to read the privacy policy of every website you visit.

Where we are under a legal or regulatory duty to do so, we may disclose your details to the police, regulatory bodies or legal advisors, and/or, where we consider necessary to protect the rights, property or safety of ETA Fast, its personnel, users or others.

 

8. Data Security

We implement appropriate technical and organisational measures to protect data against unauthorised or unlawful processing and against accidental loss, destruction or damage.

In addition to the technical and organisational measures we have put in place, there are simple things you can do to further protect your personal information, such as:

  1. Never share One Time Passcodes (OTPs).

  2. Never enter your details after clicking on a link in an email or text message.

  3. Always send confidential information by encrypted email to reduce risk of interception.

  4. If you’re logged into any online service do not leave your computer unattended.

  5. Close your internet browser once you’ve logged off

  6. Never download software or let anyone log on to your computer or devices remotely, during or after a cold call.

  7. You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.


 

9. Rights of Data Subjects

In accordance with the applicable Data Protection legislation, you have certain rights in relation to the processing of your Personal Data, including:
 

How to exercise your rights

You will not usually need to pay a fee to exercise any of the above rights. However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. 

 

If you wish to exercise your rights, you may contact us using the details set out below within the section called ‘Contact us and our Data Protection Officer’. We may need to request specific information from you to confirm your identity before we can process your request. Once in receipt of this, we will process your request without undue delay and within one month. In some cases, such as with complex requests, it may take us longer than this and, if so, we will keep you updated.  

 

10. International Transfers

Depending on the organization(s) we use to provide our services to you, your Personal Data may be processed outside of the UK and/or European Economic Area (“EEA”).

Therefore, we have taken appropriate steps to ensure that the Personal Data processed by such organizations has an essentially equivalent level of protection to that guaranteed in the UK/EEA. We do this by ensuring that:

  • Your Personal Data is only processed in a country which the Secretary of State or European Commission has confirmed has an adequate level of protection (an adequacy decision) or

We enter into an International Data Transfer Agreement (“IDTA”) or use the International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (“SCCs) for international data transfers) with the receiving organization, and adopt supplementary measures where necessary.

 

11. Children’s Privacy

We do not offer our products and services to children, and we do not knowingly collect Personal Data of children without parental consent (unless permitted by law). If you are under 18 years of age, you must not use our services. If we learn that a child has provided us with their Personal Data we will securely and permanently delete it.

 

12. Contact Us and our Data Protection Officer 

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights outlined above, please use the following email address legal@etafast.com

We have also appointed a Data protection Officer (“DPO”). Our DPO is Evalian Limited, and they can be contacted using the postal address below:

Evalian Limited, West Lodge, Leylands Business Park, Colden Common, Southampton, Hampshire SO21 1TH.

Alternatively, you can email dpo@evalian.co.uk 

 

When contacting our DPO, please mark your communications FAO the ‘One Border Data Protection Officer’.

 

13. Changes to This Policy

This privacy policy may be updated in line with legal or regulatory developments. Any updates will be published on our website with the date of revision clearly stated.


 

U.S. Privacy Notice Addendum

If you are a resident in the United States, this Privacy Addendum supplements the information contained in the privacy notice above. This Privacy Addendum applies to residents in the United States whose states have passed state-specific privacy laws.
 

Additional disclosures for California residents

If you are a California resident and we process your personal information as a business under the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) (“CCPA”), you may refer to the information provided within the privacy notice above and the additional information below.

“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, or as otherwise defined by the CCPA. Personal Information does not include information that is publicly available, deidentified, or aggregated (as those terms are defined in the CCPA) or otherwise excluded from the scope of the CCPA.

“Sensitive personal information” is a specific subset of personal information that includes certain government identifiers (such as social security numbers); an account log-in, financial account, debit card, or credit card number with any required security code, password, or credentials allowing access to an account; precise geolocation; contents of mail, email, and text messages; genetic data; biometric information processed to identify a consumer; information concerning a consumer’s health, sex life, or sexual orientation; or information about racial or ethnic origin, religious or philosophical beliefs, or union membership. Consumers have the right to also limit a business’s use and disclosure of their sensitive personal information.

The personal information we may process as part of our business activities is listed within the main privacy notice above. 

We may also process information about you which is defined as ‘sensitive’ under the CCPA, however this will only ever be where it is required to provide you with a specific product or service for example. We will only process your sensitive information where you have provided it to us directly, you have authorised us to obtain it from a third party, or where the processing is required or authorised by or under U.S. law or a Court/Tribunal order, or otherwise where the processing is not prohibited under the CCPA. We will only ever use sensitive information in accordance with the legislation and for the original purpose for which it is provided.

Disclosure of personal information overseas 

We may disclose your personal information to third-party service providers and/or business partners located outside the U.S. for the purposes indicated in this privacy notice. Some of these third-party service providers may include cloud-based storage providers who may store and process personal information in the cloud within or outside the U.S. 

Where we make such disclosures, we have taken reasonable steps to ensure any overseas recipients do not breach the relevant state legislation in relation to any personal information. We have carried out a thorough due diligence process and have imposed relevant contractual obligations on any offshore recipients to ensure compliance with the CCPA.

Your Rights

Under certain circumstances, and as provided under the CCPA, you may have the right to:

Right to know. You can request that we disclose to you: (1) the categories and/or specific pieces of personal information we have collected about you, (2) the categories of sources for that personal information, (3) the purposes for which we use that information, (4) the categories of third parties with whom we disclose the information, and (5) the categories of information that we sell or discloses to third parties. You can make a request to know up to twice a year, free of charge.

Right to delete. You can request that we delete the personal information we have collected from you and tell our service providers to do the same, subject to certain exceptions (such as if we are legally required to keep the information).

Right to opt-out of sale or sharing. You may request that we stop selling or sharing your personal information (“opt-out”), including via a user-enabled global privacy control. We cannot sell or share your personal information after we receive your opt-out request unless you later authorize us to do so again.

Right to correct. You may ask us to correct the inaccurate information that we have about you.

Right to limit use and disclosure of sensitive personal information. You can direct us to only use your sensitive personal information (for example, your social security number, financial account information, your precise geolocation data, or your genetic data) for limited purposes, such as providing you with the services you requested.

We do not use or disclose sensitive personal information for purposes which would require us to offer you the right to limit under the CCPA, nor do we sell or share personal information to another business or third party for monetary or other valuable consideration.

If you exercise one of the above rights, we may need to request some additional information from you to help us confirm your identity and/or that you are entitled to make such a request. This confirmation is required to avoid personal information about one individual being sent to another, either accidentally or because of deception.

Once we are satisfied with the above, in most cases, we will process any rights requests received straight away. However, in certain circumstances there may be a legal requirement or administrative reason to deny your request. In these circumstances, we will ensure that we advise you fully and explain our reason(s) for the refusal.

Enquiries and complaints

If you want to exercise one of the above rights in connection to your personal information or if you have any queries or complaints about our privacy notice or how we handle your personal information, please contact us by writing to us at legal@etafast.com

You also have the right to lodge a complaint with the California Privacy Protection Agency who can be contacted here.

Additional disclosure for U.S residents (Outside California)

If you are a resident in the U.S and we process your personal information as a controller, you may have certain rights under your own state privacy law. You may refer to the main privacy notice regarding how we collect, use, and disclose your personal information as well as the choices you can make in relation to your personal information.

Bus sur le pont
ETA VISA UK Application

Privacy Policy

UK ETA Application

Need an ETA for the United Kingdom?

Forget forms and apps. With ETA Fast, apply for your Electronic Travel Authorization for the UK in just a few minutes through a quick call — no waiting, no stress.

bottom of page