Privacy Policy

1. Introduction

Migrossa ("we," "our," or "us") is operated by DIGITAL RENAISSANCE INC. We are committed to protecting your privacy and handling your personal data transparently and securely. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our immigration platform and services.

This policy applies globally and complies with:

• General Data Protection Regulation (GDPR) - European Union
• Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
• California Consumer Privacy Act (CCPA) - California, USA
• Lei Geral de Protecao de Dados (LGPD) - Brazil

2. Information We Collect

2.1 Personal Information

We collect information you provide directly:

• Name, email address, phone number
• Immigration documents (passports, visas, work permits)
• Professional information (education, work history)
• Payment information (processed securely through Stripe)
• Communication records between clients and agents

2.2 Automatically Collected Information

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent)
• Cookies and similar tracking technologies

2.3 Third-Party Information

We may collect information from:

• OAuth providers (Google, Microsoft) when you connect integrations
• Public databases for agent verification (CICC, State Bars, BBB)
• Payment processors (Stripe) for escrow transactions

3. How We Use Your Information

We use your information to:

• Provide and maintain our immigration platform services
• Process escrow payments and release funds per contract milestones
• Facilitate communication between clients and immigration agents
• Verify immigration agent credentials and generate trust scores
• Provide AI-powered tools (document analysis, eligibility checks, dispute resolution)
• Send service notifications, updates, and security alerts
• Comply with legal obligations and immigration regulations
• Improve our services through analytics and AI model training

4. Data Storage and Security

Your data is stored securely using industry-standard encryption:

• Database: Supabase (PostgreSQL) with encryption at rest and in transit
• Files: Encrypted cloud storage with access controls
• Payments: Stripe (PCI DSS Level 1 compliant)
• AI Processing: OpenAI with data processing agreements

We implement appropriate technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal data.

5. Cross-Border Data Transfers

As a global platform, your data may be transferred to and processed in countries other than your own. We ensure adequate safeguards are in place:

• Standard Contractual Clauses (SCCs) for EU data transfers
• Privacy Shield principles where applicable
• Data processing agreements with all third-party processors

6. Data Sharing and Disclosure

We share your information only in these circumstances:

• With your immigration agent: Case-related information you authorize
• Service providers: Stripe (payments), OpenAI (AI processing), Supabase (hosting)
• Legal requirements: When required by law or to protect rights and safety
• Business transfers: In case of merger, acquisition, or asset sale

We never sell your personal information to third parties.

7. Your Rights

Depending on your location, you have the following rights:

All Users:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your data (subject to legal obligations)
• Portability: Receive your data in a structured, machine-readable format

EU/UK Users (GDPR):

• Object: Object to processing based on legitimate interests
• Restrict: Request restriction of processing
• Withdraw consent: Withdraw consent at any time
• Lodge complaint: File complaint with supervisory authority

California Users (CCPA):

• Know: Know what personal information is collected
• Delete: Request deletion of personal information
• Opt-out: Opt-out of sale (we don't sell data)
• Non-discrimination: Not be discriminated against for exercising rights

To exercise your rights, contact us at: support@migrossa.com

8. Cookies and Tracking

We use cookies and similar technologies for:

• Essential cookies: Required for platform functionality
• Analytics cookies: Understand how you use our services
• Preference cookies: Remember your settings

You can control cookies through your browser settings. Note that disabling essential cookies may affect platform functionality.

9. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Active accounts: Duration of account plus 7 years for compliance
• Immigration documents: 7 years after case closure (regulatory requirement)
• Payment records: 7 years (tax and audit requirements)
• Dispute records: 10 years (legal requirement)

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions or to exercise your rights: