Privacy Policy

Last updated: 10 June 2025

1 · Information We Collect

Identity & Contact Data. Full legal name, mailing address, email, telephone number.

Document Data. Scans or photos of your passport, proof of citizenship, marriage certificates (if needed), and any supporting material you upload.

Payment Data. Tokenised card information handled by Stripe; we see only the last four digits, card brand, and a transaction ID.

Technical Data. IP address, browser type, device fingerprint, time-zone, and cookie identifiers.

2 · Why We Process Your Data

1. Pre-fill the DS-82 form and audit document quality.
2. Create a trackable USPS or FedEx label addressed to the National Passport Center.
3. Email you status alerts and respond to support enquiries.
4. Fulfil bookkeeping and anti-money-laundering obligations.
5. Generate aggregated analytics to improve site performance.

3 · Lawful Bases (GDPR)

• Contractual necessity — processing required to deliver the concierge service.
• Legitimate interest — fraud prevention and product improvement.
• Legal obligation — retention of financial records for tax authorities.

4 · Who Sees Your Data

We disclose data only to the following categories of processors, each bound by data-processing agreements:

• Payment processing (PCI-DSS Level 1)
• Cloud hosting & encrypted file storage
• Email & transactional SMS delivery
• Customer-support help-desk software
• Analytics & performance monitoring
• Courier-label generation APIs

5 · International Transfers

DocuHelp’s servers are located in the United States. If you reside outside the U.S., you consent to your data being processed in the U.S. We use Standard Contractual Clauses with non-U.S. sub-processors to remain GDPR-compliant.

6 · Data Retention & Deletion

30-Day retention after delivery. Once we email your final DS-82 packet and prepaid label, your uploaded documents remain on our servers for thirty (30) days. This buffer lets you re-download files if needed and lets support resolve immediate follow-ups.

Automatic purge. On day 31 our system:

• Erases all personal documents and photos from active storage and backups.
• Destroys the associated encryption keys.
• Replaces file links in our database with anonymised audit hashes.

Long-term legal records. We keep minimal, tokenised payment metadata and anonymised audit logs for up to twelve (12) months to handle chargebacks, taxes, and AML checks. These records contain no passport images or raw documents.

You may request earlier deletion at any time by emailing privacy@docuhelp.online; we comply within 72 hours.

7 · Your Privacy Controls

• Access a copy of your personal data.
• Correct inaccurate or incomplete data.
• Delete data once the renewal is finished.
• Export data in machine-readable format (GDPR Art. 20).
• Object to certain processing or withdraw consent for marketing.
• Non-discrimination for exercising CCPA rights.

Email privacy@docuhelp.online; we respond within 30 days.

8 · Security Measures

All traffic uses HTTPS; uploaded files are encrypted at rest with AES-256-GCM; staff access requires hardware security keys and background checks.

9 · Cookies

Essential cookies maintain your login session. Optional analytics cookies are disabled by default until you accept them via the banner shown on first visit.

10 · Complaints

EU residents may lodge a complaint with their supervisory authority; U.S. residents may contact the FTC. We encourage direct contact first so we can resolve issues quickly.

11 · Changes to This Policy

Material changes will be announced via homepage banner and emailed to active customers at least 14 days before taking effect.

12 · Contact Us

Email privacy@docuhelp.online or write: DocuHelp Online LLC, 1007 N Orange St, 4th Floor #4227, Wilmington, DE 19801.