PRIVACY POLICY

This privacy notice discloses the privacy practices for ImmiBlocks.com. This policy applies solely to information collected by this website and platform. It will notify you of the following:

​

• What personally identifiable information is collected from you through the website and platform, how it is used, and with whom it may be shared.

• What choices are available to you regarding the use of your data.

• The security procedures in place to protect the misuse of your information.

• How you can correct any inaccuracies in the information.

​

Information Collection, Use, and Sharing

We are the sole owners of the information collected on this site, unless otherwise stated. We only have access to/collect information that you voluntarily provide via forms, email, account registration, or other direct contact. We do not sell or rent this information to third parties.

​

We recognize that privacy rights vary based on jurisdiction. If you are a resident of the European Economic Area, the United Kingdom, or California, you may have specific rights under data protection law, including the right to access, correct, delete, or object to certain processing of your personal data. Please contact us at admin@immiblocks.com to exercise these rights., unless otherwise stated. We only have access to/collect information that you voluntarily provide via forms, email, account registration, or other direct contact. We do not sell or rent this information to third parties.

​

We will use your information to provide services, process your requests, and support your interactions on the platform. We may share your information with third parties as necessary to complete your request (e.g., to fulfill a service, connect you to a vendor, or refer you to a law firm or other service provider not operated by ImmiBlocks).

​

We may also share data with affiliate companies, entities under common ownership or control, trusted partners of ImmiBlocks, and individuals or organizations under contract (such as document evaluators, developers, or analysts). These individuals or partners are subject to confidentiality agreements and use restrictions. Shared data may be used to improve our services, develop new features, or enhance platform performance, including through aggregated analytics. All internal data use is performed in anonymized or aggregated formats to prevent exposure of individual personal data or sensitive content. Sharing will be limited to entities supporting ImmiBlocks' operations, research, or service delivery.

 

If you choose to engage with a third-party partner, vendor, or law firm, you may share your data directly with them. Please note that these third parties may have their own independent privacy policies and data practices, which are not governed by this policy. We encourage you to review those third-party policies before submitting personal information. While ImmiBlocks works with vendors and legal professionals who are respected in their fields and often recommended by others in the industry, we do not control or assume responsibility for their data security practices. In some cases, those partners may share back status updates or deliverables with ImmiBlocks.

​

Unless you opt out, we may contact you via email in the future to share promotions, product updates, or changes to this privacy policy.

​

Your Access to and Control Over Information

You may opt out of any future contacts from us at any time. While ImmiBlocks is required by legal and professional standards to retain certain records, including those connected to legal services or immigration matters, we will comply with requests to delete data where possible, subject to those requirements. You can do the following at any time by contacting us at admin@immiblocks.com:

​

• See what data we have about you, if any.

• Change or correct any data we have about you.

• Have us delete any data we have about you.

• Express any concerns about our use of your data.

​

Security

​

We take your data security seriously. Sensitive data submitted via the website is encrypted and protected both online and offline.

​

We use HTTPS encryption for data transmitted through our forms and payment gateways. Sensitive financial information is processed via secure third-party platforms (e.g., Stripe, PayPal, Square, Zelle, Wise, or another secure payment platform). Offline, only authorized personnel have access to personal data, and it is stored in password-protected environments.

​

However, no system is completely secure, and we cannot guarantee that unauthorized access, data loss, or misuse will never occur. Users are responsible for safeguarding login credentials and access to their own accounts. In the event of a data breach, we will notify affected users and comply with applicable notification laws.. Sensitive data submitted via the website is encrypted and protected both online and offline.

​

We use HTTPS encryption for data transmitted through our forms and payment gateways. Sensitive financial information is processed via secure third-party platforms (e.g., Stripe, PayPal, Square, Zelle, Wise, or another secure payment platform). Offline, only authorized personnel have access to personal data, and it is stored in password-protected environments.

​

However, no system is completely secure, and we cannot guarantee that unauthorized access, data loss, or misuse will never occur. Users are responsible for safeguarding login credentials and access to their own accounts.

​

Orders

To purchase services, users must provide contact and billing information (such as name, email, and credit card details). This information is used to fulfill orders and deliver services. If issues arise, we may use this data to contact you. We do not store credit card details directly on our servers.

​

Cookies and Data Retention

We use cookies to enhance your experience. Cookies may store session data, login status, or preferences. They help reduce friction (e.g., remembering your password) and track usage trends. Cookies do not collect personally identifiable information unless you explicitly provide it through other form fields.

​

You can adjust your browser settings to block or delete cookies. Disabling cookies may affect platform functionality.

​

We retain user data for as long as necessary to fulfill the purpose for which it was collected, including legal, contractual, and service-related requirements. Upon request, and when legally permissible, data may be deleted or anonymized. Disabling cookies may affect platform functionality.

​

Users might request Immiblocks LLC to store the data indefinitely as a cloud service, which will be priced according to the storage requested. 

​

Sharing

We work with third parties to deliver platform functionality and services. These partners may include:

​

• Document evaluators and subject-matter experts

• Transcript evaluation agencies

• Technology and infrastructure partners

• Law firms (when requested) or affiliated service providers

​

When necessary, we will share information required to fulfill the services you request. All parties are contractually obligated to safeguard any shared data.

​

Links

This website may contain links to external websites. If you work with a third-party site (e.g., a vendor, partner firm, or evaluator), please be aware that we are not responsible for the content or privacy practices of those websites. Third parties, including law firms, vendors, and technology providers, maintain their own data policies. We do not control their systems or security practices and expressly disclaim liability for their handling of your information. We encourage users to review privacy statements on any external sites.. If you work with a third-party site (e.g., a vendor, partner firm, or evaluator), please be aware that we are not responsible for the content or privacy practices of those websites. We encourage users to review privacy statements on any external sites.

​

Surveys and Voluntary Feedback

From time to time, we may invite you to participate in optional surveys. These surveys help us improve our services and may request demographic or service-related feedback. Participation is entirely voluntary, and all data is processed confidentially.

​

 

DATA SECURITY

​

​

This document outlines the principles, controls, and responsibilities that govern how ImmiBlocks, LLC manages, protects, and secures data across its platform. It applies to all personnel, vendors, contractors, and partners involved in handling personal, financial, legal, or sensitive data through ImmiBlocks systems.

​

1. Data Classification and Access

• Data is classified into tiers: Public, Internal, Confidential, and Restricted.

• Access to user data is role-based and restricted to only those who need it for service fulfillment or platform maintenance.

• Vendors, evaluators, and third-party service providers must comply with ImmiBlocks' data handling and confidentiality standards.

​

2. Encryption and Data Transmission

• All data in transit is secured via HTTPS with TLS 1.2 or higher.

• No credit card data is stored directly by ImmiBlocks. All payments are processed via third-party PCI-DSS-compliant processors (e.g., Stripe, PayPal, Square, Zelle, Wise, or another provider).

​

3. Vendor and Partner Controls

• All vendors and legal professionals must adhere to confidentiality requirements and maintain their own data protection protocols.

• ImmiBlocks does not guarantee or oversee the internal security policies of external partners. Users are encouraged to review third-party privacy and security practices.

• Vendors with persistent access to user data are required to sign NDAs and, in some cases, provide proof of cybersecurity compliance or industry-standard practices.

 

4. Data Retention and Disposal

• Data is retained only for as long as necessary to fulfill its intended purpose, in accordance with legal, regulatory, and contractual obligations.

• Upon user request and subject to legal requirements, data may be anonymized or securely deleted using industry-standard data wiping techniques.

• Users might request Immiblocks LLC to store the data indefinitely as a cloud service, which will be priced according to the storage requested. 

​

5. User Responsibilities

• Users must maintain the confidentiality of login credentials and access devices.

• Users are encouraged to use strong passwords and update them periodically.

• ImmiBlocks is not responsible for unauthorized account access resulting from user negligence.

​

6. Security Monitoring and Incident Response

• The platform is monitored for suspicious activity and access anomalies.

• In the event of a suspected data breach, ImmiBlocks will investigate promptly and notify affected parties in accordance with applicable data breach notification laws.

• Logs and audit trails are maintained for critical systems to support forensic investigation.

​

7. Physical and Organizational Safeguards

• User data is stored in secure cloud environments protected by firewalls, access controls, and regular vulnerability assessments.

• Access to sensitive systems is limited to designated personnel and controlled through multi-factor authentication (MFA).

• At the time of this writing, we use Linode  for data storing.  In the future, we may use another services such as AWS.

​

8. Compliance and Continuous Improvement

• ImmiBlocks follows established data security frameworks and incorporates principles from trusted providers such as Apirio's InfoSafe certification.

• We use only paid, enterprise-grade AI systems (ChatGPT, Claude, Gemini) in secure, authorized environments.

• Vendors and partners must align with contractual security obligations.

• Security is evaluated through regular audits and ongoing staff training.

• We utilize only paid and enterprise-grade large language models (LLMs), including OpenAI's ChatGPT, Anthropic’s Claude, and Google’s Gemini, to ensure adherence to best practices in AI security and confidentiality. Each model is used within its own secure and authorized environment.

• All vendors and system partners are reviewed for data security compliance and required to align with our contractual obligations.

• Annual reviews and ad hoc audits are conducted to identify and mitigate security risks.

• Security training is provided to all internal staff with access to protected data.

• Annual reviews and ad hoc audits are conducted to identify and mitigate security risks.

• Security training is provided to all internal staff with access to protected data.

​

​