VAA Liveness Tool – Admin Privacy Policy
Contact: admin@visaappointmentalert.com

Privacy Policy

This Privacy Policy explains what data the VAA Liveness Tool – Admin Chrome Extension collects, processes, stores, and how it is used during visa appointment liveness verification workflows.

Last updated: April 03, 2026 Product: VAA Liveness Tool – Admin (Chrome Extension) Company: Visa Appointment Alert Country: Pakistan

1) Summary (Plain English)

  • We collect: your email address and license key to authenticate your account.
  • We process: appointment identifiers (user ID, transaction ID) intercepted from the appointment portal to generate a liveness verification link.
  • We capture: your machine's hardware fingerprint (HWID) to bind the license to your device.
  • We do not sell your data and we do not use it for advertising.
  • You control when verification links are generated and you can clear stored data at any time.
Important: This extension intercepts appointment network requests to extract appointment identifiers. These are used solely to generate a secure liveness link and are not stored beyond the active session.

2) Definitions

"Personal Data" means information that can identify you (such as email).
"Appointment Data" means the user ID and transaction ID associated with a visa appointment, extracted from the appointment portal to facilitate liveness verification.
"HWID" means a hardware fingerprint generated from your device to bind and protect your license.

3) Data We Collect and Process

3.1 Account Data

  • Email address — used for license verification and account identification
  • License key — used to verify you are an authorized user
  • Hardware ID (HWID) — generated locally from device characteristics; used to bind the license to your machine and prevent unauthorized sharing

3.2 Appointment Session Data (Processed During Active Use)

  • User ID and Transaction ID — intercepted from the visa appointment portal's network requests; used only to generate a liveness verification link
  • IP address — fetched via a public IP lookup service (api.ipify.org) to include in the verification session for correct routing
  • Session ID and liveness result — returned from the VAA backend after session creation; stored locally to track verification status

3.3 Diagnostic Data (Limited)

Minimal usage logs (license key, event type, timestamp) may be sent to the VAA backend to detect abuse and support troubleshooting. No browsing history is collected.

4) How We Use Data

  • Authentication: verify your license key and email; bind license to your device via HWID.
  • Core functionality: generate secure liveness verification links using intercepted appointment identifiers.
  • Session tracking: poll the VAA backend to monitor liveness status and inject the result into the appointment form on completion.
  • Security: detect fraudulent license use and prevent unauthorized access.
  • Support: respond to support requests and diagnose issues.

5) Storage, Retention, and Deletion

5.1 Local Storage (On Your Browser)

The extension stores your email, license key, HWID, and active session identifiers locally using Chrome extension storage. This data persists until you clear it or uninstall the extension.

5.2 Backend Storage

Session records (appointment IDs, liveness results, IP address) are stored on the VAA backend (Firebase Realtime Database) for the duration of the verification workflow. Records are associated with the session ID and not directly linked to personal identity.

5.3 How to Delete Data

  • Local: uninstall the extension or clear its storage in Chrome settings.
  • Account deletion: email us to request removal of your license record and associated data.

6) Data Sharing

We do not sell Personal Data.

  • VAA backend (api.visaappointmentalert.com): session and license data is transmitted to our own backend to operate the service.
  • IP lookup (api.ipify.org): your public IP is fetched from this third-party service solely to populate the verification session.
  • Legal requirements: data may be disclosed if required by law or valid legal process.

7) Security

  • All communication with the VAA backend uses HTTPS/TLS.
  • License keys are bound to a single device via HWID to prevent sharing.
  • Access to backend systems is restricted to authorized personnel.

8) Why the Extension Requests Permissions

  • storage: stores license credentials, HWID, and active session state locally.
  • webRequest: monitors appointment portal network requests to detect when appointment IDs are available.
  • scripting: injects the control panel overlay and form-filling logic into the appointment page.
  • tabs / activeTab: identifies the active appointment tab to target scripts and messages correctly.
  • notifications: displays a desktop alert when the client's liveness check is complete.
  • declarativeNetRequest: modifies outgoing request headers on the appointment portal for correct session routing.
  • <all_urls>: the appointment portal and VAA backend are on separate domains; broad host access is required to intercept requests and communicate with both.

9) Children's Privacy

This extension is intended for professional use only and is not directed at children under 13. We do not knowingly collect data from children.

10) Changes to This Policy

We may update this policy from time to time. The "Last updated" date will reflect any changes. Continued use of the extension after changes constitutes acceptance.

11) Contact

For questions about this Privacy Policy or data handling:
Email: admin@visaappointmentalert.com

© Visa Appointment Alert. All rights reserved.