"You're uploading your passport and your family's documents. You should know exactly what happens to them. Here's the full picture." — Daniel, Founder
Last updated: June 2026
All documents uploaded to your vault are encrypted using AES-256 encryption in Supabase's cloud storage. This is the same standard used by major financial institutions.
All data transmitted between your browser and our servers uses TLS 1.2 or higher. Your documents are never sent over an unencrypted connection.
Your documents are accessible only to your account. We use signed URLs with short expiry times — there are no permanent public links to your files. Visado team members can only access your documents if you explicitly request support that requires it.
Your documents are stored for as long as your account is active. When you delete your account, all vault documents are permanently deleted within 30 days. We do not retain copies.
Your guides are AI personas powered by Anthropic's Claude language model. They are not human advisors. They provide general guidance based on publicly available information and your onboarding profile.
When you chat with your guide, we send your message, your recent conversation history, and your onboarding profile (visa type, family situation, work background) to Anthropic's Claude API. This is what allows your guide to give personalized, contextual responses.
We do not send your uploaded documents to any AI system. Your vault contents stay in your vault. The only exception is the optional "Analyze with Joao" feature, which you must explicitly activate per document.
Anthropic does not use conversations processed through the API to train their models. Your conversations are not used to improve Claude or any other AI system.
Joao and Andreia provide general information and guidance. Nothing they say constitutes legal advice, immigration advice, or tax advice. For decisions with legal or financial consequences, consult a qualified Portuguese immigration lawyer or tax advisor.
We do not sell, rent, or trade your personal data or documents to any third party. Ever.
Your documents are not shared with any third party except the infrastructure providers required to store them (Supabase). Those providers cannot read your documents — they store encrypted bytes.
Your vault documents are never automatically sent to any AI system. They are stored for your use only.
Visado does not use advertising cookies, tracking pixels, or third-party analytics. The only cookie we set is the authentication token that keeps you logged in.
Database and file storage. SOC 2 Type 2 certified. Data hosted on AWS infrastructure.
Application hosting and edge delivery. SOC 2 Type 2 certified.
AI model provider (Claude). Powers Joao and Andreia. API data is not used for model training.
Payment processing. PCI DSS Level 1 certified. Visado never sees or stores your card details.
Transactional email delivery (signup confirmation, password reset). No marketing emails without your consent.
Questions about security or how we handle your data? Email [email protected]. We'll respond within 2 business days.