Legal

Security

This page describes the security practices we apply to protect your personal and payment information.

This page is maintained by UK ETA Portal Online to answer common security and privacy questions about our assistance service. It is informational and is not a certification or third-party audit.

1. Data in transit

All traffic between your browser and our website is encrypted using HTTPS with modern TLS. We enforce secure connections sitewide and disable outdated protocols.

2. Data at rest

Application data is stored on infrastructure provided by reputable cloud providers with industry-standard physical and logical security controls. Access is restricted on a need-to-know basis.

3. Payment security

Payments are handled by PCI-DSS compliant payment processors. Full card numbers are never stored on our servers.

4. Access controls

  • Role-based access for our reviewers and support team.
  • Strong password requirements and multi-factor authentication for staff accounts.
  • Audit logging of administrative actions.

5. Vendor management

We work only with vetted vendors bound by appropriate data-protection agreements, and we limit the personal data shared with them to what is strictly necessary.

6. Incident response

We monitor our systems and have procedures in place to investigate and respond to suspected security incidents. Where required by law, affected users and authorities will be notified without undue delay.

7. Responsible disclosure

If you believe you have found a security vulnerability, please email support@uk-eta-portal.online with the details. Please do not publicly disclose the issue until we have had a reasonable opportunity to investigate and remediate.

8. Shared responsibility

You also play a role in keeping your data safe: keep your email account secure, use a strong unique password, and avoid sharing your application details on insecure channels.

Last updated: June 2026