operating in China, if CCP members were among VFS Global’s employees or the staff of our FMCs in
China.
All of our employees, regardless of their political party membership or affiliation, are subject to the
same rigorous security screening, background checks and protocols that apply to our operations
around the world. In accordance with the requirements of the Canadian government, we conduct deep
identity, credit, criminal, residency, education and employment checks on all of our employees before
they are hired.
We also ensure the following robust physical security and data protection measures at our VACs,
which apply to all employees and visa applicants, comprising Chinese and any third country nationals.
a. Screening of all staff and applicants at the VAC entrance: Screening is performed by IRCC-
cleared personnel at the entrance. This applies to visa applicants as they enter the VAC; and staff
are screened when entering and exiting the VAC, to ensure the staff do not possess any
personally identifiable information (PII) data or office assets.
b. No-mobile policy and implementation: Use of mobile phones inside the Canada VAC is not
permitted. Applicants are requested to switch off their mobiles before entering the premises.
Canada VAC staff hand over their mobile devices to the VAC Managers upon entering the VAC
and retrieve them when leaving for the day. Staff mobiles are kept in a centralized controlled area
with live monitoring by VAC managers.
c. CCTV monitoring: CCTV cameras are installed in the Canada VACs and the digital video
recorder (DVR) is kept in a secured area. The access to CCTV is only provided to IRCC-cleared
VAC Managers for monitoring. The DVRs are password protected.
d. Hardening of devices and monitoring of e-mail traffic: Desktops installed at the Canada VACs do
not permit the copying or downloading of any data. USB access is disabled in all desktops
installed at the Canada VACs to prevent copying of any data to an external media drive. All VAC
staff access their machines through a unique user ID and password and e-mail access is
restricted to those roles requiring its use. E-mail traffic is monitored by the information security
team.
e. Data Management: We do not store any personal data related to a visa application. Data is
purged from our systems within 30 days of a case being closed, in accordance with IRCC
regulations. All data servers transferring China Visa applications to IRCC are located in Canada.
We operate no servers for IRCC in China, and IRCC also conducts unannounced audits to review
the integrity of our systems.
All these measures are managed and controlled by VFS Global. FMC management, owners or
investors have absolutely no access to any data at these visa application centres and no IT
infrastructure access. They cannot influence the visa application process set by client governments.
Notwithstanding any potential CCP related structure or hierarchy in an FMC, party membership has no
influence on the integrity of the visa application process, nor on how a VAC is operated. This process
is defined only by VFS Global in full compliance with the regulations of the Canadian government.
Given all the security safeguards we deploy, there is no basis for the concerns expressed that visa
applicant information collected at VFS-operated VACs is somehow communicated to the CCP, the
government of the PRC or any other unauthorized third parties.