U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Affidavit Requirement

USCIS will email you a blank Developer Portal Affidavit after you have met the pre-requisites for production access. 

We will inquire on the following:

  • Which country is your development team based?
  • Primary Contact* First and Last Name.
  • Primary Contact* Email Address
  • Company or Organization Name
  • Phone Number
  • Name of the Front-End Application
  • Notification Email for Updates
  • Business Home Page URL

*Primary contact must be an authorized signatory who can legally bind your company/organization.

We will require you agree to our Terms of Use. Lastly, we will review your business website and application adhere to the following:

Does the text formatting meet all of the following requirements for desktop readability?

  • Do the policies have a grade reading level of 12 or below?
  • Are the policies free of obvious typographical errors?
  • Do text and background colors meet minimum WCAG contrast requirements of at least 4.5:1?
  • Does the text formatting meet the following requirements?
  • Font size is 14px or larger
  • No long, unbroken paragraphs
  • No ALL-CAPS paragraphs (a sentence or two is OK)
  • No run-on sentences
  • No narrow column widths

Does the text formatting meet all of the following requirements for mobile readability?

  • Font size is 14px or larger
  • No long, unbroken paragraphs
  • No ALL-CAPS paragraphs (a sentence or a word or two is OK)
  • No run-on sentences
  • No narrow column widths

Do your terms of service and/or privacy policies:

  • Give users an easy way to request permanent deletion of their data.
  • State how soon data deletion will happen after the user makes the request.
  • Comply with California Consumer Privacy Act (CCPA), if applicable

 Do your terms of service and/or privacy policies:

  • Define the specific types of data collected, such as geolocation data, financial information, medical information, a user's contacts, etc.
  • Clearly describe how data will be used, including the sharing of de-identified, anonymized, or pseudonymized data.
  • Name the entities with which data is shared, including third parties, marketers, partners, etc., and clearly indicate how these entities use this data.
  • State that no data is sold, for profit or other monetary transactions.
  • Specify whether data is sold, sold for profit or other monetary transactions."
  • Inform users about their data-sharing choices and the risks, benefits, and limitations of data sharing.
  • Specify how data sharing could have an impact on others, such as the impact of sharing genetic or family history information.
  • Clearly state that third-party use or disclosure of user information (including de-identified, anonymized, or pseudonymized data) is prohibited for any reason without active consent from the user.
  • Indicate that third parties are bound to the terms and conditions in your privacy policy.
  • Specify that if there is a data breach, you will notify the user and provide instructions for further actions they may take, if any.
  • Specify your data retention policy, including how long you will hold onto data if the account is dormant.
  • Include instructions for how the user can permanently delete their data stored with your app/company.
  • Specify what will happen to a user's data if there is a transfer of ownership or if your company ends or sells its business. You must clearly indicate in your policy that the new company's policies will align with yours, or provide the user one of these options:
  • Securely dispose of, transmit, or download their health information.
  • Specify how users can close their account?
  • Indicate that you will notify your users of changes in ownership.
  • Specify that you will get active consent from users when changes are made to privacy policies and terms of service.
  • Clearly state how you will get active consent for policy changes and provide users with plain-language summaries of what has changed.