This Privacy Notice describes how Platypass LLC ("Platypass", "we", "us") collects, uses, shares, and protects personal data when you use the Platypass website, mobile applications, and related services (the "Service").
1. Data Controller
Platypass LLC acts as the data controller for personal data collected through the Service, meaning we determine how and why your data is processed.
2. Personal Data We Collect
We collect the following categories of personal data:
Account Data
- Name
- Email address
- Username
- Password (hashed)
- Profile information you provide
Social Login Data
If you choose to sign in using a third-party provider, we may receive information from:
Apple Sign In
- Name (when provided by Apple)
- Email address (including private relay addresses)
- Apple user identifier
Google Sign In
- Name
- Email address
- Google account identifier
- Profile image (if shared)
We only receive information that you authorize through the provider.
Business Data
If you claim or manage a business listing, we collect:
- Business name
- Address
- Phone number
- Website
- Business hours
- Photos, videos, coupons, events, and related business information
User Content
- Favorites
- Thumbs Up activity
- Passport activity
- Itineraries
- Notes
- Photos
- Events
- Profile content
- Other content you create within the Service
Payment and Subscription Data
When purchasing subscriptions, payment information is processed by third-party payment providers. Depending on your platform, purchases may be processed by:
- Apple App Store
- Google Play
- Paddle
We do not store full payment card numbers. We may receive:
- Subscription status
- Product identifiers
- Transaction identifiers
- Renewal status
- Purchase dates
- Expiration dates
Location Data
We may collect:
- Approximate location from IP address
- Device location when permission is granted
- Passport verification location data
- Business search location data
Location data is only collected as necessary to provide Service features.
Device and Usage Data
- IP address
- Browser type
- Device type
- Operating system
- Device identifiers
- App usage data
- Pages viewed
- Features used
- Diagnostic information
Communications Data
- Support requests
- Feedback submissions
- Survey responses
Cookies and Similar Technologies
See Section 10 below.
3. How We Use Personal Data
We use personal data to:
- Provide the Service: create and manage accounts, operate listings, support itineraries, Passport Mode, subscriptions, and personalization. Legal basis: Contract performance.
- Process Payments and Subscriptions: facilitate purchases, renewals, billing, refunds, and subscription management. Legal basis: Contract performance.
- Customer Support: respond to inquiries and resolve issues. Legal basis: Legitimate interest.
- Improve the Service: analyze usage, improve performance, and develop new features. Legal basis: Legitimate interest.
- Security and Fraud Prevention: detect abuse, prevent fraud, protect users, and maintain platform security. Legal basis: Legitimate interest and legal obligation.
- Marketing: send updates, product announcements, and promotional communications where permitted. Legal basis: Consent or legitimate interest.
- Legal Compliance: comply with applicable laws and respond to lawful requests. Legal basis: Legal obligation.
4. How We Share Personal Data
We may share personal data with:
- Service Providers: hosting, database, analytics, customer support, email delivery, authentication, and infrastructure providers.
- Apple: when purchases are made through Apple's App Store, Apple processes transactions and subscription management according to Apple's privacy practices.
- Google: when purchases are made through Google Play or when Google Sign-In is used, Google processes data according to Google's privacy practices.
- Paddle: as our Merchant of Record for applicable web transactions, Paddle processes payments, taxes, invoicing, refunds, and subscription management.
- Professional Advisers: legal, accounting, auditing, and consulting professionals.
- Authorities: where required by law or to protect rights, property, safety, or users.
- Business Transfers: in connection with mergers, acquisitions, financing, or asset sales.
We do not sell personal data.
5. Data Retention
We retain personal data only for as long as necessary to:
- Provide the Service
- Comply with legal obligations
- Resolve disputes
- Enforce agreements
- Maintain security records
When no longer required, data is deleted or anonymized.
6. Your Rights
Depending on your location, you may have rights to:
- Access your personal data
- Correct inaccurate information
- Delete personal data
- Restrict processing
- Object to processing
- Receive a portable copy of your data
- Withdraw consent
- Lodge a complaint with a data protection authority
Requests may be submitted through in-app support channels.
7. Account Deletion
Users may request deletion of their account through the account settings section of the Service. Upon deletion request:
- Personal account information is removed or anonymized
- Public content may be retained where legally permitted or necessary for platform integrity
- Certain records may be retained to comply with legal obligations
8. Security
We use appropriate technical and organizational safeguards, including:
- Encryption in transit
- Access controls
- Authentication protections
- Security monitoring
- Regular security reviews
No system can guarantee absolute security.
9. International Transfers
Personal data may be processed in the United States and other countries where we or our service providers operate. Where required, appropriate safeguards such as contractual protections are implemented.
10. Cookies and Similar Technologies
We use:
Essential Cookies — required for:
- Authentication
- Security
- Core functionality
Analytics Technologies — used to understand:
- Feature usage
- Performance
- Platform improvements
You can manage cookies through browser settings. Disabling essential cookies may impact Service functionality.
11. Camera, Photos, and Media Access
With your permission, Platypass may access:
- Camera
- Photo library
- Media files
This access is used solely for features such as:
- Profile photos
- Business photos
- Event photos
- User-generated content
Media access can be revoked through device settings.
12. Children
The Service is not directed to children under 13 years of age (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal data from children.
13. Changes to This Notice
We may update this Privacy Notice from time to time. Material changes may be communicated through:
- The Service
- Email notifications
- Other appropriate means
The Last Updated date reflects the latest revision.
14. Contact
Questions regarding this Privacy Notice or our data practices may be submitted through the in-app support channels.
