PASSPRT

Privacy Policy

Effective date: 1 April 2025  ·  Last updated: 26 April 2026

This Privacy Policy describes how PASSPRT ("we", "us", "our") collects, uses, and shares information when you use the PASSPRT mobile application (the "App").

By using PASSPRT, you agree to the practices described in this policy. If you do not agree, please do not use the App.

1. Who We Are

PASSPRT is operated by Hodl Labs Pty Ltd (ABN 96 625 524 754), an Australian proprietary limited company trading as PASSPRT ("we", "us"). You can contact us at:

Email: support@passprt.app

2. Information We Collect

Information you give us

• Account details: email address, username, and (optional) profile photo when you sign up.
• Sign-in details: if you sign in with Google, we receive your email address and Google account identifier (we never receive your Google password). If you sign in with Apple, we receive the private Apple account identifier (the "sub" claim) and the email relay address you selected — we never receive your Apple ID password.
• Profile information: full name, nationality, and bio if you choose to provide them.
• Photos you save: if you choose to share or export a passport image, we use your permission to save that image to your device's Photo Library. We do not read any other photos in your library.

Information we collect automatically

• Location: when you open the App and use features that require it (such as checking in at a place), we request your device's approximate location to verify you are near the place you're checking in at. Location is only accessed while you are actively using the App — never in the background.
• Check-in records: when you check in at a place, we store the place identifier, city, country, and time of check-in against your account. This is how your passport stamps are earned and displayed.
• Device information: basic information about the device and operating system version, used for crash reports and debugging.
• Usage events: anonymised events about which features you use (e.g. opened the map, completed a scan, checked in at a place) so we can understand which parts of PASSPRT work well and which need improvement. Events include your account ID, app version, device type (iOS/Android), and the action taken — never the contents of your messages or any private content. We do not use this data for advertising and do not share it with advertising networks.
• Guest device identifier: if you use the App as a guest (without signing up), we generate a random identifier on your device to remember your guest session and any stamps you collect so you can claim them later by signing up. This identifier is a random string with no link to your real identity and is removed if you delete the App.

Information we do NOT collect

• We do not track your location in the background.
• We do not track you across other apps or websites.
• We do not sell your personal data.
• We do not use third-party advertising networks.

3. How We Use Your Information

We use the information we collect to:

• Create and maintain your PASSPRT account
• Verify check-ins and award the correct stamps
• Display your passport, collected stamps, and visited places in the App
• Show aggregated, non-personal information (e.g. popular places, featured cities) to other users
• Improve the App and fix bugs
• Communicate with you about your account or important App updates

We do not use your data for advertising or sell it to third parties.

4. Sharing Your Information

We share information only in these limited cases:

• With other PASSPRT users: your username, profile photo, and public passport / stamps are visible to other users of the App. You control what appears on your public profile.
• Service providers: we use trusted third-party services to run PASSPRT, including:
  • Cloudflare (hosting and database)
  • Google (Sign-In, Maps, and Places APIs)
  • Apple (App Store)
  • PostHog (product analytics — anonymised usage events to help us understand which features are used and improve the App; no advertising, no data sale, your account ID is the only identifier passed)
  These providers only access your data to provide their services to us and are contractually required to protect it.
• Legal requirements: we may disclose information if required by law, court order, or to protect the rights and safety of PASSPRT users.

We never sell your personal information to advertisers or data brokers.

5. Data Retention

• We keep your account data for as long as your PASSPRT account is active.
• If you delete your account, we remove your personal profile data and check-in history from our systems within 30 days, except where we are legally required to retain certain records.
• Anonymized, aggregated data (e.g. total stamps issued, popular places) may be retained indefinitely.

6. Your Rights

Depending on where you live, you may have the following rights regarding your personal data:

• Access: request a copy of the data we hold about you.
• Correction: ask us to correct inaccurate data.
• Deletion: ask us to delete your account and personal data.
• Portability: request an export of your data.
• Objection: object to certain uses of your data.

To exercise any of these rights, email us at support@passprt.app. We will respond within 30 days.

7. Children's Privacy

PASSPRT is not intended for children under 13 (or under 16 in some regions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

8. Security

We take reasonable technical and organizational measures to protect your data, including:

• Encryption of data in transit (HTTPS)
• Secure cloud infrastructure (Cloudflare)
• Limited internal access to user data

No system is 100% secure. We cannot guarantee the absolute security of your data but we take the protection of it seriously.

9. International Users

PASSPRT is operated from Australia. If you use the App from outside Australia, your information will be transferred to and processed in Australia (and in other countries where our service providers, such as Cloudflare and Google, operate). By using PASSPRT you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify you in the App or by email before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

11. Contact Us

Questions about this Privacy Policy? Reach us at:

Email: support@passprt.app

This policy is written in plain language on purpose — privacy shouldn't need a lawyer to understand. If anything is unclear, ask us.