☰
Last updated: 27/01/2025
Welcome to Passtastic App ("we," "us," or "our"), operated by Bohdan Syvodiedov, PL6832120321. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.
Contact Information
This Privacy Policy applies to personal data we collect or process when you use our services, including our website, platform for creating digital business cards, and any associated services (collectively, the "Service"). If you do not agree with these practices, please do not use the Service.
Data Controller: For the personal data we collect directly from our users (e.g., account registration details, billing info), we act as a Data Controller.
Data Processor: If our business customers store third-party personal data (e.g., adding their customers' or employees' info to their digital cards), we process that data on behalf of our business customers. In such cases, they are the "Data Controller," and we are the "Data Processor."
What: Name, email address, company name, business area, and any other contact information you provide.
Why: To create and maintain your account, provide our Service, and personalize your experience.
Legal Basis: Usually contractual necessity (fulfilling our agreement with you) and/or consent (where applicable).
What: Information you voluntarily add to your digital cards (e.g., phone number, email, address, logo, photo).
Why: To generate and manage your digital business cards.
Legal Basis: Contractual necessity (to fulfill your request) and/or consent (you control what you upload).
What: We enable the sending of updates or promotions to card recipients, but we do not store device tokens or detailed device information about the recipients' phones.
Why: To facilitate communication between card owners and recipients.
Legal Basis: Legitimate interests (providing a communication feature) or consent (if local laws require it).
Microsoft Clarity & Google Analytics may collect:
Why: To understand user behavior, improve our interface, and fix technical issues.
Legal Basis: Consent (via cookie banner or settings) and/or legitimate interests in analyzing and improving the Service.
Stored via SendGrid for transactional and marketing emails (delivery status, open rates).
Why: To communicate with you effectively, send updates, or marketing messages if you've opted in.
Legal Basis: Contractual necessity (for service emails) and/or consent (for marketing emails).
We do not store or process payment details (e.g., credit card numbers) on our servers.
All payments are handled 100% by Stripe, subject to Stripe's Privacy Policy.
Why: To securely process subscription fees, handle pay-as-you-grow billing, and ensure compliance with financial regulations.
Legal Basis: Contractual necessity (for paid subscriptions).
We use the collected data to:
Device Tokens: We do not store device tokens or personal device data about recipients.
Recipient Opt-Out: Recipients can opt out of receiving further updates by adjusting card settings in Apple Wallet or Google Wallet.
Analytics of Card Usage: We only track how many times a card is installed and how many remain active, without identifying the individual device.
Retention Period: We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.
Account Deletion: If a user deletes their account, we will remove or anonymize their personal data immediately, unless we are required to retain it for legal, regulatory, or security reasons.
We may use cookies, web beacons, and similar tracking technologies in conjunction with analytics providers (Microsoft Clarity, Google Analytics) to understand user behavior and improve the Service.
You can manage cookie preferences via your browser settings or our cookie consent banner.
We are based in Poland (EU/EEA). However, some of our third-party providers (Stripe, SendGrid, Google, Microsoft) may store or process data in countries outside the EEA, such as the United States.
Where such transfers occur, we rely on recognized legal mechanisms, such as Standard Contractual Clauses (SCCs), to ensure adequate protection for your personal data.
You have the right to:
If you have provided consent for specific data processing, you can withdraw that consent at any time.
You have the right to:
We do not sell or rent personal data to third parties for marketing or other purposes. Our third-party providers act as our service processors.
We implement reasonable security measures to protect the personal data we process. However, no system is 100% secure, and we cannot guarantee absolute security of your information.
Our Service may contain links to third-party websites or services (e.g., payment pages, social media). We are not responsible for the privacy practices or content of those third parties.
We may update this Privacy Policy from time to time by posting a new version on our website. If we make significant changes, we will notify you (e.g., via email or a prominent notice on our site). Your continued use of the Service after any changes become effective constitutes acceptance of the updated Policy.
If you have questions or concerns about this Privacy Policy, or wish to exercise any of your legal rights, please contact us at:
Your privacy is important to us, and we appreciate your trust. If you have any questions or feedback, please reach out to us.