Privacy Policy

Last updated: 27 April 2026

1. Introduction

Otherlink Ltd, trading as PassLite (“we”, “us”, “our”), registered in England and Wales, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use the PassLite platform and related services. We act as a data processor on behalf of business users and as a data controller for account and platform data.

2. Information We Collect

We collect the following categories of data:

  • Account Data: Name, email address, password (hashed), business name, phone number
  • Business Data: Business profile, branding assets, address, social links, category
  • Pass Data: Pass templates, issued pass records, customer names, email addresses, points, stamps, transaction history
  • Technical Data: IP address, browser type, device information, access logs, API usage
  • Analytics Data: Pass views, scans, installations, redemptions, check-ins (aggregated)
  • Payment Data: Processed by Stripe — we do not store card details. We store Stripe customer IDs and subscription status

3. How We Use Your Data

  • To provide and maintain the PassLite platform
  • To process pass creation, issuance, and real-time updates
  • To manage your account and subscription
  • To send service-related communications (not marketing)
  • To generate aggregated analytics for your dashboard
  • To comply with legal obligations
  • To prevent fraud and ensure platform security

4. Legal Basis for Processing

We process personal data on the following lawful bases under UK GDPR:

  • Contract: Processing necessary to perform our contract with you (providing the Service)
  • Legitimate Interests: Analytics, security, and service improvement
  • Legal Obligation: Tax, accounting, and regulatory compliance
  • Consent: Where you have explicitly opted in (e.g. marketing communications)

5. Data Sharing

We share data only with:

  • Stripe: Payment processing (subscription billing, customer purchases via Stripe Connect)
  • Resend: Transactional email delivery (pass download links, purchase receipts, notifications)
  • Supabase: Database hosting, authentication, and file storage
  • Fly.io: Application hosting (backend API and frontend)
  • Apple Inc.: Push notifications for Apple Wallet passes (device tokens only)
  • Google LLC: Google Wallet pass issuance

We do not sell your data to third parties. We do not share data for advertising purposes.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account deletion, we retain certain data for up to 90 days for backup and recovery purposes. Analytics data may be retained in aggregated, anonymised form indefinitely. Payment records are retained as required by tax law (typically 6 years).

7. International Transfers

Your data may be processed in the UK and EU. Where data is transferred outside these regions, we ensure appropriate safeguards are in place including Standard Contractual Clauses (SCCs) and the UK International Data Transfer Agreement (IDTA).

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time
  • Lodge a complaint with the ICO (Information Commissioner’s Office)

To exercise these rights, contact us at privacy@passlite.io.

9. Cookies

PassLite uses essential cookies for authentication and session management. We use localStorage to persist your login token (pb_auth). We do not use third-party tracking cookies or advertising pixels.

10. Security

We implement industry-standard security measures including HTTPS encryption, hashed passwords (bcrypt), HMAC-signed webhooks, rate limiting, and regular security audits. In the event of a data breach, we will notify affected users and the ICO within 72 hours as required by law.

11. Passlite Scanner iOS App

The Passlite Scanner iPhone and iPad app (bundle ID io.passlite.validator) is a staff-facing tool used at the till to scan and redeem customer passes. Data handling for the iOS app:

  • Camera: Used solely to read QR / PDF417 barcodes printed on customer passes. Camera frames are processed on-device and never uploaded.
  • Face ID / Touch ID: Used to unlock the device’s pairing credential stored in the iOS Keychain. Biometric data never leaves the device — Apple’s Secure Enclave handles authentication.
  • Keychain storage: The device’s long-lived refresh token is stored in the iOS Keychain with kSecAttrAccessibleWhenUnlockedThisDeviceOnly + .userPresence. It is bound to the device, cannot be exfiltrated to iCloud, and requires Face ID / Touch ID to release.
  • Network: The app sends authenticated API requests only to api.passlite.io. No third-party servers, no advertising networks, no analytics SDKs.
  • No tracking, no third-party analytics: The app does not use Apple’s App Tracking Transparency framework because it does not track users across other apps or websites. There is no Crashlytics, Firebase Analytics, Mixpanel, or equivalent.
  • Push notifications (future): Currently disabled. If enabled in a future release, only operational notifications about pass scans will be sent. The device token is sent to Apple’s push servers; we do not share it with third parties.
  • Data sent to Passlite: Pass scan events (which serial was scanned, when, by which device) — the same data the existing web scanner sends. This data is governed by the rest of this policy as “Pass Data”.
  • Account deletion: The merchant can revoke any paired device from their Passlite dashboard at any time. Revocation invalidates the refresh token within 15 minutes.

For Apple App Privacy questionnaire purposes, this app is classified as “Data Not Collected” from end users — it is a staff tool, not a consumer app, and does not link any data to a personal identity beyond the device pairing.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. We encourage you to review this policy periodically.

13. Contact Us

For privacy-related enquiries:

Otherlink Ltd (trading as PassLite)
Email: privacy@passlite.io
ICO: ico.org.uk