Home Privacy Policy Terms of Service

Privacy Policy

Last updated: April 2026

Digital Passport ("the Service", "we", "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.

1. What We Collect

1.1 Account Data

Data	Purpose	Retention
Email address	Authentication, billing notifications, account recovery	Until account deletion
Password (hashed)	Authentication	Until account deletion
Company name	Display in admin, Stripe billing	Until account deletion
MFA secret (encrypted)	Two-factor authentication	Until MFA disabled or account deletion
Backup codes (hashed)	MFA account recovery	Until used or account deletion

1.2 PIM Connection Data

Data	Purpose	Retention
Akeneo PIM URL	API connection	Until account deletion
OAuth client ID	API authentication	Until account deletion
Client secret, username, password (encrypted)	API authentication	Encrypted at rest; deleted on account deletion
Access/refresh tokens (encrypted)	Active API sessions	Rotated automatically; deleted on disconnect

1.3 Product Data (Cached)

Product attribute values fetched from your PIM are temporarily cached in Redis for performance. Cached data expires based on your configured TTL (default: 1 hour). We do not permanently store your product data.

1.4 Passport Configuration Data

Your Passport configurations (selected attributes, branding, channel, locale, compliance mappings) are stored in our database to generate Passport pages.

1.5 Billing Data

Payment processing is handled by Stripe. We store your Stripe customer ID and subscription ID but never store credit card numbers, bank details, or payment method information. See Stripe's Privacy Policy.

1.6 Audit & Security Logs

We record an audit trail of actions (configuration changes, logins, subscription changes) including timestamps and IP addresses. This is for your security and regulatory compliance. Audit logs are deleted when you delete your account.

1.7 What We Do NOT Collect

We do not collect personal data from consumers who scan QR codes or view Passport pages.
Public Passport pages contain no cookies, tracking scripts, analytics, or third-party embeds.
We do not use your data for advertising, profiling, or any purpose other than providing the Service.

2. How We Store Data

Encryption at rest: API credentials, OAuth tokens, and MFA secrets are encrypted using AES-256 (Defuse PHP Encryption).
Password hashing: Account passwords are hashed with bcrypt. We never store plain-text passwords.
Database: PostgreSQL hosted on our infrastructure.
Cache: Redis with automatic TTL expiration.
Transport: All connections use HTTPS/TLS encryption in transit. HSTS is enforced.
Sessions: Stored in Redis with signed tokens (HMAC-SHA256). Sessions expire after 30 days of inactivity.

3. How We Use Data

Your data is used exclusively to:

Authenticate you and secure your account (including MFA).
Fetch product data from your Akeneo PIM to render Digital Product Passports.
Generate QR codes linking to Passport pages.
Display your branding (colours, logo) on Passport pages.
Process subscription payments via Stripe.
Send transactional emails (verification, password reset, billing notifications).
Maintain an audit trail for your security and compliance.

4. Third-Party Services

Service	Purpose	Data shared
Akeneo PIM	Product data source	We read your product data via API using credentials you provide
Stripe	Payment processing	Email, company name, subscription metadata
Sentry	Error monitoring	Error context (URL, HTTP status). Never product data or credentials
Resend	Transactional email	Email address, email content
Cloudflare	CDN, DDoS protection	IP addresses, HTTP headers (standard CDN operation)

We do not share your data with any other third parties.

5. Data Retention & Deletion

5.1 While Active

Account data, configurations, and audit logs are retained as long as your account exists.
Cached product data expires automatically based on your configured TTL.

5.2 On Account Deletion

When you delete your account (Settings > Danger Zone > Delete Account):

All data is permanently and irreversibly deleted - account details, Passport configurations, audit logs, encrypted credentials, MFA secrets, backup codes, and Stripe customer records.
Public Passport links and QR codes immediately return 404 errors.
This is a hard delete. We do not retain any data after deletion.

5.3 On Subscription Cancellation

When you cancel your subscription, your account reverts to the free plan. Your data is retained but features beyond the free plan are disabled. Excess Passport configurations are deactivated (not deleted).

6. Security

All sensitive data encrypted at rest (AES-256).
All traffic encrypted in transit (TLS 1.3, HSTS enforced).
Two-factor authentication (TOTP) available for all accounts.
Rate limiting on authentication endpoints (5 attempts/minute).
Spam and bot protection on all forms.
CSRF protection on all state-changing operations.
Webhook signature verification for Stripe and Akeneo events.
Immutable audit logging of all security-relevant events.

7. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

Access your data - your full configuration and audit history is visible in your admin dashboard.
Rectify your data - you can update your email, company name, and credentials in Settings.
Delete your data - you can permanently delete your account from Settings at any time.
Portability - your Passport configurations and audit logs are accessible via the admin interface.
Withdraw consent - by deleting your account or disconnecting the app from your PIM.
Lodge a complaint with a supervisory authority (e.g. the UK ICO).

8. Cookies

The admin interface uses a single session cookie for authentication. We do not use advertising cookies, analytics cookies, or third-party tracking cookies. Public Passport pages use no cookies at all.

9. Children

The Service is not directed at individuals under 18. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be notified by email at least 30 days before they take effect. The "last updated" date at the top of this page reflects the latest revision.

11. Contact

For privacy-related questions: [email protected]

For general enquiries: [email protected]

Digital Passport · Privacy Policy · Terms of Service