Passeroo
Passeroo™ Wallet Pass Platform
Legal

Privacy Policy

Passeroo Pty Ltd ("Passeroo", "we", "us", or "our") is committed to protecting personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose and protect personal information when you use our website or platform.

Effective Date: 1 March 2026
Last Updated: 1 March 2026
Entity: Passeroo Pty Ltd
ABN:
Contact: hello@passeroo.com.au

1. Information We Collect

  • Account Information: name, email address, organisation name, login credentials, and authentication metadata.
  • Platform Usage Information: pass templates and designs, issuance and redemption activity, analytics and engagement data, and API usage logs.
  • Customer Data Provided by Our Users: our customers may upload data relating to their own customers such as names, email addresses, phone numbers, membership numbers, loyalty balances, and ticket identifiers. Passeroo processes this data on behalf of our customers as a data processor, in accordance with their instructions.
  • Device and Technical Data: IP address, browser type, device information, operating system, and log and diagnostic data.
  • Billing Information: payment details are processed by our payment provider. Passeroo does not store full card numbers.

2. How We Collect Information

We collect information when you create an account or use the Services, when you contact us for support, when a business issues a wallet pass to you using our platform, and through cookies and analytics tools on our website.

3. How We Use Information

We use personal information to operate and provide the Services, manage accounts and subscriptions, issue and update wallet passes, send transactional notifications and marketing communications where consent exists, provide customer support, improve and develop the platform, monitor platform security and investigate incidents, and comply with legal obligations.

4. Pass Recipients

If you receive a wallet pass issued by a business using Passeroo, the information associated with that pass is controlled by that business. Passeroo processes this data on their behalf as a data processor to deliver the pass and related updates. Questions about how your data is used in connection with a specific pass should be directed to the issuing organisation.

5. Data Controller and Data Processor Roles

Passeroo operates as a service provider and data processor for businesses that use the platform to issue and manage wallet passes. In those circumstances:

  • The business issuing the pass is the data controller and determines the purposes for which personal information is processed.
  • Passeroo processes personal information only on the instructions of the business customer in order to provide the Services.
  • Pass recipients should contact the issuing business for questions relating to how their personal information is used for marketing, loyalty programs, or membership services.

6. Communications

Passeroo may send account notifications, service announcements, security alerts, and marketing communications where you have consented. You can opt out of marketing communications at any time by following the unsubscribe instructions in the communication or by contacting us.

Businesses using Passeroo are responsible for ensuring their marketing communications comply with applicable laws including the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth), and for maintaining valid consent records for their own customers.

7. Cookies and Analytics

Our website uses cookies and analytics tools. Cookies fall into the following categories:

  • Essential cookies: required for the platform to function correctly, including authentication and session management.
  • Analytics cookies: used to understand how the website and platform are used so we can improve them.
  • Marketing cookies: used to measure the effectiveness of our marketing campaigns where applicable.

You can control non-essential cookies through your browser settings or our cookie consent banner. Disabling essential cookies may affect platform functionality.

8. Third-Party Service Providers and Wallet Platforms

Passeroo relies on trusted service providers to operate the platform. These may include cloud infrastructure providers (AWS, Sydney region), authentication providers, email and SMS delivery providers, payment processors, and analytics tools. These providers process information on our behalf and are subject to appropriate data processing obligations.

Where a pass is installed in Apple Wallet or Google Wallet, certain information relating to the pass may be processed by those wallet platforms in accordance with their own privacy policies. Passeroo does not control how Apple or Google process information within their wallet platforms. You should review the privacy policies of Apple Inc. and Google LLC to understand how they handle wallet-related data.

Passeroo does not sell, rent or otherwise disclose personal information to any third party for their own purposes. Pass holder data processed on behalf of our customers is shared with third parties only to the extent necessary to issue or update passes on behalf of those customers.

9. Data Storage and Security

Personal information is stored on infrastructure operated by Amazon Web Services in the Sydney region (ap-southeast-2). We use reasonable technical and organisational safeguards including encryption in transit, secure infrastructure, access controls, and tenant isolation within the platform.

No internet transmission can be guaranteed to be completely secure. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme.

10. International Data Transfers

Our primary infrastructure is located in Australia (AWS Sydney). Some third-party service providers may process data in other jurisdictions. Where personal information is transferred outside Australia, we take reasonable steps to ensure that the recipient handles information in a manner consistent with the Australian Privacy Principles, including through contractual safeguards with service providers.

We do not currently offer EU data residency. Enterprise customers with specific data residency requirements should contact us to discuss options.

11. Data Retention

We retain personal information for as long as necessary to operate the Services and for the following minimum periods:

  • Account and platform data: retained while your account is active and for 30 days following cancellation, after which it may be permanently deleted.
  • Pass recipient data: retained while passes are active and deleted or anonymised within 30 days of pass expiry or account deletion.
  • Billing records: retained for 7 years in accordance with ATO requirements.
  • Security and audit logs: retained for 12 months.

Information may be retained longer where required by law or to resolve disputes.

12. Access and Correction

You have the right to request access to personal information we hold about you and to request corrections where information is inaccurate, out of date, incomplete, irrelevant or misleading. Requests may require identity verification. To make a request, contact us at hello@passeroo.com.au.

13. Complaints

If you believe we have mishandled personal information, please contact us and we will investigate the complaint and respond within a reasonable timeframe. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Updated versions will be published on our website with a revised effective date. For material changes, we will provide reasonable notice.

15. Contact

Passeroo Pty Ltd

Email: hello@passeroo.com.au

Website: Passeroo: Apple and Google Wallet Pass Platform

Office of the Australian Information Commissioner: OAIC | 1300 363 992

General privacy enquiries, requests, or complaints can also be sent to privacy@passeroo.com.au.