Privacy Policy
Last updated: 24 June 2026
This Privacy Policy explains how Proof of Stake SRL, a company registered in Romania (“WalletWallet”, “we”, “us”), handles personal data in connection with the WalletWallet API, website, and dashboard (the “Service”).
In plain English: To run the Service we collect your email and some usage and technical data, and we process the content you put into your passes on your behalf. We use a small set of trusted providers (listed below), we rely on Standard Contractual Clauses for international transfers, and we do not sell your data. You have rights over your data, set out in Section 10.
1. Who we are and our two roles
WalletWallet acts in two capacities:
- As a controller for the personal data of our customers and website visitors, for example, account email addresses, billing records, and analytics.
- As a processor for the personal data contained in the passes our customers create and in the End-User device data we handle to deliver those passes. In that case, our customer is the controller and is responsible for the lawfulness of that data; we process it on their behalf and on their instructions, under the data-processing terms in our Terms & Conditions (Section 8).
This Policy describes both roles, but primarily addresses the data for which we are the controller. Where we act as a processor, the business that issued the pass is the controller. If you are an End User who received a pass, please refer to that business’s privacy notice.
2. Personal data we collect
Account data (you provide):
- Email address (the only personal detail required to sign up).
- If you sign in with Google, your email and the identity token Google returns.
- Plan, trial status, and your payment provider customer identifier.
Usage data (we generate):
- API usage counts (per month and cumulative), timestamps, and the API operations you perform.
Technical data (collected automatically):
- IP address, device and browser information, and analytics events when you use our website and dashboard.
Pass content (you submit, we process as processor):
- The data you place in passes: barcode values, field labels and values, organisation and title text, locations, and images. This may contain personal data of your End Users (for example, a member name or ID). You decide what goes in; you must not include prohibited data, including special-category data, payment card numbers, or government ID numbers (see Section 5.1 of the Terms).
End-User device data (we process as processor):
- For Apple Wallet: a device library identifier and an Apple push token, used to send pass updates.
- For Google Wallet: the save/remove status of a pass.
- Apple Wallet error logs that devices send us (retained briefly).
Billing data: Your card details and billing address are collected and held by our payment provider, Polar, not by us. We store only your email and your Polar customer identifier.
3. How and why we use personal data, and our legal bases
| Purpose | Data | Legal basis (GDPR Art. 6) |
|---|---|---|
| Create and operate your account; authenticate you | email, API key | Contract (6(1)(b)) |
| Provide the Service: generate, host, update, revoke passes | pass content, device data, usage | Contract (6(1)(b)); processor for end-user data |
| Bill you and manage subscriptions | email, Polar customer ID | Contract (6(1)(b)); legal obligation (6(1)(c)) |
| Send service and verification emails | Contract (6(1)(b)) | |
| Secure the Service, prevent abuse, enforce limits | IP, usage, logs | Legitimate interests (6(1)(f)) |
| Understand and improve product usage (analytics) | email, usage events, technical data | Legitimate interests (6(1)(f)) |
| Comply with legal and tax obligations | account and billing records | Legal obligation (6(1)(c)) |
We do not sell personal data and do not use it for third-party advertising.
4. Cookies, local storage, and analytics
4.1 Essential storage. To keep you signed in, our dashboard stores a small amount of data in your browser (local and session storage). This storage is essential to the dashboard and is cleared when you log out.
4.2 Analytics: PostHog. We use PostHog (EU-hosted) to understand product usage. When you are signed in, PostHog associates analytics events with your email address and may set its own cookies or identifiers. We use this to improve the Service, on the basis of our legitimate interests.
4.3 Third-party content delivery. Our website loads fonts, icons, and scripts from third-party content delivery networks (including jsDelivr, unpkg, Cloudflare’s cdnjs, and Google Fonts). These providers necessarily receive your IP address when your browser requests those resources.
5. Recipients and service providers
We share personal data with the providers below. Their role differs by activity: some act as our processor (processing only on our instructions), while others act as independent controllers or recipients for their own part of the activity (for example, a payment provider or a wallet platform applies its own terms). The legal entity, location, and transfer mechanism for each are indicated below.
| Provider | Role | Location | Data | Transfer mechanism |
|---|---|---|---|---|
| Cloudflare, Inc. | Processor | US / global edge | All data described above (hosting, database, KV, object storage) | EU SCCs (Cloudflare DPA) |
| Apple Inc. | Independent controller / recipient | US | Device push token, pass identifiers | Apple terms (SCCs / EU-US DPF) |
| Google LLC (Wallet API & Sign-In) | Independent controller / recipient | US | Pass object data; sign-in email and token | Google terms (SCCs / EU-US DPF) |
| Polar (merchant of record) | Independent controller / merchant of record | US | Email, card and billing details | Provider terms (SCCs / DPF) |
| Loops | Processor | US | Email address (transactional and verification emails) | EU SCCs |
| PostHog | Processor | EU (EU-hosted) | Email (as identifier), usage and technical data | EU hosting; SCCs where applicable |
We may also disclose personal data where required by law, to protect our rights or safety, or in connection with a merger, acquisition, or sale of assets (with notice where required).
6. International transfers
The Service runs on Cloudflare’s global infrastructure and uses the providers listed above. As a result, personal data may be stored and processed in various locations, including outside the EEA. In particular, some data (such as pass content stored in Cloudflare’s key-value store) is processed on globally distributed infrastructure and is not restricted to the EU.
Where personal data is transferred outside the EEA, we rely on appropriate safeguards, principally the Standard Contractual Clauses. Cloudflare’s customer data processing agreement incorporates the EU Standard Contractual Clauses; our other providers offer equivalent mechanisms. We do not guarantee EU-only data residency.
7. Data retention
- Account data: kept while your account is active.
- Pass content and pass records: kept while your account is active. You can revoke a pass at any time, which voids it; note that, by Apple’s and Google’s design, a pass already installed on a device cannot be removed by us, and a voided pass and its stored content may remain accessible to that device.
- Account deletion / erasure: on your request we delete your account and associated personal data within 30 days, subject to legal retention obligations and to the device constraint above.
- Apple Wallet error logs: retained for up to 7 days.
- Verification codes and rate-limit data: expire automatically within minutes.
- Billing records: retained as required by applicable tax and accounting law.
8. Security
We use technical and organisational measures appropriate to the risk, including encryption in transit, scoped API keys, access controls, and a managed cloud platform. No method of transmission or storage is completely secure, but we work to protect personal data against unauthorised access, loss, or misuse.
9. Children
The Service is intended for businesses and developers and is not directed to children. We do not knowingly collect personal data from children.
10. Your rights
If you are in the EEA or UK, you have the right to access, rectify, erase, restrict, or object to the processing of your personal data, the right to data portability, and the right to withdraw consent where processing is based on consent. To exercise these rights, contact us at [email protected].
If our processing concerns pass content or End-User data for which one of our customers is the controller, we will refer your request to that customer or assist them in responding.
You also have the right to lodge a complaint with a supervisory authority. In Romania, the National Supervisory Authority for Personal Data Processing (ANSPDCP), or your local authority.
11. Changes to this Policy
We may update this Policy from time to time. We will post the updated version with a new “Last updated” date and, for material changes, provide reasonable notice.
12. Controller identity and contact
The data controller is:
Proof of Stake SRL Romanian Trade Registry No.: J35/638/2018 Sole registration code / VAT: RO38943299 Email: [email protected]
This identity block is also published in our Terms & Conditions and kept permanently accessible on the website.