Acceptable Use Policy


Last Updated: April 12, 2024.

All access to and use of the PassKit Service is subject to this Acceptable Use Policy (“AUP”). This AUP is incorporated by reference into, and governed by the Terms of Subscription Service or other similar written agreement between you (“Customer”) and PassKit, Inc. (the “Agreement”). Capitalized terms used herein but not defined have the meanings stated in the Agreement.


PassKit may modify this AUP prospectively at any time by posting the revised version on the PassKit website at: Customer's continued use of the Service will be considered acceptance of any such modification. All modifications to this AUP will be effective immediately upon posting, unless otherwise noted by PassKit.

Customer agrees not to, and will not allow Account Users to, access and use the Service:

  • to violate, or encourage the violation of, the legal rights of others or Applicable Law, including without limitation, laws, regulations, policies and directives relating to intellectual property, privacy, security, electronic communications, advertising, terrorism, corruption, child protection and import/export laws;
  • to engage in, promote or encourage illegal or fraudulent activity;
  • for any unlawful, invasive, infringing, defamatory or fraudulent purpose;
  • to transmit any material that contains viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature;
  • in any way that unreasonably interferes with or adversely affects (a) the Service or infrastructure used for the Service, (b) other PassKit customers, or (c) third party applications, devices systems or networks that link to or interoperate with the Service;
  • to disable, interfere with or circumvent any aspect of the Service;
  • to access or use the Service for purposes of load-testing, performance measurement or other similar activities;
  • to engage in activities, or upload, process, submit, transmit, display, distribute or store any information, that: (a) may be considered libelous, slanderous, defamatory, threatening, sexually explicit, profane, obscene, pornographic, offensive, abusive, malicious or otherwise harmful to any person or entity, constitutes or promotes “hate speech” or is otherwise discriminatory based on race, sex, creed, religion, nationality, disability, sexual orientation, gender identity, language or age, or (b) is fraudulent, deceptive, inaccurate or misleading;
  • to engage in any unsolicited advertising, marketing or other activities prohibited by Applicable Law covering anti-spam, data protection or privacy legislation in any applicable jurisdiction;
  • to access illegally, or without authorization, computers, accounts or networks belonging to PassKit or a third party, or attempt to penetrate security measures (often known as “hacking”), or to engage in any activity that is used as a precursor to an attempted system penetration (i.e. port scan, stealth scan, or other information gathering activity).

Customer agrees to, and will ensure Account Users will, follow these requirements when sending Notifications using the Service:

  • Use only permission-based lists and send Notifications to end-users only on a lawful basis;
  • If legally required based on the type of Notification, include “unsubscribe” or “opt-out” mechanisms in each Notification that allows the recipient to opt out from receiving further Notifications;
  • Maintain, publish and comply with a privacy policy that meets all applicable legal requirements, whether or not Customer's organization controls the sending of the Notifications;
  • If legally required based on the type of Notification, include a link to Customer's then-current privacy policy either in the Notification or on the Pass;
  • Do not send Notifications that result in an unacceptable number of spam or similar complaints (even if the Notifications themselves are not actually spam);
  • Do not use the Service to generate, send, distribute, publish or facilitate spam, junk-messages or unsolicited messages, promotions or advertisings.

PassKit does not monitor the communications of its customers to ensure that they comply with this AUP, Messaging Compliance Rules or Applicable Law. PassKit has no responsibility for any information created, uploaded, stored, maintained, transmitted or accessible on or through the Service or infrastructure used for the Service, and is not obligated to monitor or exercise any editorial control over such information. In the event that PassKit becomes aware that any such information or use of the Service may violate this AUP, Messaging Compliance Rules, Applicable Law and/or expose PassKit to civil or criminal liability, PassKit reserves the right to investigate such information or use, block access to such information, and/or suspend or terminate any Service without liability. PassKit further reserves the right to cooperate with legal authorities and third parties in investigating any alleged violations of this AUP or Applicable Law, including disclosing the identity of any Customer that PassKit believes is responsible for such violation. PassKit also reserves the right to implement technical mechanisms, including, without limitation, null-routing any IP address/subnet that is under a DoS or DDoS attack that is deemed disruptive to the Service, to prevent AUP violations.

Prohibited products and services

You must comply with the PassKit policies on prohibited products and services. These restrictions apply regardless of whether the prohibited products or services form Your entire inventory or only a part of it. A non-exhaustive list of prohibited products and services includes the following:

  • Adult products and services
  • PassKit does not allow the use of the PassKit service for pornography and other sexually explicit material. This includes but is not limited to: prostitution, escort or companionship services, or any product or service which promotes underage, non-consensual, or other illegal sexual themes.

  • Child endangerment
  • PassKit does not allow the use of the PassKit services for any transactions related to products, services or content that sexualizes minors or appeals to children but contains adult themes. If we become aware of any transactions related to child sexual abuse imagery, PassKit will report such transactions to the appropriate authorities.

  • Counterfeit, illegal, or stolen products and services
  • PassKit does not allow the use of the PassKit service for transactions of illegal products or services, products produced in violation of a third party's rights, or counterfeit goods. Counterfeit goods contain a trademark or logo that is identical to or substantially indistinguishable from the trademark or logo of another. They mimic the brand features of the product in an attempt to pass themselves off as a genuine product of the brand owner.

    PassKit does not allow for the illegal sale of products and services using passes (e.g., fake currency, tickets, smuggled goods, and goods in violation of export, import or labeling restrictions). Businesses are solely and completely responsible for verifying that all items sold by the business are authentic and legal in all applicable jurisdictions

  • Copyrighted material
  • PassKit does not allow the use of the PassKit service to be used for the sale of unauthorized copyrighted material. Examples include: copies of books, music, movies, and other licensed or protected materials, including copies without proper attribution, and unauthorized copies of software, video games and other licensed or protected materials, including OEM or bundled software.

    Businesses are solely and completely responsible for ensuring that they have any and all appropriate licenses or authorizations for the sale of copyrighted material.

  • Dangerous / violent goods
  • PassKit does not allow the use of the PassKit service for any transactions for the sale or purchase of products that may cause damage, harm, or injury (e.g., guns and other weapons, explosives, ammunition).

  • Enabling dishonest behavior
  • PassKit does not allow the use of the PassKit service to be used to sell products or services that are fraudulent, deceptive or designed to enable dishonest behavior. A non-exhaustive list of examples include:

    • Academic paper-writing and test-taking services;
    • Devices or techniques for unlocking technical protection measures;
    • Hacking and cracking materials;
    • Devices for circumventing traffic rules.

  • Financial Services
  • PassKit does not allow the use of the PassKit service to be used for the provision of any financial products or services, unless the partner holds a relevant license from or is otherwise supervised by a competent national authority such as a financial sector regulatory agency or central bank.

    In addition, PassKit also prohibit the provision of the following products or services:

    • Cryptocurrency-related products and services (including ICO/IEO pre-sales, storage wallets or trading information), with the exception of the purchase or selling of cryptocurrencies with fiat monies through regulated entities;
    • Binary options or synonymous complex speculative financial products (e.g., contracts for difference, financial spread betting, rolling spot foreign exchange, and related forms of speculative products);
    • Provision of training or signals for the trading of cryptocurrencies or complex speculative financial products, e.g., trading signals, tips, speculative trading information, affiliate sites containing related content or broker reviews;
    • Personal loans which require repayment in full in 60 days or less from the date the loan is issued;
    • Multi-level marketing or “get-rich-quick” schemes and businesses;
    • Transactions where a second payment transaction is conducted in order to complete the first transaction or where there is a substitute merchant of record in a transaction;
    • Credit repair services;
    • Debt collection agencies.

  • Gambling
  • PassKit does not allow the use of the PassKit service to be used for any gambling services which are aimed or address to underage individuals or to individuals that are forbidden from gambling according to local laws.

    PassKit only allows the use of the PassKit service to be used for gambling in certain limited geographies and for restricted integration types.

    Categories of non-monetary gambling-related passes which are allowed to use the PassKit service include:

    • Passes that allow to users to prove their identity or membership to enter gambling-related organizations;
    • Passes that allow users to check loyalty points / account balance for gambling-related organizations and use such balance for non-gambling purposes (e.g. redemption of points for hotel room stays);
    • Passes that allow users to check a certain result of a state or government-sponsored lottery, without any additional functionality to conduct gambling-related transactions;
    • Passes that allow promotions and offers for gambling-related transactions at another website or facility which are not subsidized or sponsored by Google, Apple or PassKit;

    Other gambling-related activities that propose to use the PassKit service, including any form of monetary-related transactions, may be subject to additional approval processes during onboarding.

  • Fund Solicitation
  • PassKit does not allow the use of the PassKit service to be used for transactions or solicitation of donations to charities or organizations that are conducting unlawful or illegitimate fundraising activities.

  • Healthcare
  • PassKit does not allow the use of the PassKit service to be used for the provision of healthcare content and services, unless you hold a relevant license from or are otherwise supervised by a competent national authority, or the content and services are provided through individuals or organizations with such certifications.

    In addition, PassKit also prohibit the provision of the following products or services:

    • Illegal or unapproved drugs, substances. pharmaceuticals or supplements. An indicative and non-exhaustive list of such products can be found here;
    • Drug paraphernalia;
    • Miracle cure products;
    • HIV home tests;
    • Secret paternity tests;
    • Abortion-related products and services;
    • Speculative and/or experimental medical treatments, e.g., stem cell therapy, cellular (non-stem) therapy, gene therapy and similar forms of regenerative medicine, platelet rich plasma, biohacking, do-it-yourself (DIY) genetic engineering products, and gene therapy kits.

  • Hateful Content
  • PassKit does not allow the use of the PassKit service to be used for any transactions of products and services that promote violence, or incite hatred against individuals or groups based on race or ethnic origin, religion, disability, age, nationality, veteran status, sexual orientation, gender, gender identity, or any other characteristic that is associated with systemic discrimination or marginalization.

  • Tobacco
  • PassKit does not allow the use of the PassKit service for the transaction or sale of cigars, cigarettes, e-cigarettes, and other tobacco products. Vaping or e-liquid products for use in smoking devices are also prohibited, regardless of whether they contain nicotine or not.

  • Terrorist Organizations
  • PassKit does not allow the use of the PassKit service to be used for any transactions or provision of products and services by terrorist organisations, or to include any content related to terrorism, such as content that promotes terrorist acts, incites violence, or celebrates terrorist attacks.

    You also may not use the PassKit service in any way that falsely suggests your use of the PassKit service is endorsed or associated with PassKit, or that is likely to damage or reduce PassKit's goodwill or reputation.

  • Sensitive Data
  • PassKit does not allow the use of the PassKit service to be used for processing sensitive data without explicit permission from PassKit. Sensitive data covers the following categories:

    • Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership;
    • Genetic or Biometric data for the purpose of identifying a natural person;
    • Data concerning health or data concerning a natural person's sex life or secual orientation;
    • Data subject to legal regulation in the Company's country of origin (e.g. the Health Insurance Portability and Accountability Act in the United States);
    • Other forms of Sensitive Personally Identifiable Information (SPII). SPII information is information which if lost, compromised, or disclosed with authorization, could result in substantioal harm, embrassment, inconvenience, or unfairness to an individual. Examples of such information include government identification numbers, driver's licenses and passport numbers.

    Passes which process sensitive data may be subject to additional privacy controls during onboarding.


    Any complaints about a customer's violation of this AUP should be sent to