PassKit Data Processing Addendum
This document governs how PassKit processes personal data on behalf of customers in accordance with applicable data protection laws.
Last Updated: May 1, 2025.
The PassKit Data Processing Addendum (“DPA”) forms part of the PassKit Subscription Service Agreement and applies where PassKit processes personal data on behalf of a customer in the course of providing the PassKit platform and related services.
This DPA is intended to ensure compliance with applicable data protection laws, including the EU General Data Protection Regulation (“GDPR”), UK GDPR, and similar data protection legislation.
1. Scope and purpose
The DPA governs PassKit’s processing of personal data submitted to or processed through the PassKit platform by or on behalf of customers (“Customer Data”) and sets out the rights and obligations of the parties with respect to such processing.
2. Roles of the parties
For the purposes of applicable data protection laws:
- the customer acts as the data controller (or equivalent); and
- PassKit acts as a data processor (or service provider) processing personal data on the customer’s behalf.
3. DPA document
The full Data Processing Addendum is provided as a PDF document and incorporates standard contractual clauses and other required provisions.
Download the PassKit Data Processing Addendum (PDF)
4. Relationship to other agreements
In the event of any conflict between the DPA and the Subscription Service Agreement, the terms of the DPA will prevail with respect to the processing of personal data.
5. Questions
If you have questions regarding the DPA or PassKit’s data processing practices, please contact privacy@passkit.com.