Data Protection
PassIntel Inc.· Last updated: June 4, 2026
PassIntel processes two very different kinds of data: intelligence data about aircraft and satellites, and the operational data our customers entrust to us. This page explains how we handle both. For personal information about Site visitors and account holders, see our Privacy Policy.
1. Where Our Intelligence Data Comes From
PassIntel does not operate surveillance equipment of its own. The Platform is built on data that is broadcast, published, or publicly registered:
Aircraft transponder data. Aircraft broadcast their position, identity, and altitude via ADS-B, a standard mandated for most powered aircraft in controlled airspace. We license this data from established commercial data providers. We do not intercept private communications and we do not track individuals.
Aircraft registry data. Aircraft registration records, including registered owner and operator information, are published by civil aviation authorities such as the FAA. We use these public records to classify aircraft by operator type and mission profile.
Satellite orbital data. Satellite positions are predicted from published orbital elements using standard orbital mechanics models, refreshed every 6 hours. These are calculations from public data, not live telemetry.
Weather data. Cloud cover and atmospheric conditions come from public meteorological services and are used to estimate imaging probability for satellite passes.
2. Aircraft Data and Personal Information
Most aircraft data relates to companies and equipment, not people. But we recognize an edge case: where an aircraft is registered to an identifiable individual, registration and movement data linked to that tail number may constitute personal information under laws such as PIPEDA and the GDPR.
Our approach:
- The Platform is designed for monitoring activity around industrial infrastructure, not for following people. Detections are anchored to our customers' asset locations and corridors, not to individuals.
- Our Terms & Conditions prohibit using the Platform to stalk, harass, or track any individual, and we enforce that prohibition.
- We display aircraft identity information as it appears in public registries and do not enrich it with personal data from other sources.
- Individuals who believe data about them is displayed inaccurately may contact privacy@passintel.co, and we will review the request under applicable law, including correction at the registry source where appropriate.
3. Customer Data Protection
Operators and service providers share sensitive information with PassIntel: asset locations, pipeline corridors, fleet details, and compliance activity. We treat this as confidential business data.
- Isolation. Platform data is segregated with row-level security so each organization sees only its own assets, detections, and reports.
- Encryption. Data is encrypted in transit. Credentials are hashed, never stored in plain text.
- Access. Internal access follows least-privilege principles and is reviewed quarterly.
- Report integrity. Compliance reports carry SHA-256 integrity verification and QR-coded verification, so any recipient can confirm a report has not been altered since generation.
- No data resale. We do not sell customer data, and we do not share one customer's asset or activity data with another. Aggregated, de-identified statistics may be used to improve the Platform, as described in our Terms.
4. Data Quality and Honest Limits
We believe defensible intelligence requires honesty about limits:
- Detection coverage depends on transponder broadcasts and receiver coverage. Aircraft that do not broadcast will not appear.
- Satellite pass predictions run on a 7-day window by design. We predict what we can stand behind: near-term passes carry high confidence, and precision tightens as the window closes.
- Severity scores and classifications are model outputs that support human judgment. They are not regulatory findings.
5. Retention
- Intelligence data (detections, tracks, satellite passes): retained indefinitely as part of the Platform's historical record. The historical record is part of the product: trend analysis and long-term compliance documentation depend on it.
- Customer Data: retained for the life of the subscription, exportable for 30 days after termination, then deleted except where law requires retention.
- Personal information: retention periods are set out in the Privacy Policy.
6. Breach Response
If a breach of security safeguards creates a real risk of significant harm to individuals, we will notify affected parties and the Office of the Privacy Commissioner of Canada as required by PIPEDA, and other regulators where applicable law requires. Affected customers are notified without undue delay.
7. Questions
PassIntel Inc.
Attn: Privacy Officer
privacy@passintel.co
Related: Privacy Policy | Cookies Policy | Terms & Conditions