Privacy Policy
PassIntel Inc.· Last updated: June 4, 2026
1. Who We Are
PassIntel Inc. ("PassIntel," "we," "us") is a corporation incorporated under the Canada Business Corporations Act, with operations based in Ontario, Canada. We operate the website at passintel.co (the "Site") and the PassIntel airspace and satellite intelligence platform (the "Platform").
This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit the Site, use the Platform, or interact with us. For details on how we handle aircraft and flight data specifically, see our Data Protection page. For cookies, see our Cookies Policy.
If you have questions, contact our Privacy Officer at privacy@passintel.co.
2. What We Collect
Information you give us. When you submit a contact or demo request form, we collect your name, work email address, company name, and any message you include. If you correspond with us by email, we retain that correspondence.
Account information. When you create a Platform account, we collect your email address, organization name, and authentication credentials. Passwords are hashed and never stored in plain text.
Payment information. When paid subscriptions launch, payments will be processed by a third-party payment processor (Stripe). PassIntel does not store full payment card numbers. We receive only transaction confirmations, billing contact details, and the last four digits of the card.
Information collected automatically. Our hosting infrastructure logs standard technical data: IP address, browser type, pages visited, referring URL, and timestamps. We use Plausible Analytics, a privacy-focused, cookieless analytics service that collects aggregate usage statistics without using cookies or tracking individuals across sites. See the Cookies Policy for detail.
What we do not collect. We do not collect government identifiers, biometric data, or precise device geolocation. The aircraft and satellite data displayed on the Platform relates to aircraft and infrastructure, not to Site visitors. Where aircraft registration data could relate to an identifiable individual, our handling is described in the Data Protection page.
3. Why We Collect It
We use personal information to:
- Respond to contact and demo requests
- Create and administer Platform accounts
- Provide, maintain, and improve the Site and Platform
- Process payments and manage subscriptions (when applicable)
- Send service communications such as account notices, security alerts, and detection or satellite pass notifications you have configured
- Send marketing communications where you have opted in, with an unsubscribe option in every message
- Protect the security and integrity of our systems
- Comply with legal obligations
Under PIPEDA, we collect, use, and disclose personal information only for purposes a reasonable person would consider appropriate in the circumstances, and we obtain consent for collection except where the law permits otherwise.
Legal bases for EU/EEA visitors (GDPR). Where the GDPR applies, we rely on: performance of a contract (providing the Platform to account holders), legitimate interests (responding to inquiries, securing our systems, B2B marketing to business contacts), consent (where required, such as non-essential cookies), and legal obligation.
4. Who We Share It With
We do not sell personal information. We do not share personal information with third parties for their own marketing.
We share personal information only with service providers who process it on our behalf under contractual confidentiality and security obligations:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database hosting and authentication | United States (us-east-2, Ohio) |
| Vercel | Site and application hosting | United States (global edge network, US East compute) |
| Plausible Analytics | Cookieless site analytics (aggregate only) | European Union |
| Google Workspace (Gmail) | Email correspondence | United States and global |
| Stripe | Payment processing (when subscriptions launch) | United States |
We may also disclose personal information if required by law, court order, or lawful request by Canadian or other governmental authorities, or to protect our rights, users, or the public.
If PassIntel is involved in a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction, subject to this policy.
5. Cross-Border Transfers
PassIntel operates from Canada. Our service providers may store or process personal information in the United States or other jurisdictions. When personal information is outside Canada, it is subject to the laws of that jurisdiction, including lawful access by courts and authorities there. We use contractual safeguards with our providers and, for transfers of EU/EEA personal data, rely on appropriate mechanisms such as Standard Contractual Clauses or adequacy decisions where applicable.
6. How Long We Keep It
We retain personal information only as long as needed for the purposes described above or as required by law:
- Contact and demo form submissions: 24 months from last interaction, then deleted
- Account information: for the life of the account, then deleted or anonymized within 90 days of account closure, except records we must retain for legal, tax, or audit purposes
- Server logs: 12 months
- Payment records: 7 years, consistent with Canadian tax record-keeping requirements
7. How We Protect It
We use administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including encryption in transit, access controls with row-level security on Platform data, hashed credentials, and least-privilege access for personnel. No system is perfectly secure. If a breach of security safeguards creates a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required by PIPEDA, and other regulators where required.
8. Your Rights
All users. You may request access to the personal information we hold about you, ask us to correct it, withdraw consent (subject to legal or contractual restrictions), and ask questions or make complaints about our practices. Contact privacy@passintel.co. We respond to access requests within the timelines required by applicable law.
EU/EEA and UK visitors. Where the GDPR or UK GDPR applies, you also have the rights to erasure, restriction of processing, data portability, and objection to processing based on legitimate interests, and the right to lodge a complaint with your supervisory authority.
California residents. Where the CCPA/CPRA applies, you have the right to know what personal information we collect, request deletion, request correction, and not be discriminated against for exercising these rights. We do not sell or share personal information as those terms are defined in the CCPA.
Complaints in Canada. You may direct unresolved concerns to the Office of the Privacy Commissioner of Canada (priv.gc.ca).
9. Marketing Communications
We send marketing email only in compliance with Canada's Anti-Spam Legislation (CASL) and equivalent laws. Every marketing message includes our identification and a working unsubscribe mechanism. Unsubscribe requests are honored within 10 business days.
10. Children
The Site and Platform are business tools intended for users 18 and older. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this policy from time to time. We will post the revised version with an updated date, and for material changes affecting Platform users, we will provide notice by email or in-product message.
12. Contact
PassIntel Inc.
Attn: Privacy Officer
90 Edgewood Ave, Unit 136
Toronto, ON M4L 3H1, Canada
privacy@passintel.co