Please visit here for the PassKit Data Processing Agreement.

It's very important you understanding how PassKit processes and stores your data. By accepting PassKit terms and conditions you indicate you have read, have understood and accept the PassKit Data Processing Agreement.

The information is just a very short summary.

PassKit is fully GDPR compliant as a data processor. PassKit only stores the information that you provide to us, and on that front we strongly recommend that you only provide data to us that you want to display in the pass. There is no need to provide us with customer information / data that is not used anywhere in the passes.

In terms of data transit and storage; all data is protected at rest and in transit. TLS encryption is required and enabled by default for data being transmitted to and from the PassKit Service (data in transit). Data at rest is encrypted using AES256 encryption. All PII data is encrypted with an individual salt. Only your authorised personnel (i.e. your people with the PassKit username and password or API credentials) can access this data via the PassKit platform.

We have two production clusters, both hosted with Google Cloud Engine:

  • Europe: europe-west-4 (located in Eemshaven, Netherlands)

  • US: us-central-1 (located in Council Bluffs, Iowa, North America)

By default, accounts created with are put on the Europe cluster. If you'd like for your account to be set up on the US cluster, please let us know and we can turn this around for you within 2 working days. We'd require the following information:

  • Your preferred username: (we can only confirm this after checking it’s available

  • Your initial password: (we will set this but you’ll be able to change when you log in)

  • Your company name:

  • Your email address:

VERY IMPORTANT NOTE: It is not possible to transfer accounts and data between regions at a later stage as they are completely separate. Doing so will require you to create a new account and migrate your projects across.

Did this answer your question?