🏴󠁧󠁢󠁥󠁮󠁧󠁿 ENdown arrow
Passify Logo
🏴󠁧󠁢󠁥󠁮󠁧󠁿 ENdown arrow
hamburger

Data protection information

passify-App / passify-Web applications – Version 1.0.4 from 08.05.2026

Table of contents

    Introduction

  1. Contact Information, Data Protection Officer

  2. Categories of personal data

  3. Legal basis and purposes of data processing at passify

    • 3.1. Downloading, installing and general use of the passify app
    • 3.2. Setting up a passify account
    • 3.3. Identity verification during registration
    • 3.4. Non-biometric identity verification
    • 3.5. Biometric identity verification
    • 3.6. Gate Access / Check-in
    • 3.7. Slotbooking
    • 3.8. (Temporary) suspension of user accounts
    • 3.9. Payment processing
    • 3.10. passify Trucking Company Portal
    • 3.11. Technical Data
    • 3.12. Support Chat

  4. Required permissions

  5. Categories of Recipients

  6. Duration of storage

  7. Information about your rights

Introduction

Passify GmbH, St. Annenufer 2, 20457 Hamburg, ensures compliance with legal standards and internal company policies in connection with the passify app (hereinafter "passify," "we," "us"). Accordingly, we hereby wish to inform you, in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR), about the collection, processing, and use of personal data in connection with the use of our application (passify app). We process personal data only in accordance with applicable legal and data protection requirements, which arise in particular from the GDPR and the Federal Data Protection Act (BDSG).

Passify has set itself the goal—combined into a single solution—of simplifying your daily work routine while simultaneously enhancing the security of our contractual partners (operators of logistics sites). In doing so, we prioritize an efficient user experience as well as the protection of your data, as this is of utmost importance to us.

Passify has implemented comprehensive data security measures to protect your data. Compliance with applicable data protection mechanisms is a self-evident fact for us.

We process, store, and share with our partners only the information and data necessary for the provision of our services.

This notice applies to the processing of personal data in the Passify app.

1. Contact Information, Data Protection Officer

The entity responsible for processing your data in the passify app is passify GmbH, St. Annenufer 2, 20457 Hamburg. If you have any questions regarding data protection, you can also contact us at any time at the following email address: datenschutz@passifyapp.de.

Our Data Protection Officer can be reached through Hamburger Hafen und Logistik AG or via the email address listed above.

2. Categories of personal data

We may process the following categories of personal data in connection with our services:

  • Master data:

    First name, last name, date of birth, self-created password and password changes, as well as PIN and PIN changes (not visible to passify), identification number/user ID (hereinafter referred to as "Trucker ID"), database ID, user lock flags (not visible to passify), IDs of Secure Release Order providers

  • Communication data:

    Email address, phone number, communication content (in particular from emails/contact forms, including support requests submitted via the app)

  • Identification data (for verification with external service providers):

    ID card or passport data (last name, first name, date of birth, ID number, type of ID document, issuing authority, validity period of the ID document), a selfie/video taken with the camera of your smartphone/tablet, and a photo of your ID document for identification via the identification service provider.

  • Authentication key (for biometric authentication in the app):

    An encrypted, non-reversible mathematical representation derived from biometric features (image of a face)

  • Other data for additional processes:

    Fuel card number (e.g., for slot bookings at certain gas stations), transport information for slot bookings (e.g., container number, ISO code, etc.)

  • Billing information:

    Billing recipient, billing address, tax ID number

  • App usage data:

    Timestamps for certain actions (e.g., time of check-in at the "Gate Access" terminal), location data of your device upon consent (when using the passify app to check in at a logistics site and while checked in at the logistics site), contractual partner, order data (e.g., container data), operating trucking company, license plate number

  • Device and application data:

    Operating system version, device name, device ID, app version, language setting, browser name, browser version

  • Voluntary information:

    This includes personal data that you provide to us on a voluntary basis without us explicitly requesting it, such as suggestions for improvement, responses to a survey, or information from support chats.

3. Legal basis and purposes of data processing at passify

3.1 Downloading, installing and general use of the passify app

Purposes of processing

To download and install our app from an app store (e.g., Google Play Store or Apple App Store), you must first register for a user account with the app store provider and enter into a corresponding user agreement. We have no influence over this process; in particular, we are not a party to such a user agreement. When downloading and installing the app, the necessary information is transmitted to the respective app store, specifically your username, email address, and account ID, the time of the download, and the unique device identifier. We have no influence over this data collection and are not responsible for it. We process the provided data only to the extent necessary for downloading and installing the app on your mobile device (e.g., smartphone, tablet).

As a registered and verified user, you may, subject to the appropriate authorization (e.g., the existence of a transport order), gain access to logistics locations (e.g., terminals) via digital mechanisms, drive onto the premises, and, if necessary, perform additional actions before or after access (e.g., slot booking).

Legal basis for the above processing

Art. 6(1)(b) GDPR

The processing of the data is necessary for the performance of the contract (provision and use of the app).

3.2 Setting up a passify account

Purposes of processing

To obtain the status of a registered and verified user and thereby be able to use the services provided by passify, including (and potentially) those offered by operators of logistics sites (e.g., terminals), you must create a passify account in the app ("Registration").

An email address and phone number are mandatory for registration. The data is stored in the user account. Additionally, you will be asked to provide the name of the trucking company you work for, though you may select "No information" here.

Registration with the above-mentioned data already provides limited access to the passify app's features and allows you to get a sense of its "look and feel."

During registration, we verify whether any existing registrations are associated with the provided registration information (email address and phone number).

Legal basis for the above processing

Art. 6(1)(b) GDPR

The processing of the data is necessary for the performance of the contract (provision and use of the app) and allows users to gain a limited overview of the app. Furthermore, this ensures that multiple registrations by users are prevented.

3.3 Identity verification during registration

Purposes of processing

To use the key features of the passify app (e.g., accessing logistics locations), we verify your identity within the app using an app-based identification process provided by the third-party service provider IDnow. To do this, we process (parts of) your master data, contract data (ID document and photo/selfie), as well as special categories of data (biometric data) during the app identification process based on the comparison of photos/selfies with the person. We use a multi-step process consisting of a verification of the person and a verification of the ID documents.

The verification and processing of biometric information is carried out by the external service provider IDnow. The service is merely integrated into the passify app. Passify itself does not store, process, or receive biometric data at any time.

Verification process:

To use the core features of passify, you will be prompted in the app to verify your identity.

Verification is initiated via a button in the app labeled "Verify ID." You will then be redirected to the verification environment of the service provider IDnow; by clicking the "Verify ID" button, you voluntarily consent to the processing of your personal data for the purpose of identity validation. (Note: You may revoke the consent you have given at any time with future effect. If you withdraw your consent, you will no longer be able to use the app to its full extent.)

Before starting the verification process, you have the opportunity to review IDnow's Terms of Service and Privacy Policy.

To proceed with verification, check the box to confirm that you agree to IDnow's Terms of Service and have read IDnow's Privacy Policy.

If you haven't already done so, a pop-up will then ask for permission to access the camera; this permission is required for verification.

The verification process will then begin.

Within the app, you must take a photo or selfie as part of the identity verification process. During the so-called "liveness" check—which may be performed—a short video is recorded in which you, for example, move your head slightly from side to side to demonstrate that you are actually in front of the device. In both cases, the verification of identification documents includes checking security features (e.g., holograms) to rule out the use of counterfeit documents. Successful verification is only possible with a valid, unexpired identification document.

To ensure that you are using only a validated passify account, after successful verification during registration, we check our user database to see if a user account already exists based on the registration information (consisting of parts of the master data, contact information, and contract details). Furthermore, we compare the last name and first name provided during initial registration with the information on the identification document to verify whether the information matches (high degree of match required).

After successful verification, relevant data (last name, first name, date of birth, issuing authority) is stored in the passify user account. The last name and first name may be automatically adjusted based on the information provided on the identification document.

The data processed for verification (last name, first name, date of birth, ID number, type of ID document, issuing authority, validity period of the ID document), the copy of your ID, and your selfie are generally deleted by the external service provider after verification is complete, but no later than 30 days. Passify itself does not store a copy of your ID, your selfie, or any biometric data at any time.

Note: Verification is valid for one year. At the latest upon expiration of the validity period, but possibly also earlier on a random or spot-check basis, passify conducts re-verifications using the external service provider's app identification process to ensure and further enhance the security of the system, as well as the currency, accuracy, and protection of the data.

Legal basis for the above processing

Art. 6(1)(a), 7 GDPR

The processing is based on your voluntary consent. We compare the registration information with existing user data to optimize the customer database, prevent fraudulent multiple registrations, and thereby enhance security for both the operators of the logistics sites and the users.

3.4 Non-biometric identity verification

Purpose of processing

Access to the passify app after registration requires password protection or the use of authentication methods specific to your device ("Face ID" or other unique characteristics based on information stored on the device). To use certain features in the passify app (e.g., terminal access, hereinafter referred to as "Gate Access"), successful authentication of this type is mandatory. For this purpose, passify uses the service provided by your device. However, at no time are the characteristics or data of the authentication methods processed by passify itself, stored by passify, or transmitted to passify. Passify merely receives the information as to whether the authentication was successful or not.

To enable authentication, the relevant permission must be granted. This permission can be managed in the app's permission settings. For more information, see "Requested Permissions."

Legal basis for the above processing

Art. 6(1)(c), 32 GDPR

The processing of the data is necessary to fulfill legal, technical, and organizational security obligations in order to protect critical infrastructure from criminal acts and to enhance security for the operators of logistics sites (e.g., terminals) as well as for users.

3.5 Biometric identity verification

For the purpose of secure identity management and to ensure efficient access control at logistics sites, we process biometric data in connection with the use of the app.

This is done in two steps:

Initial identity verification: Comparison of an official ID document with a live image of the user (video-ID or auto-ID process).

Authentication (check-in): Re-verification of the user on-site or upon app login to confirm access authorization.

Technical operation: The system operates according to the principles of data minimization and "privacy by design." When capturing the user's face, the image data is not permanently stored as raw data (photo) for verification purposes. Instead, an algorithm extracts specific features of the facial geometry and immediately converts them into a mathematical string (hash value / biometric template). This hash value is encrypted and designed in such a way that it is technically impossible to reverse-engineer the original facial image. The comparison is performed exclusively by comparing these mathematical representations. The processing and storage of this reference data takes place on secure servers of our data processor IDnow within the European Union.

Legal basis for processing

The processing of this data is based on several legal grounds, depending on the specific context of use and the controllers involved:

Consent (Art. 9(2)(a) GDPR in conjunction with Art. 6(1)(a) GDPR): The processing of your biometric data (special category of personal data) is generally based on your explicit and voluntary consent. You provide this consent explicitly within the app before the biometric feature is activated for the first time. You may revoke this consent at any time with future effect, although the processing carried out up to the time of revocation remains lawful.

Fulfillment of contractual obligations (Art. 6(1)(b) GDPR): The provision of identity management functions serves to fulfill the user agreement concluded between you (the user) and us (the app operator). The aim is to provide you with a digital identity that enables access to various logistics locations without repeated manual verification.

Compliance with legal obligations of site operators (Art. 6(1)(c) GDPR): To the extent that biometric validation is mandatory for access to certain security areas (e.g., ISPS-certified port terminals, customs areas, or hazardous materials storage facilities), the processing serves to support the respective terminal and site operators in fulfilling their legal protection and control obligations. The app functions here as a technical tool to ensure the legally required identification of individuals.

Legitimate interest (Art. 6(1)(f) GDPR): Our legitimate interest, as well as that of our affiliated logistics partners, lies in ensuring a high level of IT and site security. The use of biometric procedures significantly minimizes the risk of identity theft, unauthorized access, and fraud attempts (fraud prevention). This serves to protect critical infrastructure as well as the physical safety of all persons on the premises.

3.6 Gate Access / Check-in

Purpose of processing

If authorization is granted (e.g., a pickup order for a specific terminal) and provided that the identity has been validated, the Gate Access feature can be used. It is important for Gate Access that the current license plate number is stored. This is necessary for contract fulfillment, as it allows for verification that the driver is in the correct lane, that the license plate matches the order data transmitted by the terminal operator to passify, and thus enables the vehicle and order to be matched.

Furthermore, when the Gate Access function is triggered, the current location of the device is verified to display the nearest logistics location and to ensure that the device—and thus the authorized driver—is in the immediate vicinity of the logistics location for which Gate Access is requested. This ensures faster and more efficient processing and increases security by preventing the gate or barrier from being opened remotely.

To verify the information in the logistics site operator's (e.g., terminal) operating system, the pseudonymized Trucker ID and the previously provided license plate number are transmitted to the logistics site operator (e.g., terminal). In doing so, entry and exit times are stored in passify for the purpose of logging entries and exits. The link between the Trucker ID and the license plate number is deleted after 12 hours.

While at the logistics site (checked-in status), your location is tracked and stored after every interaction within the site to enhance security on the premises and prevent access to restricted areas.

Note: To enter a logistics site at all, you must accept the site's access guidelines (provided individually by the operator for each logistics site) in the passify app by tapping a button. Acceptance of the access instructions must be repeated at regular intervals (validity of acceptance) or following any updates to these instructions, in accordance with the operator's specific requirements, and is documented in the system. Once the access instructions are accepted and for as long as this remains valid, your Trucker ID as well as your last name and first name will be listed in the "Driver List" of the respective terminal.

Legal basis for the above processing

Art. 6(1)(b) GDPR

The processing of the data is necessary for the performance of the contract (provision and use of the app) in order to enhance security for the operators of logistics sites (e.g., terminals) and to protect potential critical infrastructure from criminal acts.

3.7 Slotbooking

Standard Slotbooking

To book a slot for order processing at logistics locations, the trucker logs in to the slot booking tool via passify at the appropriate stage in the processing workflow, or uses the slot booking feature in the passify app, provided that this feature has been set up and enabled at the respective logistics location. As part of the slot booking process, passify transmits the trucker's ID, last name, and first name to the operator of the logistics site.

Special Form: "Slot Booking for Gas Stations"

Through passify, authorized and verified truckers from approved trucking companies can book slots via the passify app for specific refueling operations (e.g., at hydrogen refueling stations). Depending on the respective contractual partner or gas station operator, entering a fuel card number may be required as part of the booking process. As part of the booking, billing-related information (time slot, fuel card number if applicable, transport company with address) may be transmitted to the fuel station operators.

Art. 6(1)(b) GDPR

3.8 (Temporary) suspension of user accounts

Purpose of processing

In the event of a violation of applicable law or the terms and conditions of logistics site operators, or failure to comply with access instructions (e.g., at terminals), the reasons for such violations may be recorded, which may result in a (temporary) suspension of access or restrictions on the use of the app.

The information is entered into a free-text field by the operator of the logistics site (e.g., terminal) and is visible only to that operator. Passify itself has no access to the encrypted information.

Legal basis for the above processing

Art. 6(1)(f) GDPR

The legitimate interest in storing violations that lead to a (temporary) suspension of user accounts is justified by the right of the operator of the logistics sites to take measures for building and facility security, business management, and the prevention of criminal offenses.

3.9 Payment processing

Purpose of processing

To take full advantage of the passify app and its associated services and to ensure an efficient check-in process for you, certain actions or features within the passify app or its associated services require payment. Payments are processed through the external payment service provider Stripe.

Purchasing a "passify PassKey" License

For certain actions or functions (e.g., gate access, slot booking), the purchase of a passify PassKey (user license for ISPS facilities) is required. This can be purchased via the passify app by truckers themselves or in the "passify Trucking Company Portal" by trucking companies for the truckers assigned to that company.

After purchasing a passify-PassKey, it is assigned to the respective trucker, automatically unlocking all functions for which the passify-PassKey is required.

Note regarding data received from the payment service provider:

Once payment processing is complete, passify receives the following information from the payment service provider for further processing and invoicing: Billing recipient, billing address, tax ID (if provided during the payment process), and the scope of the purchased/booked services, which are partially processed fully automatically and assigned to the corresponding users (truckers or trucking companies).

Further information about Stripe can be found under "Categories of Recipients."

Legal basis for the above processing

Art. 6(1)(b) GDPR

3.10 passify Trucking Company Portal

Purpose of processing

For trucking companies, there is a dedicated "passify Trucking Company Portal" (hereinafter referred to simply as the "Web Portal"). At the initiative of a trucking company, passify creates this portal. The trucking company provides passify with the desired email address and the first and last names of the administrator. Once set up, a confirmation email is sent to that email address. Before using the web portal for the first time, each user must review the privacy policy and accept the Terms and Conditions. The user can then set a password of their choice. Additional users can be created and modified in the web portal by the administrator.

All users of a trucking company's web portal can view the other users of the trucking company, including their roles (admin or user).

Companies have the option to synchronize their company with Secure Release Order providers offered in passify (e.g., German Ports Release Order). If this is done, passify queries the Secure Release Order provider using the company's registered VAT ID and receives the corresponding company IDs stored with the provider. These are saved in passify under the company. The connection can be revoked at any time in the portal.

Once a trucking company has registered on the web portal, truckers can link themselves to that company. A connection between an app user's profile (trucker) and a trucking company is never established automatically; it always requires active interaction ("handshake process"). This can be done in two ways:

Initiative by the driver: The trucker selects a company in the app and sends a request. The company must confirm this in the web portal. Initiative by the company: The company sends a request using the trucker's ID. The trucker must actively accept this request in their app.

The assignment only becomes effective after this mutual confirmation process. A trucker can terminate the assignment at any time via the app; the company can terminate the assignment via the portal. Once the assignment is terminated, the company no longer has access to the driver's current data.

Truckers have the option at any time to change the trucking company or delete the assignment. From the moment an assignment is changed or deleted, truckers are no longer listed with the (previous) trucking company.

Transport companies can use the web portal to book or purchase the passify PassKey (license to drive through ISPS facilities) or other services for individual truckers or for multiple truckers at once, for the truckers assigned to the transport company.

Both the use of the trucking company web portal and the assignment of a trucker to a trucking company are strictly voluntary and are neither required nor a prerequisite for using the passify app.

In addition, trucking companies can view slot bookings made by assigned drivers and assign slot bookings to assigned drivers themselves.

The following trucker information can be viewed by trucking companies on the web portal: Trucker ID, last name, first name, email address, company status (confirmed / pending), Passify status (unlocked / locked), restriction list (e.g., access restrictions for certain areas), PassKey (available / not available), booked slots (including slot booking information).

In return, upon successful connection, the driver's user account is updated with the relevant IDs for Secure Release Order providers stored by the company. Upon termination of the link between the driver and the company, these are immediately removed from the driver's user profile.

Legal basis for the above processing

Performance of a contract with the trucking company and its users (Art. 6(1)(b) GDPR): The processing of data belonging to administrators and dispatchers, as well as the provision of the platform infrastructure, is carried out to fulfill the user agreement (Terms and Conditions for Trucking Companies) via the web portal.

Performance of a contract with the app user/trucker (Art. 6(1)(b) GDPR): The transmission of the above-mentioned data to the trucking company and the acceptance of bookings (PassKeys, slots) by the company are based on the app's terms of use. By selecting the "Link Company" function and confirming the request, the user (trucker) authorizes us, within the scope of the app's functionality, to provide the data relevant for dispatching to the selected employer/client in order to take advantage of benefits such as centralized payment of fees or slot planning by the dispatching department.

3.11 Technical Data

When you access our app, we process data sent by your device to enable the app to function. This is a technically necessary process that involves the transmission of data. In the event of malfunctions, this data is used for error analysis and troubleshooting in order to optimize the app. The data (database ID and operating system version) is stored for a limited time in so-called logs or log files until the data is fully anonymized. During anonymization, the data is modified in such a way that information relating to identified or identifiable individuals can no longer be attributed to a specific person, or can only be attributed with a disproportionate amount of time, cost, and effort.

Legal basis for the above processing

Art. 6(1)(b) GDPR

The processing of the data is necessary for the performance of the contract (provision and use of the app) in order to keep our app available (i.e., stable and secure), to optimize and further develop it, and thereby to offer our customers the best possible services and increase customer satisfaction.

3.12 Support Chat

To improve our customer service and communicate directly with users, we offer a support chat within our app. Use of our chat service is voluntary.

By using the chat, you consent to passify GmbH using the data transmitted during the use of the chat service to answer your questions, improve the response behavior of the preceding chatbot, optimize product features, and troubleshoot issues. When you access the support chat, we process technical data, such as the device name of your device. In the event of malfunctions or disruptions to the app or web applications, the data is used for troubleshooting, identification, and subsequent error correction. To enable subsequent troubleshooting and establish a connection between device-specific technical information and error patterns, it is necessary to store the data for 12 months. Support messages and user data are automatically deleted after 12 months of inactivity. Personal data within the chat (e.g., when you enter your name) is processed with your consent to data processing.

If you enter your personal data in the chat (e.g., your name, date of birth, etc.), and if this information allows conclusions to be drawn about your health, gender, sexual orientation, and/or ethnicity, your consent also applies to this information.

Legal basis for the above processing

Art. 6(1)(a) GDPR

The processing of your personal data is based on your voluntary consent. By using the support chat, you consent to the processing and storage of the data you provide (e.g., name, email address, device information, communication content) for the purpose of handling your inquiry, improving our support services, and conducting quality control of the product.

4. Required permissions

For some features, the app needs to access certain services and data on your mobile device. Below, we explain which permissions the app may request and what types of features require these permissions on different operating systems.

You can manage these permissions—view, enable, and disable them—at any time through your operating system. To do this, open the "Settings" app in iOS. In the menu that appears, you'll find an overview of all apps installed on your device. Select the passify app there and manage your permissions. In Android, you can also open the "Settings" app and select the "Apps" menu item. In the menu that appears, you'll find an overview of all apps installed on your device. Select the passify app there and manage your permissions. The labels may vary slightly depending on the version of iOS or Android you are using.

Please note that disabling or denying certain permissions may result in functional limitations within the passify app.

  • Location

    The first time you open the app, a pop-up will ask whether the app may access your device's location—either once or whenever you use the app. If you agree, the app can determine your exact location using various technologies (GPS, Bluetooth, Wi-Fi). If you have only granted one-time permission, the app will request permission again when certain features are activated. In general, your location is only retrieved when specific features are activated and is never continuously tracked. During an active visit to a logistics site (e.g., a terminal), your location is automatically determined and stored every 5 minutes.

  • Camera access

    When you open the app for the first time, a pop-up will ask if the app is allowed to use your device's camera. To enable key app features (e.g., Gate Access), we require camera access permission for certain functions. Access is necessary, for example, to take photos to validate your passify account or to authenticate yourself for certain features (e.g., Gate Access). Furthermore, the camera is required to scan QR codes at the check-in stations at logistics locations to verify your actual location and the existence of an order. If permission is not granted when the app is first opened, the request will be prompted again when certain features are activated.

  • "Face ID" or other authentication methods

    When you open the app for the first time, a pop-up will ask whether the passify app is allowed to use the Face ID feature (if you are using a device running the iOS operating system) or similar authentication methods on your device. To enable the use of key app features (e.g., Gate Access), the corresponding service must be set up on the device and permission must be granted. If permission is not granted when the app is first opened, the prompt will reappear when certain features are triggered.

  • Notifications

    When you open the app for the first time, a pop-up window will ask if the passify app can send you notifications.

5. Categories of Recipients

Logistics Facility Operators

We have a contractual relationship with the respective logistics site operators to whom you (may) request access, in which we act as a data processor for the logistics site operator. As a data processor for the logistics site operators, we are bound by confidentiality and are contractually obligated to the respective operators to transfer your personal data only for the specified purposes and to ensure data protection.

Service Providers / Data Processors

To process your data, we sometimes use specialized service providers who, in turn, act on our behalf (e.g., IT service providers, hosting providers, data centers, payroll service providers, etc.). We carefully select and regularly monitor our service providers. They process personal data only on our behalf and strictly in accordance with our instructions, based on corresponding data processing agreements. The data disclosed may be processed by the respective data processor only on the basis of agreements pursuant to Article 28(3)(1) of the GDPR. The processors are subject to confidentiality and are contractually obligated to ensure data protection through the data processing agreement.

IDnow (Identification Service Provider)

To comply with legal requirements and, in particular, to assist our contractual partners—the operators of logistics sites—in meeting the requirements of the ISPS Code, we use a digital and certified process for identifying and authenticating our users. We use the service provider IDnow (IDnow GmbH, Auenstr. 100, 80469 Munich, Germany). A data processing agreement exists between passify and IDnow. As a data processor, IDnow is subject to confidentiality and is contractually obligated to ensure data protection under the data processing agreement. IDnow's procedures are certified by independent bodies and offer a particularly high level of security and reliability. For the purpose of identifying our users, passify stores only the personal data transmitted by IDnow that is absolutely necessary for unambiguous identification (last name, first name, date of birth, issuing authority). Passify does not store biometric data at any time or process it itself. IDnow deletes all personal data after a maximum of 30 days. For the authentication process, our service provider stores an encrypted and non-reversible mathematical representation that, while based on biometric analysis, does not itself contain any biometric data. This representation will be deleted immediately upon closure of the user account or deactivation of the feature (e.g., by revocation).

Trucking Companies

Truckers may voluntarily associate themselves with a registered trucking company. This association can be deleted at any time by the trucking company or the trucker themselves. As long as the association remains active, the trucker will be listed in the driver directory on the web portal. Only the information necessary for the trucking company to clearly identify and verify the trucker, and required for functions within the trucking company's web portal, is stored and processed.

The following information can be viewed by trucking companies in the web portal: Trucker ID, last name, first name, email address, company status (confirmed / pending), Passify status (unlocked / locked), restricted list (e.g., access restrictions for certain areas), PassKey (available / not available), booked slots (including slot booking information).

Payment service provider

We use an external payment service provider whose platform allows users (truckers and/or trucking companies) and us to conduct payment transactions, including the purchase and payment processing of the passify PassKey. The provider of these payment services is Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland ('Stripe'). When paying via Stripe, the payment details you enter are transmitted to Stripe. You have the option to choose from the payment methods provided by Stripe. The personal data exchanged between Stripe and the data controller may be transmitted by Stripe to credit bureaus. The purpose of this transmission is identity and creditworthiness verification. Stripe may share the personal data with affiliated companies and service providers or subcontractors if this is necessary to fulfill contractual obligations or if the data is to be or must be processed on Stripe's behalf. You may object to this processing of your data at any time by sending a message to Stripe or the commissioned credit reference agencies. However, Stripe may still be entitled to process your personal data if this is necessary for the contractual payment processing. Stripe is responsible for the processing of the data. For more information about data processing and Stripe's applicable privacy policies, please see https://stripe.com/de/privacy.

WhatsApp (Community Channel)

In our mobile app, we offer you the option to join an external WhatsApp channel (broadcast channel). Through this channel, we provide you with voluntary surveys to continuously improve the quality of our app and gauge user satisfaction.

Participation is entirely voluntary. By actively joining the WhatsApp channel, your action is considered consent in accordance with Art. 6(1)(a) of the GDPR. You may revoke this consent at any time with future effect by leaving the channel. Participation in the WhatsApp channel is not a prerequisite for using our app.

When you join our WhatsApp channel, WhatsApp Ireland Limited, as an independent provider, processes certain personal data, including:

    â€˘ Your telephone number
    â€˘ Your profile name
    â€˘ Your profile picture
    â€˘ Your usage and device data (e.g., date of sign-up, device used, IP address)
    â€˘ Your interactions with the channel (e.g., views of posts)

We have configured the WhatsApp channel so that comments or replies to channel posts are not possible, no personal survey responses are collected via WhatsApp itself, and communication is one-way only (purely an informational channel). Data retention period: All personal data is deleted after 30 days at the latest.

WhatsApp stores the above-mentioned data in accordance with its own policies, generally for the duration of your account or channel membership, but may also process it beyond that period for its own purposes (e.g., to improve services, for security purposes, or to comply with legal obligations). Data transfers to third countries (e.g., the U.S.) cannot be ruled out.

For more information on data processing by WhatsApp, please refer to WhatsApp's Privacy Policy

We do not process any of your personal data within the WhatsApp channel. Any surveys conducted are designed to minimize data collection and are structured in such a way that no conclusions can be drawn about individual persons. Your responses are collected anonymously or—where technically necessary—pseudonymized and used exclusively for internal evaluation and improvement purposes.

Secure Release Order provider (German Ports Release Order)

With the implementation of secure release procedures at logistics locations, passify acts as the identity provider for certain terminals as part of the secure release processes. To enable this, companies must synchronize their passify profile with secure release order providers. This is initiated by a user of the company portal. As part of the synchronization, the company's VAT ID is checked against the interfaces of the Secure Release Order providers to determine whether an account is registered there for the company. The account IDs are then stored in passify under the company. The connection can be revoked at any time.

Others

In addition, there may be further legal obligations to transfer data in specific cases; however, these do not apply generally but arise only in specific individual instances. This includes cooperation with investigative authorities and the disclosure of data in this context in compliance with data protection law. Data processing generally takes place within the EU/EEA. Data processing outside the EU/EEA is permitted under the conditions set forth in Art. 44 et seq. of the GDPR. As our business evolves, we may alter the structure of our company by changing its legal form, or by establishing, acquiring, or selling subsidiaries, departments, or business units. In such transactions, customer data may be transferred along with the part of the company being transferred. When we disclose personal data to third parties to the extent described above, we ensure that this is done in accordance with this Privacy Policy and applicable data protection laws.

6. Duration of storage

We generally process your data only until the purposes for which it was collected have been fulfilled. After that, your data will be deleted or anonymized, unless the processing or storage of your data is necessary to assert, exercise, or defend legal claims. In the case of statutory retention obligations, deletion or anonymization will only be considered after the respective retention period has expired. Until deletion or anonymization, the data will be stored in a locked format.

Access logging (log files, technical data)

  • Data (database ID and operating system version) will be completely deleted or anonymized after no more than 3 years

IDnow (external provider)

  • Identification data will be completely deleted no later than 30 days after verification
  • The mathematical representation generated based on biometric data—which itself does not contain any biometric data—will be deleted immediately and irreversibly as soon as the user account is closed or you withdraw your consent to the use of this method.

Other activity data

  • Activity data (e.g., gate access) is deleted or anonymized no later than three years after collection, provided it does not contain billing-related information
  • Location data is anonymized before being stored

Billing-relevant data

  • Storage period in accordance with the applicable provisions of the HGB: 10 years

User account (inactive)

  • After one year of inactivity, the user will be notified of the inactivity and informed that a lack of interaction will result in the deletion or anonymization of their data
  • Without interaction, the user account is automatically deleted or anonymized after a maximum of 3 years

Request to Delete User Account

  • If a request is made to delete a user account, the account will be suspended
  • The email address and phone number will be anonymized immediately after a request to delete the user account is submitted
  • All data will be retained for 3 years after the request to delete the account is submitted; after that, all personal data will be deleted or anonymized.

Technical Data

  • All technical device data is automatically deleted from the databases after one year.

7. Information about your rights

Under applicable data protection laws, you have the following rights:

  • The right to access the personal data we hold about you;
  • The right to have your personal data corrected, deleted, or restricted;
  • Right to object to processing that serves our legitimate interests, a public interest, or profiling, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims;
  • Right to data portability;
  • Right to lodge a complaint with a supervisory authority;
  • You may revoke your consent to the collection, processing, and use of your personal data at any time with future effect. Further information on this can be found in the respective sections above, where data processing based on your consent is described.

If you wish to exercise your rights, please direct your request to:

passify GmbH, St. Annenufer 2, 20457 Hamburg, or to the email address: datenschutz@passifyapp.de