Version draft Β· placeholder β not legal advice.
Interaction events (page views, checkouts), purchase records, and government-ID verification results from Stripe Identity. We retain a one-way identity hash β never your raw ID β as your platform-wide profile key.
No pass is activated without verified identity (government ID + selfie). This is a security-critical, non-optional step.
Organizers co-own the data generated through their storefronts and may export it in full. 45PASS additionally maintains platform-level conduct intelligence (risk tiers, incident summaries) that is shared across the organizer network to keep events safe. This section requires legal counsel review for your jurisdiction(s).
You may request a copy of your data and request deletion. Conduct records may be retained where legally permitted; such records are marked, not silently deleted. Adverse decisions include a dispute path. GDPR/CCPA-specific language requires counsel review.
Conduct records decay by severity (1 year / 2 years / 5 years / no automatic decay for the most severe).