Passage AI, Inc. – Privacy Policy

This Privacy Policy ("Policy") describes how Passage AI, Inc. ("we," "our," "us") collects, uses, stores, and protects your personal information when you use the Passage mobile application (the "App"). By using Passage, you agree to the practices described below.

1. Information We Collect

When you use the Passage App, we collect information necessary to provide, improve, and secure our services. This includes:

• Account Information: name, email address, username, and password.
• Payment Information: processed securely through trusted third-party providers (e.g., Stripe). Passage AI, Inc. does not store full credit or debit card numbers.
• Usage Data: information about how you use the App, including features accessed, time spent, and interactions.
• Device and Technical Information: IP address, browser type, operating system, device identifiers, and App version.
• Optional Submissions: feedback, surveys, or messages you voluntarily send us.
• Aggregated or Analytical Data: anonymized insights derived from user behavior, used to enhance predictive performance and App quality.

2. How We Use Your Information

We use the information we collect to operate and enhance the Passage App, process payments, provide personalized experiences, send updates and support messages, and ensure compliance with applicable laws.

Information may also be analyzed to improve algorithms, educational insights, and system performance. Aggregated, de-identified data may be used for research or to improve future features.

3. How We Share Information

Passage AI, Inc. does not sell your personal information. We may share limited data in specific situations, such as:

• With service providers that perform operational tasks (e.g., Stripe for payments, Firebase for authentication, etc.), all bound by strict confidentiality and security obligations.
• To comply with legal or regulatory requirements, including responding to subpoenas or lawful government requests.
• During business transfers, such as a merger, acquisition, or sale of assets.
• As aggregated or de-identified data for analytics and research that cannot identify individuals.

4. Cookies and Tracking Technologies

We use cookies, local storage, and similar tools to maintain secure sessions, personalize user experiences, and analyze performance. You may disable cookies in your browser or device settings, though this may limit functionality.

5. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access and obtain a copy of your personal information.
• Request correction of inaccurate or incomplete data.
• Request deletion of your information, subject to legal obligations.
• Restrict or object to certain processing activities.
• Opt out of marketing communications.

To exercise these rights, contact us at support@pssg.ai. We respond to verified requests promptly and in accordance with applicable privacy laws.

6. Children's Privacy

The Passage App is not directed to individuals under 18 years of age, and we do not knowingly collect personal data from minors. If such information is identified, it will be deleted promptly.

7. Third-Party Services

Passage integrates with third-party tools such as Stripe, Firebase, Google Analytics and others to provide secure payments, authentication, and performance analysis. Each provider processes data according to its own privacy policy. We encourage you to review their policies to understand their practices.

8. Data Retention

We retain personal information only as long as necessary to operate the App, fulfill legal or accounting obligations, or resolve disputes. When information is no longer needed, we delete or anonymize it securely.

9. International Data Transfers

If you access Passage from outside the United States, your information may be transferred to and processed in the U.S. or other jurisdictions where we operate. For users in the EEA or United Kingdom, transfers rely on approved mechanisms such as Standard Contractual Clauses (SCCs) or other lawful bases to ensure adequate protection.

10. Artificial Intelligence and Data Transparency

Passage AI, Inc. uses artificial intelligence and predictive analytics strictly for informational and educational purposes. Our algorithms do not make automated decisions about individual users, including eligibility, creditworthiness, or other legally significant outcomes. Models are periodically reviewed for fairness, accuracy, and transparency.

11. Regulatory Compliance and Legal Framework

Passage AI, Inc. complies with applicable U.S. federal and state privacy, data protection, and financial information laws, including:

• Federal Trade Commission Act (FTC Act) – prohibiting unfair or deceptive practices.
• Gramm-Leach-Bliley Act (GLBA) – governing the safeguarding of non-public financial information.
• California Consumer Privacy Act (CCPA/CPRA) and related state privacy statutes.
• New York Department of Financial Services Cybersecurity Regulation (23 NYCRR 500) – for protecting financial institutions' data.
• Applicable SEC and CFTC guidance regarding the secure handling of financial and market information.

These frameworks ensure that Passage AI, Inc. operates responsibly and maintains transparency regarding user privacy.

12. Security Standards

Our security program incorporates administrative, technical, and physical safeguards to protect user data. All sensitive information is encrypted during transfer and storage, and our vendors are required to uphold equivalent protection standards. Security protocols are reviewed regularly to ensure continued compliance and resilience.

13. User Controls and Privacy Settings

Users can manage privacy preferences directly within the App, including updating profile details, managing notifications, or submitting requests for data access or deletion.

14. State and International Privacy Rights

Residents of California have rights under the CCPA/CPRA to know what categories of data we collect, request deletion of their personal information, and opt out of data sharing. Passage AI, Inc. does not sell personal data.

Users in the EEA or UK have additional rights under the GDPR, including the right to data portability, correction, and the ability to lodge complaints with their local data protection authority.

15. Changes to This Policy

We may revise this Policy periodically to reflect changes in our practices or in applicable laws. The most recent version will always be available in the App and on our website. Continued use of Passage following updates constitutes acceptance of the revised Policy.

16. Legal Hierarchy and Compliance Assurance

If any part of this Policy conflicts with applicable federal or state privacy laws, the law that provides greater protection to users will govern. Passage AI, Inc. complies with all relevant data breach and notification laws in the jurisdictions where it operates.

17. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at: