Skip to main content

Privacy Policy

Last updated: May 10, 2026

AI Group LTD ("we", "us", "D-Pass") provides the D-Pass Digital Product Passport platform. This Privacy Policy explains how we collect, use, and protect your personal data.

1. Data Controller

AI Group LTD
Email: legal@d-pass.eu

2. What Data We Collect

  • Account data: email, name, password hash, tenant information
  • Usage data: audit logs, IP addresses, actions performed
  • Payment data: processed by Stripe — we do not store card details
  • Communications: contact form submissions, support emails

3. Legal Basis

We process data based on: contract performance (Art. 6(1)(b) GDPR), legitimate interest (Art. 6(1)(f)), and consent where required (Art. 6(1)(a)).

4. Your Rights

Under GDPR, you have the right to access, rectify, erase, restrict processing, object, and data portability. Contact legal@d-pass.eu to exercise your rights.

5. Cookies

We use strictly necessary cookies for authentication. We do not use tracking or analytics cookies. We use Plausible Analytics (EU-hosted, cookieless).

6. Third-Party Processors

  • Hetzner Cloud (DE) — Hosting, storage
  • Stripe — Payment processing
  • Resend — Transactional email
  • Cloudflare — CDN, DDoS protection