last updated: april 2026

privacy policy

passport is built by people who hate dark patterns. we don't sell your data, we don't show ads, and we don't train ai on your library. here's exactly what we collect and what we do with it.

1. what we collect

  • account info — your email address, display name, username, and avatar (either from your oauth provider or uploaded by you).
  • authentication — oauth tokens from google, discord, or apple. we never see or store your password.
  • media library data — what you add to your library, ratings, reviews, favorites, lists, and notes.
  • usage data — basic analytics like page views and which features get used. no cross-site tracking.
  • imports — when you import from steam, imdb, letterboxd, apple music, or spotify, the file you upload is processed and stored as library entries on your account.

2. how we use it

  • to run the service — your library, profile, achievements, and compatibility scores.
  • to improve passport based on what people actually use.
  • we do not sell your data.
  • we do not show ads.
  • we do not use your data for ai training.

3. where data is stored

  • supabase — our postgresql database and authentication infrastructure.
  • vercel — hosting and serverless functions.
  • cloudflare — dns and cdn.

4. third-party services

  • authentication — google, discord, apple (oauth).
  • media data — igdb/twitch, tmdb, anilist, musicbrainz, google books, itunes search api, and the cover art archive.
  • hosting — vercel, supabase, cloudflare.

5. data sharing

we don't sell your data and we don't share it with anyone for advertising or marketing. the providers above run the infrastructure — they process data on our behalf, not for their own use.

6. your rights

  • you'll be able to export your data — full library export is on the roadmap.
  • you can delete your account and all associated data at any time from your settings.
  • you can email us at support@passportdex.com for anything privacy-related.

7. cookies

supabase auth uses cookies to keep you signed in. we don't set third-party tracking cookies.

8. children

passport is not intended for users under 13. if you believe a child has created an account, email us and we'll remove it.

9. changes

we may update this policy from time to time. the “last updated” date at the top of this page reflects the most recent change.

10. contact

questions, concerns, or data requests? email support@passportdex.com.

terms of service →← back to passport