Privacy Policy

W-RLDS Technology Inc., DBA Passports Studio

Effective Date: March 3, 2026  ·  Last Updated: March 3, 2026

1. Introduction

W-RLDS Technology Inc., doing business as Passports Studio ("Company," "we," "us," or "our"), respects your privacy and is committed to protecting your personal data. This Privacy Policy applies to information collected through our website at https://passports.studio (the "Site"), our mobile application, and our wallet-as-a-service platform (collectively, the "Services"). By accessing or using the Site or our Services, you acknowledge the disclosures made in this Privacy Policy.

In most cases, we collect and process personal data in our capacity as a service provider to businesses who use our Services ("Business Customers"). In that context, we receive personal data from Business Customers and collect information from their customers on the Business Customers' behalf for the purpose of providing the Services. If you are a customer of one of our Business Customers on whose behalf we have collected or processed your personal data, please contact that Business Customer directly regarding questions about how your data is handled.

This Privacy Policy may change from time to time. Your continued use of the Site or Services after changes are posted constitutes your acknowledgment of those changes.

2. Personal Data We Collect

For purposes of this Privacy Policy, "personal data" means any information that identifies, relates to, describes, or could reasonably be linked to a particular individual or household.

Information You Provide Directly

• Account Information: Name, email address, phone number, and login credentials when you create an account.
• Business Information: Business name, address, industry, and billing contact information for Business Customer accounts.
• Payment Information: Billing details and payment method information. Payment processing is handled by third-party processors, and we do not store full credit card numbers.
• Pass Content: Information you include in the digital wallet passes you create, such as text, images, logos, barcodes, and other pass data ("Customer Content").
• Communications: Information provided when you contact support or communicate with us.

Information Collected Automatically

• Device and Browser Information: Device type, operating system, browser type and version, unique device identifiers, and mobile network information.
• Usage Data: Features used, pages visited, actions taken, and time spent within the Services.
• Log Data: IP address, referring/exit pages, date and time stamps, and clickstream data.
• Geolocation Data: Approximate location based on your IP address.

Information from Third Parties

• Wallet Platform Data: When a pass is added to or removed from a mobile wallet (Apple Wallet, Google Wallet), we may receive status updates from the respective platform.
• Business Customer Integrations: We may receive personal data from third-party services that integrate with our Services on behalf of Business Customers.
• Analytics Providers: We may receive aggregated analytics data from third-party analytics services.

Aggregated Data

We may collect, use, and share aggregated or de-identified data for any lawful purpose. Aggregated data is not considered personal data under applicable laws, as it cannot directly or indirectly identify an individual. If we combine aggregated data with your personal data in a way that can identify you, we treat the combined data as personal data in accordance with this Privacy Policy.

3. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

• To provide, operate, maintain, and improve the Services
• To create, distribute, and manage digital wallet passes and push notifications on behalf of Business Customers
• To register and administer accounts for Business Customers and their authorized users
• To process transactions and send related information, including confirmations and invoices
• To provide customer support; diagnose, repair, and track service quality issues; and respond to requests and inquiries
• To administer and protect the Site and Services, including troubleshooting, data analysis, testing, and system maintenance
• For internal business purposes, such as evaluating usage and performance, improving quality, designing new features, conducting research and analytics, and maintaining business records
• To prevent fraud, detect security incidents, and respond to malicious, deceptive, or illegal activity
• To send technical notices, updates, security alerts, and administrative messages
• To send marketing communications where you have provided consent or have not opted out (see Marketing below)
• To comply with legal obligations

Marketing

We may send you marketing communications about our Services if you have consented or not opted out. You can opt out of marketing messages at any time by clicking the "unsubscribe" link in our emails or by contacting us. Opting out of marketing will not affect personal data we process for other purposes.

Children's Privacy

Our Services are not directed to children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has provided us with personal data, please contact us and we will take steps to delete that information promptly.

4. How We Share Your Personal Data

We do not sell your personal data, except as disclosed in Section 7 below regarding targeted advertising cookies. We may share your information in the following circumstances:

• Service Providers: With third-party vendors who provide services on our behalf, such as hosting, payment processing, analytics, email delivery, and customer support.
• Business Customers: With our Business Customers in connection with providing the Services and fulfilling requested transactions.
• Wallet Platforms: With Apple, Google, and other mobile wallet platforms as necessary to deliver and update passes.
• Pass Recipients (End Users): When a Business Customer distributes a pass, the pass content is shared with the end user. Business Customers are responsible for ensuring appropriate consent.
• Professional Advisers: With lawyers, auditors, and insurers who provide consultancy, legal, insurance, and accounting services.
• Legal Requirements: If required by law, regulation, or valid legal process (e.g., court order, subpoena, or government request).
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. The acquiring entity will be bound by this Privacy Policy.
• With Your Consent: For any other purpose with your consent.

5. Data Security

We implement commercially reasonable administrative, technical, and physical security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed without authorization. These safeguards are no less rigorous than industry-accepted security standards.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. If you have reason to believe your personal data is no longer secure, please contact us immediately.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Services. We may also retain and use information as necessary to comply with legal obligations, resolve disputes, prevent fraud, and enforce our agreements. When your information is no longer needed, we will securely delete or de-identify it.

7. Your U.S. Privacy Rights

This section applies to U.S. residents. If we collected or processed your personal data on behalf of a Business Customer, please contact that Business Customer directly to exercise your rights.

Your Privacy Choices

You may contact us to:

• Access: Request information about the categories and specific pieces of personal data we have collected about you.
• Delete: Request deletion of personal data we have collected from you, subject to certain exceptions.
• Correct: Request correction of inaccurate personal data we maintain about you.
• Opt Out of Sale/Sharing: Request that we stop selling or sharing your personal data for targeted advertising purposes.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act, including the right to know, the right to delete, the right to correct, and the right to opt out of the sale or sharing of personal data. We do not sell personal data in the traditional sense, though third-party analytics and advertising cookies on our Site may constitute a "sale" or "sharing" under California law. You may opt out by adjusting your cookie preferences on our Site.

We will not discriminate against you for exercising your privacy rights.

How to Exercise Your Rights

To exercise your privacy rights, contact us using the information in Section 10 below. We may need to verify your identity before fulfilling your request by asking you to provide identifying information. We will respond to verifiable requests within 45 calendar days, or up to 90 calendar days if additional time is needed.

Nevada Residents

Nevada residents may opt out of the "sale" of "covered information" as defined by Chapter 603A of the Nevada Revised Statutes. Although we do not currently sell covered information as defined under Nevada law, you may contact us to submit an opt-out request.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activity. You can set your browser to refuse cookies or alert you when cookies are being set. Disabling cookies may cause some features of the Site to not function properly.

We may use third-party analytics services (such as Google Analytics) to help us understand how users interact with the Site and Services. These services may collect information about your online activity across websites.

9. Third-Party Links

The Site and Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: