LoungePass Pro
Privacy Policy

Your privacy is our priority

Last updated: January 11, 2025

GDPR • CCPA • Global Compliance

Information We Collect

When you purchase our airport lounge access guide, we collect:

  • Email Address: Required to deliver your purchased guide and provide customer support
  • Payment Information: Processed securely through Stripe (we never store your payment details)
  • Usage Data: Anonymous analytics to improve our service

How We Use Your Information

We use your information solely to:

  • Deliver your purchased airport lounge access guide
  • Provide customer support and respond to inquiries
  • Send important updates about your access or guide changes
  • Improve our service based on anonymous usage patterns

We never sell, rent, or share your personal information with third parties.

Data Security

Your data security is our top priority:

  • Payment Processing: All payments are processed through Stripe with 256-bit SSL encryption
  • PCI DSS Compliance: We maintain the highest security standards
  • Data Storage: Your information is stored on secure, encrypted servers
  • Access Control: Only authorized personnel have access to customer data

GDPR & Your Data Rights

Under GDPR (EU), CCPA (California), PIPEDA (Canada), LGPD (Brazil), and other global privacy laws, you have comprehensive data rights:

Your Rights:

  • Right to Access: Obtain a copy of all personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your data for direct marketing
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

Legal Basis for Processing:

  • Contract Performance: Processing necessary to deliver purchased product
  • Legal Obligation: Compliance with tax, accounting, and payment regulations
  • Legitimate Interest: Fraud prevention, security, service improvement

Data Retention Period:

We retain your data for:

  • Transaction Records: 7 years (tax/legal compliance)
  • Email Address: Until you request deletion or unsubscribe
  • Analytics Data: 26 months (anonymized)

Exercise Your Rights:

Email support@airloungeaccess.com with subject "Data Rights Request"

We will respond within 30 days (GDPR requirement)

Cookies and Tracking

We use minimal cookies and tracking technologies:

Essential Cookies (Required):

  • Session management and authentication
  • Payment processing and security (Stripe)
  • Bot detection and rate limiting

Analytics Cookies (Optional):

  • Anonymous website traffic analysis
  • User experience improvements
  • Performance monitoring

You can control cookie preferences through your browser settings. Note that disabling essential cookies may affect website functionality.

Third-Party Service Providers

We share your data only with trusted service providers necessary for service delivery:

Payment Processing:

Email Delivery:

Data Storage:

Data Processing Agreements:

All third-party processors have signed Data Processing Agreements (DPAs) ensuring GDPR compliance and appropriate data protection safeguards.

International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction (primarily the United States and EU).

Safeguards for International Transfers:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Service providers with Privacy Shield or equivalent certifications
  • Adequate data protection measures as required by GDPR Article 46

Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information immediately.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours (GDPR requirement)
  • Notify affected individuals without undue delay
  • Provide details about the breach, potential consequences, and mitigation measures

California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed (we do NOT sell your data)
  • Right to opt-out of sale of personal information (not applicable - we don't sell)
  • Right to deletion
  • Right to non-discrimination for exercising your rights

To exercise CCPA rights, email support@airloungeaccess.com with subject "CCPA Request"

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

Material changes will be communicated via email to registered users at least 30 days before taking effect.

Contact Information & Data Protection Officer

If you have questions about this Privacy Policy, your personal information, or wish to exercise your data rights, please contact us:

Privacy Inquiries: support@airloungeaccess.com

Data Protection Officer: dpo@airloungeaccess.com

Subject Line: Privacy Policy Inquiry / Data Rights Request / GDPR Request

Response Time: Within 30 days (as required by GDPR)

EU Supervisory Authority:

If you are located in the EU/EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.