Privacy Policy
Last updated July 9, 2026
In plain terms
We collect the information needed to run a listing marketplace and process payments — account details, listing details, and payment data handled by Stripe. We never see or store your full card details, and we don't sell your personal data.
You can ask us what we hold about you, ask us to correct or delete it, or object to how we use it, at any time by emailing support@passthebib.com.
1. Who this policy covers, and who we are
This Privacy Policy explains how PassTheBib ("PassTheBib," "we," "us," or "our"), based in Zürich, Switzerland, collects, uses, and protects personal data when you use passthebib.com (the "Service"). For a formal data controller notice, contact support@passthebib.com.
We aim to comply with the Swiss Federal Act on Data Protection (FADP), the EU/UK General Data Protection Regulation (GDPR) where it applies to you, and other applicable data protection laws, regardless of where in the world you're using the Service from.
2. Data we collect
We collect the following categories of personal data:
- Account data: your name, email address, and any profile information you provide.
- Listing and transaction data: the race, price, and other details you list or purchase, and messages or confirmations exchanged through the Service in connection with a transfer.
- Payment data: processed directly by Stripe, our payment processor. We receive limited information back from Stripe (such as payment status and the last four digits of a card) but never your full card or bank account number.
- Technical and usage data: IP address, browser and device information, and how you interact with the Service, collected through essential cookies and standard server logs.
- Communications: anything you send us directly, such as support requests.
3. How we use your data
We use personal data to:
- create and maintain your account;
- operate the listing marketplace and facilitate payment escrow through Stripe;
- communicate with you about a listing, purchase, or transfer, including confirmations and support requests;
- detect and prevent fraud, abuse, and violations of our Terms of Service; and
- comply with legal obligations, such as those related to payment processing.
We do not currently use third-party advertising or analytics cookies. If that changes, we will update this policy and, where required, ask for your consent first.
4. Legal bases for processing
Where the GDPR or FADP applies, we rely on the following legal bases: performance of a contract with you (creating listings, processing payments); our legitimate interests (fraud prevention, keeping the Service secure and working); and, where applicable, your consent or compliance with a legal obligation.
5. Who we share data with
We share personal data only where necessary to run the Service:
- Stripe, to process payments, verify identity for payouts, and hold funds in escrow;
- Supabase and other infrastructure providers, to host our database and application;
- professional advisors or authorities, where required to comply with the law, enforce our Terms, or protect the rights and safety of PassTheBib or our users.
We do not share your personal data with a race organizer. Completing a race organizer's official transfer process is done directly by you, and any information you give the organizer at that point is governed by the organizer's own privacy practices, not ours.
We do not sell your personal data.
6. International data transfers
We are based in Switzerland, and our service providers (such as Stripe and our hosting provider) may process data in other countries, including the United States. Where we transfer personal data outside of Switzerland or the EEA, we rely on recognized safeguards, such as standard contractual clauses or a provider's adequacy status, to protect it.
7. Data retention
We keep personal data for as long as your account is active, and afterward for as long as needed to resolve disputes, comply with legal or accounting obligations, and enforce our agreements — after which we delete or anonymize it.
8. Your rights
Depending on where you live, you may have the right to access, correct, delete, or export your personal data, restrict or object to certain processing, and withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data protection authority (in Switzerland, the Federal Data Protection and Information Commissioner, FDPIC).
To exercise any of these rights, email us at support@passthebib.com. We may need to verify your identity before acting on a request.
9. California residents
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended, gives you similar rights to those above. We do not sell or share personal data for cross-context behavioral advertising, so there is nothing to opt out of on that front today.
10. Cookies
We use only the cookies necessary to keep you signed in and to make the Service function correctly. We do not currently use advertising or third-party analytics cookies.
11. Children's privacy
The Service is not directed at, and we do not knowingly collect personal data from, anyone under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
12. Security
We use reasonable technical and organizational measures to protect personal data, including relying on Stripe for payment data so we never handle full card details ourselves. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
13. Changes to this policy
We may update this Privacy Policy from time to time. If we make a material change, we will update the "Last updated" date above and, where appropriate, notify you directly.
14. Contact
Questions about this policy or your data? Email us at support@passthebib.com.