Data Policy

1. Introduction

This Data Policy explains how SeaJets Wallet processes your personal data when you use our service to convert SeaJets ferry tickets into digital wallet passes.

2. Privacy by Design Approach

Our Commitment: No data is stored persistently. All files are processed in-memory only and immediately deleted from RAM after processing.

3. Data Controller

Name: Markus Hoefinger
Address: 1190 Vienna, Austria
Email: markus@hoefinger.com

4. Data Collection and Processing

4.1 Uploaded Files

  • SeaJets ferry ticket files (PDF, PNG, JPG)
  • Extracted ticket data (passenger name, vessel, date, seat, etc.)
  • QR codes from the documents

4.2 Technical Data

  • Basic rate limiting information (anonymized)
  • Aggregate counter of generated tickets (no personal data)

5. Purpose of Data Processing

Your data is processed exclusively for the following purposes:

  • Creation of digital wallet passes (Apple Wallet, Google Wallet)
  • OCR text processing for data extraction
  • Quality assurance and error handling
  • Anonymous usage statistics (ticket counter only)

6. Legal Basis

Data processing is based on:
• Art. 6(1)(b) GDPR (contract performance)
• Art. 6(1)(f) GDPR (legitimate interest in providing the service)

7. Data Storage and Retention

Important: All uploaded files and extracted data are processed in-memory only (RAM) and automatically deleted within 1 minute after processing. No personal data is stored persistently. We only maintain an anonymous counter of total tickets generated for service statistics.

8. Data Sharing

Your data is not shared with third parties. Processing occurs exclusively on our servers. We do not use external services for data processing.

9. Your Rights

You have the following rights:

  • Right of Access: You can request information about your processed data
  • Right to Erasure: You can request immediate deletion of your data
  • Right to Object: You can object to data processing
  • Right to Data Portability: You can receive your data in a structured format
  • Right to Rectification: You can request correction of inaccurate data

10. Security Measures

  • HTTPS encryption for all data transmissions
  • Rate limiting to prevent abuse
  • Automatic data deletion after 1 minute
  • Strict file type validation
  • Input sanitization against XSS attacks
  • No persistent storage of personal data

11. Cookies and Tracking

This application does not use cookies or any tracking mechanisms. We do not collect analytics data, IP addresses, browser information, or track user behavior. The only persistent data is an anonymous counter of total tickets generated. Your privacy is fully protected.

12. Technical Implementation

  • All files are processed in-memory only (RAM)
  • Temporary files are automatically deleted within 1 minute
  • No collection of IP addresses or browser information
  • No user tracking or analytics
  • Only an anonymous ticket counter is maintained
  • Server-side processing only

13. Changes to This Policy

This Data Policy may be updated as needed. The current version is always available on this page.

Note: This application processes your data exclusively in-memory and deletes it automatically after 1 minute. We do not collect IP addresses, browser information, or any tracking data. The only persistent data is an anonymous counter of total tickets generated.