Jump The Line

Jump The Line Privacy Policy

Last updated: July 4th, 2026

1. Who we are

Jump The Line ("Jump The Line", "JTL", "we", "us", or "our") operates a marketplace that lets patrons purchase passes to skip entry lines at participating venues. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our website, our web application at app.jumptheline.ca, and related services (together, the "Service").

This Policy applies to everyone who uses the Service, including patrons who buy passes and venue representatives who create accounts to manage a venue.

We are committed to handling your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA), the British Columbia Personal Information Protection Act (BC PIPA), and, for commercial electronic messages, Canada's Anti-Spam Legislation (CASL).

2. What we mean by personal information

Personal information means information about an identifiable individual. It does not include business contact information used solely to communicate with you in a work capacity, or information that has been aggregated or de-identified so that it can no longer be associated with you.

3. The personal information we collect

We collect only the personal information we need to operate the Service. Depending on how you use it, this may include the following.

Account and identity information. When you create an account, our authentication provider (Clerk) collects and stores your name, email address, and password credentials, and may collect a phone number or a third-party sign-in identifier (for example, if you sign in with Google or Apple). We do not store your password ourselves; Clerk manages it.

Transaction and payment information. When you buy a pass, our payment processor (Stripe) collects your payment card or payment method details directly. We never see or store your full card number. We receive limited transaction metadata such as the amount, the pass purchased, the participating venue, a payment confirmation, and the last four digits and card brand for receipt and support purposes.

Pass and usage information. We collect information about the passes you buy or redeem, including the venue, date, time, price, service fee, pass status, and redemption record. We may collect information about how you interact with the Service, such as pages viewed and actions taken.

Device and log information. Our hosting provider (Vercel) and our systems automatically collect technical information when you use the Service, such as your IP address, browser type, device identifiers, access times, and error logs.

Communications. If you contact us, or when we send you transactional emails through our email provider (Resend), we process your email address and the content of those communications.

Venue account information. If you represent a venue, we collect the contact and business details needed to set up and manage the venue on the platform, and the details required by Stripe to enable payouts to the venue.

4. How we collect personal information

We collect personal information in three ways: directly from you when you provide it (for example, when you register or buy a pass), automatically through your use of the Service (for example, log and device data), and from the third-party service providers described in Section 8 who help us deliver the Service (for example, Clerk and Stripe).

5. Why we collect and use your personal information

Under PIPEDA and BC PIPA we identify the purposes for which we collect personal information. We use your personal information to:

  • create and manage your account, and authenticate you when you sign in;

  • process pass purchases, calculate and collect our service fee, issue receipts, and facilitate payouts to venues;

  • deliver and validate passes, including sharing the information a venue needs to confirm your pass at the door (see Section 7);

  • provide customer support and respond to your inquiries;

  • send you transactional messages about your account and purchases, such as receipts and pass confirmations;

  • with your consent where required, send you marketing or promotional messages (see Section 10);

  • operate, maintain, secure, and improve the Service, including troubleshooting, analytics, and fraud prevention;

  • comply with our legal obligations and enforce our Terms and Conditions.

We will not use your personal information for a new purpose that is materially different from those above without obtaining your consent, unless the law permits or requires us to.

6. Consent

By creating an account and using the Service, you consent to the collection, use, and disclosure of your personal information as described in this Policy.

We generally rely on your express consent for sensitive matters and for marketing communications, and on your implied consent for uses that are obvious in the context of the Service (for example, using your email to send you a receipt for a pass you just purchased).

You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting us using the details in Section 15. If you withdraw consent for a use that is necessary to provide the Service, we may no longer be able to provide it to you.

7. Sharing your information with venues

The Service connects you with participating venues. To validate your pass and permit entry, we share limited information with the venue you purchased a pass for, such as your name, the pass you hold, and its redemption status. Each venue is an independent business and is responsible for its own handling of your information once shared. We encourage you to review the privacy practices of any venue you interact with. We are not responsible for a venue's independent use of your information beyond the purpose of validating your pass.

8. Service providers and disclosure to third parties

We use trusted third-party service providers to operate the Service. These providers process personal information on our behalf, under contract, and are permitted to use it only for the purposes of providing services to us. Our core providers are:

  • Clerk (user authentication and account management);

  • Stripe (payment processing and venue payouts, as merchant of record for pass sales through Stripe Connect);

  • Neon (managed database hosting for our application data);

  • Vercel (application hosting and delivery);

  • Resend (delivery of transactional and, where applicable, marketing emails).

We may also disclose personal information:

  • to a participating venue, as described in Section 7;

  • if required to do so by law, regulation, legal process, or a lawful request by a government or law enforcement authority;

  • to protect the rights, property, or safety of Jump The Line, our users, or others, including to detect, prevent, or address fraud or security issues;

  • in connection with a corporate transaction such as a merger, financing, acquisition, or sale of assets, in which case personal information may be transferred as part of that transaction, subject to appropriate protections.

We do not sell your personal information.

9. Storage outside Canada and cross-border transfers

Our service providers store and process personal information on servers located in the United States. In particular, our database is hosted with Neon on servers in the United States (US East region), and our authentication, payment, hosting, and email providers also process data in the United States and potentially other countries.

This means your personal information may be stored and processed outside of Canada. While it is outside Canada, it is subject to the laws of the country where it is held, and the courts, law enforcement, regulatory, and national security authorities of that country may be able to obtain access to it under the laws of that jurisdiction, including through lawful access requests. This access may occur without notice to you or to us.

We use contractual and other measures to require our service providers to protect your personal information to a standard comparable to that required under Canadian law. By using the Service, you acknowledge that your personal information may be transferred to, and stored and processed in, the United States and other countries as described above. If you have questions about our cross-border practices, please contact us using the details in Section 15.

10. Marketing communications and CASL

We will send you transactional messages that are necessary to operate the Service, such as account confirmations, receipts, and pass details. These are not marketing messages.

We will only send you commercial electronic messages, such as promotions, giveaways, or newsletters, where we have your consent as required under CASL, or where CASL otherwise permits (for example, on the basis of an existing business relationship). Every commercial electronic message we send will identify us, include valid contact information, and include a working unsubscribe mechanism. You can withdraw your consent to marketing messages at any time by using the unsubscribe link in any such message or by contacting us using the details in Section 15. We will honour your request promptly.

11. Cookies and similar technologies

The Service uses cookies and similar technologies. Some are strictly necessary to operate the Service, such as the session cookies our authentication provider uses to keep you signed in. Without these the Service will not function.

You can set your browser to refuse cookies or to alert you when cookies are being sent, but parts of the Service may not work properly if you do.

12. Retention

We keep your personal information only as long as necessary to fulfil the purposes described in this Policy, to provide the Service to you, and to meet our legal, accounting, tax, and reporting obligations. We retain transaction records for seven (7) years to meet tax and accounting requirements. We retain account information while your account is active and for a reasonable period after your account is closed, after which we take reasonable steps to securely delete or de-identify it.

13. Safeguards and security

We take reasonable administrative, technical, and physical measures to protect personal information against loss, theft, and unauthorized access, disclosure, copying, use, or modification. These measures include encryption in transit, access controls, and reliance on service providers that maintain recognized security standards, such as Stripe's PCI-DSS compliance for payment data. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a breach of security safeguards involving your personal information that creates a real risk of significant harm, we will notify you and the appropriate authorities as required by law.

14. Your rights

Subject to certain legal exceptions, you have the right to:

  • Access the personal information we hold about you and receive an account of how it has been used and to whom it has been disclosed;

  • Correct personal information that is inaccurate or incomplete;

  • Withdraw consent to our collection, use, or disclosure of your personal information, subject to legal and contractual limits;

  • Withdraw from marketing communications at any time.

To exercise any of these rights, contact us using the details in Section 15. We will respond within the timeframes required by applicable law. We may need to verify your identity before acting on your request. There is generally no charge to access your own information, though in limited cases the law permits a minimal cost-based fee, which we will tell you about in advance.

15. How to contact us and how to complain

If you have questions, requests, or concerns about your personal information or this Policy, please contact our Privacy Officer:

Privacy Officer, Jump The Line Email: info@jumptheline.ca

We will do our best to resolve your concern. If you are not satisfied with our response, you have the right to complain to the relevant privacy regulator:

  • Office of the Privacy Commissioner of Canada (for matters under PIPEDA): www.priv.gc.ca

  • Office of the Information and Privacy Commissioner for British Columbia (for matters under BC PIPA): www.oipc.bc.ca

16. Children and age

The Service is intended for adults. You must be at least 19 years old, the age of majority in British Columbia, to create an account and purchase a pass. We do not knowingly collect personal information from anyone under 19. If we learn that we have collected personal information from a person under 19, we will delete it.

17. Changes to this Policy

We may update this Policy from time to time. When we do, we will revise the "Last updated" date at the top. If the changes are significant, we will take reasonable steps to notify you, for example by email or through a notice in the Service. Your continued use of the Service after an update means you accept the revised Policy.