Privacy Policy

1. Introduction and Company Details

Protecting your privacy is of utmost importance to Rido. This personal data protection policy covers personal information, regardless of whether it is collected and stored in digital format, on paper, or in any other comparable manner. The policy includes data entry, data storage, and the processing of personal information that falls within its scope. This policy is available on Rido's website.

The service is provided by Go2 Place S.L., a commercial company duly incorporated under Spanish law, with Tax Identification Number (NIF) B01745405 and its registered office at Calle Eneldo 3, C4, local 22 — Orihuela Costa — 03189, registered in the Commercial Registry of Alicante in Volume 4309, Folio 12, Sheet A-170633, Entry 1000173971259.

You can contact us via email at: info@rido.bike

2. Applicable Legislation on Personal Data Protection

The processing of personal information is subject to current data protection regulations, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or GDPR), as well as Organic Law 3/2018, of December 5, on Personal Data Protection and guarantee of digital rights (LOPDGDD).

These regulations govern, among other aspects, the collection, storage, processing, and transfer of personal data.

3. Responsibility

Go2 Place S.L.(hereinafter, "Rido") is the Data Controller of the personal data you provide to us and for the management of such data in its operations. Rido is authorized to use the personal data you provide to us.

You can contact us regarding our personal data protection policy or file a complaint about a possible infringement of data protection regulations by sending an email to info@rido.bike

For any queries related to the protection of your personal data, you can contact our Data Protection Officer (DPO) at: info@rido.bike

4. Collection and Use of Personal Data

We collect and store a range of personal information about our customers, as detailed below. We collect this information in order to provide the requested service and based on the following legal bases:

4.1 Data Collected and Purposes of Processing

• Identification and contact data: Name, national identification number (or date and year of birth), address, telephone number, and email address. This data is used for managing your user account, providing the contracted services, and communicating with you. The legal basis is the performance of a contract and Rido's legitimate interest.
• Financial data: Credit card number, debit card number, bank account information. This data is processed for the collection of fees for the services provided. The legal basis is the performance of a contract.
• Geolocation data: Data concerning the location of the rented vehicle during and after the rental period. The legal basis is the performance of the contract for the provision of the rented vehicle service.
• Device data: IP address, device type, browser version, operating system. The legal basis is Rido's legitimate interest in ensuring the correct functioning of the service, fraud prevention, and continuous improvement.
• Usage data: Information related to the use of the App and the service. This includes trip history, ride start and end times, and distance travelled. The legal basis is the performance of the contract and Rido's legitimate interest in improving its services.

4.2 Special Categories of Data

Rido does not process special categories of personal data (e.g., racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, or data concerning health or sexual orientation).

5. Disclosure of Data to Third Parties

We may share your personal data with third parties in the following circumstances:

• Cloud computing service providers: For data storage and processing.
• Payment service providers: For processing payments for the services contracted through the App.
• Public authorities and law enforcement agencies: When required by law or to comply with legal obligations, court orders, or requests from public authorities.
• Insurance companies: For the management of claims and coverage related to the use of the Vehicles.
• IT service providers: For the maintenance, development, and improvement of our IT systems and the App.

Under no circumstances will we sell, trade, or otherwise transfer your personal information to outside parties, except as described in this policy or as required by law.

6. Links to Third Parties

Our App and website may contain links to third-party websites or applications that are not operated or controlled by Rido. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to read the privacy policies of every site you visit, particularly if you are providing personal information.

7. Security Measures

Rido has implemented appropriate technical and organisational measures to protect the personal data it processes against accidental loss, unauthorised access, manipulation, or disclosure. These measures include, but are not limited to:

• Encryption of personal data in transit and at rest
• Access controls and authentication mechanisms
• Regular security audits and vulnerability assessments
• Employee training on data protection policies
• Incident response procedures

Despite our best efforts, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

Personal data will be retained for no longer than is necessary for the purposes for which it was collected. The criteria for data retention periods are as follows:

• Account data: Retained for the duration of the user account and up to 3 years after account closure, unless legal requirements stipulate otherwise.
• Ride/trip data: Retained for the duration necessary for billing, dispute resolution, and legal compliance, typically up to 5 years.
• Marketing communications data: Retained until the user withdraws consent or requests deletion.
• Cookie data: Retained in accordance with the Cookie Policy and applicable legislation.

9. Your Rights as a Data Subject

• Right of Access: You may request confirmation as to whether your personal data is being processed and, if so, access that data along with a copy.
• Right of Rectification: You may request the correction of inaccurate personal data or the completion of incomplete data.
• Right of Erasure (Right to be Forgotten): You may request the deletion of your personal data when it is no longer necessary for the purpose for which it was collected, or when you withdraw consent, or when you object to the processing.
• Right to Restriction of Processing: You may request the restriction of processing of your data in certain circumstances, such as when you contest the accuracy of the data.
• Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format, and have it transmitted to another controller.
• Right of Objection: You may object to the processing of your data based on legitimate interests, including profiling.
• Right not to be subject to automated decisions: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects you.

To exercise any of these rights, please contact us at info@rido.bikeor at the postal address indicated in section 1, enclosing a copy of your ID card or equivalent identification document.

10. Amendments to the Privacy Policy

Rido reserves the right to modify this Privacy Policy at any time. Such modifications shall become effective upon their publication on our website and/or through the App. We recommend that you review this page periodically for the latest information on our privacy practices.

If the changes are substantial, we will make reasonable efforts to notify you through the App or via email prior to the changes taking effect, particularly where the changes affect the processing of your data.

11. Right to File a Complaint with the Supervisory Authority

If you believe that the processing of your data infringes applicable regulations, you have the right to file a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos — AEPD), via www.aepd.es.