PRIVACY POLICY
RIDYN — Ride Together. Explore Further.
Effective Date: April 17, 2025
Last Updated: April 17, 2025
Applicable to: RIDYN iOS App & RIDYN Android App
Welcome to RIDYN.
RIDYN is a motorcyclist touring platform designed to bring riders together through live tracking, group discovery, ride discovery, and ride statistics. We are deeply committed to protecting your personal information and being transparent about how we collect, use, store, and share your data. This Privacy Policy applies equally to the RIDYN iOS App and the RIDYN Android App, which are functionally identical.
Please read this Privacy Policy carefully. By registering for or using RIDYN, you acknowledge that you have read, understood, and agreed to the practices described herein. If you do not agree, please discontinue use of the app immediately.
1. About This Policy & Applicable Law
RIDYN is operated by [Your Company Name / Entity], a company incorporated under the laws of India, with its registered office at [Registered Address], India.
This Privacy Policy is drafted in compliance with:
- The Digital Personal Data Protection Act, 2023 (DPDP Act), India — our primary governing legislation
- The Information Technology Act, 2000 and the IT (Reasonable Security Practices) Rules, 2011
- Apple App Store Review Guidelines (iOS) and Google Play Developer Policy (Android)
- GDPR (EU General Data Protection Regulation) — to the extent that EU residents use RIDYN
- Any other applicable data protection laws depending on your jurisdiction
If there is a conflict between this Policy and any applicable law in your jurisdiction, the applicable law shall prevail to that extent.
2. Information We Collect
We collect the minimum information necessary to deliver the RIDYN experience. The categories of personal data we collect are:
2.1 Identity & Contact Information
- Full Name — to personalise your rider profile
- Phone Number — for account verification and two-factor authentication
- Email Address — for account management, notifications, and support communication
2.2 Social & Community Information
- Instagram Handle (optional) — to display on your public rider profile and facilitate community connections within the app
2.3 Motorcycle & Rider Information
- Motorcycle Ownership Details — including make, model, year, and variant — to personalise your profile and enable ride compatibility matching
- Blood Group — collected for emergency safety purposes only; this is treated as sensitive personal data under the DPDP Act
2.4 Location Data
- Precise real-time GPS location — collected while you use the Live Tracking and Group Ride features
- Route history — to generate and display your Ride Statistics
- Location is collected only while the app is in active use (foreground) or when you have explicitly enabled background location for live tracking sessions
2.5 Device & Technical Information
- Device type, operating system version, and unique device identifiers
- App version, crash logs, and performance diagnostics
- IP address and approximate network information
2.6 Usage Data
- Ride session data — distance, duration, speed analytics, elevation
- Group and ride discovery interactions
- Feature usage patterns for app improvement purposes
2.7 User-Generated Content
- Profile photos and any content you voluntarily upload or share within the app
3. How We Collect Your Information
- Directly from you — when you register, complete your profile, or interact with app features
- Automatically — through device sensors, GPS, and app usage analytics as you use RIDYN
- From third-party services — where you connect a social account or where our integrated SDKs (such as mapping, analytics, or crash reporting tools) relay technical data
4. Legal Basis for Processing Your Data
Under the DPDP Act 2023 and applicable laws, we process your personal data on the following lawful grounds:
- Consent: You provide explicit, informed consent at registration for the collection of standard and sensitive personal data (blood group). You may withdraw consent at any time (see Section 10).
- Contractual Necessity: Processing your identity, contact, and location data is necessary to deliver the core features of RIDYN that you have subscribed to.
- Legitimate Interests: Improving app performance, safety, and user experience, where such interests are not overridden by your rights.
- Legal Obligation: Where we are required to retain or disclose data under Indian law or pursuant to a lawful government or court order.
5. How We Use Your Information
We use your personal data strictly for the following purposes:
5.1 Core App Functionality
- Creating and managing your RIDYN rider profile
- Enabling Live Tracking so other riders in your group can see your real-time location during a ride session
- Facilitating Group Discovery — helping you find and connect with nearby rider groups
- Powering Ride Discovery — recommending routes, events, and rides relevant to you
- Generating and displaying your Ride Statistics — distance, speed, routes, and ride history
5.2 Safety
Your blood group is stored solely to be made accessible in the event of an emergency during a ride, visible only to other group members you are actively riding with, or to emergency contacts if you configure them.
5.3 Communication
- Sending account verification, OTP, and security alerts
- Sending service updates, feature announcements, and important policy notifications
- Responding to your support queries
5.4 App Improvement & Analytics
- Analysing aggregated, anonymised usage patterns to improve existing features and develop new ones
- Diagnosing technical issues and crashes
5.5 Legal & Compliance
- Complying with applicable Indian laws, regulations, and lawful government or court orders
- Enforcing our Terms of Service and protecting the safety and rights of our user community
We do not use your personal data to serve third-party advertisements within the RIDYN app.
6. Third-Party Services & Data Sharing
RIDYN integrates with select third-party technology providers to deliver its services. These providers act as data processors on our behalf and are contractually obligated to process your data only as instructed by us and in accordance with applicable privacy laws.
Categories of third-party services we may use include:
- Cloud Infrastructure & Hosting — for secure data storage and app operation (e.g., AWS, Google Cloud, or Firebase)
- Mapping & Navigation SDKs — such as Google Maps SDK, to power route display, ride discovery, and live tracking visualisation
- Analytics & Crash Reporting — such as Firebase Analytics, Crashlytics, or similar tools, to monitor app performance
- Push Notification Services — such as Firebase Cloud Messaging (FCM) or Apple Push Notification Service (APNs), to send you in-app and push notifications
- Authentication Services — for secure sign-in and OTP verification
We do not sell, rent, or trade your personal data to any third party for their own marketing or commercial purposes.
We may disclose your personal data to government authorities, law enforcement, or courts where required by law, a valid legal process, or to protect the safety of our users or the public.
In the event of a merger, acquisition, or restructuring of our business, your personal data may be transferred to the successor entity, subject to equivalent privacy protections. You will be notified of any such transfer.
For a current list of our third-party processors, please contact us at the address provided in Section 14.
7. Sensitive Personal Data
We collect and process the following category of Sensitive Personal Data as defined under the DPDP Act 2023 and the IT (Sensitive Personal Data or Information) Rules, 2011:
Blood Group — classified as health-related sensitive personal data.
We apply the following additional safeguards to this data:
- Explicit, separate consent is sought before collection
- It is stored with enhanced encryption at rest
- Access is restricted on a strict need-to-know basis — it is not used for profiling, advertising, or any purpose beyond emergency safety
- It is not shared with any third party except in a genuine emergency safety situation
8. Location Data & Live Tracking
Location is a core feature of RIDYN. Here is how we handle it:
- Precise GPS location is accessed only during active ride sessions or when you explicitly activate live tracking
- Location is shared in real-time with other members of your active ride group during a session — this is a user-controlled feature
- You may pause or stop live tracking at any time from within the app
- Background location access, if enabled by you, is used solely to maintain tracking continuity during an active ride session
- We do not continuously track your location outside of active sessions
- Route data is retained as part of your Ride Statistics and may be deleted by you at any time
iOS & Android Location Permissions:
RIDYN will request "Allow While Using App" permission for standard use. "Always Allow" may be requested only to support live tracking during an active ride, and you may deny this at any time from your device settings.
9. Data Storage, Retention & Security
9.1 Storage
Your personal data is stored on secure cloud servers. Data may be stored in India or in other jurisdictions where our cloud infrastructure providers operate. Where data is stored or processed outside India, we ensure appropriate contractual safeguards are in place consistent with the DPDP Act 2023.
9.2 Retention
- We retain your personal data for as long as your account is active or as necessary to deliver our services.
- Upon account deletion, we will delete or anonymise your personal data within 30 days, except where we are legally required to retain certain records.
- Aggregated, anonymised analytics data (which cannot identify you) may be retained for longer periods for service improvement purposes.
9.3 Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption in transit using TLS/HTTPS
- Encryption at rest for sensitive personal data including blood group
- Role-based access controls limiting internal data access to authorised personnel only
- Regular security audits and vulnerability assessments
- Incident response procedures compliant with applicable law
No method of transmission or storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. In the event of a data breach that is likely to harm you, we will notify you and the relevant authorities as required by law.
10. Your Rights as a Data Principal
Under the DPDP Act 2023 and other applicable laws, you have the following rights regarding your personal data:
- Right to Access — You may request a summary of the personal data we hold about you and how it is being processed.
- Right to Correction — You may request correction of inaccurate or incomplete personal data.
- Right to Erasure — You may request deletion of your personal data. We will comply subject to our legal retention obligations.
- Right to Withdraw Consent — You may withdraw consent for any or all data processing at any time. Withdrawal will not affect the lawfulness of processing prior to withdrawal, but may limit your access to certain features.
- Right to Grievance Redressal — You have the right to raise a grievance with us. We will acknowledge within 48 hours and resolve within 30 days (see Section 13).
- Right to Nominate — Under the DPDP Act, you may nominate another individual to exercise your rights on your behalf in the event of your death or incapacity.
To exercise any of these rights, please contact our Grievance Officer at the details provided in Section 13 or 14. We will respond within the timeframes stipulated by applicable law.
11. Children's Privacy
RIDYN is not directed at children under the age of 18. We do not knowingly collect personal data from minors. Motorcycling as an activity requires a valid driving licence, which mandates the user to be at least 18 years of age.
If we become aware that we have collected personal data from a person under 18 without verified parental consent, we will take immediate steps to delete that data. If you believe a minor has registered on RIDYN, please notify us immediately at the contact details in Section 14.
12. Cookies & Tracking Technologies
RIDYN is a native mobile application and does not use browser cookies. However, we and our third-party SDK partners may use device identifiers and similar technologies (such as advertising IDs) for:
- Session management and authentication
- Analytics and crash reporting
- App performance monitoring
You may reset your device's advertising ID or limit ad tracking through your iOS or Android device settings. Note that limiting these identifiers may affect the accuracy of our analytics but will not prevent you from using RIDYN.
13. Grievance Officer
In accordance with the Information Technology Act, 2000, the IT (Intermediary Guidelines) Rules, and the DPDP Act 2023, we have appointed a Grievance Officer to address your concerns:
Grievance Officer — RIDYN
Name: [Grievance Officer Name]
Designation: [Designation]
Email: grievance@ridyn.app
Postal Address: [Registered Office Address], India
Working Hours: Monday to Friday, 10:00 AM – 6:00 PM IST (excluding public holidays)
Response Time: We will acknowledge your grievance within 48 hours and endeavour to resolve it within 30 days of receipt.
14. Contact Us
For any questions, requests, or concerns about this Privacy Policy or your personal data, please reach out to us:
RIDYN — Privacy & Data Team
Email: privacy@ridyn.app
Support: support@ridyn.app
Website: www.ridyn.app
Registered Address: [Your Company Name], [Full Registered Address], India
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or new features we introduce to RIDYN.
When we make material changes, we will:
- Notify you via in-app notification and/or email at least 15 days before the changes take effect
- Update the 'Last Updated' date at the top of this Policy
- Where required by law, seek your renewed consent
Your continued use of RIDYN after the effective date of any revised Policy constitutes your acceptance of the updated terms. We encourage you to review this Policy periodically.
16. Governing Law & Dispute Resolution
This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising in connection with this Policy shall be subject to the exclusive jurisdiction of the courts of [Your City], India.
Before initiating any formal dispute, we encourage you to contact our Grievance Officer as described in Section 13 so that we may attempt to resolve the matter amicably.