Privacy Policy
August 2022
Introduction
We take your privacy seriously. Our Privacy Policy explains the personal data we collect, how we use and share it, how long we keep it for, how we keep it secure and your rights in relation to the same. This Privacy Policy covers the use of our Website (https://linkmyride.com/) and dedicated mobile application (app) (collectively known as our “Services”). We also have a Terms of Use document, which may be found on our website www.linkmyride.com, which should be read alongside this policy.
1. Identification and contact details of the data controller
Your (meaning users of our Services and visitors to our Website) personal data is processed by Link My Ride Ltd (registered with the ICO with number ZB273350) ("Link My Ride, we, us”) with our registered office in the United Kingdom at 63 Broad Green, Wellingborough, Northamptonshire, United Kingdom, NN8 4LQ.
If you have any questions about this policy, our use of your personal data or would like to exercise any of your privacy rights as set out below, please email us at: Privacy@linkmyride.com
Given the nature of our Services, this Privacy Policy is aimed at adults. We do not expect to collect the personal data of anyone under 13 years old. If you are aware that any personal data of anyone under 13 years old has been shared with us please let us know so that we can delete that data.
2. What data do we collect?
We collect information which both directly and indirectly identifies you. We collect the majority of this information directly from you, such as when you share your location information with us to allow you to share a cycling activity or route with other Users of our Services.
When you register to use our Services, we ask for your name, email address, location data, gender, password and photograph in order to create and maintain your profile. When using our Services to create, search for, or join a nearby cycling activity, your exact location is not viewable by other users within the app: only your location data within 1 kilometre of your GPS location which is then randomised within that 1 kilometre radius. We do not collect this type of data when you are not using our Services and you may choose to stop sharing your location by disabling this function in our app’s, or your devices, privacy settings. We may also collect your personal data if you are a member of a cycling club, through your club administrator, by you being a member of that club. Where that is the case, the administrator of that club is responsible for ensuring they have the appropriate consents to share your data.
Some of this information is optional and is collected to help tailor your experience, and some is necessary for us to provide our Services. You can change your profile personal data within the app under its privacy settings. We may also collect your personal data when you like, comment or share another User’s activity or if you join or create a cycling group. We do not ask for, collect or process special category personal data, such as health data as part of our Services.
All fields marked with an asterisk (*) in the forms on the Website and the app must be completed, so that failure to complete any of them may make it impossible for us to provide the Services.
When you access and use our Services, we also collect information through cookies or other tracking tools. Please see our linkmyride.com/cookies for details of cookies and similar technologies we use.
3. How we use your data
We use your personal data to provide our Services, which includes:
- Recording your cycling routes and performances;
- Sharing your cycling routes, location and performances with other Users of our services – with your consent which may be changes in privacy settings;
- Providing you with updates on new or suggested routes in your area;
- Improving our Services by using third-party analytics providers;
- Communicating with you about your use of our Services – with your consent.
We allow Users to manage and change their privacy settings when using our Services. This can be done on our Website or app to change who can see your profile, location and recent cycling routes and activities.
Use of our Services and sharing your personal data with us is completely optional. However, we need certain data to be able to provide the Services to you. The legal bases for processing your personal data in connection with our Services are:
- With your consent to our processing of your personal data including sharing it with third parties (as set out in this Privacy Policy) including other Users of our Services. Where you’re part of a cycling club the administrator may provide your details to us;
- Necessary to provide you with our Services in adherence with our Terms of Use (to fulfil a contract to provide you with our Services in exchange for you complying with our Terms of Use), although note that you can delete the app at any time;
- Necessary for us to comply with a legal obligation including to exercise or defend a legal claim; and
- Protect your vital interests, or those of other Users, where it is necessary in the event of an emergency and to share your personal data with legal authorities when necessary and we are under a legal obligation to do so; and
- The legitimate interest of Link My Ride to market to you (where permitted to do so by applicable laws).
If you register to use our Services, we may send you, by email or in-app, notifications and updates (service communications) about our Services from time to time.
We may share your personal data with our trusted third parties (such as IT vendors, hosting providers and advisors who help to run our business) who we contract with to perform specific functions to help deliver our Services:
- Data Hosting: Amazon (Amazon Web Services) – for hosting our data on its cloud software;
- Direct Marketing: Mailchimp – for email mailshot services;
- Location Data within our Service: Mapbox – for sharing location data embedded within our app;
- Payment Processing: Stripe – for processing payments. Please note Link My Ride does not store your payment or bank details.
- For Analytics: Google Firebase, Analytics and Tag Manager – for analytical and statistical purposes;
- Consent Mechanism: OneTrust – for our website’s cookie consent mechanism;
- In-app Features: Pusher – for various in-app features and interfaces including notifications, live chats and location tracking.
We require all third party service providers to implement appropriate security measures to protect your personal data. Where our third party providers are data controllers, they are responsible for the safeguarding of your data: please refer to each of our third parties’ own privacy policies for further detail on how they may process your data (these can be found on their websites which we can share upon request). We do not permit our third party service providers to use your personal data for their own purposes. The recipient of your personal data will be bound by confidentiality obligations. We may amend the list of third parties we use from time to time.
We may also share your personal data with our professional advisers (such as lawyers) or external IT support who are bound by confidentiality obligations. We may also be required to share some personal data as required to comply with the law or a legal obligation such as to the police and courts. This may be necessary in situations where the legal authorities make a request for your personal data on the grounds of preventing or detecting a crime, or if we suspect fraud.
We do not sell your personal data to any third-parties.
4. How long do we keep your information for?
We keep all the User's personal information for as long as it is necessary to provide our Services to you, subject to any exemptions. We will retain essential personal data about your profile until your account is deleted and thereafter in line with the statutory limitation periods (usually, three years following deletion). We may retain your essential personal data for this length in order to comply with a legal obligation or to defend legal claims brought against us, co-operate with legal authorities request for personal data or to enforce our Terms of Use. Essential data for this purpose means your identification data, location and activity data.
We may anonymise or aggregate your data to the extent it is no longer possible to identify you from it. This will typically be used for analytical and statistical purposes to help us develop and improve our Services for other Users.
5. Data transfers
Our data is hosted in the UK. Where third party processors transfer personal data outside of the UK, we will ensure there are adequate safeguards in place as required by applicable law.
6. Where we keep your data
Our data is hosted by Amazon Web Services, on servers within the UK.
7. Exercising your rights
The User may exercise the following rights, subject to certain exemptions:
- The right of access and be provided with a copy of your personal data.
- The right to rectify any inaccurate personal data.
- The right to delete personal data, where this is possible, subject to any exemptions such as if this is required by us to exercise or defend legal claims.
- The right to request the restriction of the processing of personal data where the accuracy or necessity of the data processing is in doubt, in which case we may retain the data for the purpose of pursuing or defending claims.
- The right to withdraw your consent at any given time.
- The right not to be subject to automated individual decision making that produces legal effects concerning you or similarly significantly affects you.
You may exercise these rights at any time by sending an e-mail to Privacy@linkmyride.com indicating in the subject line the right you wish to exercise and your identification details. We have one calendar month to comply with this request (including once we are satisfied with your identity), but this may be extended by us for a further two months in certain circumstances where necessary and permitted by applicable law.
8. Cookies
We use cookies to provide our Services. Please visit our cookies policy which may be accessed linkmyride.com/cookies or may be provided upon request by emailing: Privacy@linkmyride.com
9. Security measures
Link My Ride adopts the security levels required by UK GDPR on the protection of individuals with regard to the processing of personal data and on the free movement of this data appropriate to the nature of the data being processed at any given time. The data we store and process is protected by encryption measures which we are satisfied provide an appropriate level of security.
Notwithstanding the foregoing, technical security in a medium such as the Internet is not impregnable and there may be malicious actions by third parties. Link My Ride puts all the means at your disposal to avoid these actions.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
10. Modification of the present privacy policy
Link My Ride reserves the right to modify the present Privacy Policy to adapt it to future legislative or jurisprudential changes, as well as for future uses that could be made of the personal data of the users of the Website and the app from time to time.
In the event that this modification affects the treatment of the User's data significantly, Link My Ride shall notify the User of this modification.
11. Acceptance for data processing
In accordance with all the expressed in the present Privacy Policy, the User shall accept the processing of his/her data from the channels and forms expressed in this policy and for the purposes described therein when using our website or signing up to our app or to otherwise receive our Services.
12. How to complain
Please contact us in the first instance at Privacy@linkmyride.com if you have any questions or concerns about our use of your personal data. We hope we can resolve any questions or issues you may have.
However, if you do not feel satisfied with our resolution of your issues, you may lodge a complaint with the UK’s data regulator, the Information Commissioner’s Office at https://ico.org.uk/make-a-complaint/ or call 0303 123 1113.