Last updated 23/5/2018
With the term “Personal Information”, we mean all information that specifically identify an individual, including name, address, telephone number, email address and bank account. Personal Information may also include demographic information, such as date of birth, gender, geographic area, and more as per the applicable at any time Law concerning private data. We retain your Personal Information as long as it is necessary and relevant for our operations.
Ridemind collects and stores the following data when you are using our applications: User-ID, Android Device ID/iOS IDFA, IP Address, country code, language, device name, name and version of operating system. Ridemind uses these data for statistical reasons and to optimize its services. However, Ridemind reserves the right to use these data if illegal actions are taken by users against Ridemind and other users and in compliance with the applicable law.
Ridemind collects some information about you during registration. Ridemind cannot verify accuracy and authenticy of the information provided by users. When registering to our Service, you have to submit the following information about your own Personal Data:
First Name, Last Name, Email Address, Password, Profile Picture, Date of Birth, Mobile Phone Number
Ridemind will collect, process and use these data to provide its Service.
In case you want to rent out your car to other users, you additionally submit the following information:
Car Type, Car License issuance Year, Make, Model, Car characteristics and Features, Pickup Address, Drop Off Address, Insurance Type, Insurance Expiry Date, Car Plate Number, Insurance Contract and Registration Papers.
In case you want to rent any user’s car, in addition to registration data you submit the following information: Driver’s License, National ID or Passport and Full Address.
Car Owners should provide the following bank account information for the purpose of receiving payments for the Service. These information include: IBAN, Holder’s Name, BIC, Billing Address.
Ridemind will display some of your personal data on the Website and/or the applications. These data include: First Name, Number of rentals, Owned Cars, Reviews/Ratings, Profile picture. Users, when registering to the website and sign in this policy, provide to Ridemind an unconditional and irrevocable permission for display of the aforementioned personal data.
When you access our Platform, we may place small data files on your computer or other device. These data files may be cookies, clear gifs, pixel tags, e-tags, “Flash cookies”, or other local storage provided by your browser or associated applications (collectively “Cookies”). We use these technologies to recognize you as a customer; customize our Services for marketing purposes; help ensure your account’s security, and more.
When you log in to our Services, you will stay logged on/signed in until you explicitly sign out of your account. If you are using a public or shared computer, we strongly advise you to sign out and/or clear Cookies when you are done using our Platform in order to protect your account and your Personal Information. Otherwise, any other user of the computer/browser will be able to view and access your account. In any case that you do not sign out and/or clear Cookies properly Ridemind bears no responsibility for any unauthorized access to your account.
You can access, review and edit certain Personal Information that has been previously provided to us by you at any time by logging in to your account and reviewing your account settings and profile.
We have taken all reasonably available security measures in order to protect Personal Information against unauthorized access, destruction, or alteration while it is under our control. However, no method of transmission over the Internet, and no method of storing information can be 100% secure. So, we cannot guarantee the absolute security of your transmissions to us and of your Personal Information that we store. Provided that all such security measures are in place and applied Ridemind may not be held responsible of loss of Personal Information.
Our Services address people over 18 years old. We do not collect and use information for people under 18 years old. If someone under 18 years old provides us information, his or her parent should contact us in order to delete this information.
This website may contain links to other sites. We are not responsible for the privacy practices or the content of such Web sites.
All online payments through the website and the mobile applications of Ridemind are made through MangoPay payment gateway. The module of MangoPay is attached in the framework of Ridemind’s website and applications. Users enter their credit card details during the booking process without ever having to leave the website. However, Ridemind has no access to the credit card details of the users or the transactions’ processes, which are stored directly to MangoPay.
1. The following terms shall have the meaning attributed to them in this policy:
1.1. “Data Protection Laws and Regulations” shall refer to all European Union and member-state laws and regulations, which are applicable to RIDEMIND, along with any data processing orders, guidelines and orders issued by competent EU member-state authorities protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data.
1.2. “Data Controller” means RIDEMIND which alone or jointly with others determines the purposes and means of the processing of personal data;.
1.3. “Data Subject” means an identifiable natural person, who is a European Union resident and about whom the Data Controller holds Personal Data.
1.4. “GDPR” means the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as amended, replaced or superseded and in force from time to time and as transposed into Member-state legislation.
1.5. “Personal Data” shall mean any information which falls within the scope of this policy and relates to a Data Subject, who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.6. ““Supervisory Authority” means an independent public authority which is established by an EU Member State pursuant to Article 51 of GDPR.
2. GENERAL OBLIGATIONS
2.1. Subject to any exemptions provided under Data Protection Laws and Regulations, RIDEMIND hereby designates a data protection officer, as stipulated in Schedule 1 of this policy. RIDEMIND undertakes to ensure that its data protection officer is involved, properly and in a timely manner, in all issues which relate to the protection of the Personal Data;
2.2. RIDEMIND undertakes to ensure that the Data Protection Officer shall upon notice promptly communicate, inform and cooperate on any issues arising from the processing of the Personal Data and the execution of the present Data Processing policy.
3. CONTROLLER OBLIGATIONS
3.1. The RIDEMIND warrants and guarantees that the Personal Data have been lawfully collected and processed and that, be accepting this policy, Data Subjects have been lawfully consented and/or informed according to Data Protection Laws and Regulations.
3.2. The RIDEMIND warrants and guarantees that any data processing procedures employed by RIDEMIND in relation to the processing of Personal Data shall comply with Data Protection Laws and Regulations.
3.3. RIDEMIND shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which the RIDEMIND acquired such Personal Data.
3.4. RIDEMIND warrants and undertakes that it shall only process Personal Data for the purposes of providing the Services.
3.5. RIDEMIND shall maintain in writing, including in electronic form, a record of all categories of processing activities carried out on behalf of the Controller, containing at least the following:
(a) the categories of processing carried out in the context of the Services;
(b) where applicable, transfers of personal data to a third country or an international organization, including the identification of that country or international organization and the documentation of suitable safeguards;
(c) a general description of the technical and organizational security measures taken for the protection of personal data.
(d) RIDEMIND shall make the record available to the supervisory authority on request.
3.6. On any occasion that a Data Subject ceases to use the Services by deregistering or upon its request RIDEMIND shall cease to access and use the Personal Data and shall arrange for its safe return or destruction and any copies thereof, unless Data Protection Laws and Regulations requires storage of any Personal Data or an exemption under Data Protection Laws and Regulations applies.
4. DATA SECURITY OBLIGATIONS
4.1. RIDEMIND shall take steps to ensure that any natural person acting under the authority of RIDEMIND, who has access to personal data does not process them except on instructions from RIDEMIND, unless he or she is required to do so by Union or Member State law.
4.2. RIDEMIND will inform the Data Subject including but not limited to the Supervisory Authority of becoming aware of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, the Personal Data transmitted, stored or otherwise processed.
5. TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS
5.1. In the case that Personal Data is to be transferred to a third country or international organization, RIDEMIND shall provide and maintain appropriate safeguards as set out in the GDPR and Data Protection Laws and Regulations to lawfully transfer the Personal Data to a third country.
5.2. In the case that such a transfer involves special categories of data, RIDEMIND shall ensure that the Data Subject has been lawfully informed or will be lawfully informed before the transfer to a third country.
6. COOPERATION WITH SUPERVISORY AUTHORITIES
6.1. RIDEMIND and, where applicable, its data protection officer, shall cooperate, on request, with the supervisory authority in the performance of its obligations and tasks under the present Data Processing policy and Data Protection Laws and Regulations.
6.2. The contracting parties agree that the Supervisory Authority has the right to conduct an audit of RIDEMIND, within the framework of Data Protection Laws and Regulations.
7. DATA USE
We use, store and process Personal Data to provide and improve the Services and ensure a secure, safe and trusted provision of the Services. In particular RIDEMIND may use and process Personal Data to:
7.1. Provide and improve the Services,
- enable Data Subjects to access and use the Services
- provide customer support to Data Subjects
- enable the processing of transactions and send notices abouttransactions
- improve the Services, including by personalizing or customizing Data Subjects’ user experience
- measure the performance of the Services
- enable Data Subjects to communicate with other Services’ users, including by sending them messages or other information during the booking process
- provide targeted marketing, provide Service update notices, and deliver promotional offers based on Data Subject’s communication preferences
7.2. Ensure a secure, safe and trusted experience,
- verify Data Subject’s identity or authenticate information provided by the same, including during account creation and password reset processes
- resolve disputes, collect fees, and troubleshoot problems
- detect, prevent, and/or remediate fraud, abuse, security incidents or other potentially harmful, prohibited or illegal activities
- detect, prevent or remediate violations of and enforce RIDEMIND terms and policies
- manage and protect RIDEMIND information technology infrastructure
- conduct checks against databases and information sources
7.3. In this respect, RIDEMIND may do any or all of the foregoing with or without further notifying Data Subject where permitted by Data Protection Laws and Regulations;
7.4. RIDEMIND shall retain Personal Data as long as it is reasonably
necessary and relevant for the Services.
8.1. Any Data Subject may direct RIDEMIND to share Personal Data or consent to it as described at the time of sharing, such as when authorize RIDEMIND to send to a third party marketing partner.
8.2. Sharing between hosts and guests
RIDEMIND facilitates car owners to offer and share their vehicles with other individuals. If a Data Subject agree to a booking through the Services, RIDEMIND may provide relevant information to the other party in that transaction as reasonably necessary to enable the transaction.
8.3. Service providers RIDEMIND may share Personal Data with vendors and service providers who are engaged by, or working with, RIDEMIND in connection with the
processing of payments, operation of the Services and customer support and who need access to such information to carry out their work for RIDEMIND. In some cases, the service provider may be directly collecting the information from Data Subject on RIDEMIND’s behalf. These service providers may be located inside or outside Data Subject’s country of residence, including outside the EU. These providers have limited access to Data Subject’s information to perform these tasks for RIDEMIND and are contractually obligated to use it consistent with this Data Protection policy.
8.4. Aggregated data
RIDEMIND may compile information and data about the use of the Services. RIDEMIND may also share aggregate demographic information with advertisers and partners. This policy in no way restricts or limits the collection and use by RIDEMIND of such information that does not identify any individual.
9. ACCESS TO PERSONAL DATA
Any Data Subject may review, correct, update, and edit certain information that has been previously provided to RIDEMIND by the same at any time by logging in to the respective account and reviewing such account settings and profile. Any Data Subject may also access or request a correction of respective Personal Data by contacting RIDEMIND.
Any Data Subject may request a copy of its Personal Data. RIDEMIND will send a copy of the requested Personal Data to the email address provided in your account as soon reasonably practicable.
10. ACCOUNT CLOSURE
If a Data Subject wish to close the account and request deletion of respective Personal Data, must send an email to firstname.lastname@example.org
Please note that RIDEMIND shall do so subject to clause 3.6 above.
Subject to Data Protection Laws and Regulations, a Data Subject also have the right to lodge a complaint with your Greek data protection authority or the European Data Protection Supervisor.
RIDEMIND has endeavored to implement reasonable security measures to the aim of protecting information against unauthorized access, destruction, or alteration while it is under our control. However, no method of transmission over the Internet, and no method of storing information, can be 100% secure.
RIDEMIND may change this Data Protection Policy. Please take a look at the “Last revised” legend at the top of this page to see when this Data Protection Policy was last revised. Any changes to this Data Protection Policy will become effective when we post the revised Data Protection Policy on the Services. Your use of the Services following these changes means that you accept the revised Data Protection Policy. If you don’t agree to these changes, you can contact us to close your account and you will only be bound by the prior version of the Data Protection Policy.