Privacy Policy
Effective date: 3 July 2026
Rideout ("Rideout", "we", "us") is a ride planning service for motorcyclists, available at rideout.co.za and through our mobile apps. This policy explains what personal information we collect, how we use it, and the choices you have. We operate from South Africa and process personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA). Rideout is the responsible party for the personal information described in this policy.
1. Information you give us
- Account details: your name, email address and a password. Passwords are stored only as a cryptographic hash — we cannot read them.
- Sign-in with Google or Apple: if you sign in with a third-party account, we receive your name, email address and profile picture from that provider.
- Profile information: optional details you choose to add, such as a username, profile photo, bio, location and the bikes you ride.
- Content you create: routes (including their geographic path), rides, ride descriptions, meeting points, dates, and your participation in and responses to rides, as well as who you follow.
- Feedback and support messages: anything you send us through the in-app feedback form, together with your account email address.
- Waitlist sign-ups: if you join our expansion waitlist, your email address, location and country.
2. Location data
The mobile app can use your device's precise location, with your permission, to show your position on a route while you are navigating. This happens only while you are using the app. We do not currently store your live location or keep a history of where you have ridden. Routes and rides you create or save do contain geographic data (the route path and meeting points), which is stored with your account.
3. Information collected automatically
- Usage data: we use Google Analytics on our website to understand how the service is used (pages visited, approximate location, device and browser type). Google Analytics sets cookies for this purpose.
- Technical data: standard server logs (such as IP address and request details) and, for signed-in sessions on mobile, a device name (e.g. "iPhone 15") so you can recognise your sessions.
- Cookies: we use essential cookies to keep you signed in, and analytics cookies as described above.
4. How we use your information
- To provide the service: creating and sharing routes and rides, showing your profile to other riders, and sending in-app notifications.
- To authenticate you and keep your account secure, including detecting failed login attempts.
- To send transactional email, such as password reset messages.
- To respond to feedback and support requests.
- To understand overall usage of the service so we can improve it.
We do not sell your personal information. We do not use your information for advertising, and we do not build profiles about you beyond what is needed to run the service. If we ever want to use your information for a materially different purpose, we will update this policy first and notify you where the law requires it.
5. Who can see your content
Your profile (username, name, photo, bio, location and bikes) is visible to other Rideout users. Routes are private by default; if you make a route or ride public, other users can see it. Rides may include links to external WhatsApp groups created by the ride organiser — those groups are governed by WhatsApp's own terms and privacy policy, not ours.
6. Service providers we share data with
We use a small number of third-party providers to run Rideout. They process data on our behalf:
- Railway — application and database hosting.
- Google — sign-in (Google Sign-In), analytics (Google Analytics), and maps/places search (Google Maps Platform).
- Apple — sign-in with Apple, where offered.
- MapTiler — map tiles displayed in the app (your IP address is sent when tiles load).
- Cloudinary — storage of profile photos.
- Resend — sending transactional email.
- GraphHopper — route calculation (route coordinates are processed to compute directions).
Some of these providers store or process data outside South Africa. Where that happens, we rely on the safeguards permitted under section 72 of POPIA, including transfers to providers subject to laws or binding agreements that provide an adequate level of protection.
We may also disclose personal information if required by law, or as part of a sale or reorganisation of the business (in which case this policy will continue to apply to your information).
7. How long we keep your information
We keep your personal information for as long as your account is active. If you delete your account or ask us to delete your information, we will delete it within a reasonable period, except where we need to keep it to comply with a legal obligation or resolve a dispute. Waitlist details are kept until we launch in your region or you ask us to remove you.
8. Security
We take reasonable technical and organisational measures to protect your information, including hashed passwords, encrypted connections (HTTPS), and account lockout after repeated failed login attempts. No system is completely secure, so we cannot guarantee absolute security. If a data breach occurs that affects you, we will notify you and the Information Regulator as required by POPIA.
9. Your rights
Under POPIA (and similar laws that may apply to you), you have the right to:
- ask what personal information we hold about you and request a copy;
- ask us to correct or delete your personal information;
- object to our processing of your personal information;
- withdraw consent where processing is based on consent; and
- lodge a complaint with the Information Regulator (South Africa) at inforegulator.org.za.
To exercise any of these rights, email us at [email protected].
10. Children
Rideout is not intended for anyone under 18, and we do not knowingly collect personal information from children. If you believe a child has created an account, please contact us and we will delete it.
11. Changes to this policy
We may update this policy from time to time. We will post the updated version on this page and update the effective date above. If the changes are significant, we will take reasonable steps to bring them to your attention.
12. Contact
Questions about this policy or your personal information can be sent to [email protected].