BikeRide Privacy Policy

Last Modified: February 22, 2019

This Privacy Policy describes the types of personal data we may collect from you or that you may provide when you visit the social media platform for cyclists and bicycle enthusiasts BikeRide located at www.bikeride.com (the “Website”) operated by Portner Media Limited, a Maltese company (“Company”, “we”, or “us”) as well as our practices for collecting, using, maintaining, protecting, disclosing and otherwise processing of those data.

We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy and applicable laws, first and foremost of which is the EU General Data Protection Regulation (EU) 2016/679 (the “GDPR”). Under the GDPR, you may have a set of rights that you will be able to exercise in a way prescribed in this Privacy Policy. In addition, you can send us feedback, comment, request for support, question and other communications related to data privacy via e-mail directed to: contact@bikeride.com.

In short, we use your personal data very scarcely, primarily to allow you to fully utilize Interactive Features of the Website as described in the Terms of Use and only with respect to the data that you actively provide us with. However, it is possible that we will not be using any personal data of yours in the legal sense; the latter is the case when the data you have provided to us at the registration as a Member is not a type of data which may be attributed to a data subject identifiable by reference to an identifier. We never sell your data to anyone, profile you, collect your data from third parties, or do something beyond what can be reasonably expected from a platform like ours.

Please read this Privacy Policy carefully to understand our policies and practices regarding your personal data and how we will treat it. If you do not agree with our policies and practices, your choice should be not to use our Website. By accessing or using this Website, you agree to this Privacy Policy.

1. Application

This Privacy Policy applies to all our activities as the data controller or processor of your personal data we collect from you on the Website, or as a result of the communication between you and the Website, whether directly with us or with another user or Member.

We reserve the right to modify this Privacy Policy at all times by posting an updated version on the Website. In a case of a material change bearing on your rights as a data subject, we will endeavor to notify you about such changes by e-mail.

Any change to the Privacy Policy applies to all processing of the data after the effective date of the change or your receiving of the e-mail notification if such notification has been sent to you. Your continued use of the Website following the posting of a revised Privacy Policy means that you accept and agree to the changes. You are expected to check this page frequently enough to be aware of any changes.

2. Data Subjects

As a social media platform, we collect, use and otherwise process personal data of our Members registered on the platform in accordance with the Terms of Use (“Members”); and those Members who have become authors of featured articles, notes, product reviews and other information so designated on the Website (“Experts”).

We also collect information about visitors on the Website via cookies and similar technologies. But this information is never combined with the data of our Members, except for an IP address that may be linked to a Member account with a view to assure safety and compliance and related purposes as described below. We always request your consent for cookies to be properly placed and read on your device.

3. Data Controller

Portner Media Limited, located at: Ground Floor, Palace Court, Church Street, St. Julians, STJ 3049, Malta, (“BikeRide”) is the entity who acts as the data controller for the purposes of this Privacy Policy. All questions, comments, requests for support, and other communications related to data privacy can be sent by e-mail to: contact@bikeride.com.

4. Data Collection

Data Sources. We collect or obtain your personal data from the following sources:

  • When you provide us with your data by a conscious affirmative action, for example, when you choose to use your data in mandatory (e-mail, profile name, password) or optional (data of birth, gender, etc.) fields at your Member account, or when you submit us with your bio with a view to have it been published together with your Expert article or other contribution;
  • When you communicate with other Members or users on the Website, for example, when you communicate with someone in a direct message or publicly post your data, such as a picture or name;
  • When you communicate directly with us, for example, via email, text, and other electronic messages;
  • When any data is obtained through cookies or similar technologies.

Third-Party Sources. We never seek your personal data from third-parties, such as data brokers, or search for any publicly available data. All personal data that we process we collect directly from you.

Cookies and Similar Technologies. When you visit the Website, we usually place cookie files on your device, or read such files already on your device, as well as utilize similar technologies, subject always to obtaining your consent in an appropriate consent form on the Website. We use those technologies to record information about your device, your browser and, in some cases, your preferences and browsing habits without identifying you personally as a data subject. This information is never combined with any data available to us thus leading to identification of any particular individual, except for IP addresses which we may combine with the data of Member accounts only with a view to maintain safety and integrity of your account and the Website as a whole. Without any such combination, we can use your IP address for purposes of web analytics via Google Analytics and Google AdSense, see below in more detail.

5. Data Processed

Personal data processed. We process the following categories of personal data:

  • Identification information, with respect to data you choose to provide on your Member account, whether at mandatory (e-mail, profile name, password) or optional (data of birth, gender, etc.) fields;
  • Biographical information, with respect to Experts who provide use with those data for the purpose of their publishing and posting on the Website together with Expert Contributions;
  • Account session information, including your IP address, time and date, Client Host, with respect to your actions via Interactive Features, such as voting on products, posting, sending messages etc.;
  • Consent and other administrative records together with the date and time, means of consent and any related information (e.g., the subject matter of the consent) if such a consent is necessary under the law;
  • Communications addressed to and from us, as well as between Members on the Website;
  • Any other information voluntarily transmitted to us by a conscious affirmative action.

Sensitive personal data. We do not seek to collect or otherwise process sensitive data as set out in Article 9 of the GDPR. Furthermore, we encourage you to be particularly careful with sharing such information on the Website, either publicly or via direct messages, or as your account information, since erasuer or removal such information from public access or otherwise from the Website may not be necessarily guaranteed by us in light of our legitimate interests, such as preserving integrity of communications, and burdens of such erasure or removal.

6. Purposes of Data Processing

General purposes. The purposes for which we may process your personal data include:

  • Social Network Platform Communications: all communications on and within the Website, including via Interactive Features related to product review;
  • Marketing and Informational Communications: sending regular newsletters and other direct marketing and informational communications;
  • Surveys: from time to time, we may request that you answer several questions which can make our Website more relevant, interesting, and beneficial to you;
  • Maintaining Safety and Integrity of Information and Communications: preserving data and information of ours and other Members, as well as is protection from unauthorized or prohibited actions of others;
  • Improving Website and Services: fixing issues and improving the Website functionality, as well as employing IT security measures, including audits;
  • Legal Compliance: compliance with our legal and regulatory obligations;
  • Other Legitimate Interests: such as proper and efficient operating of the Website as a whole, detecting, and protecting against, breaches of our policies, contracts and applicable laws; or establishing, exercising or defending our legal rights.

No Automated Decision Making or Profiling. We do not profile you, neither do otherwise use automated decision making with regards to you.

Minimization. We take every reasonable step to ensure that personal data that we process are limited to the personal data reasonably necessary in connection with the purposes set out in this Privacy Policy.

No Requirement for Data Protection Impact Assessment. Under the GDPR, every data controller is under a duty to conduct a data protection impact assessment (DPIA) if their processing presents a “high risk” to data subjects’ rights and freedoms. At this time, we do not process anything in a manner and scope that may entail a high risk for you that would invoke the necessity for conducting a DPIA.

7. Legal Bases Employed for Data Processing

In processing your personal data in connection with the purposes set out in this Privacy Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

(1)    The processing is necessary for the performance of a contract between you and us, or to take steps at your request prior to entering into such a contract. This is primarily the case when your data is necessary to perform our duties under the Terms of Use.

(2)    We have obtained your prior consent to the processing. We seek your consent for, among others, sending newsletters and other direct marketing communications. Please, note that whenever you give us your consent for some processing, you have always a right to withdraw such a consent at any time and free of charge. We strive to make this right as easily realizable as possible. If you cannot find a form or any other modality to withdraw your consent on the Website or in newsletter e-mails, please, send us your withdrawal by e-mail to: contact@bikeride.com.

(3)    We may have a legitimate interest in carrying out the processing of your data. This may be the ground when, for example, those data is necessary for: (i) preserving integrity of data and communications on the Website and protection of rights and interests of other Members; (ii) providing or improving our services, such as developing Interactive Features; (iii) fulfilling our regulatory and compliance obligations; (iv) detecting, and protecting against, breaches of our policies, contracts and applicable laws; or (v) establishing, exercising or defending our legal rights and interests. We can rely on this ground only to the extent that such legitimate interest is not overridden by your fundamental interests, rights, or freedoms.

(4)    The processing is necessary for compliance with a legal obligation established by law. This is the case when we are required to produce to a law-enforcement agency any of your data in which case we will endeavor to inform you about such a request unless it is prohibited by applicable law.

8. Third Party Recipients of Data

Third Party Recipients. We may share your personal data with companies that provide services to support the Website activities to the extent those data are required for the performance of the relevant services to us. We do not sell your personal data to third parties that can process data for their own purposes. Most time your data are transferred in a way that may not allow the recipients to identify any particular data subjects because the data are encrypted or anonymized. The categories of recipients of your data may include webhosting (e.g., ChemiCloud), content management systems (e.g. WordPress), other online services, web developers, legal and other professional consultants.

Data processing agreements. If we engage a third party processor to process your personal data, the processor will be subject to binding contractual obligations as prescribed under Article 28 of the GDPR. Among others, the processer will have to: (i) process your personal data only on documented instructions from us; and (ii) implement appropriate technical and organizational measures to ensure a level of security appropriate to the risks pertinent to such a processing. We will regularly conduct audits to make sure that these and other obligations of the processor are properly complied with.

Google Analytics and AdSense. Our websites use Google Analytics and AdSense, web analytics services provided by Google, Inc., USA. Those services may employ cookies which are used to generate information about your use of the Website (including your IP address). This information is then transmitted to and stored by Google. Google will use this information in aggregate form for the purpose of evaluating use of the Website, compiling reports on user activity and providing other services relating to websites activity and Internet usage. Google will not associate your IP address with any other data held by Google. For more information about Google’s privacy policies, please, visit http://www.google.com/analytics/

Other Global OSPs and Software Providers. We may utilize a range of globally recognized online services, including SaaS and cloud solutions, which may process your data in some form. Most of such providers have their storages and processing facilities in Europe so that your data do not leave the EU. Where they do not have such facilities or let data leave the EU, they are under obligation to comply with the GDPR. For information about compliance with applicable data protection laws you can find on the website of the OSPs and software providers.

9. International Data Transfers and Safeguards Employed

We may employ some of our contractors, more often developers with limited access to personal data, beyond the European Union, including in countries in respect of which the European Commission has not provided an adequacy decision pursuant to Article 45 of the GDPR. That means that sometimes, specifically to effectuate some administrative operations, we will transfer some of your data beyond the EEA for a limited time and limited purposes.

To make such transfers fully compliant with the GDPR, unless there is another compliance mechanism in place, we conclude with our contractors legally binding agreements based upon the EU Standard Contractual Clauses in accordance with Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council. You can request the copies of such agreements by e-mail directed to: contact@bikeride.com.

10. Direct marketing

We may send to you direct marketing communications, including Newsletters. Since we do not generally sell or offer to sell you any services or goods, except for special cases, such as with respect to Featured Events, most of such communications will be for informational, rather than marketing, purposes.

In most cases, we will send you such communications subject to your consent given to us at the registration of your account or later on. Yet, from time to time we may send you communications without such consent, specifically when you previously purchased “Featured Events”.

At all times, may choose to stop receiving our newsletters or other marketing or informational communications and withdraw your consent accordingly by following the unsubscribe instructions included in these emails or by sending us e-mail to: contact@bikeride.com.

11. Retention periods

General Retention Criteria. We will retain your personal data in a form that permits identification only for as long as we maintain an ongoing relationship with you, or where your personal data are necessary in connection with the lawful purposes set out in this Privacy Policy, for which we have a valid legal basis such as in the following circumstances: (i) for the term necessary to be able to respond to any questions or complaints which may be addressed to us; (ii) for the term necessary to comply with all applicable laws; and (iii) for the duration of any period necessary to establish, exercise or defend any legal rights or preserve integrity of communications or protection of rights and interests of other Members of the Website.

Deletion or Anonymizing. Once the periods above have concluded, we will either permanently delete or destroy the relevant personal data, or anonymize them.

12. Rights of Data Subjects

Under the GDPR, you have a set of rights which may or may not be applicable to you depending on particular circumstances of your case, including the legal basis of processing of particular data:

Right of access. You may have the right to obtain from us confirmation as to whether or not your personal data are being processed, and access to those personal data and other relating information. You can exercise this right by reviewing information at your Member account. Alternatively, you can send us a request in accordance with the procedures stated below in this section.

Right to rectification. You may have the right to obtain from us the rectification of inaccurate personal data concerning you. You can exercise this right by updating information at your Member account. Alternatively, you can send us a request in accordance with the procedures stated below in this section.

Right to erasure. You may have right to obtain from us the erasure of personal data concerning you unless we are under a legal duty or have a legitimate ground to retain certain data. You can exercise this right by use of a special feature at your Member account, if available, or by sending us a request in accordance with the procedures stated below in this section.

Right restriction of processing. Under relevant conditions set out by the law, you may have the right to obtain from us restriction of processing of your data. You can exercise this right by sending us a request in accordance with the procedures stated below in this section.

Right to object to processing. You may have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. You can exercise this right by sending us a request in accordance with the procedures stated below in this section.

Right to data portability. You may have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format as well as the right to transmit those data to another controller without hindrance. You can exercise this right by sending us a request in accordance with the procedures stated below in this section.

Right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint regarding our processing of your personal data with a data protection authority which can be any of the data protection authority of the EU Member State in which you live, or in which you work, or in which the alleged infringement occurred.

Contact Details for Request. With regard to any of the rights above, you can address us via a written request, accompanied with all necessary information, sent to the following address: Portner Media Limited, Ground Floor, Palace Court, Church Street, St. Julians, STJ 3049, Malta. Additionally, you can send us e-mail to: contact@bikeride.com.

13. Miscellaneous

Links to Third Party Sites. The Websites may include links to other websites whose privacy practices may differ from those of the Website. If you submit personal data to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

Our Contacts. You may contact us for any reason in connection with this Privacy Policy to:

Portner Media Limited
Ground Floor, Palace Court
Church Street
St. Julians
STJ 3049
Malta

E-mail: contact@bikeride.com