This Privacy Policy explains what personal data RideSafe collects and processes, for what purposes, to whom it may be disclosed, how long it is retained, and what rights users have regarding their personal data.
This Policy applies to the RideSafe mobile application, website, related services, features, notifications, forms, subscriptions, verification, rides, and other user interactions with RideSafe (collectively, the "Service").
1. Who We Are
The operator of the Service and the controller of personal data is LLC "RideSafe" (RaidSeif), company code: 45380157, registered address: 02094, Ukraine, Kyiv, Yakova Hnizdovskoho Street, Building 1, Office 126 ("RideSafe," "we," "us," "our").
Contact address for privacy, personal data protection, account closure and limited data deletion, or exercising user rights: hello@ridesafe.com.ua.
RideSafe is a technology intermediary platform for finding and coordinating shared intercity rides between drivers and passengers. RideSafe is not a carrier, transport company, employer of drivers, payment intermediary for ride payments between users, or a party to any arrangement between a driver and a passenger.
2. Key Definitions
- "User" — any person who creates an account, visits the website, uses the app, or otherwise interacts with the Service.
- "Minor Observer" — a limited status that may be provided by future Service functionality for a minor participating in a ride booked by one of the parents or a legal guardian through their account. Such status, if made available in the Service, will not grant the minor the right to independently book, pay for, or offer rides.
- "Passenger" — a user who searches for a ride, submits a request to join a ride, or interacts with a driver regarding a ride.
- "Driver" — a user who creates or offers a ride, specifies the route, seats, passenger participation conditions, and may provide payment details for direct ride payment by the passenger.
- "Personal Data" — any information that directly or indirectly relates to an identified or identifiable natural person.
- "Ride" — an arrangement between a driver and a passenger for a shared intercity ride coordinated through the Service.
3. What Personal Data We Collect
We collect only the data necessary for account creation, Service operation, verification, ride matching, subscription payments, user safety, support, and fulfillment of legal obligations.
3.1. Data You Provide to Us
- account data: first name, last name, patronymic, email address, phone number, password or its technically secured equivalent
- profile data: photo or avatar, city, settings, language, preferences, ride frequency information
- driver data: driver's license number, vehicle data including make, model, year, color, license plate, other information the driver voluntarily enters in their profile
- driver payment details: payment card number or IBAN that the driver provides during registration, profile setup, or changes for direct ride payment by the passenger; RideSafe processes such details using encryption and does not have access to the full account number/full details in plain text unless required by technical necessity or law
- user content: ratings, reviews, scores, comments, complaints, messages, support requests, ride descriptions, passenger rules, cancellation reasons, attached files or attachments
- volunteer or other applications: name, email address, phone, message, and other information the user provides through forms on the website or in the Service
3.2. Data We Receive Through Diia
To verify a user's identity, RideSafe may use integration with Diia. As a result of such verification, RideSafe receives the user's full name and TIN/RNOKPP, as well as other information transmitted by Diia within the relevant verification scenario. Technical data from Diia's response, including electronic signature/technical confirmation, may be stored in encrypted form to confirm the fact of verification, for security, fraud prevention, and legal protection.
Data obtained through Diia is used for identity confirmation, fraud prevention, building trust between users, enforcement of the Terms of Service, and protection of the rights of RideSafe and its users.
3.3. Subscription and Payment Data
RideSafe subscription payments and/or a separate RideSafe service fee, if such a fee applies in the Service, are processed through the payment provider Hutko and/or other available payment instruments, including Apple Pay, Google Pay, or Google Play Billing, if available to the user. RideSafe does not store the full payment card number for subscription payments or service fees.
To manage subscriptions, service fees, and other payments to RideSafe, we may receive and store payment status, transaction identifiers, recurring payment token, token expiration date, card type, bank, bank country, payment system, IP address, webhook events, and other technical or accounting data necessary for confirmation, accounting, renewal, cancellation, refunds, or support of the relevant payment. The subscription operates on a model of regular access to paid features: the user pays for a selected access period, and the subscription automatically renews until cancelled by the user or terminated in accordance with the Terms of Service. The service fee, if applicable, is a separate payment for use of the Service or a separate service action and is not a payment for a ride to the driver.
3.4. Data for Direct Ride Payment to the Driver
RideSafe does not accept, hold, transfer, or process funds for rides between passengers and drivers. To pay for a ride, the passenger may transfer funds directly to the driver outside RideSafe's payment infrastructure. RideSafe only stores and displays the driver's payment details within the Service functionality for a confirmed ride, and therefore does not act as a financial institution, payment intermediary, money transfer operator, escrow service, or primary financial monitoring entity for such direct payments, unless otherwise directly established by law or a change in the Service's operating model.
If you are a driver, we may process your payment details, including your payment card number or IBAN, to display them to the passenger with whom you have a confirmed ride. Such data is stored in encrypted form; RideSafe sees and uses it only to the technically necessary extent, and the full account number/full details are not displayed to RideSafe staff in plain text without proper grounds. Limited masked data or technical identifiers may be retained longer for security, disputes, auditing, or fraud prevention.
3.5. Geolocation Data
With user permission or when necessary for Service operation, we may process geolocation data. Such data may include:
- pickup and drop-off points
- cities, routes, coordinates, and other route information
- current geolocation during an active ride
- GPS pings during an active ride, including coordinates, accuracy, and time; ride geolocation data is stored on RideSafe servers for up to 90 days after the ride ends, unless a longer period is needed for safety, a dispute, investigation, or law enforcement
- search and browsing queries for routes, cities, filters, and results
- approximate geolocation derived from IP address or device settings
On certain devices, the Service may request access to geolocation while using the app or, if needed for safety features and active ride tracking, in the background. The user can manage geolocation permissions in device settings; however, restricting geolocation access may affect the functionality of certain Service features.
3.6. Device, Technical, and Diagnostic Data
- device type, operating system, app version, language, time zone, technical identifiers
- IP address, date and time of access, browser type, event logs, error data; RideSafe may apply partial IP address masking, including IPv4 and IPv6 to /64 level or another technically appropriate level, without guaranteeing full anonymization of such data
- JWT/access tokens, refresh tokens, registration tokens, and other technical session data
- device ID, FCM tokens, and other data required for push notifications
- crash/error monitoring, performance, and diagnostic data
- cookies and similar technologies on the website, if used
4. How We Use Personal Data
- creating, maintaining, and protecting user accounts
- phone number verification, authentication, and secure login
- identity verification through Diia and fraud prevention
- matching drivers and passengers, organizing, coordinating, and supporting rides
- displaying contact details or payment information only when necessary for a confirmed ride
- managing subscriptions, subscription payments, RideSafe service fees, cancellations, renewals, support, refunds, and payment accounting
- sending SMS, email, push notifications, and other service messages
- user support, handling requests, complaints, reviews, and disputes
- moderation, ratings, access restrictions, cooldowns, blocking, and investigation of violations
- analytics of Service usage, improving features, stability, and security
- maintaining logs of user and authorized RideSafe personnel actions, controlling access to personal data on a need-to-know basis, investigating security incidents, and confirming compliance with the Terms of Service
- protecting the rights, property, and safety of RideSafe, users, and third parties
- complying with legal requirements, court orders, government requests, and legal defense of RideSafe
- marketing communications — only with separate user consent, where such consent is required by law
5. Legal Basis for Processing
Depending on the specific situation, we process personal data on one or more of the following legal bases:
- performance of a contract with the user, including the Terms of Service and agreements regarding access to the Service
- user consent, including for geolocation access, push notifications, marketing communications, or specific types of processing where consent is required by law
- legitimate interest of RideSafe, including security, fraud prevention, moderation, Service stability, analytics, rights protection, and dispute resolution
- fulfillment of RideSafe's legal obligations, including in the areas of accounting, tax, consumer, payment, procedural, or other applicable legislation
- protection of vital interests of the user or another person in exceptional cases related to safety or emergency circumstances
6. To Whom We May Disclose Personal Data
We do not sell users' personal data. We may disclose or share personal data only in the cases described below.
6.1. To Other Users
When necessary for organizing or completing a confirmed ride, we may show the other party the name, photo, rating, ride information, vehicle, contact details, as well as the driver's payment details for direct ride payment by the passenger.
Users are required to use such data exclusively for organizing, completing, or paying for the corresponding ride. Any other use, distribution, or publication of such data is prohibited by the Terms of Service.
6.2. To Service Providers
To operate the Service, we may engage service providers who process data on our behalf or as independent controllers/operators within their own services. Such providers may include:
- Hutko — processing payments for RideSafe subscriptions and/or the RideSafe service fee
- Apple Pay, Google Pay, Google Play Billing, or other payment instruments — if the user selects the corresponding payment method
- TurboSMS or other SMS providers — sending OTP and service SMS
- Google Firebase Cloud Messaging — push notifications
- Sentry or other error monitoring tools — diagnostics, stability, and Service security
- Diia — identity verification and transmission of full name and TIN/RNOKPP to RideSafe
- email/SMTP providers — transactional and service messages
- hosting, CDN, file storage, or backup providers — storing avatars, attachments, technical files, and Service infrastructure
- internal collaboration or notification tools, including Discord, if used for operational messages, incidents, or support
6.3. To Government Authorities, Courts, and Other Parties for Legal Reasons
We may disclose personal data if required by law, a court decision, a request from a competent government authority, or if necessary to protect the rights, property, or safety of RideSafe, users, or third parties.
6.4. In the Event of Corporate Changes
In the event of reorganization, merger, asset sale, investment, or other corporate change, personal data may be transferred to a successor or another party to the relevant agreement, subject to compliance with data protection legislation.
7. Direct Ride Payments and Driver Payment Details
Ride payments are made directly between the passenger and the driver. RideSafe is not a payment intermediary, financial institution, escrow service, or tax agent for ride payments.
RideSafe operates as an information platform for coordinating shared rides: the financial arrangement for a specific ride arises directly between the driver and the passenger. RideSafe does not determine the final payment method between users, does not accept ride payments into its own account, does not hold or transfer such funds, and therefore does not perform a payment transaction for ride payments between users.
If the driver provides a card or IBAN, such details are processed so that the passenger can make a direct transfer to the driver for a confirmed ride. We take technical measures to protect such data, including server-side encryption, if such data is stored in our systems.
The passenger may not use the driver's payment details for any purpose other than paying for the corresponding confirmed ride.
8. Geolocation and Ride Safety
Geolocation data is used for finding nearby rides, route matching, navigation, displaying pickup and drop-off points, active ride tracking, safety, fraud prevention, user support, and dispute resolution.
During an active ride, the Service may process user GPS coordinates in real time. Some data may be temporarily stored for the technical operation of the active ride, and historical data may be retained for the periods specified in this Policy.
The user may disable or restrict geolocation access in device settings. In such cases, some Service features may be unavailable or may not function correctly.
9. Personal Data Retention Periods
We retain personal data no longer than necessary for the purposes for which it was collected, unless a different period is required by law, rights protection, contract performance, or fraud prevention.
| privacyPolicyPage.section9TableCategoryLabel | privacyPolicyPage.section9TableRetentionLabel |
|---|---|
| Account data | For the duration of the account. After user-initiated account closure, the account becomes unavailable for Service use, and public or optional data may be deleted, hidden, depersonalized, or restricted. RideSafe may retain certain data for security, preventing block circumvention, preserving rating/complaint/dispute history, fulfilling legal obligations, or protecting rights. |
| Full name and TIN/RNOKPP obtained through Diia | For the duration of the account. After account closure, identification data may be deleted, depersonalized, or restricted; hashes, technical identifiers, and verification data may be retained longer to prevent fraud, re-registration of blocked users, or resetting of security history. |
| Subscription payment data, transactions, webhook events | For the periods required for accounting, tax, financial reporting, dispute resolution, and compliance with legislation. |
| Recurring subscription payment token | Until the end of the current paid period after subscription cancellation, or longer if necessary for renewal, support, or compliance with legal requirements. |
| Driver payment details: card or IBAN | For as long as they are needed to display to the passenger for a confirmed ride, support, disputes, security, or fraud prevention. After the need ends, RideSafe clears full details; limited masked data or technical identifiers may be retained longer for security, disputes, auditing, or fraud prevention. |
| Active ride GPS pings | Raw GPS pings are stored for up to 90 days after ride completion, then deleted or converted to aggregated analytics without user_id, ride_id, exact coordinates, or exact timestamps, unless a longer period is needed for safety, a dispute, investigation, or law enforcement. |
| Ride history, routes, ride events | Up to 3 years after ride completion, or longer if necessary for legal defense, disputes, or law enforcement. |
| Search and browsing queries, browse logs | Up to 12 months, after which data is deleted or anonymized; RideSafe may retain aggregated data about routes, cities, result counts, and time periods without linking to the user. |
| Push/email/SMS history and technical message logs | Technical message history is retained for up to 90 days, unless a longer period is needed for support, a dispute, security, legal defense, or confirming proper delivery of a service message. |
| Reviews, ratings, complaints, moderation records | For the duration of the account or up to 3 years after the relevant event, if necessary for safety, moderation, disputes, or abuse prevention. |
| Support requests and feedback | Up to 24 months after the request is closed. Complaints, safety/moderation records, or dispute materials may be retained longer under security, moderation, dispute, or legal defense rules. |
| Blocked user data and fraud/prevention records | Up to 5 years or longer if necessary for user safety, fraud prevention, preventing block circumvention, dispute resolution, fulfilling legal obligations, or protecting the rights of RideSafe and other users. |
| Diagnostic data, crash/error reports | According to the settings of the relevant monitoring service, typically up to 90 days, unless a different period is needed for incident investigation. |
If the technical implementation of the Service provides for shorter or longer periods for specific categories, we will update this Policy or apply the period that is necessary and proportionate to the relevant processing purpose.
Other personal data not separately listed in this table, including data from volunteer and other applications submitted through Service/website forms, irregular service requests, etc., is retained for up to 24 months from the date of the user's last activity or from the date of completion of the relevant request processing, unless a longer period is required by law, security, a dispute, or legal defense.
10. International Data Transfers
Certain service providers may process data outside Ukraine or the user's country of residence, including in the EU, the US, or other jurisdictions. In such cases, we take measures necessary to ensure an adequate level of personal data protection in accordance with applicable legislation, including through contractual obligations, technical, and organizational security measures.
11. Data Security
We apply technical and organizational measures to protect personal data from unauthorized access, loss, alteration, disclosure, or destruction. Such measures may include encryption of certain sensitive data, secure data transmission, access control, role-based access, event logs, signed file links, error and security monitoring, and other measures. Access by authorized RideSafe personnel to personal data is granted on a need-to-know basis, with role-based access control and activity logging where technically feasible and proportionate to the processing purpose.
However, no method of data transmission or storage is absolutely secure. We cannot guarantee the complete absence of risk, but we make reasonable efforts to protect user data.
12. User Rights
You may have the following rights regarding your personal data under applicable legislation:
- the right to know what personal data we process
- the right to access personal data or obtain a copy of such data
- the right to request correction of inaccurate or incomplete data
- the right to request deletion of personal data or account closure
- the right to request restriction of processing or to object to certain types of processing
- the right to withdraw consent where processing is based on consent
- the right to data portability, where applicable
- the right to opt out of marketing communications
- the right to manage geolocation, camera, photo, push notification, and other permissions in device settings
To exercise your rights, contact us at hello@ridesafe.com.ua. We may ask for additional information to verify the applicant's identity and protect data from unauthorized access.
The user may initiate account closure through Service settings, if such functionality is available, or by contacting RideSafe. After closure, the account becomes unavailable for Service use, and public or optional data may be deleted, hidden, depersonalized, or restricted. RideSafe may retain certain data after account closure if necessary for user safety, fraud prevention, preventing re-registration of blocked users, preserving rating, complaint, and dispute history, fulfilling legal obligations, or protecting the rights of RideSafe and other users. If the user returns to the Service, RideSafe may restore or re-link them to their previous account to avoid account duplication, block circumvention, or resetting of rating and security history.
13. Marketing Communications
Prior to launching marketing mailings, RideSafe sends only service, transactional, security, payment, and moderation messages necessary for Service operation. Marketing or promotional messages may only be sent with a proper legal basis, including separate user consent where such consent is required by law. The user may opt out of marketing communications at any time by following the instructions in the message or by contacting RideSafe.
Service, transactional, or security messages related to the account, rides, subscription, payments, verification, or security may be sent regardless of marketing settings if they are necessary for Service operation.
14. Cookies and Similar Technologies
The RideSafe website may use cookies, local storage, pixels, or similar technologies for website operation, saving settings, analytics, security, and Service improvement. If we use analytical or marketing cookies, we may request user consent where such consent is required by law.
The user may manage cookies in browser settings. Restricting cookies may affect the functionality of certain website features.
15. Children's Privacy
The Service is intended for independent use by persons aged 18 and older. A minor may participate in a ride only if the booking is made by one of the parents or a legal guardian through their account. In the future, the Service may provide a separate limited functionality for minors participating in a ride booked by one of the parents or a legal guardian. Such functionality, if made available in the Service, will not grant the minor the right to independently book, pay for, or offer rides. If we become aware that a person under 18 has independently created or uses an account in violation of these rules, we may restrict such account or terminate access to the Service.
16. Relationships with Other Users and Data Usage Restrictions
A user who receives personal data of another user through the Service, including phone number, email, name, photo, rating, vehicle data, or driver payment details, is required to use such data exclusively for organizing, completing, or paying for the corresponding confirmed ride.
It is prohibited to use such data for spam, advertising, harassment, discrimination, fraud, publication, disclosure to third parties, or any other purposes unrelated to the corresponding ride.
17. Changes to This Policy
We may update this Policy from time to time. The updated version is published in the Service or on the website with the date of the last update. If changes are material, we may notify users additionally via email, push notification, in-Service notification, or other available means.
Continued use of the Service after the updated Policy takes effect means the user has reviewed the updated version. If the user does not agree with the Policy, they must stop using the Service.
18. Contact Information
For questions about this Policy, personal data processing, exercising user rights, or account closure, please contact:
RideSafe
- Company Legal Name:
- LLC "RideSafe" (RaidSeif)
- Company Code (EDRPOU):
- 45380157
- Legal Address:
- 02094, Ukraine, Kyiv, Yakova Hnizdovskoho Street, Building 1, Office 126