Privacy Policy

Effective Date: 06/26/2025

Welcome to RideShot ("we", "our", "us"). We are committed to protecting your privacy and ensuring transparency in how we collect, use, disclose, and safeguard your personal information.

This Privacy Policy explains how we handle your data when you access or use our website, https://www.rideshot.com  (the "Platform"), which provides a digital hub for automotive photographers and videographers to share, showcase, and sell their creative work.

1. Information We Collect

We collect only the data necessary to deliver our services securely and effectively. We do not sell your personal data.

1.1. Information You Provide Directly

• Account Registration: Full name, email address, username, password.

• Profile Customization: Optional profile image, bio, profile banner, and personalized data.

• Sales Information: Payment account identifiers (e.g., Stripe ID), sales history, uploaded content metadata. Please refer to our partner Stripe's privacy policy to learn how they manage your personal information regarding payments.

• Communications: Any messages, inquiries, or support requests you send to us.

1.2. Automatically Collected Data

When you interact with our Platform, we automatically collect:

• Device Data: IP address, browser type, device type, operating system.

• Usage Data: Pages viewed, time spent on pages, links clicked, referring URLs.

• Cookies & Similar Technologies: Used only for authentication, session management, and security purposes. No tracking for ad or analytics services beyond internal use.

For more, see [Section 4 - Cookies and Tracking Technologies].

2. How We Use Your Information

We use your data strictly for the following purposes:

• To provide and maintain the RideShot platform.

• To authenticate users and maintain secure sessions.

• To allow creators to upload, display, and sell their work.

• To manage accounts and billing operations.

• To provide user support and respond to inquiries.

• To comply with legal obligations.

• To improve platform functionality and user experience.

3. Legal Bases for Processing (GDPR/UK GDPR Compliance)

If you are located in the EEA, UK, or Switzerland, our legal bases for processing your personal data are:

• Performance of a Contract: To deliver the services you've requested.

• Legitimate Interests: To maintain and improve our services, prevent fraud, and ensure security.

• Legal Obligation: To comply with applicable laws.

• Consent: Where applicable (e.g., for cookies requiring consent).

4. Cookies and Tracking Technologies

4.1. Types of Cookies Used

We use strictly necessary cookies:

• Authentication Cookies: Maintain login sessions.

• Security Cookies: Protect against malicious activity.

• Third Party Cookies: Stripe requires cookies to process secure payments.

• Analytics Tracking Cookies: We track non personally identifiable analytics for site performance and user engagement.

5. Data Sharing and Disclosure

We do not sell or rent your personal data.

We only share information in the following cases:

• Service Providers: Such as cloud hosting, authentication tools, and payment processors (e.g., Stripe), under strict confidentiality agreements.

• Legal Compliance: If required to comply with legal obligations, court orders, or government regulations.

• Business Transfers: In the event of a merger, acquisition, or asset sale, we will provide notice and options regarding your data.

6. Data Retention

We retain your personal data for as long as:

• Your account remains active;

• Required for legal, accounting, or contractual obligations;

• Necessary for resolving disputes or enforcing agreements.

You can request deletion at any time (see Section 10).

7. Data Security

We implement industry-standard technical and organizational measures to safeguard your data, including:

• HTTPS encryption for all data transmission

• Encrypted password storage using modern hashing algorithms

• Limited access controls and role-based access

• Secure cloud infrastructure with compliance certifications

However, no system is 100% secure. Please protect your credentials and contact us immediately if you suspect a breach.

8. International Data Transfers

RideShot may store or process your data on servers located in the United States or other jurisdictions. We ensure appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) for EU/EEA/UK users

• Adequacy decisions where applicable

• Binding contractual requirements on our service providers

9. Children's Privacy

RideShot is not directed to or intended for children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided personal data, contact us immediately.

10. Your Rights

Depending on your location, you may have the following rights:

10.1. For EU/UK Residents (GDPR/UK GDPR)

• Right to access

• Right to rectification

• Right to erasure (“right to be forgotten”)

• Right to restrict processing

• Right to data portability

• Right to object

• Right to lodge a complaint with a supervisory authority

10.2. For California Residents (CCPA/CPRA)

• Right to know what data we collect and why

• Right to request access to your data

• Right to request deletion of your data

• Right to opt-out of sale (we do not sell your data)

• Right to non-discrimination for exercising privacy rights

10.3. For Canadian Residents (PIPEDA)

• Right to access and correct your data

• Right to withdraw consent

• Right to file a complaint with the Privacy Commissioner of Canada

10.4. Other Jurisdictions

Residents of Brazil, Australia, and other regions may have similar rights under their local data protection laws.

To exercise any of these rights, contact us at privacy@rideshot.com

11. Third-Party Services

While RideShot primarily uses internal tools, some third-party services (e.g., Stripe for payments) may process your data. These services operate under their own privacy policies and compliance frameworks. We ensure they meet required standards before integration.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by email or prominent notices on the Platform. Continued use of the Platform after such changes constitutes your consent.

13. Contact Us

If you have questions, concerns, or would like to exercise your privacy rights, contact us at:

14. Data Controller and Representative

For purposes of the GDPR and UK GDPR:

• Data Controller: RideShot

15. Supplemental Notices by Region

California (USA):

We do not sell or share personal information as defined under California Civil Code §1798.100 et seq.

Canada:

We collect, use, and disclose personal data only for purposes that a reasonable person would consider appropriate.

Australia:

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988.

Brazil:

We comply with the LGPD (Lei Geral de Proteção de Dados Pessoais), including legal bases and data subject rights.