1. Introduction
Welcome to RideCheck (“we,” “our,” or “us”). RideCheck is a business operated by RideCheck, with its principal place of business at Autograph Tower, 51st Floor, Jl. M.H. Thamrin No.10, Kb. Melati, Kecamatan Tanah Abang, Kota Jakarta Pusat, Daerah Khusus Ibukota Jakarta 10230, Indonesia.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the RideCheck mobile application (the “App”). Please read this policy carefully. If you disagree with its terms, please discontinue use of the App.
This Privacy Policy applies to all users of RideCheck globally, including users in the European Economic Area (“EEA”), the United Kingdom, the State of California, and all other jurisdictions.
2. Information We Collect
We collect the following categories of information:
| Category | Data Type | How Collected |
|---|---|---|
| Device & Network Identifiers | IP addresses, device identifiers (e.g., advertising ID, device ID) | Automatically via Google Analytics & Firebase |
| Usage Data | App interactions, pages/screens viewed, session duration, crash logs | Automatically via Google Analytics & Firebase |
| Location Data | GPS-derived precise location | With your permission; processed locally on-device only |
| Payment Data | Transaction confirmation & subscription status | Via Apple App Store in-app purchase system |
RideCheck requests access to your device’s GPS location to provide core app functionality. All location data is processed strictly on your device. We do not transmit, store, receive, or have any access to your location data on our servers.
We do not collect names, email addresses, phone numbers, or any other directly identifying personal information unless you voluntarily provide it to us when contacting support.
3. How We Use Your Information
We use the information we collect for the following purposes:
- To operate, maintain, and improve the App and its features.
- To analyze usage patterns and diagnose technical issues.
- To process in-app purchases and manage subscription status.
- To monitor the performance and stability of the App.
- To comply with applicable legal obligations.
- To detect, prevent, and address fraud, abuse, or security incidents.
We do not use your data for targeted advertising, remarketing, or profiling for commercial purposes.
4. Legal Bases for Processing (GDPR)
If you are located in the European Economic Area or the United Kingdom, we process your personal data only where we have a valid legal basis under the General Data Protection Regulation (GDPR) or UK GDPR.
Our legal bases are as follows:
| Processing Activity | Legal Basis |
|---|---|
| Analytics and usage data via Google Analytics & Firebase | Legitimate Interests (Art. 6(1)(f)) — improving app performance and user experience |
| Processing payment transaction data | Performance of a Contract (Art. 6(1)(b)) |
| Compliance with legal obligations | Legal Obligation (Art. 6(1)(c)) |
| Location processing (on-device only) | Consent (Art. 6(1)(a)) — granted through your device OS permissions |
Where we rely on legitimate interests, we have assessed that our interests are not overridden by your rights and freedoms. You may request more information about this balancing test by contacting us.
5. Sharing of Information
We do not sell, rent, or trade your personal information. We may share data in the following limited circumstances:
- Google LLC — as a service provider for Google Analytics and Firebase. Data is processed in accordance with Google’s Privacy Policy and our data processing agreements.
- Apple Inc. — as a payment processor for App Store in-app purchases. Apple’s privacy policy governs data collected at the point of purchase.
- Legal Authorities — if required by applicable law, court order, or governmental regulation.
- Business Transfers — in connection with a merger, acquisition, or sale of assets, with appropriate confidentiality protections.
All third-party service providers are contractually obligated to protect your information and may only use it to perform services on our behalf.
6. Data Retention
We retain personal data only as long as necessary for the purposes described in this Policy, or as required by applicable law.
- Analytics Data — retained for up to 14 months within Google Analytics and Firebase, in line with Google’s standard retention settings.
- Payment Records — retained as required by financial and tax regulations applicable in our jurisdiction.
- Location Data — not retained by us at any time, as it is processed solely on your device.
When data is no longer required, we ensure it is securely deleted or anonymized.
7. Your Privacy Rights (General)
Regardless of your location, you may have the following rights with respect to your personal information:
- Access: Request a copy of the data we hold about you.
- Correction: Request that inaccurate data be corrected.
- Deletion: Request erasure of your personal data.
- Objection: Object to certain types of processing.
- Portability: Receive your data in a portable format.
- Restriction: Request that processing be restricted.
To exercise any of these rights, please contact us at ridecheck2025@gmail.com. We will respond within the timeframe required by applicable law.
8. GDPR Rights (EEA & UK Users)
This section supplements the general rights above and applies specifically to users in the EEA and UK under the General Data Protection Regulation (GDPR) and UK GDPR.
In addition to the general rights described above, EEA and UK users have the following rights under GDPR:
- Right to be Informed — You have the right to be informed about the collection and use of your personal data, which this Policy fulfills.
- Right to Withdraw Consent — Where processing is based on consent (e.g., location permissions), you may withdraw consent at any time without affecting the lawfulness of prior processing.
- Right to Lodge a Complaint — You have the right to lodge a complaint with your local supervisory authority. A list of EU data protection authorities is available at edpb.europa.eu. UK users may contact the ICO at ico.org.uk.
- Right Not to be Subject to Automated Decision-Making — We do not use automated decision-making or profiling that produces legal or similarly significant effects.
As RideCheck is based in Indonesia, we act as a data controller with respect to the limited personal data we process. Where we use Google or Firebase services, those providers act as data processors under data processing agreements that include EU Standard Contractual Clauses (SCCs) where applicable.
Requests under this section may be sent to ridecheck2025@gmail.com. We will respond within 30 days, extendable by two further months for complex requests.
9. CCPA / CPRA Rights (California Residents)
This section applies to residents of the State of California and supplements the rest of this Privacy Policy. It is provided pursuant to the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).
Categories of Personal Information Collected (Past 12 Months)
| Category (CCPA) | Collected | Sold / Shared |
|---|---|---|
| Identifiers (IP address, device ID) | Yes | No |
| Internet / Electronic Activity (usage data) | Yes | No |
| Geolocation Data | On-device only (not received by us) | No |
| Financial / Payment Information | Processed by Apple only | No |
| Sensitive Personal Information | No | No |
Your California Privacy Rights
As a California resident, you have the right to:
- Know — Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, our business purposes, and the categories of third parties with whom we share it.
- Delete — Request deletion of personal information we have collected, subject to certain exceptions.
- Correct — Request correction of inaccurate personal information (CPRA right).
- Opt-Out of Sale or Sharing — We do not sell or share personal information as defined by the CCPA/CPRA. Therefore, no opt-out mechanism is required; however, you may submit a request to confirm this at any time.
- Limit Use of Sensitive Personal Information — We do not collect or process sensitive personal information beyond what is necessary to provide the App.
- Non-Discrimination — We will not discriminate against you for exercising any of your CCPA/CPRA rights.
Submitting a Verifiable Consumer Request
To submit a request under the CCPA/CPRA, contact us at ridecheck2025@gmail.com with the subject line “California Privacy Request.” We will confirm receipt within 10 business days and respond within 45 calendar days, extendable by an additional 45 days where necessary.
Authorized agents may submit requests on behalf of a California consumer by providing written authorization. We may require verification of identity before fulfilling any request.
Shine the Light
Under California Civil Code Section 1798.83, California residents may request information about disclosures of personal information to third parties for direct marketing purposes. We do not disclose personal information for direct marketing purposes.
10. CalOPPA Disclosures
The following disclosures are made pursuant to the California Online Privacy Protection Act (CalOPPA), Business & Professions Code §§ 22575–22579.
- This Privacy Policy is publicly posted and accessible from within the App and on our website, in compliance with CalOPPA.
- Effective Date & Updates — This Policy includes the effective date at the top. We will update this date whenever material changes are made.
- Categories of PII Collected — IP addresses, device identifiers, and usage data, as described in Section 2.
- Categories of Third Parties with Whom PII Is Shared — Analytics providers (Google Analytics, Firebase) and payment processors (Apple), as described in Section 5.
- Do Not Track (DNT) — California law requires us to disclose how we respond to DNT browser signals. Our App does not currently respond to DNT signals or other similar mechanisms, as there is no universally accepted standard for DNT compliance in mobile applications. We do not track users across third-party websites.
- How Changes Are Communicated — We will update the “Last Updated” date at the top of this Policy. We encourage you to review this Policy periodically. For material changes, we may provide notice within the App.
11. Children’s Privacy
RideCheck is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13 years of age. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at ridecheck2025@gmail.com and we will take steps to delete such information.
In jurisdictions where the age of digital consent is higher (e.g., 16 in certain EEA member states), we similarly do not knowingly collect data from minors below that threshold. If we become aware that we have inadvertently collected such data, we will delete it promptly.
12. In-App Payments
RideCheck offers in-app purchases through the Apple App Store using Apple’s in-app purchase system. All payment transactions are processed directly by Apple Inc. We do not collect, store, or have access to your full payment card information, bank account details, or billing address.
Apple may collect and process payment-related information in accordance with its own Privacy Policy. We receive only a confirmation of the transaction (e.g., subscription status, purchase receipt) to unlock paid features within the App.
For questions about your payment, please contact Apple support or visit your Apple ID account settings.
13. Analytics & Tracking Technologies
We use the following analytics tools to collect usage and performance data:
- Google Analytics for Firebase — collects device identifiers, IP addresses, app events, and usage statistics to help us understand user engagement and improve the App.
- Firebase Crashlytics — collects crash reports and diagnostic data to identify and fix technical issues.
These tools may use persistent identifiers such as Firebase Installation IDs. Data is transmitted to Google’s servers and processed in accordance with Google’s Privacy Policy. Google may transfer this data internationally subject to appropriate safeguards.
We do not use cookies within the App itself. If you access any web-based components (e.g., a linked webpage), standard browser technologies such as cookies may apply as disclosed in any applicable webpage-level policy.
We do not use retargeting, behavioral advertising, or cross-app tracking technologies.
If you are in the EEA or UK, you may opt out of Google Analytics tracking by adjusting your device’s advertising ID settings or by using the Google Analytics Opt-out mechanism available at tools.google.com/dlpage/gaoptout.
14. Location Data
Location data is processed exclusively on your device. We do not receive, store, transmit, or process your location on our servers under any circumstances.
The App requests access to your device’s GPS and location services to enable core functionality (e.g., route tracking, navigation features). You may grant or deny this permission at any time through your device’s operating system settings.
If you deny location permissions, certain App features may be unavailable or limited in functionality. Denying or revoking location permissions does not affect your ability to use non-location-dependent features of the App.
Because location data never leaves your device, it is not subject to our data retention practices. If you delete the App, all locally processed location data is removed from your device.
15. Data Security
We implement commercially reasonable technical and organizational measures to protect the personal information we collect against unauthorized access, disclosure, alteration, or destruction. These measures include:
- Encrypted data transmission (HTTPS/TLS) for all communications between the App and third-party services.
- Access controls limiting personnel access to personal data on a need-to-know basis.
- Regular security assessments of our App and third-party integrations.
However, no method of transmission or storage is 100% secure. If you believe your data has been compromised, please contact us immediately at ridecheck2025@gmail.com.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the appropriate supervisory authorities and affected individuals as required by applicable law (including within 72 hours under GDPR where feasible).
16. International Data Transfers
RideCheck is based in Indonesia. When we use Google Analytics and Firebase, your information may be transferred to and processed in the United States or other countries where Google operates its infrastructure.
For transfers of personal data from the EEA or UK to countries not recognized as providing an adequate level of data protection (including Indonesia and the United States), we rely on the European Commission’s Standard Contractual Clauses (SCCs) as included in our agreements with Google LLC, which itself participates in the EU-U.S. Data Privacy Framework. More information is available in Google’s privacy documentation.
By using the App, you acknowledge and agree that your information may be transferred to and processed in countries outside your country of residence, including countries that may provide different levels of data protection than your home country.
17. Changes to This Policy
We reserve the right to update this Privacy Policy at any time. When we make changes, we will update the “Last Updated” date at the top of this Policy. If we make material changes to how we process your personal information, we will provide notice within the App or through other appropriate means.
Your continued use of the App after any modifications to this Policy constitutes your acknowledgment of the changes and your consent to be bound by the updated Policy.
We encourage you to review this Policy periodically to stay informed about how we protect your information.
18. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the information below.
- Email: ridecheck2025@gmail.com
- Postal Address: RideCheck, Autograph Tower, 51st Floor, Jl. M.H. Thamrin No.10, Kb. Melati, Kecamatan Tanah Abang, Kota Jakarta Pusat, Daerah Khusus Ibukota Jakarta 10230, Indonesia