Privacy Policy

Last updated: April 16, 2026

RideMesh ("we", "us", or "our") operates the RideMesh mobile application (the "App"). This policy explains what information we collect, how we use it, and your rights regarding that information.

By using RideMesh, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

Account information: When you register, we collect your name and email address. These are processed through AWS Cognito for authentication.

Location data: During an active ride session, we collect your GPS coordinates (latitude, longitude, speed, heading) and share them in real-time with other riders in your group. Location data is only collected while the app is in the foreground during an active ride and is deleted from our servers when the ride ends.

Profile data: You may optionally provide your bike type, experience level, and a profile photo.

Emergency contact: You may optionally store one emergency contact name and phone number. This information is stored securely on our servers and is used solely to send an SMS alert to your emergency contact when you trigger an SOS.

Usage analytics: We collect anonymised usage events (e.g. ride created, feature used) via PostHog to improve the app. No personally identifiable information is attached to analytics events. You may opt out of analytics at any time by contacting us at hello.ridemesh@gmail.com.

Crash reports: We collect crash and error reports via Sentry to diagnose and fix bugs. These may include device type, OS version, and anonymised stack traces.

Audio: The push-to-talk (PTT) and voice call features transmit audio between riders in real-time via LiveKit (WebRTC). Audio is not recorded or stored.

2. How We Use Your Information

• To provide real-time group ride coordination features
• To authenticate your identity and manage your account
• To send emergency SMS alerts to your nominated emergency contact when SOS is triggered
• To send push notifications about your rides (RSVP updates, ride start, alerts)
• To improve app performance and fix bugs using anonymised crash reports
• To understand feature usage patterns through anonymised analytics

3. Data Sharing

We do not sell your personal information. We share data only as follows:

• Other riders in your group: Your name, GPS location, speed, and heading are visible to riders in your active ride session only.
• Emergency contact: Your name and last known GPS coordinates are sent via SMS to your emergency contact only when you trigger SOS.
• Service providers: We use AWS (hosting, auth, SMS), LiveKit (voice audio), PostHog (analytics), and Sentry (error reporting). Each processes only the data required for their function.
• International transfers: Some service providers process data outside India, including in the United States. By using RideMesh, you consent to this transfer. All transfers are subject to appropriate safeguards including encryption in transit and at rest.

4. Data Retention

• Live location data: Stored in DynamoDB with a 30-day TTL. Automatically deleted after 30 days.
• Ride history: Retained in our database while your account is active.
• Account data: Retained until you delete your account.
• Audio: Never stored. PTT and VoIP audio is transmitted peer-to-peer in real-time only.

5. Permissions

The app requests the following permissions:

• Location (foreground): Required for live ride tracking and displaying rider positions on the map.
• Microphone: Required for push-to-talk (PTT) and voice calls.
• Camera / Photo library: Required only for uploading your profile photo.
• Motion / Activity recognition: Used for crash detection (accelerometer-based).
• Notifications: Used to notify you about ride updates and alerts.

6. Data Security

All data is transmitted over HTTPS. Cognito authentication tokens are stored in device secure storage (iOS Keychain / Android Keystore), not plain text. Our servers run on AWS in the ap-south-1 (Mumbai) region. Databases are encrypted at rest.

7. Children's Privacy

RideMesh is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

8. Your Rights

Under the Digital Personal Data Protection Act, 2023 ("DPDPA") and the Information Technology Act, 2000, you have the right to: (a) access the personal data we hold about you; (b) correct or update inaccurate or incomplete data; (c) erase your personal data (subject to any legal or contractual retention obligations); (d) withdraw consent you previously gave; and (e) nominate another individual to exercise these rights in the event of your death or incapacity.

You may exercise any of these rights by contacting us at hello.ridemesh@gmail.com. We will respond within the timelines prescribed by applicable law. Account deletion removes your profile, ride history, and all associated personal data within 30 days. If you are unsatisfied with our response, you may approach the Data Protection Board of India once it is operational, or the Grievance Officer named in our Terms of Service.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via the app or email. Continued use of the app after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: hello.ridemesh@gmail.com
• Website: ridemesh.techjagz.com

© 2026 RideMesh · ridemesh.techjagz.com