Please note: While most of our users would likely prefer a shorter privacy notice, current laws and regulations require us to offer a lot of information on our processing operations. We have thereby endeavoured to offer summarised snapshots of the most relevant information under certain sections of this notice. Feel free to read the short section summaries provided at the beginning of most sections or read the full legally binding text below each summary.

Version 1.0. – effective from January 25, 2024

We truly hope that you find the contents contained herein   understandable. Should you require a “clean” version of this notice as well as any additional information or clarifications regarding the processing of your personal data and the use of our products and services, feel free to reach out to us at info@bikerguard.com.

1. Introduction

This privacy policy serves as a notice to individuals under Article 13 of the General Data Protection Regulation (GDPR) regarding the processing of personal data by BIKERGUARD d.o.o.. as well as its subsidiaries, and outlines how personal and other data is processed in connection with the BIKERGUARD, the https://bikerguard.com website as well as other company websites, operations and processes, as further outlined below (hereinafter: privacy notice or notice).

This notice has been split into five sections:

  1. Introduction – Here, you can find information regarding us, the controller of your personal data and the applicability of this privacy notice.
  2. Data processing activities that relate to our websites, communications, sales and the delivery of our products, as well as our general marketing and other company operations – Here, you can find information on how we process your personal data when you visit our website, buy our products, sign up for our newsletter, etc.
  3. Additional general information – This section contains other relevant data processing information, information on who might process your data and what companies we might share it with, how we handle data transfers to “third countries” and research organisations, and an outline of your corresponding data subject rights.
  4. Privacy information for California residents – This section contains information on data processing in relation to California residents in accordance with the California Consumer Privacy Act.
  5. Document version and updates – See when this document became applicable and the changes that have been made with the last version.

All California residents that visit our website, use our products or otherwise interact with our organisation are kindly asked to observe section 4 of this notice which has been prepared in accordance with the California Consumer Privacy Act.

1.1. Information on the controller of your personal data

Summary: Information on us (i.e. the data controller responsible for your personal data) and where we, our EU representative or our dedicated Data Protection Officer can be reached.

BIKERGUARD d.o.o..
Ulica Ane Ziherlove 10.
1000 Ljubljana, Slovenia, Europe
website: https://bikerguard.com/
email: info@bikerguard.com.
(hereinafter: weusBIKERGUARD d.o.o.., the controllerorganisation or company)

The legal entity in Europe is: BIKERGUARD d.o.o.,

Ulica Ane Ziherlove 10.,1000 Ljubljana, Slovenia and is reachable at info@bikerguard.com. Our data protection officer has been appointed and is reachable at info@bikerguard.com.

1.2 Use and applicability of this privacy notice

Summary: This privacy notice is applicable if you visit our websites, use the BIKERGUARD or otherwise interact with our company in a way where we receive or otherwise process your data as mentioned under sections 2 and 3 of this notice. If you are a resident of California, please see section 4. In the event of substantial changes to this notice, we will notify you accordingly via email, through the app or on our website (depending on the importance of the change).

This privacy notice is addressed to our website visitors, web store customers, BIKERGUARD feeder users, BIKERGUARD feeder guest users and all other individuals who offer their personal data to BIKERGUARD d.o.o.. in connection with its websites, operations, products and services, as stated in sections 2 and 3 of this notice.

This privacy notice undertakes to explain which personal data we process, to what end we process such data, under which legal grounds, how long the data is kept and under what circumstances we may share or disclose said personal data to third parties.

This privacy notice has been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and the free movement of such information and repealing Directive 95/46 / EC (hereinafter the General Data Protection Regulation or the GDPR), the United Kingdom General Data Protection Regulation and the California Consumer Privacy Act that came into force on January 1, 2020 (hereinafter the: CCPA or California Consumer Privacy Act).

All California residents that visit our website, use our products or otherwise interact with our organisation are kindly asked to observe section 4 of this notice which has been prepared in accordance with the California Consumer Privacy Act.

In the case of any conflict or ambiguity between this privacy notice and the provisions of any special privacy notice or data processing information that we might have offered to you in connection with a particular website, product or service, the provision of the latter shall prevail.

For the purposes of this notice, the term “personal data” means any information that relates to, describes or could be used to identify any individual, either directly or indirectly. Unless otherwise stated, other various terms that can be found in this privacy notice and which stem from the GDPR (e.g. processing, controller, processor, etc.) have the same meaning as specified in the GDPR.

This privacy notice may be updated from time to time in order to better reflect the changes that we might make in relation to our data processing or data protection operations or for other operational and legal reasons.

If this notice is significantly changed, we will publish the news on our platform or send the notification as a message within the service or via email to the relevant data subjects that the change might affect. The importance of the change shall dictate the type of notification method used (i.e. sending emails when we would like to implement additional processing purposes which require your explicit consent).

This notice may contain links to websites of third party processors/service providers or individual controllers that may be involved in our processing activities (see point 3.4 of this notice). If you follow a link to any third-party website, please note that the contents of the website may have changed since the link has been added. Please also consider that all third parties have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal data that is unlawful or goes beyond the scope of our engagement.

This notice does not offer insights on how to use our products or services. More information about the functionalities and use of our products and services can be found on our designated contact facebook page.

2. Data processing activities that relate to our websites, communication, sales and delivery of our products, our general marketing and other company operations

Summary: The following is an overview of when we process your personal data, what personal data we process, why we process said data, what underlying legal basis allows us to do this and how long we keep your data in each case. This section refers to situations where you visit our websites, communicate with us, buy from us, or when we perform our general marketing and other activities. We do not sell personal data of any individuals.

2.1 Visiting and using our websites

2.1.1 Visiting our website involves the placing of necessary cookies

Summary: We automatically place necessary cookies on your device when you visit our website. These cookies are necessary so that our website may be displayed and function properly. These cookies do not typically reveal any information about your browsing habits and preferences (see our dedicated Cookie Policy to learn more).

When: When you visit our website, we automatically place necessary cookies on your device.

Data: Necessary cookie data which typically only reveals technical information about your device (see our Cookie policy to learn more).

Purpose: Necessary cookies are essential for the correct functioning of our website and enable key functions like page navigation, display features, page responsiveness, etc. (see our Cookie Policy to learn more).

Legal basis: We are legally permitted to place necessary cookies on your device without consent.

Data retention: Necessary cookie data can either be stored for the duration of your browsing session or longer (see our Cookie Policy to learn more).

2.2 Consenting to our use of analytical cookies

Summary: When you visit our website, we may place analytical cookies on your device. These cookies are provided to us by our service providers such as Alphabet Inc. (i.e. Google) and others, whereby they make use of automated technologies to collect and analyse information which includes personal data (such as your IP address) to understand how you use our website in order to tailor our site user experience or even increase the effectiveness of our future ad campaigns. These cookies might reveal information about your browsing habits and preferences (see our Cookie Policy to learn more).

When: When you visit our website and click the relevant button in our cookie pop-up.

Data: The information we obtain in this manner may include your device’s IP address, identifiers associated with your devices, the types of devices connected to our services, web browser characteristics, device characteristics, language preferences, referring/exit pages, clickstream data, and dates and times of website or app visits (see our Cookie Policy to learn more).

Purpose: Our analytical cookies help us understand how visitors interact with our websites by collecting and reporting usage information. The intention is to improve features, evaluate and optimise the website user experience, and potentially improve the effectiveness of our marketing (see our Cookie Policy to learn more).

Legal basis: Where required by applicable law (e.g. if you are a resident of the European Economic Area), we will obtain your consent before placing analytical cookies on your device.

Data retention: Analytical cookie data can either be stored for the duration of your browsing session or longer (see our Cookie Policy to learn more).

2.3 Consenting to our use of marketing cookies for online tracking and interest-based advertising

Summary: When you visit our website, we may also place marketing cookies on your device. These cookies are provided to us by our service providers such as Alphabet Inc. (i.e. Google), Meta Platforms Inc. (i.e. Facebook) and others, whereby these cookies make use of automated technologies to collect and analyse different information, including personal data (such as your email, IP addresses, search history, clicks, preferences, interests) for targeted advertising purposes across the web. These cookies reveal information about your browsing habits and preferences (see our Cookie Policy to learn more).

When: When you visit our website and click the relevant button in our cookie pop-up.

Data: Data collection takes place both on our website and on third-party websites where our providers’ cookies, web beacons, pixels and other similar technologies have been placed on your device and where your inferred interests, browsing context, demographic data as well as other online activities over time have been collected through automated means (see our Cookie Policy to learn more).

Purpose: Our marketing cookies are used to track visitors across different websites. The intent is to increase the effectiveness of our ads by enabling target- and interest-based advertising on other online platforms, websites and ad networks (i.e. when you use Google search, Facebook, etc.) (see our Cookie Policy to learn more).

Legal basis: Where required by applicable law (e.g. if you are a resident of the European Economic Area), we will obtain your consent before placing marketing cookies on your device.

Data retention: Please see the information for each individual cookie provider in our Cookie Policy.

2.4 Communication, sales and delivery of our products

2.4.1 When reaching out to us both on and off our websites

Summary: When you reach out to us (e.g. by sending an email to an address that belongs to us, messaging us through our Facebook page or Instagram profile, etc.), we shall process any data you might share (or have shared with us in the past) in order to respond to you or fulfil your request. The data is shared using Klaviyo Inc. a service provider that we use for sending you emails.

When: When you choose to reach out to us or contact us (i.e. by sending an email to an address that belongs to us, submitting a question through our chat module, reaching out to us through our official email channels, social media platforms, or in communication with our employees/agents or via other means).

Data: We may process any data/information you disclose during your purchase (such as your name, email address, billing address, shipping address, products ordered and order number) or which we might already have and require to formulate our response/solve your issue.

Purpose: In order to respond to emails, messages, formal inquiries, proposals, support, troubleshooting and other inbound communication.

Legal basis: We carry out these processing activities because processing might be necessary for the performance of a contract to which the person reaching out to us is a party (e.g. if you have bought a product from us and reach out to us for shipping clarification) or in order to take steps at the request of the data subject prior to entering into a contract (e.g. if you reach out to us with questions about our products prior to placing an order) or on the basis of our legitimate interests.

Data retention: We typically do not keep communication data after responding to you. An exception to the aforementioned can be made if messaging or other communication had been performed through the use of a dedicated service (i.e. email, chat module, etc.), whereby we may keep data in such systems for up to 3 years after having received it.

In certain rare cases, we might keep parts of the data/communication for a longer period, if it is evident that certain data is needed in a legal or other official proceeding that is being carried out.

If such communications took place through platforms such as Facebook, please refer to the data retention periods that Meta Inc. or other platform providers might offer, as data deletion in such circumstances is not solely dependent on us (please see point 3.4 of this notice).

2.4.2 When purchasing a product or subscription from us on our website or through our app

Summary: When you purchase a product or subscription on our website or through our app, we are required to collect and process certain contact, payment, shipping and transactional data for product invoicing, delivery and other necessary administrative or legally required purposes. The data is shared with Shopify Inc. that offers the relevant check-out module of our website, Klaviyo Inc., a service provider that we use for sending you transactional emails, and may be used by different payment facilitators (such as PayPal, Stripe or Google Pay / Apple Pay when purchasing through our app), as well as shared with our delivery service providers (depending on your selected payment method and shipping address). We may be legally required to store parts of such data for up to 7 or 10 years under applicable tax and other legislation.

When: When you purchase a product or subscription from us through our website or app.

Data: Your contact and shipping information (such as your name, email, country, address, billing address, shipping address, telephone number, products ordered, order number (whereby this data can also be shared with our contracted delivery services as stated above), your payment information, such as your credit card number, billing address, holder name, issuing bank, expiry date, and security code.

Purpose: We use this data in order to legally sell and ship our products to you and send you transactional emails (e.g. order status, invoice, etc.).

Your contact and shipping data is shared with our delivery services and your payment information is collected and stored by our third-party payment facilitators on our behalf (such as Shopify, MasterCard, Stripe, Paypal, Apple Pay, Google and others) (see point 3.4 to learn more), whereby these parties may be considered as individual data controllers or processors, as the case may be.

Data you share with us through the check-out or default payment module of our website is also shared with Shopify Inc., which is the company behind the platform our webstore is built and operates on (please see point 3.4 of this notice to find out more about who we might share your data with and why).

This data may also be processed when we are required to comply with legal requirements and other regulations, especially those governing the control of personal data, taxes, invoicing and payments.

Legal basis: Contractual (i.e. the concluded distance sale contract you enter into when you agree to our terms of sale and place your order).

Data retention: We may retain a minimised set of the aforementioned data that includes your contact information, payment and shipping information (such as your name, email address, billing address, shipping address, products ordered and order number) until the expiration of the statutory period under which we may be held liable in relation to any possible hidden defects on the products we have sold you (i.e. up to 3 years, depending on where you are located). This does not include any data that you might have given us on any other grounds or for any other purposes (i.e. data that we process for marketing purposes based on your consent, data that relates to your registered user account, etc.).

We are legally obliged to retain certain transactional data in unminimized form (such as invoicing data) for a minimum of 7 or even 10 years (depending on the point of sale and the location of our subsidiary that is issuing the invoice).

We may also retain certain data on the grounds of our legitimate interest if we detect reasonable grounds that fraud or attempted fraud had taken place in relation to the sale of our products. Such data shall not be kept longer than necessary in order to assess the situation and take any necessary action.

Our payment facilitation/delivery providers typically do not retain any personal data other than the data that they might have a legal obligation or legitimate interest in retaining (or the data that they already keep in relation to your individual use of their payment/banking services). Please see the relevant privacy policy of the payment facilitation/delivery provider that has been engaged in the sale/delivery of our product to find out more.

2.4.3 When wishing to communicate transactional/essential information in connection with your purchase or use of our products or services

Summary: When you purchase a product or service from us (or have done so in the past) and we consider it necessary (or are legally required to do so), we may send you emails with transactional/essential information (i.e. emails about your order having been successfully placed, changes of product delivery dates, information regarding a potentially serious issue that might affect your product, updates and changes to our policies and terms, etc.). The data is shared with Klaviyo Inc. a service provider that we use for sending transactional emails.

When: When you purchase a product or service from us or have done so in the past and we deem it necessary to reach out to you with important information or are required to do so by law.

Data: We may process any data/information you disclose to us during your purchase (such as your name, email address, billing address, shipping address, products ordered and order number) or which we might already have and need in order to formulate our transactional/essential messages.

Purpose: To communicate transactional/essential service-/product-related information to you (i.e. notify you that your order had been placed successfully, inform you of delivery dates, offer assistance regarding the use of our products, inform you of important product issues, updates and changes to our policies and terms, get in touch with you regarding changes to estimated product delivery dates, etc.).

Legal basis: We carry out these processing activities because processing is necessary in order to fulfil the contract that we have concluded with you (i.e. the Terms of Sale you enter into when purchasing a product from us or the End User Licensing Agreement you enter into when registering your account).

We may also be required to perform the above mentioned data processing because we are required to do so under law (i.e. sending you an invoice) or on the basis of our legitimate interests (i.e. providing functioning end safe products). In certain rare cases, the above stated processing might be performed by us in order to protect your vital interests (or the vital interests of another natural person) (e.g. in case of informing you that we have detected a serious issue with a product that had been shipped to you).

Data retention: We typically do not keep communication data after communicating with you. An exception to the aforementioned can be made if messaging or other communication had been performed through the use of a dedicated service (i.e. email, chat module, etc.), whereby we may keep data in such systems for up to 3 years after the receipt of communication.

If such communications took place through social media platforms on which we have our official profiles (e.g. Facebook, Twitter, etc.), please refer to the data retention periods that the providers of such platforms might offer, as data deletion in such circumstances is not solely dependent on us (please see point 3.4 of this notice).

2.5. General marketing activities

2.5.1 When sending email marketing messages to existing customers

Summary: When you purchase a product on our website or elsewhere, certain EU/USA legislation gives us the right to send you email marketing messages that contain information on our similar products and services. Every email you receive as a result of this shall always contain an “unsubscribe” link, and we shall never share your email with any other entity or market products or services that do not belong to us or may not be considered “similar” to those that you had originally purchased from us. Data is shared with Klaviyo Inc. a service provider that we use for sending marketing emails.

When: When you purchase a product from us through our website or through other means.

Data: Your email address and past purchase history with us, as well as information regarding whether you have opened/clicked on links in our email messages.

Purpose: Keeping you informed of similar products and services that we offer.

Legal basis: Our legitimate interests (i.e. under certain EU legislation we are legally allowed to send email marketing messages on an opt-out basis if the recipient’s details were originally collected “in the context of a sale”, if the entity sending the marketing is the same legal entity that collected the recipient’s details initially (i.e. us), the marketing relates to “similar” products and/or services for which the recipient’s details were originally obtained, and you as the recipient are given the opportunity, free of charge, to object to our email marketing, both at the time when your details had been collected and in each subsequent communication (i.e. by clicking the “unsubscribe” link that is contained in each of our marketing emails).

Note that we shall not sell or share your email and other related data with any other third party and shall only use it within the Klaviyo Inc. service which we use for sending such emails.

Data retention: Until we receive your unsubscribe/data deletion request or if you have not opened our marketing emails for more than 3 years, whereby your data shall be permanently deleted in all of these cases.

2.5.2 Sending email marketing messages to new consenting customers

Summary: When you consent to receiving our marketing messages (e.g. newsletters, product waitlist messages, new product launch notifications, discounts etc.) via email or other channels we shall send marketing messages to the email address that you entered for this purpose, whereby every email shall always contain an “unsubscribe” link. You can also withdraw your consent at any time by sending a free form email to https://bikerguard.com. We shall not sell or share your email and other related data with any other third party. The data is shared with Klaviyo Inc. a service provider that we use for sending marketing emails.

When: When you’re open to hearing from us and consent to receiving our various email marketing messages (e.g. newsletters, product waitlist messages, new product launch notifications, discounts, etc.) via email from time to time.

Data: When marketing to an individual, we typically process the individual’s email address. We may also process the name of the individual (and potential other information) if this has been explicitly stated next to the input fields where the individual entered said data and consented to the processing.

Purpose: In order to send newsletters, product waitlist messages, new product launch notifications, discounts, surveys, promotion codes, information on contests and other marketing messages to consenting individuals to their email address.

Legal basis: We carry out these processing activities on the basis of your consent.

To withdraw consent, you can send a free form email to https://bikerguard.com. at any time or follow the unsubscribe link included in all of our marketing emails.

Note that we shall not sell or share your email and other related data with any other third party and shall only use it in the Klaviyo Inc. service which we use for sending emails.

Data retention: Until we receive your unsubscribe/consent withdrawal or data deletion request or if you have not opened our marketing emails for more than 3 years, whereby your data shall be permanently deleted in all of these cases.

2.6 Other company operations

2.6.1 When responding/applying to our open job postings as a potential candidate

Summary: If you respond or apply to any of our open job postings, we may process the data we receive from you in order to evaluate you as a candidate and carry out the necessary hiring procedures. We will not keep any data after the hiring procedure ends if we do not receive your explicit consent for doing so. The data might be shared with external HR firms we might employ to help us with the hiring process.

When: When you respond/apply to our open job posting as a potential candidate through a dedicated online form or reach out to us for this purpose via email.

Data: The data that we might require as part of your application will be stated next to the job posting or dedicated online application form. We typically consider your general contact details (full name, email address, place of residence, age, nationality) as well as any information you might have included in your resume or CV and the details about your current or past employment or other working experience. We may also process any other information you elect to share with us for this purpose as well as any information you have made public on the Internet (such as your blog, Github or LinkedIn page).

Purpose: In order to evaluate you as a candidate and carry out the necessary hiring procedures and interviews.

Note that we may share the data with external HR firms we might employ to help us with the hiring process (please see point 3.4 of this notice).

Legal basis: We carry out these processing activities on the basis of entering into negotiations for the conclusion of an (employment) or other work contract.

Should you explicitly consent to this, we may keep your data after the conclusion of the hiring process in order to keep you posted of any future job opportunities that may interest you. To withdraw consent, you can send a free form email to https://bikerguard.com at any time or follow the unsubscribe link included in all of our job posting emails.

Data retention: Until the conclusion of the hiring procedure or until we receive your consent withdrawal or data deletion request or if you have not opened our job posting emails for more than 3 years, whereby your data shall be permanently deleted in all of these cases.

3. Additional general information

3.1 How we might obtain your personal data

Summary: We use different methods to collect data from and about you, including: Direct interactions, Automated technologies or interactions, Third parties or publicly available sources.

Direct interactions

You may give us information about you by filling in forms or by communicating with us by phone, email or otherwise. This includes information you might provide when creating an account in order to use our app, subscribe to our newsletter, search for a product online with a tracking cookie from our partners installed on your device, place an order through our website, enter one of our competitions, promotions or surveys and when reporting a problem with our website or a bug in our app.

Automated technologies or interactions

As you interact with our website, we may automatically collect technical data about your device, browsing actions and patterns by using cookies and other similar technologies as specified above in section 2 of this notice and in our Cookie Policy.

We may also receive information that relates to you (or another individual) if such information had been recorded with your feeder when it detected activity with its sensors and started making and storing photos / recordings and using our machine learning algorithms to analyse them (see point 2.2.1 of this notice).

Third parties or publicly available sources

We may receive information about you if you visit other websites that place tracking cookies from our partners on your device (see our Cookie Policy to find out more). You may also post some of your information publicly online (i.e. post one of your postcards to our social media pages or profiles) whereby we may process your social media handle in order to reach out to you (i.e. to ask if you would be willing to allow us to use your postcard for our marketing purposes).

3.2. Additional explanations regarding the legal bases that we may use in order to carry out our processing activities from sections 2 and 3 of this notice:

3.2.1 When conducting processing activities in order to comply with a legal obligation

Summary: Our organisation may occasionally process personal data for the purposes of complying with legal requirements and other regulations, especially those governing taxes, invoicing and payments (an example of this may include a court, inspector or other holder of public authority ordering our organisation to provide it with access to certain information which may include personal data).

This may also be the case if someone else had filed for criminal or other legal procedures to be instituted against us by local or international law enforcement agencies or other tax and regulatory bodies, which might therefore contact our organisation for additional details (e.g. when data from our database would have to be presented as evidence in criminal or civil proceedings, otherwise our organisation would suffer material and irreparable damages). Note that we shall only fulfil such requests if specifically required by local or international law and shall adhere to anonymizing or at least minimising any personal data that we are required to share.

In the above stated cases we will always strive to fulfil the request with full transparency, except in cases where this might not be possible as (in accordance with a particular request of an authorised body) notifying the public of such request might endanger the proceedings at hand.

3.2.2 When our processing activities are based on our legitimate interests or the legitimate interests of research entities with which we cooperate

Summary: In certain cases (i.e. when evaluating the threat of fraud), we may rely on our legitimate interests in order to process certain payment-, order- or account-related data or the legitimate interests of third (i.e. international research organisations) as described in sections 2.3. and 3.5.2 of this notice.

Our legitimate interests can also include instances where we process your personal data for our own internal business purposes and commercial interests, such as our own marketing activities (i.e. sending you marketing emails when you are our past customer unless consent is required under applicable laws, as described in point 2.3.1 of this notice), and offering additional customer and technical support.

Legitimate interests can also be displayed or claimed by third parties with which we cooperate (i.e. international research organisations) as described in sections 2.3. and 3.5.2 of this notice.

3.2.3 When our processing activities are based on your consent

Summary: When you will have given your consent for the processing of your data for one or more specific purposes (such as sending email marketing messages to new consenting customers as described in point 2.3.2 of this notice), your consenting to the processing of personal data is voluntary, whereby you may withdraw your consent at any time by contacting us at https://bikerguard.com. (or by clicking the “unsubscribe” link found in each of our marketing emails). If you do not provide personal data or if you withdraw your consent, this may mean that we will not always be able to fulfil the purposes for which we had collected the data.

Where consent has been withdrawn, we shall delete/anonymize any data we or our processors/service providers have kept on the basis of your consent.

Additionally, every effort will be made to remove relevant personal data from products/marketing campaigns and other distributions. However, this may not be possible in some situations, and in such cases, certain personal data that cannot be removed or otherwise anonymized (e.g. blurred) may still appear in publications, products and other media already in use or circulation.

3.2.4 When processing activities are necessary for the performance/negotiating of a contract

Typical situations as mentioned in sections 2 and 3 of this notice include your acceptance of our terms of sale when purchasing our products and your acceptance of our End User Licence Agreement when setting up your account.

This also includes instances when we need to communicate (i.e. negotiate) with you so that you may decide to enter into a contract with us (i.e. buy our product, accept a job position with us, etc.).

3.3 How long do we store your personal data and when do we delete/anonymize it?

Summary: choosing the “Remove” option in relation a photo/recording in the app does not immediately cause the permanent deletion of such data, since under the End User Licence Agreement we reserves the right to store and process photos/recordings that have been added or removed from a user’s collection in order to improve our machine learning models until such data is permanently removed (i.e. deleted) by you.

Should you decide to permanently remove (i.e. delete) a photo/recording please navigate to the relevant content/account deletion options in the app or contact us at https://bikerguard.com, whereby we may, in accordance with our legitimate interests and to the extent permitted by applicable laws, subject the data you wish to delete to algorithmic or manual anonymization (i.e. anonymizing (blurring) photo/recording backgrounds, sounds or otherwise editing the recordings, removing metadata, IP data, feeder ID data, non-precise feeder location data and other potential data in a way which shall irreversibly prevent the photo/recording from being attributable to you or any other person in any way), and continue storing and processing such anonymized data in connection with our machine learning models. All non-anonymized data will be permanently deleted.

Please also note that photos/recordings may also be shared with international research entities conducting ornithological or otherwise relevant research (see point 3.5.2 of this notice).

Our data retention periods depend on the legal basis and purpose of processing and are clearly stated for each type of data and data processing activity in sections 2 to 3 above (or in our Cookie Policy).

Unless otherwise stated, we generally keep personal data for as long as it is necessary to fulfil the purpose for which the data had been collected, or for as long as legal obligation or regulation requires us to keep the data. After that, the data is deleted or anonymized, as mentioned above.

Our organisation undertakes to immediately remove any unnecessary data or data for which it has no legal grounds for processing/storing or regarding which the data retention periods have been exceeded.

3.4 Who might process your personal data and who do we share it with

3.4.1 Certain employees within our organisation or subsidiaries and affiliated organisations

Summary: Your personal data is processed by individual employees of our organisation or our external collaborators.

Your personal data is processed by individual employees of our organisation or our external collaborators (hereinafter: “employees”). Employees of our organisation process only the personal data that they need for their work, but they can also share it with each other if their work tasks and the internal rules of our organisation allow them to do so. All of our employees are committed to confidentiality and the protection of personal data.

Based on certain corporate events or changes in the ownership or structure of our organisation (i.e. our company being acquired) your data may also be shared with our subsidiaries or affiliate companies (both present and future). This includes instances such as corporate divestitures, mergers, consolidations, acquisitions, reorganizations, or any other situation involving the transfer or disposal of our business or assets, as well as the business or assets of our affiliates/subsidiaries. This may also apply in the context of bankruptcy or similar proceedings.

3.4.2 Public authorities

In certain cases, as prescribed by applicable law, our organisation must hand over your personal data to the competent state authorities which may have explicit legal grounds for reviewing certain data in the context of criminal, financial, tax or other types of official procedures/supervision. In certain cases, our organisation is compelled to provide data to third parties if such an obligation to provide or disclose the data is imposed on our organisation by law or on the basis of a valid legal right of a third party (see point 3.2.1 of this notice).

3.4.3 Our processors/service providers

In addition to the employees in our organisation, employees of entities that we engage so that they help us achieve the processing purposes described in sections 2 and 3 of this notice (hereinafter: “processors/service providers”), may also process personal data as confidential and only within the scope of the data processing agreement/standard contractual clauses, which have been concluded/put in place in relation to the processors/service provider in question.

The processors/service providers may only process personal data in accordance with the relevant data processing agreement/standard contractual clauses, and may not use the data to pursue any other purpose or interest.

To obtain a detailed list of all of our processors/service providers, which data they process, the purposes we employ their processing/services for, as well as how we keep your data safe when engaging them, feel free to reach out to us at https://bikerguard.com.

The processors/service providers with whom we cooperate for providing our products and services (as per section 2 and 3 of this notice) are:

a) Processors/service providers that we may engage in connection with data processing activities that relate to our websites, communication, sales and delivery of our products, our general marketing and other company operations

Cookie providers: We use third party necessary, analytical and advertising cookie providers which are listed in our dedicated Cookie Policy.

Payment facilitators: We use payment facilitators such as:

Delivery providers: We use different delivery/logistics services, depending on your location, such as:

Our email messaging provider: We use the Klaviyo Inc. (https://www.klaviyo.com/legal/privacy-policy) service to send all of our transactional or marketing emails. We may also use Klaviyo Inc. in order to obtain your cookie consent and input your contact and order information/invoices/delivery location data into the service (see the relevant parts of section 2 of this notice to learn more).

Our website/web store provider: Our website and its online store are built on and partially provided by Shopify Inc. (https://www.shopify.com/legal/privacy/customers), whereby you might be sharing your contact and order information/payment information (when using the ShopPay payment module to order your product from our website)/delivery location information as well as other potential information with Shopify Inc. and its partners when purchasing products or otherwise interacting with our website (see the relevant parts of section 2 of this notice to learn more).

Other apps and plugins we might use in connection with our website or communication channels: please reach out to us at the email provided below to learn more.

To obtain a detailed list of all of our processors/service providers, which data they process, the purposes we employ their processing/services for, as well as how we keep your data safe when engaging them, feel free to reach out to us at https://bikerguard.com.

b) Processors/service providers that we may engage in connection with data processing activities that relate to the BIKERGUARD and corresponding BIKERGUARD er iOS and Android applications

Third-party “social log-in” providers: , your data might be processed for analytical or marketing purposes by the provider of the social log-in service. See when and how this might be applicable in the relevant sections above or check out the privacy policy of the relevant provider here:

Analytics providers: We use third party analytics such as Mixpanel for the purposes of delivering our services and conducting analyses and research. To obtain more information about how your data is being processed, see their terms of service at: https://mixpanel.com/legal/privacy-policy/.

 

c) Other companies or individual consultants we may engage or cooperate with in the provision of our services that may need access to certain parts of your data

  • Consultants who cooperate with our organisation on the basis of relevant business and data processing agreements so that they can provide us with their accounting, legal, marketing, HR and other consulting services.
  • External IT system maintenance providers and/or platform/service developers who cooperate with our organisation on the basis of relevant business and data processing that may gain limited access to our back-end or databases.

Other apps and plugins we might use in connection with the BIKERGUARD please reach out to us at https://bikerguard.com.

3.5 Transferring personal data to third countries and international organisations / research organisations and measures for protecting such transferred data

3.5.1 Engaging contractual processors/service providers have their place of business registered in the USA or in other “third countries”

Summary: We operate globally and are thereby obliged to transfer your personal information to our main entity which is registered in the USA. The sale of our products and the provision of our services also require that we engage contractual processors/service providers as specified in sections 2 to 3, whereby many of these processors/service providers have their place of business registered in the USA (or in other non-EEA countries where the GDPR is not applicable or where the requirements of the GDPR are not adequately reflected in national privacy laws, as the case may be).

As stated above, many of our processors/service providers have their place of business registered in the USA (or in other non-EEA countries where the GDPR is not applicable or where the requirements of the GDPR are not adequately reflected in national privacy laws, as the case may be) (hereinafter: “third countries”).

As stated above, we thereby regularly engage contractual processors/service who may process personal data on our behalf in third countries, whereby we only do so with the appropriate safeguards in place so that your data is safe and your data subject rights are respected.

Following decision C-311/18 (Schrems II) of the CJEU and the fall of the EU-US Privacy Shield we have reached out to our US-based processors/service providers and decided on alternative safeguards on a case-by-case basis in accordance with the guidance of the European Data Protection Board.

Where we could not put in place such appropriate safeguards (such as standard contractual clauses, data encryption, automated data deletion intervals, etc.), we ask for your specific consent before processing/sharing your data. More details on third country service providers and the measures taken to ensure your rights can be found in point 4.4 of this notice.

In addition to the purposes and providers listed in sections 2, 3 of this notice, your data may also effectively be considered as transferred (i.e. disclosed) in the following situations, where we might have legitimate interests in buying/selling our assets in connection with entities that are registered in third countries:

  • If we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets that may be registered in a third country (whereby we shall only do so if all applicable confidentiality and security requirements are offered to us by any potential buyer and their organisation). Please note that we shall only do so if all applicable confidentiality and security requirements are offered to us by any potential buyer and their organisation and shall never disclose any data in this way if the processing of such data had been carried out on the basis of your explicit consent.
  • If all or a substantial part of our assets are acquired by a third party that may be registered in a third country whereby our assets may include parts of your data. Please note that we shall only do so if all applicable confidentiality and security requirements are offered to us by any potential buyer and their organisation and shall never disclose any data in this way if the processing of such data had been carried out on the basis of your explicit consent.

Your data may also effectively be considered as transferred (i.e. disclosed) if we are required on the basis of EU law or the law of a Member State to disclose or share your personal data with an international organisation / public authority or other entity that might be registered in a third country, whereby we are required to do so to comply with a legal obligation.

3.6 Processing special categories of personal data

We do not knowingly process special categories of personal data.

3.7 What rights do you have in connection with your personal data and how can you exercise them?

You can contact us at any time and without hesitation at https://bikerguard.com in connection with this notice or regarding the processing of your personal data by our organisation and our processors/service providers.

You can also contact us at the email mentioned above in order to send us your specific requests and for exercising your other rights which relate to your personal data and applicable local legislation or the GDPR. If we have reasonable doubts concerning your identity, we may request additional information to verify your identity.

As a data subject of the EEA, the GDPR gives you the opportunity to exercise the following rights with our organisation as the controller of your personal Data: Right of access, Right to rectification, Right of objection, Right to data portability, Right to restrict data processing, Right of erasure (“right to be forgotten”), Right to refuse or withdraw consent, Automated decision-making, Right to lodge a complaint with a supervisory authority.

Right of access

You have the right to obtain confirmation from us on whether personal data or personally identifiable information is being processed by us or our processors/service providers and the right to obtain a copy of your personal data that is being processed.

Right to rectification

You have the right to request the rectification of inaccurate personal data and to have incomplete data completed.

Right of objection

You have the right to object to the processing of your personal data for compelling and legitimate reasons relating to your particular situation, except in cases where legal provisions expressly provide for that processing. You also have the right to object/opt out of the processing of your personal data for direct marketing purposes by clicking on the unsubscribe link at the bottom of our marketing emails or by contacting us at https://bikerguard.com.

Right to data portability

You have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format, and have the right to transmit it to other data controllers without hindrance. This right only exists if the processing is based on your consent or a contract and the processing is carried out by automated means.

Right to restrict data processing

You have the right to request the restriction of processing your personal data in certain cases.

Right of erasure (“right to be forgotten”)

You may request to erase your personal data if (i) it is no longer necessary for the purposes for which we had collected it, (ii) you have withdrawn your consent and no other legal ground for processing exists, (iii) you objected and no overriding legitimate grounds for processing exist, (iv) the processing is unlawful, or erasure is required to comply with a legal obligation.

Right to refuse or withdraw consent

In case we request your consent for processing, you are free to refuse it and can withdraw it at any time without any adverse negative consequences by contacting us at https://bikerguard.com. The lawfulness of any processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.

Automated decision-making

Under the GDPR you have the right not to be subject to decisions based solely on automated processing and have the right to be given more information about why any such decision has been made. Note that this is currently not applicable to our processing activities (see 3.8 of this notice).

Right to lodge a complaint with a supervisory authority

If you believe that the processing of personal data performed in connection with you by our organisation as the controller violates personal data protection regulations, you may, without prejudice to any other (administrative or other) remedy, lodge a complaint with the supervisory authority, in particular in the country where you have your habitual residence, your place of work or where the infringement is alleged to have taken place.

In Slovenia (the country where BIKERGUARD d.o.o., Ulica Anne Ziherlove 10, 1000 Ljubljana, Slovenia, our representative in Europe, is located) the authority is:

  • Informacijski pooblaščenec, 22 Dunajska, 1000 Ljubljana, Slovenia, EU, email: gp.ip@ip-rs.com, phone: +38612309730, website: www.ip-rs.com.

A list of other EU supervisory authorities and their contact information can be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en#.

3.8 Existence of automated decision-making and profiling

At the time of the publication of this notice, we do not carry out automated decision-making activities as referred to in Article 22(1) and (4) of the GDPR in connection with our websites, products and services.

Should this change, we will update this notice, and both inform you and make clear that you have the right not to be subject to decisions based solely on automated processing and shall give more information about why any such decision has been made.

3.9 Processing the personal data of persons under 16 years of age

Our organisation does not knowingly collect or otherwise process the personal data of persons under 16 years of age, as our products and services are not intended or directed towards such persons. However, our organisation may collect personal data regarding children below the age of 16 years of age directly from their parent or guardian, and with that person’s explicit consent.

If our organisation subsequently finds out that it has processed the personal data of such a person without the consent of their parent or guardian, our organisation shall do everything necessary to delete all provided personal data.

At the address https://bikerguard.com, the above described persons or their parents or guardians shall be able to submit their requests for the deletion of the data concerned at any time.

3.10 Who can you contact for further clarification regarding the processing of personal data in our organisation and regarding your rights?

You can contact us at any time and without hesitation at https://bikerguard.com.

3.11 Security and protection of personal data

Summary: Our organisation carefully stores and protects personal data through organisational, technical and logical procedures and measures to protect data from accidental or intentional unauthorised access, destruction, alteration or loss, and unauthorised disclosure or other form of processing not explicitly stated in sections 2, 3 or to which you have not expressly consented to.

To this end, our organisation has also adopted appropriate internal processes and set up various measures (e.g. assigning, using and changing passwords, locking premises, offices, server and workstation locations, regularly updating software and upgrading security-critical components, the physical protection of materials/data carriers containing personal data in specially designated places, the training of employees, etc.). Our organisation also demands these security commitments from its contractual processors.

4. Privacy information for California residents

4.1 Applicability of this section

If you are a California resident (as defined in section 17014 of Title 18 of the California Code of Regulations), California law requires us to provide you with some additional information regarding your rights with respect to your “personal information” as defined in the CCPA.

4.2 Information on whether we disclose or sell personal data of CA residents

Summary: In the preceding twelve (12) months we have not sold any personal information prior to the last update that had been made to this notice.

We disclose your personal information for a business purpose to the following categories of third parties: our subsidiaries or affiliated companies (i.e. businesses that are related to or associated with our company through common ownership, control, or some form of contractual relationship) our other processors/service providers (see point 3.4 of this notice), third parties to whom you or your agents authorise us to disclose your personal information in connection with products or services we provide to you (when we engage such affiliates/service providers as controllers and when data processing is being carried out by them for our own lawful purposes that had been previously communicated to you and when a data protection agreement is in place).

We have disclosed the following categories of personal data for a business purpose in the 12 months prior to the last update that had been made to this notice: identifiers, demographic information, commercial information, internet or other electronic network activity information, non-precise feeder location data, audio, electronic, visual, or similar information, professional or employment-related information, inferences drawn from any of the previously stated information.

We only disclose your personal data to third party processors/service providers in order to achieve the purposes of the processing activities described in sections 2, 3 of this notice or when you have consented to such disclosure, whereby such third-party processors/service providers have concluded a data processing agreement with us (or offered similar safeguards) to ensure your rights are respected. A list of our third-party processors/service providers can be found in point 3.4 of this notice or obtained by reaching out to us via the email or phone number listed at the end of this section.

4.3 Information on the rights of CA residents

Summary: The CCPA provides Californian residents with the following rights: Right to know, Right to delete, Right to opt out, The right to non-discrimination.

Right to know (i.e. request disclosure of any personal information we have collected about you).

You have the right to request the disclosure of the categories of personal information we have collected from you, along with the categories of sources from which they have been collected, the purpose of their collection, the categories of third parties with whom we have shared your personal information (“Categories Report”), and the specific pieces of personal information that have been collected (“Specific Pieces Report”).

You may request that we disclose which personal information we have collected, used, shared, or sold in relation to you, and why we have collected, used, shared, or sold that information. Specifically, you may request that we disclose:

  • The categories of personal information collected.
  • Specific pieces of personal information collected.
  • The categories of sources from which we have collected the personal information.
  • The purposes for which we have used the personal information.
  • The categories of third parties with whom we have shared the personal information.
  • The categories of information that we sell or disclose to third parties.

We shall provide you this information for the 12-month period preceding your request. We shall provide you this information free of charge.

To request the above stated information, please send your request to https://bikerguard.com. Please allow 45 days for our response. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can oblige such a request.

Right to delete (i.e. request deletion of any personal information that we have collected from you).

After we have verified your request to delete your personal information, we shall delete it from our servers/records and direct any of our processors/service providers to delete your personal information from their servers/records, except when certain exemptions from the relevant parts of the CCPA are applicable (e.g. in cases where the personal information is necessary so that we may continue to provide our services), in order to detect security incidents, to identify and repair errors that impair existing intended functionalities of our products and services, to engage statistical research in the public interest (i.e. our cooperation with international ornithology research organisations as mentioned in point 3.5.1 of this notice,or to comply with a legal obligation).

Right to opt out (of the sale of your personal information).

You may request that we stop selling your personal information, whereby this is currently not applicable as we do not currently sell any personal information.

The right to non-discrimination (when exercising your CCPA rights).

We will not discriminate against you in any manner prohibited by applicable law for exercising your CCPA rights (as listed above).

4.4 Information on how CA residents may contact us in order to exercise their rights

In addition to contacting us through our dedicated email address https://bikerguard.com, you can also exercise any rights under the CCPA or request further information regarding your rights by calling us at (00 386 051 601 740) during our official office hours, whereby standard rates may apply.

5. Document version and updates

Version and date of the last update of this notice

The text of this notice represents the first edition – 1.0.

Please reach out to us at https://bikerguard.com in order to receive the older version of this document when new versions will be published.

 

This notice ‘first edition’ was published on January 25, 2024.