Privacy Policy

Last updated: 16/01/2026

Personal Data Collected

We collect the following personal data:


Information you provide:

  • Full name
  • Email address
  • Phone number
  • Pickup and drop-off addresses
  • Flight details (for airport transfers)
  • Special requests or requirements

    • Automatically collected:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and interactions
  • Cookies and similar technologies

    • We do not collect sensitive personal data (health, religion, political opinions, etc.).

    Purpose & Legal Basis

    Your data is processed for the following purposes:


    Contractual necessity (Art. 6.1.b GDPR):

  • Processing quote requests and bookings
  • Providing transportation services
  • Sending booking confirmations and updates
  • Processing payments and invoicing

    • Legitimate interest (Art. 6.1.f GDPR):

  • Improving our services
  • Responding to inquiries
  • Preventing fraud
  • Website analytics

    • Legal obligation (Art. 6.1.c GDPR):

  • Tax and accounting records
  • Compliance with legal requests

    • Consent (Art. 6.1.a GDPR):

  • Marketing communications (optional)
  • Non-essential cookies

    • Data Retention Period

    We retain your personal data only as long as necessary:


  • Booking data: 3 years from last service
  • Invoices and financial records: 10 years (legal requirement)
  • Quote requests (not converted): 12 months
  • Contact form submissions: 12 months
  • Analytics data: 26 months
  • Cookies: See cookie policy section

    • After these periods, data is securely deleted or anonymized.

    Data Storage & Security

    Your data is stored securely using:


  • Database: Supabase (servers in European Union)
  • Payment processing: Stripe (PCI-DSS compliant)
  • Website hosting: Vercel (with EU data processing)

    • Security measures include:


  • Encryption in transit (TLS/SSL)
  • Encryption at rest
  • Access controls and authentication
  • Regular security audits
  • Employee confidentiality agreements

    • While we implement industry-standard security measures, no system is completely secure. We will notify you promptly of any data breach affecting your personal data.

    Your Rights

    Under GDPR, you have the following rights:


  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interest
  • Withdraw consent: Where processing is based on consent

    • To exercise these rights, contact us at contact@rydin.fr.


    We will respond within 30 days. You may also lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés): www.cnil.fr

    Cookies & Tracking

    We use cookies and similar technologies:


    Essential cookies (always active):

  • Session management
  • Security features
  • Language preferences

    • Analytics cookies (with consent):

  • Website usage statistics
  • Performance monitoring
  • Error tracking

    • Marketing cookies (with consent):

  • Not currently used

    • You can manage cookie preferences through your browser settings or our cookie consent banner.


    Cookie retention:

  • Session cookies: Deleted when browser closes
  • Persistent cookies: Up to 12 months

    • Disabling cookies may affect website functionality.

    Data Protection Contact

    For any questions regarding your personal data or to exercise your rights:


    Data Controller:

    RYDIN

    42 Avenue Anatole France, 94400, Vitry-sur-Seine, France


    Contact:

    contact@rydin.fr


    We do not have a Data Protection Officer (DPO) as we do not meet the threshold requirements under Article 37 GDPR. However, all data protection inquiries are handled with priority.


    Response time: Within 30 days of receipt.