Privacy Policy
Effective date: TBD at launch Last updated: TBD at launch
⚠️ Draft notice (remove before publish): Working skeleton covering the US (CCPA + state laws) and Canada (PIPEDA + Quebec Law 25). Legal review deferred — do not publish as-is.
1. Who we are
Ride MN is an individual-operated project. Contact: info@ridemn.io.
2. Scope
This policy covers www.ride.ink, www.ridemn.io, app.ride.ink,
app.ridemn.io, and any email we send in response to a request.
It does not cover third-party sites linked from our pages.
3. What we collect
| Category | Example | Source | Lawful basis |
|---|---|---|---|
| Email address | You type it in to request access | You | Your consent |
| Access-request details | Optional intent + desired coverage area | You | Your consent |
| Coverage-check query | ZIP or city you enter | You | Legitimate interest — service delivery |
| Authentication identity | Google account identity via Cloudflare Access | Cloudflare Access / Google | Contract (access to the app) |
| Cookies (app only) | Session + anti-CSRF | Your browser | Strictly necessary |
| Activity logs (app only, authenticated users) | Roads viewed, routes planned, searches | Your use of the app | Legitimate interest — service improvement + abuse prevention |
| GPS ride traces (opt-in) | Your recorded ride data | You (when you start a recording) | Your consent |
| Server logs | IP, timestamp, request path, user-agent | Cloudflare + our server | Legitimate interest — security |
We do not collect: precise location without your opt-in, biometrics, payment info (no payments processed), children’s data (service not directed to anyone under 16).
4. What we don’t do
- We don’t sell personal information. We have no third-party advertising on any surface.
- We don’t run third-party analytics or ad trackers. We use Cloudflare Web Analytics (cookieless, aggregated only).
- We don’t share your data with third parties except as listed in §7.
- We don’t profile users for targeted advertising.
5. Cookies
| Cookie | Set by | Purpose | Lifetime |
|---|---|---|---|
CF_Authorization |
Cloudflare Access | Auth session for the app | Session + 24 h idle |
scenic_user_id |
App | Per-user identification | 1 year |
scenic_session_id |
App | Per-session telemetry | Session |
scenic_dev_email |
App (dev/LAN only) | Local development | Session |
cf-turnstile-* |
Cloudflare Turnstile | Bot protection on forms | ~1 day |
We do not use any third-party advertising or analytics cookies.
6. How we use the data
- Deliver the service (auth, map, routing, ride recording)
- Decide whether to grant access when you request it
- Improve the service (fix bugs, improve routing quality)
- Keep the service secure (rate-limit abuse, investigate incidents)
- Respond to privacy requests and legal obligations
Retention:
- Access-request records: 12 months after approval/denial, then deleted
- Server + Cloudflare logs: 30 days
- Authenticated app activity: 24 months (rolling)
- GPS ride traces you recorded: until you delete them
7. Processors we share data with
| Processor | Purpose | Location |
|---|---|---|
| Cloudflare, Inc. | Network + Access + Pages + Workers + D1 + KV + R2 | US (with global edges) |
| Google Cloud Platform | Secret Manager, Maps APIs (tiles, Places, Geocoding) | US |
| Google (OAuth) | Authentication for Cloudflare Access | US |
| Resend (or MailChannels) | Transactional email for admin notifications | US |
| GitHub | Source hosting (no user data beyond git commits we make) | US |
We have signed standard data processing agreements where available.
8. International transfers
Your data may be transferred to and stored in the United States, where our processors are based. For users in Canada, we rely on PIPEDA’s contract-based framework. For Quebec users, we comply with Law 25’s international transfer assessment requirement and limit transfers to processors with adequate safeguards.
9. Your rights
United States (CCPA and state laws — CA, CO, CT, UT, VA, TX, OR, MT, IA, DE, NH, NJ, MD, MN)
You have the right to:
- Know what personal information we hold about you
- Access a copy of that information
- Delete it (subject to service-delivery needs and legal retention)
- Correct inaccurate information
- Opt-out of sale or sharing for targeted advertising — noting we don’t do either
- Limit use of sensitive personal information — noting we don’t collect any
- Non-discrimination — using these rights won’t degrade your service
Submit requests to info@ridemn.io. We respond within 45 days (CCPA) or
the applicable state-law deadline.
Canada (PIPEDA)
You have the right to:
- Access the personal information we hold about you
- Correct it if inaccurate
- Withdraw consent at any time (subject to contractual constraints for active service)
- Complain to the Office of the Privacy Commissioner of Canada: https://www.priv.gc.ca/en/report-a-concern/
Submit requests to info@ridemn.io. We respond within 30 days.
Quebec (Law 25)
In addition to PIPEDA rights, residents of Quebec have the right to:
- Data portability — receive your data in a structured, commonly-used machine-readable format
- Automated decision-making disclosure — we don’t use automated decision-making for access approvals; a human reviews every request
- Designated privacy officer contact —
info@ridemn.io - Complaint to the Commission d’accès à l’information du Québec: https://www.cai.gouv.qc.ca
10. Security
- All traffic is HTTPS.
- The app is gated by Cloudflare Access with allowlisted Google accounts.
- Secrets are stored in GCP Secret Manager and accessed at runtime only; they are never written to disk.
- The public forms are protected by Cloudflare Turnstile and per-IP rate limiting.
- We do not store payment information (no payments are processed).
11. Changes to this policy
If we make material changes, we’ll update the “Last updated” date and, for approved users, notify by email before the change takes effect.
12. Contact
info@ridemn.io — we acknowledge receipt within 5 business days and
complete substantive response within the applicable statutory deadline.
Legal-review TODOs (for James + counsel)
- [ ] Confirm actual data collection matches §3 — audit current app + worker telemetry to make sure this table is complete and accurate.
- [ ] Confirm retention periods are enforced (or add deletion jobs to back them up).
- [ ] Confirm the list of processors in §7 matches reality at launch time (Resend vs. MailChannels decision, any CT monitor add-ons, etc.).
- [ ] Decide on a physical mailing address for CCPA Shine-the-Light — a PO box or registered-agent is typical.
- [ ] Decide whether to offer a standalone Canadian contact separate from
privacy@ride.ink(not required, but some operators do). - [ ] Counsel review before launch.