Last updated 10.05.2024
This policy from WayfloW ("Company," "we," "us," or "our"), describes how and why we might
collect, store, use, and/or share ("process") your information when you use our services
("Services"), such as when you:
● Visit our website at https://www.wayflow-cycling.com/, or any website of ours that
links to this policy
● Use our application(s) that links to this policy
● Engage with us in other related ways - including any sales, marketing, or events
Questions or concerns? Reading this policy will help you understand your privacy rights and
choices. If you do not agree with our policies and practices, please do not use our Services.
If you still have any questions or concerns, please contact us at contact@wayflow-cycling.com.
SUMMARY OF KEY POINTS
This summary provides key points from our GDPR Compliance Policy, but you can find out
more details about any of these topics by using our table of contents below to find the
section you are looking for.
What personal information do we process? When you visit, use, or navigate our Services, we
may process personal information depending on how you interact with WayfloW and the
Services, the choices you make, and the products and features you use.
Do we process any sensitive personal information? We may process sensitive personal
information when necessary, only with your previous consent or as otherwise permitted by
applicable law.
Do we receive any information from third parties? We may receive information from public
databases, marketing partners, social media platforms, and other outside sources.
How do you process my information? We process your information to provide, improve, and
administer our Services, communicate with you, for security and fraud prevention, and to
comply with law. We may also process your information for other purposes only with your
prior consent. We process your information only when we have a valid legal reason to do so.
In what situations and with which types of parties do we share personal information? We
do not share information under any specific situations with third parties without your prior
consent.
How do we keep your information safe? We have organizational and technical processes
and procedures in place to protect your personal information. However, no electronic
transmission over the internet or information storage technology can be guaranteed to be
100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other
unauthorized third parties will not be able to defeat our security and improperly collect,
access, steal, or modify your information.
What are your rights? Depending on where you are located geographically, the applicable
privacy law may mean you have certain rights regarding your personal information.
How do I exercise my rights? The easiest way to exercise your rights is by contacting us
and requesting a DSAR (Data Subject Access Request). We will consider and act upon any
request in accordance with applicable data protection laws.
Want to learn more about what WayfloW does with any information we collect?
TABLE OF CONTENTS
1. WHAT INFORMATION DO WE COLLECT?
2. HOW DO WE PROCESS YOUR INFORMATION?
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
5. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?
6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
7. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
8. HOW LONG DO WE KEEP YOUR INFORMATION?
9. HOW DO WE KEEP YOUR INFORMATION SAFE?
10. DO WE COLLECT INFORMATION FROM MINORS?
11. WHAT ARE YOUR PRIVACY RIGHTS?
12. CONTROLS FOR DO-NOT-TRACK FEATURES
13. DO WE MAKE UPDATES TO THIS POLICY?
14. HOW CAN YOU CONTACT US ABOUT THIS POLICY?
15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
1. WHAT INFORMATION DO WE COLLECT?
Personal information you disclose to us.
In Short, we collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the
Services, express an interest in obtaining information about us or our products and
Services, when you participate in activities on the Services, or otherwise when you contact
us.
Personal Information Provided by You. The personal information that we collect depends
on the context of your interactions with us and the Services, the choices you make, and the
products and features you use. The personal information we collect may include the
following:
● Name
● Addresses
● Tax ID
● IP addresses and devices information
● Phone numbers
● Email Addresses
Sensitive Information. When necessary, with your consent or as otherwise permitted by
applicable law, we process the following categories of sensitive information:
● Employee data
● Segments data (strava or .gpx)
● Post-processed data (generated videos data)
● Telemetry data (weather predictions, road widths, turn angles)
Payment Data. We may collect data necessary to process your payment if you make
purchases, such as your payment instrument number (such as the IBAN of your bank
account), and the security code associated with your payment instrument.
This information is primarily needed to maintain the security and operation of our
application(s), for troubleshooting, and for our internal analytics and reporting purposes.
All personal information that you provide to us must be true, complete, and accurate, and
you must notify us of any changes to such personal information.
Information automatically collected. In Short, some information — such as your Internet Protocol (IP) address and/or browser
and device characteristics — is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services.
This information does not reveal your specific identity (like your name or contact
information) but may include device and usage information, such as your IP address,
browser and device characteristics, operating system, language preferences, referring URLs,
device name, country, location, information about how and when you use our Services, and
other technical information. This information is primarily needed to maintain the security
and operation of our Services, and for our internal analytics and reporting purposes.
Like many businesses, we also collect information through cookies and similar
technologies.
The information we collect includes:
■ Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and
performance information our servers automatically collect when you access or use
our Services and which we record in log files. Depending on how you interact with us,
this log data may include your IP address, device information, browser type, and
settings and information about your activity in the Services (such as the date/time
stamps associated with your usage, pages and files viewed, searches, and other
actions you take such as which features you use), device event information (such as
system activity, error reports (sometimes called "crash dumps"), and hardware
settings).
■ Device Data. We collect device data such as information about your computer,
phone, tablet, or other device you use to access the Services. Depending on the
device used, this device data may include information such as your IP address (or
proxy server), device and application identification numbers, location, browser type,
hardware model, Internet service provider and/or mobile carrier, operating system,
and system configuration information.
■ Location Data. We collect location data such as information about your device's
location, which can be either precise or imprecise. How much information we collect
depends on the type and settings of the device you use to access the Services.
Information collected from other sources. In Short, we may collect limited data from public databases, marketing partners, social
media platforms, and other outside sources.
In order to enhance our ability to provide relevant marketing, offers, and services to you and
update our records, we may obtain information about you from other sources, such as
public databases, joint marketing partners, affiliate programs, data providers, social media
platforms, and from other third parties. This information includes mailing addresses, job
titles, email addresses, phone numbers, intent data (or user behavior data), Internet
Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for
purposes of targeted advertising and event promotion. If you interact with us on a social
media platform using your social media account (e.g., Facebook or Twitter), we receive
personal information about you from your profile. Any personal information that we collect
from your social media account depends on your social media account's privacy settings.
2. HOW DO WE PROCESS YOUR INFORMATION?
In Short: We process your information to provide, improve, and administer our Services,
communicate with you, for security and fraud prevention, and to comply with law. We may
also process your information for other purposes only with your prior consent.
We process your personal information for a variety of reasons, depending on how you
interact with our Services, including:
■ To facilitate account creation and authentication and otherwise manage user
accounts. We may process your information so you can create and log in to your
account, as well as keep your account in working order.
■ To deliver and facilitate delivery of services to the user. We may process your
information to provide you with the requested service.
■ To respond to user inquiries/offer support to users. We may process your
information to respond to your inquiries and solve any potential issues you might
have with the requested service.
■ To send administrative information to you. We may process your information to
send you details about our products and services, changes to our terms and policies,
and other similar information.
■ To fulfill and manage your orders. We may process your information to fulfill and
manage your orders, payments, returns, and exchanges made through the Services.
■ To request feedback. We may process your information when necessary to request
feedback and to contact you about your use of our Services.
■ To send you marketing and promotional communications. We may process the
personal information you send to us for our marketing purposes, if this is in
accordance with your marketing preferences.
■ To deliver targeted advertising to you. We may process your information to develop
and display personalized content and advertising tailored to your interests, location,
and more.
■ To protect our Services. We may process your information as part of our efforts to
keep our Services safe and secure, including fraud monitoring and prevention.
■ To identify usage trends. We may process information about how you use our
Services to better understand how they are being used so we can improve them.
■ To determine the effectiveness of our marketing and promotional campaigns. We
may process your information to better understand how to provide marketing and
promotional campaigns that are most relevant to you.
■ To save or protect an individual's vital interest. We may process your information
when necessary to save or protect an individual’s vital interest, such as to prevent
harm.
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
In Short: We only process your personal information when we believe it is necessary and we
have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your
consent, to comply with laws, to provide you with services to enter into or fulfill our
contractual obligations, to protect your rights, or to fulfill our legitimate business interests.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid
legal bases we rely on in order to process your personal information. As such, we may rely
on the following legal bases to process your personal information:
■ Consent. We may process your information if you have given us permission (i.e.,
consent) to use your personal information for a specific purpose. You can withdraw
your consent at any time.
■ Performance of a Contract. We may process your personal information when we
believe it is necessary to fulfill our contractual obligations to you, including providing
our Services or at your request prior to entering into a contract with you.
■ Legitimate Interests. We may process your information when we believe it is
reasonably necessary to achieve our legitimate business interests and those
interests do not outweigh your interests and fundamental rights and freedoms. For
example, we may process your personal information for some of the purposes
described in order to:
- Send users information about special offers and discounts on our products
and services
- Develop and display personalized and relevant advertising content for our
users
- Analyze how our services are used so we can improve them to engage and
retain users
- Support our marketing activities
- Diagnose problems and/or prevent fraudulent activities
- Understand how our users use our products and services so we can improve
user experience
■ Legal Obligations. We may process your information where we believe it is
necessary for compliance with our legal obligations, such as to cooperate with a law
enforcement body or regulatory agency, exercise or defend our legal rights, or
disclose your information as evidence in litigation in which we are involved.
■ Vital Interests. We may process your information where we believe it is necessary to
protect your vital interests or the vital interests of a third party, such as situations
involving potential threats to the safety of any person.
In legal terms, we are generally the “data controller” under European data protection laws of
the personal information described in this policy, since we determine the means and/or
purposes of the data processing we perform.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
In Short: We may share information in specific situations described in this section and/or
with the following categories of third parties, only with your prior consent.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data
with third-party vendors, service providers, contractors, or agents (“third parties”) who
perform services for us or on our behalf and require access to such information to do that
work. We have contracts in place with our third parties, which are designed to help
safeguard your personal information. This means that they cannot do anything with your
personal information unless we have instructed them to do it. They will also not share your
personal information with any organization apart from us. They also commit to protect the
data they hold on our behalf and to retain it for the period we instruct. The categories of
third parties we may share personal information with are as follows:
■ Affiliate Marketing Programs
■ Cloud Computing Services
■ Data Analytics Services
■ Data Storage Service Providers
■ Product Engineering & Design Tools
■ Website Hosting Service Providers
We also may need to share your personal information in the following situations, only with
your prior consent:
■ Business Transfers. We may share or transfer your information in connection with,
or during negotiations of, any merger, sale of company assets, financing, or
acquisition of all or a portion of our business to another company.
5. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?
In Short: We are not responsible for the safety of any information that you share with third
parties that we may link to or who advertise on our Services, but are not affiliated with, our
Services.
The Services, may link to third-party websites, online services, or mobile applications and/or
contain advertisements from third parties that are not affiliated with us and which may link
to other websites, services, or applications. Accordingly, we do not make any guarantee
regarding any such third parties, and we will not be liable for any loss or damage caused by
the use of such third-party websites, services, or applications. The inclusion of a link
towards a third-party website, service, or application does not imply an endorsement by us.
We cannot guarantee the safety and privacy of data you provide to any third parties. Any
data collected by third parties is not covered by this policy. We are not responsible for the
content or privacy and security practices and policies of any third parties, including other
websites, services, or applications that may be linked to or from the Services. You should
review the policies of such third parties and contact them directly to respond to your
questions.
6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
In Short: We may use cookies and other tracking technologies to collect and store your
information. We may use cookies and similar tracking technologies (like web beacons and pixels) to
access or store information. For more information, please visit our
Cookie Policy.
7. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
In Short: We may transfer, store, and process your information in countries other than your
own.
Our servers are located in Switzerland, France and Spain. If you are accessing our Services from
outside Switzerland, France or Spain, please be aware that your information may be transferred to,
stored, and processed by us in our facilities and by those third parties with whom we may
share your personal information (see "WHEN AND WITH WHOM DO WE SHARE YOUR
PERSONAL INFORMATION?" above), in other countries.
If you are a resident in the European Economic Area (EEA) or United Kingdom (UK), these
countries should have data protection laws or other similar laws as comprehensive as
those in your country. In any case, we will take all necessary measures to protect your
personal information in accordance with this policy and applicable law.
European Commission's Standard Contractual Clauses:
We have implemented measures to protect your personal information, including by using
the European Commission's Standard Contractual Clauses for transfers of personal
information between our group companies and between us and our third-party providers.
These clauses require all recipients to protect all personal information that they process
originating from the EEA or UK in accordance with European data protection laws and
regulations. We have implemented similar appropriate safeguards with our third-party
service providers and partners and further details can be provided upon request.
Please be sure to review the following sections of this policy for additional details relevant
to WayfloW’s strategies with personal and sensitive data:
■ WHAT INFORMATION DO WE COLLECT? To learn more about the types of personal
data WayfloW collects.
■ HOW DO WE PROCESS YOUR INFORMATION? To learn more about the purposes for
which WayfloW collects and uses personal information about you.
■ WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION? To learn
more about the type or identity of third parties to which WayfloW discloses personal
information, and the purposes for which we do so.
■ WHAT ARE YOUR PRIVACY RIGHTS? To learn more about the right of individuals to
access their personal data.
8. HOW LONG DO WE KEEP YOUR INFORMATION?
In Short: We keep your information for as long as necessary to fulfill the purposes outlined
in our contractual obligation and this policy, unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes
set out in this policy and our contractual obligations, unless a longer retention period is
required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information,
we will either delete or anonymize such information, or, if this is not possible (for example,
because your personal information has been stored in backup archives), then we will
securely store your personal information and isolate it from any further processing until
deletion is possible.
9. HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We aim to protect your personal information through a system of organizational
and technical security measures.
We have implemented appropriate and reasonable technical and organizational security
measures designed to protect the security of any personal information we process.
However, despite our safeguards and efforts to secure your information, no electronic
transmission over the Internet or information storage technology can be guaranteed to be
100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other
unauthorized third parties will not be able to defeat our security and improperly collect,
access, steal, or modify your information. We will do our best to protect your personal
information, transmission of personal information to and from our Services. Yet note that
you should only access the Services within a secure environment.
10. DO WE COLLECT INFORMATION FROM MINORS?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to children under 18 years of age. By using
the Services, you represent that you are at least 18 or that you are the parent or guardian of
such a minor and consent to such minor dependent’s use of the Services. If we learn that
personal information from users less than 18 years of age has been collected, we will
deactivate the account and take reasonable measures to promptly delete such data from
our records. If you become aware of any data we may have collected from children under
age 18, please contact us at contact@wayflow-cycling.com.
11. WHAT ARE YOUR PRIVACY RIGHTS?
In Short: In some regions, such as the European Economic Area (EEA), United Kingdom
(UK), and Canada, you have rights that allow you greater access to and control over your
personal information. You may review, change, or terminate your account at any time.
In some regions (like the EEA, UK, and Canada), you have certain rights under applicable
data protection laws. These may include the right (i) to request access and obtain a copy of
your personal information, (ii) to request rectification or erasure; (iii) to restrict the
processing of your personal information; and (iv) if applicable, to data portability. In certain
circumstances, you may also have the right to object to the processing of your personal
information. You can make such a request by contacting us by using the contact details
provided in the section “HOW CAN YOU CONTACT US ABOUT THIS POLICY?” below.
We will consider and act upon any request in accordance with applicable data protection
laws.
If you are located in the EEA or UK and you believe we are unlawfully processing your
personal information, you also have the right to complain to your local data protection
supervisory authority. You can find their contact details here:
https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you are located in Switzerland, the contact details for the data protection authorities are
available here:
https://www.edoeb.admin.ch/edoeb/en/home.html.
Withdrawing your consent: If we are relying on your consent to process your personal
information, which may be express and/or implied consent depending on the applicable
law, you have the right to withdraw your consent at any time. You can withdraw your
consent at any time by contacting us by using the contact details provided in the section
"HOW CAN YOU CONTACT US ABOUT THIS POLICY?" below or updating your preferences.
However, please note that this will not affect the lawfulness of the processing before its
withdrawal, nor when applicable law allows, will it affect the processing of your personal
information conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications: You can unsubscribe from our
marketing and promotional communications at any time by contacting us using the details
provided in the section "HOW CAN YOU CONTACT US ABOUT THIS POLICY?" below. You
will then be removed from the marketing lists — however, we may still communicate with
you, for example to send you service-related messages that are necessary for the
administration and use of your account, to respond to service requests, or for other non-marketing purposes.
Account Information
If you would at any time like to review or change the information in your account or
terminate your account, you can:
■ Log in to your account settings and update your user account.
■ Contact us using the contact information provided.
Upon your request to terminate your account, we will deactivate or delete your account and
information from our active databases. However, we may retain some information in our
files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our
legal terms and/or comply with applicable legal requirements.
Cookies and similar technologies: Most Web browsers are set to accept cookies by default.
If you prefer, you can usually choose to set your browser to remove cookies and to reject
cookies. If you choose to remove cookies or reject cookies, this could affect certain
features or services of our Services. To opt out of interest-based advertising by advertisers
on our Services visit http://www.aboutads.info/choices/.
If you have questions or comments about your privacy rights, you may email us at
contact@wayflow-cycling.com.
12. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and mobile applications include a
Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference
not to have data about your online browsing activities monitored and collected. At this
stage no uniform technology standard for recognizing and implementing DNT signals has
been finalized. As such, we do not currently respond to DNT browser signals or any other
mechanism that automatically communicates your choice not to be tracked online. If a
standard for online tracking is adopted that we must follow in the future, we will inform you
about that practice in a revised version of this policy.
13. DO WE MAKE UPDATES TO THIS POLICY?
In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.
We may update this policy from time to time. The updated version will be indicated by an
updated "Revised" date and the updated version will be effective as soon as it is accessible.
If we make material changes to this policy, we may notify you either by prominently posting
a policy of such changes or by directly sending you a notification. We encourage you to
review this policy frequently to be informed of how we are protecting your information.
14. HOW CAN YOU CONTACT US ABOUT THIS POLICY?
If you have questions or comments about this policy, you may contact us at contact@wayflow-cycling.com:
If you have any further questions or comments, you may also contact us by post at the
following corporate address:
AldarTech Innovation GmbH
Gotthelfstrasse 37
Zurich, 8003
Switzerland
15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
Based on the applicable laws of your country, you may have the right to request access to
the personal information we collect from you, change that information, or delete it in some
circumstances. To request to review, update, or delete your personal information, please
request a DSAR (Data Subject Access Request).
