Privacy Policy

Effective Date: February 21, 2026

DIDI.BIKE ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our cycling telemetry sensors and related services.

1. Information We Collect

1.1 Sensor Data

When you use DIDI.BIKE Sensor, we collect the following types of technical data:

• Biomechanics Data: Torso angle, pelvic rocking, posture metrics, and pedaling dynamics
• Performance Metrics: Pedaling smoothness, torque effectiveness, left/right balance, and dead-spot duration
• Aerodynamics Data: Estimated drag coefficient (CdA), wind exposure analysis
• Surface Feedback: Vibration damping scores, surface roughness index, tire pressure recommendations
• Technical Parameters: Sensor orientation, acceleration data, GPS coordinates (when connected)

1.2 Account Information

If you create an account with DIDI.BIKE, we collect:

• Email address
• Name and contact information
• Device registration details
• Usage history and preferences

1.3 Automatically Collected Information

We automatically collect:

• Device information (sensor serial number, firmware version)
• Connection data (IP address, connection timestamps)
• Usage statistics (active riding time, data transmission frequency)

2. How We Use Your Information

2.1 Primary Purpose

We use collected information to:

• Provide real-time telemetry data to your cycling computer or mobile application
• Enable post-ride analysis and performance tracking
• Improve sensor accuracy through calibration algorithms
• Develop and enhance our biomechanics analysis algorithms
• Provide customer support and firmware updates

2.2 Data Processing

All sensor data processing occurs on-device or during secure transmission to your connected devices. We do not use your biometric data for:

• Advertising or marketing purposes
• Selling to third parties
• Behavioral profiling beyond cycling performance analysis

3. Data Storage and Security

3.1 Storage Practices

• Raw sensor data is stored locally on your device whenever possible
• Cloud-stored data is encrypted at rest using AES-256 encryption
• Data retention period: 12 months for standard accounts, 24 months for enterprise customers
• Account holders can request data deletion at any time

3.2 Security Measures

We implement industry-standard security measures:

• End-to-end encryption for BLE and ANT+ data transmission
• Secure HTTPS/TLS for all API communications
• Regular security audits and penetration testing
• ISO 27001 certified data management practices
• GDPR and CCPA compliant data handling procedures

4. Data Sharing and Disclosure

4.1 What We Do Not Share

We do not sell, rent, or lease your personal information to third parties for their marketing purposes.

4.2 Limited Sharing Circumstances

We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize data sharing to third-party platforms (Strava, TrainingPeaks, etc.)
• Service Providers: With trusted partners who assist in operating our services (cloud infrastructure, payment processing)
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Your Rights and Choices

5.1 Data Access

You have the right to:

• Access all data collected from your sensor via your account dashboard
• Export your data in standard formats (FIT, CSV, JSON)
• Request deletion of your account and all associated data
• Opt out of certain data collection features through sensor settings

5.2 Data Portability

We provide tools for data portability in compliance with GDPR Article 20. You may transfer your data to another service provider at any time.

5.3 Cookie and Tracking

Our website and documentation may use cookies for:

• Remembering your preferences and login status
• Analyzing website traffic and usage patterns
• Improving user experience

You can control cookie settings through your browser preferences. Our Cookie Policy provides detailed information.

6. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will take immediate steps to delete the information.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure adequate protection is in place for such transfers in accordance with applicable data protection laws.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Emailing registered users at least 30 days before changes take effect
• Posting a prominent notice on our website
• Updating the "Effective Date" at the top of this policy