Back

Privacy Policy

for the "PureRide" App

Last updated: June 2026

1. Data Controller

Leon Dorian Michl

Am alten Güterbahnhof 11

76646 Bruchsal

Germany

Phone:+49 162 5262809

E-Mail:info@ldm-software.de

2. Data Protection Officer

No data protection officer has been appointed, as there is currently no legal obligation to appoint one.

3. Principle: Local Storage (Privacy by Design)

Local ride data processing:

Ride and telemetry data collected during a ride (e.g. GPS positions, route, speed, altitude, lean angle, G-forces, acceleration and sensor data) is stored exclusively locally in a database on your smartphone during normal ride recording. It is not transmitted to servers operated by the developer. The legal basis is the performance of the user relationship and the provision of the App functions requested by you (Art. 6 (1) (b) GDPR).

No registration:

You do not need a user account with the developer to use the App. During normal ride recording, no ride data is transmitted to servers operated by the developer.

Technically required third-party services:

Certain functions may technically require communication with third-party providers, in particular cloud backup, map display, app store functions and voluntary support communication. These processing activities are described separately in the following sections.

4. Device Access and Local Storage

Where the App stores information on your device or accesses device functions, this is done to provide the App functions expressly requested by you. In particular, location and sensor data are required for ride recording. Functions that are not strictly necessary, in particular cloud backup and notifications, are only used after separate activation or permission.

5. Cloud Backup Features

The App allows you to optionally back up your ride data to your personal cloud in order to restore it on a new device. The exact process differs depending on your platform:

iOS - Automatic iCloud Status Check:

For iOS users, the App may automatically communicate with Apple's iCloud infrastructure when launched in order to display the date of your last backup. Your IP address may be transmitted to Apple's servers during this process. This background communication is a technical component of the iOS platform and cannot be disabled within the App. The legal basis is our legitimate interest in providing this status information (Art. 6 (1) (f) GDPR). Apple's privacy policy also applies.

iOS - Enable Backup (Optional):

Your ride data is only backed up to iCloud storage when you explicitly enable the backup feature within the App (consent pursuant to Art. 6 (1) (a) GDPR). Your ride data is transferred directly to your personal iCloud storage. You may withdraw your consent at any time with effect for the future by disabling the backup in the settings.

Android - Google Backup (Optional):

On Android, when you explicitly activate Google Backup via the corresponding button in the App, you will be redirected to Google Sign-In. For the backup, the App uses the Google Drive permission scope drive.appdata. This gives the App access to an app-specific, hidden storage area in your Google Drive. The App does not receive general access to your other Google Drive files. During sign-in, Google may process standard account or profile information required for authentication. According to the current technical implementation, the App does not permanently store this information. Your ride data is then uploaded to your private Google Drive app data area (consent pursuant to Art. 6 (1) (a) GDPR). You may withdraw your consent at any time with effect for the future by removing the App's access from your Google account. Google's privacy policy also applies.

Backup encryption:

Backup data is transmitted using transport encryption. The App currently does not apply additional end-to-end encryption to the backup files. Storage and security within iCloud or Google Drive are governed by the security and privacy terms of the respective cloud provider.

Even with the backup feature enabled, ride data is transferred directly between your device and your personal cloud provider. The developer never has access to your cloud backups.

6. Device Permissions

To function properly, the App requires access to specific device features, which you grant in your operating system:

  • Location Data (GPS):Required to record your route, speed and altitude, including in the background during an active recording (Art. 6 (1) (b) GDPR). Without this permission, ride recording cannot function or can only function with limitations.
  • Motion Sensors (Gyroscope / Accelerometer):Required to calculate lean angle, acceleration values and accurate altitude differences in real time (Art. 6 (1) (b) GDPR). Without these permissions, core telemetry functions are not available or are only available with limitations.
  • Notifications:Notifications are generated exclusively locally on your device, for example to display an active recording. No push services such as Firebase Cloud Messaging, Apple Push Notification Service or external notification servers are used for App notifications. This permission is optional and is only requested after your consent in the operating system (Art. 6 (1) (a) GDPR). You can withdraw it at any time in your device's system settings.

7. No Tracking, No Analytics SDKs

The App does not use analytics SDKs, user tracking or external crash reporting. No usage profiles are created and no usage data is transmitted to us or third parties for analytics purposes.

8. Log Files & Support

The App creates local log files on your device solely for troubleshooting purposes. These local log files contain technical error messages, function names and internal error descriptions. According to the current technical implementation, they do not contain GPS coordinates, ride data, sensor data, IP addresses, email addresses or device identifiers. They are never transmitted to us automatically. If you voluntarily send us log files or other information by email, we process this data solely for the purpose of handling your support request (Art. 6 (1) (b) GDPR) and delete it upon completion of the request, no later than 60 days afterwards.

9. In-App Purchase & App Stores

The App offers a paid Pro version available as a one-time purchase via the Apple App Store (iOS) or Google Play Store (Android). Verification and processing of in-app purchases are carried out exclusively through the store functions provided by Apple or Google. No server-side purchase verification or separate storage of purchase data by us takes place. We do not receive any payment data such as credit card numbers or account details. In addition, Apple or Google collect their own data during download and purchase of the App (e.g. Apple ID, Google account, purchase history). Apple's or Google's privacy policies apply to these processing activities.

10. Map Display (Map Tiles)

We use the open-source library MapLibre GL to visually display your recorded routes.

The map graphics (tiles) are provided via a Cloudflare Worker. The underlying map data is stored in cloud storage provided by Backblaze (server location: EU Central / Amsterdam).

When opening the map view, a connection to Cloudflare is established. Cloudflare processes technically necessary access data, in particular your IP address, the time of the request, requested map files and technical connection data. The Cloudflare Worker retrieves the required map data from Backblaze storage. According to our technical implementation, your IP address is not actively forwarded to Backblaze.

We do not use any tracking measures of our own and do not use map requests to create user profiles. The legal basis is performance of a contract (Art. 6 (1) (b) GDPR), insofar as the map display is part of the App function, and our legitimate interest in performant and secure map delivery (Art. 6 (1) (f) GDPR).

Data transfers to the United States: Cloudflare and Backblaze are US companies. Where personal data is transferred to the United States, we rely on appropriate safeguards, in particular the European Commission's adequacy decision for the EU-US Data Privacy Framework where the respective provider is certified accordingly, as well as supplementary contractual data protection arrangements.

11. Export Functions

You can export your rides locally as a JSON file containing the recorded sensor data, as a GPX file containing the route, and as a PNG overview containing the route and selected metrics.

These exports are stored exclusively locally on your device or processed further through system functions chosen by you. There is no automatic upload to us or to a third-party platform.

If you share, store or send exported files yourself via other apps, the privacy policies of the respective service apply. Depending on your device settings, locally stored files may also be synchronized by the operating system or by cloud synchronization services activated by you, such as iCloud Drive, iCloud Photos or Google Drive. We have no influence over this.

12. Recipients and Third-Party Providers

Personal data is only transmitted to third parties where this is necessary for the respective function or where you initiate it yourself.

  • Apple Inc. or Apple services: App Store, in-app purchases and optional iCloud backup on iOS.
  • Google LLC or Google services: Google Play Store, in-app purchases, Google Sign-In and optional Google Drive backup on Android.
  • Cloudflare and Backblaze: technical provision of map graphics.
  • Email providers: handling voluntary support requests by email.
  • The developer does not operate any own servers for storing your ride data.

13. Storage Period and Deletion

Local ride data:

Locally stored rides remain stored on your device until you delete them in the App or remove the App together with its local data.

Cloud backups:

Cloud backups remain stored in your personal iCloud or Google Drive storage until you delete them there or disable the backup function or withdraw access. Deleting the App removes local App data but does not necessarily delete existing cloud backups.

Support data:

We delete data from support requests after the request has been completed, no later than 60 days afterwards.

Map requests:

Technical access data relating to map requests is processed by the third-party providers used in accordance with their respective privacy and retention rules.

14. Your Rights

Since your ride data is generally stored locally on your device or optionally in your personal cloud, you have extensive control over this data:

  • You can delete your rides at any time within the App.
  • Deleting the App removes local App data. Existing cloud backups are not necessarily deleted automatically.
  • You can deactivate optional permissions and backup functions at any time in the system settings or with your cloud provider.

Under the GDPR, you have the following rights regarding personal data we may process (e.g. in support requests):

  • Right to access (Art. 15 GDPR)
  • Right to rectification or erasure (Art. 16 and 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR), in particular for processing based on legitimate interests (Art. 6 (1) (f) GDPR)
  • Right to withdraw consent at any time with effect for the future (Art. 7 (3) GDPR), e.g. by disabling cloud backup or notifications
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Competent Supervisory Authority:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW)

https://www.baden-wuerttemberg.datenschutz.de