RYDR

Legal

Privacy Policy

Last updated: 25 April 2026

RYDR Global (“RYDR”, “we”, “us”, “our”), a company incorporated under the laws of Barbados, is the data controller of personal data processed in connection with the RYDR app, RYDR Go, MeSIM and our websites (the “Services”). This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, how long we keep it and the rights you have under the Barbados Data Protection Act, 2019 and other applicable laws.

1. Personal Data We Collect

1.1 Information you give us

  • Account data: name, mobile number, email, password (hashed), profile photo, language and country.
  • Verification data: date of birth and government ID where required (e.g. age-restricted deliveries, driver onboarding, business accounts).
  • Payment data: payment method tokens, last 4 digits of cards, billing address. Full card numbers are processed by our PCI-DSS certified payment processor (PowerTranz) and are never stored on RYDR servers.
  • Trip & order data: pickup, drop-off, addresses, items ordered, special instructions, ratings and reviews, in-app messages.
  • Support data: messages, call recordings, attachments and ticket history when you contact us.

1.2 Information we collect automatically

  • Device & technical data: device model, OS, app version, IP address, language, mobile network, advertising identifiers, crash logs and diagnostics.
  • Location data: precise GPS location while the app is in use (and, with your permission, in the background) to match you with Drivers/Couriers, provide ETAs and improve safety.
  • Usage data: pages and features used, search terms, session duration, click events.
  • Cookies & similar technologies: see our Cookies section below.

1.3 Information from third parties

  • Identity, fraud and credit checks from verification providers (for drivers, merchants and high-risk transactions);
  • Map and routing data from mapping partners;
  • Payment authorisation results from payment processors;
  • Account data if you sign in via Google or Apple (name, email, photo).

2. How We Use Personal Data

We process personal data for the following purposes and on the lawful bases shown:

  • Provide the Services — match riders with Drivers, fulfil orders, process payments, send receipts, provide customer support (performance of contract).
  • Safety & fraud prevention — verify identity, detect and investigate fraud, abuse, unsafe behaviour, payment chargebacks; share data with law enforcement when required (legitimate interest, legal obligation).
  • Communicate — send service messages, receipts, security alerts, policy updates (performance of contract, legal obligation).
  • Improve the Services — analytics, A/B testing, debugging, research and product development (legitimate interest).
  • Marketing — send promotional offers and surveys; you can opt out at any time (consent or legitimate interest, depending on jurisdiction).
  • Comply with law — tax, accounting, anti-money-laundering and regulatory obligations (legal obligation).

3. Sharing of Personal Data

We share personal data only as needed and with appropriate safeguards:

  • Drivers, Couriers and Vendors — to fulfil your trip or order (e.g. first name, photo, pickup/drop-off, masked phone number).
  • Service providers — payment processors, cloud hosting, mapping, identity verification, SMS/email/push delivery, analytics, customer support tooling, all bound by confidentiality and data-protection obligations.
  • Trusted contacts & emergency services — when you trigger trip-sharing or SOS.
  • Legal & regulatory bodies — where required by law, to enforce our terms, protect rights and safety.
  • Business transfers — to acquirers, investors or successors in connection with a merger, acquisition or financing.

We do not sell your personal data.

4. International Transfers

RYDR is based in Barbados and uses service providers located in the Caribbean, the United States, the European Union and other jurisdictions. Where personal data is transferred outside Barbados, we put in place appropriate safeguards (such as contractual data-protection clauses) and require recipients to provide a level of protection comparable to that required by the Data Protection Act, 2019.

5. Retention

We retain personal data only for as long as needed to provide the Services and to meet our legal, accounting, tax, fraud-prevention and dispute-resolution obligations. As a guide:

  • Account data — for the life of the account plus 5 years after closure;
  • Trip and order records — 7 years for tax and accounting;
  • Support tickets and chats — 3 years;
  • Marketing preferences — until you withdraw consent;
  • Crash and analytics logs — typically up to 24 months.

Where longer retention is required by law (e.g. anti-money-laundering or court order), we keep the data only for that purpose.

6. Security

We use industry-standard technical and organisational measures including encryption in transit (TLS) and at rest, strict access controls, secure software development, monitoring, employee training, and a documented incident-response process. No system is perfectly secure; if you believe your account has been compromised, contact us immediately at security@rydrglobal.com.

7. Your Rights

Subject to applicable law, you have the right to: access your data, correct inaccurate data, request deletion, restrict or object to processing, withdraw consent, port your data and lodge a complaint with the Data Protection Commissioner of Barbados. To exercise any of these rights, email privacy@rydrglobal.com. We will respond within thirty (30) days. We may need to verify your identity before acting.

8. Children

The Services are not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, contact us and we will delete it.

9. Cookies & Similar Technologies

Our website and app use cookies, SDKs and similar technologies for essential functionality (login, security, fraud prevention), preferences, analytics and marketing. You can control non-essential cookies in your browser or device settings. Disabling certain cookies may impair functionality.

10. Marketing & Choices

You can opt out of marketing emails using the unsubscribe link in any email, manage push notifications in your device settings, and adjust location-sharing permissions at the device level. Service-related communications (such as receipts and safety alerts) cannot be opted out of while you have an active account.

11. Third-Party Services

The Services may contain links to or rely on third-party services (such as Apple Maps/Google Maps, App Store/Google Play, payment processors and telecommunications carriers). Those providers operate under their own privacy policies and we are not responsible for their practices.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be notified via the app, email or by posting on our website at least seven (7) days before they take effect. The “Last updated” date at the top of this page indicates when it was most recently revised.

13. Contact

RYDR Global — Data Controller
Bridgetown, Barbados
Privacy: privacy@rydrglobal.com
Security: security@rydrglobal.com
Legal: legal@rydrglobal.com

You also have the right to contact the Data Protection Commissioner of Barbados with any complaint regarding our processing of your personal data.

Questions about this document?

Contact RYDR Global atlegal@rydrglobal.com. For privacy or data requests, emailprivacy@rydrglobal.com.