BikeIt

GDPR Privacy Policy

Last updated: 17 May 2026

1. Data controller

  • Company: BIKE IT - single-member SARL with share capital of €2,500
  • Registered office: 2B Rue des Coutures, 77950 Moisenay
  • SIRET: 10476637300013 - Melun RCS
  • Contact email: contact.bikeit@gmail.com

2. Data collected

In the course of its activity, Bike It may collect the following personal data:

  • First and last name
  • Email address
  • Phone number
  • Booking information (date, time slot, package, options chosen)
  • Payment information (processed exclusively by Stripe - Bike It does not retain any banking data)

3. Purposes of processing

This data is collected and processed for the following purposes:

  • Management and confirmation of bookings
  • Communication with customers (confirmation email, reminder, pickup instructions)
  • Management of payments and invoicing
  • Handling of disputes and refund requests
  • Service improvement and analysis of the most used offers (aggregated data)

4. Legal basis

Data processing is based on the following legal grounds:

  • Performance of a contract: processing necessary for the performance of the booking.
  • Legal obligation: retention of invoicing data in accordance with accounting obligations.
  • Legitimate interest: service improvement and booking follow-up.

5. Retention period

Personal data is retained for a maximum period of 3 years from the last interaction with Bike It. Invoicing data is retained for 10 years in accordance with legal accounting obligations.

6. Data recipients

Personal data is never sold to third parties. It may be transmitted only to the following technical providers, strictly within the scope of their mission:

  • Stripe Inc. (online payment processing)
  • Vercel Inc. (website hosting)
  • Emailing provider for transactional emails

These providers are bound by contractual confidentiality obligations.

7. Transfers outside the EU

Some providers (Stripe, Vercel) may transfer data to countries outside the European Union. These transfers are governed by appropriate safeguards (European Commission standard contractual clauses or Data Privacy Framework certification).

8. User rights

In accordance with the General Data Protection Regulation (GDPR - EU Regulation 2016/679) and the French Data Protection Act, you have the following rights:

  • Right of access: obtain a copy of your personal data
  • Right of rectification: correct inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing

To exercise these rights, contact Bike It at: contact.bikeit@gmail.com. A response will be provided within a maximum of 30 days.

9. Complaint to the CNIL

If you consider that the processing of your data does not comply with the regulations, you have the right to lodge a complaint with the French Data Protection Authority (CNIL) - www.cnil.fr.

10. Security

Bike It implements all appropriate technical and organizational measures to protect your data against any unauthorized access, loss, destruction or disclosure. Payments are secured via Stripe, PCI-DSS certified.

11. Cookies

The Bike It site may use technical cookies necessary for the operation of the service (session, cart, security). No third-party advertising cookie is placed without your prior consent.

12. Updates

This privacy policy may be updated at any time. The date of the last update will be shown at the top of the document. Any substantial change will be communicated to users.