Privacy Policy

For the "BikePass" website, online store, and web app — GDPR-compliant, hosted in the EU. As of January 2025.

1. Data Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

leap42 UG (limited liability)
Managing Director: J. Noll
Wacholderstraße 42
40489 Düsseldorf
Germany
Email: support@bikepass.eu

2. General Information on Data Processing

(1) We process personal data only to the extent necessary to provide our services, to fulfill a contract, or to comply with legal requirements, or where consent has been obtained.

(2) Personal data means any information relating to an identified or identifiable natural person.

(3) Processing is carried out in compliance with the GDPR, the BDSG, and other relevant data protection regulations.

3. Categories of personal data processed

In particular, we process the following categories of data:

(1) Order details (Shop)

  • Name, address, email address
  • Billing and payment information (via payment service providers)
  • Ordered Products, Order History

(2) Usage data (web app)

  • Registration information (email address, name if applicable)
  • Bicycle and Component Information
  • Pictures, documents, invoices
  • Ownership and serial number information
  • Optional: Information about the bicycle's location or last known location (e.g., for theft reports)
  • Log files (IP address, date and time of the request, browser type, operating system)

(3) Device and tracking data

  • Cookies and Similar Technologies
  • Analytics and statistical data (e.g., via Google Analytics)

4. Purposes of Data Processing and Legal Bases

We process personal data for the following purposes and on the legal grounds specified in each case:

(1) Performance of a contract and pre-contractual measures (Art. 6(1)(b) of the GDPR)

  • Processing orders in the online store
  • Setting up a user account for the web app
  • Using the features of the digital bicycle registry
  • Communication regarding support requests

(2) Compliance with legal obligations (Art. 6(1)(c) of the GDPR)

  • Tax-related record-keeping requirements
  • Commercial law documentation requirements

(3) Legitimate interest (Art. 6(1)(f) of the GDPR)

  • Ensuring IT security
  • Fraud and Abuse Detection
  • Improving our services
  • statistical analyses in pseudonymized form

(4) Consent (Art. 6(1)(a) of the GDPR)

  • Use of analytics and marketing cookies
  • Use of certain tracking tools (e.g., Google Analytics)
  • Sending newsletters or product information (via Brevo)

5. Disclosure of Personal Information

(1) As a general rule, we do not disclose personal data to third parties unless this is necessary to fulfill a contract, required by law, or covered by consent.

(2) Potential recipients include, in particular:

  • Payment service providers (e.g., PayPal, credit card companies)
  • Shipping provider (DHL) for the delivery of physical products
  • technical service providers (hosting, automation, email delivery)
  • in specific cases, government agencies when there is a legal obligation

(3) If you find a bicycle, you can use BikePass to contact the registered owner anonymously. We do not share the owner’s personal contact information with third parties; we simply forward the request through our system.

(4) We enter into data processing agreements (DPAs) with all service providers who process data on our behalf (data processors) in accordance with Article 28 of the GDPR.

6. Services and Tools Used

6.1 Google Analytics

(1) We use Google Analytics to measure website traffic and analyze user behavior, provided that you have consented to its use in the cookie banner.

(2) The provider is Google Ireland Limited.

(3) We use Google Analytics with IP anonymization enabled, so your IP address is truncated before being stored.

(4) The legal basis is your consent (Art. 6(1)(a) of the GDPR).

(5) You can withdraw your consent at any time via the cookie settings.

6.2 Brevo (Email Delivery)

(1) We use the Brevo service to send system, service, and, where applicable, marketing emails.

(2) Brevo processes data solely on our behalf.

(3) The legal basis is Article 6(1)(b) of the GDPR (performance of a contract) or Article 6(1)(a) of the GDPR (consent for marketing emails).

6.3 Make.com

(1) We use Make.com for the technical automation of processes (e.g., sending confirmation emails, synchronizing systems).

(2) Only the data necessary for the specific automation process is processed.

(3) The legal basis is Article 6(1)(b) and (f) of the GDPR.

6.4 Hosting via AWS Germany

(1) Our systems are hosted on servers located in Germany.

(2) The provider is Amazon Web Services (AWS).

(3) A data processing agreement has been entered into with AWS. Data processing is carried out in accordance with Article 28 of the GDPR.

(4) Data is transmitted exclusively in encrypted form (TLS/HTTPS).

7. Cookies

(1) We use cookies and similar technologies to provide and improve our website and web app.

(2) We distinguish between:

  • technically necessary cookies (e.g., session cookies, login cookies),
  • Statistics and analytics cookies (e.g., Google Analytics),
  • Marketing cookies.

(3) Technically necessary cookies are used on the basis of Article 6(1)(f) of the GDPR.

(4) Statistics and marketing cookies are only set with your consent (Art. 6(1)(a) of the GDPR).

(5) You can withdraw or modify your consent at any time using the cookie consent tool.

8. Retention period

(1) We retain personal data only for as long as is necessary for the respective purposes.

(2) The criteria for the retention period include, in particular:

  • statutory retention periods (e.g., 6–10 years for tax-related data),
  • Duration of use of a user account,
  • Necessary for the provision of our services.

(3) Once the purpose no longer applies or the statutory retention periods have expired, the data will be deleted or anonymized.

9. User Account and App Data

(1) A user account is required to use the BikePass.

(2) The data stored in the account (e.g., bicycle information, documents, images) will be retained for as long as the account remains active.

(3) Users can delete their own content.

(4) Upon deletion of the account, personal data will be deleted or anonymized, provided that no legal retention requirements prevent this.

10. Rights of Data Subjects

Under the GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) of the GDPR)

To exercise these rights, you can contact us at any time by email at support@bikepass.eu.

11. Right to object under Article 21 of the GDPR

(1) You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is based on Article 6(1)(e) or (f) of the GDPR.

(2) If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests.

12. Data Security

(1) We use technical and organizational security measures to protect your data against loss, tampering, and unauthorized access.

(2) These include, in particular:

  • TLS/SSL encryption during transmission,
  • Access restrictions,
  • regular backups,
  • Logging of accesses.

(3) We continuously improve our security measures in line with technological advancements.

13. Right to file a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data if you believe that such processing violates the GDPR.

14. Changes to this Privacy Policy

(1) We reserve the right to update this Privacy Policy if there are changes to the legal landscape, our services, or our data processing practices.

(2) The current version is available on our website.

My Cart
Your cart is empty.

It looks like you haven't chosen anything yet.

Do you have a discount code?
Subtotal0,00 
Shipping
Total0,00 
Your cart is empty. Shop now