Privacy Notice
Last Updated: 9 January 2026
Here at Bike the World we take privacy very seriously. Please read the text below to understand how our organization uses the personal data we collect.
1. Introduction
At Bike the World (“we,” “us,” or “our”), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our indoor cycling training services, including our mobile apps, desktop applications, and website (collectively, the “Services”).
Your training data is private by default. We do not sell your personal information to third parties.
2. Information We Collect
Account Information: Email address, password, username, profile information, and billing address (for tax calculation).
Fitness Data: Physical metrics (weight, height, age, gender), training activity data (heart rate, power output, speed, cadence, distance), workout history, and connected device information.
Device Information: Device type, operating system, Bluetooth/ANT+/DIRCON device data, and app usage data.
Technical Data: IP address, browser type, date/time stamps, and error logs.
3. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Providing your account and the Open Road service, processing payments, connecting to fitness equipment, calculating training metrics, customer support, service notifications | Performance of contract |
| Improving our services, fixing technical issues, analysing usage patterns | Legitimate interest |
| Sending marketing communications, displaying data on public leaderboards | Consent |
4. How We Use Your Information
- Deliver personalised training experiences and calculate training metrics
- Synchronise video playback with your cycling speed
- Connect to Bluetooth fitness devices and store your training history
- Maintain, improve, and troubleshoot our Services
- Send service updates and respond to support requests
- Prevent fraud and comply with legal obligations
5. Cookies
We use cookies to maintain your session and preferences, analyse how you use our Services, and improve performance. We use essential cookies (required for functionality), functional cookies (your preferences), and analytics cookies (Google Analytics). You can manage cookie preferences in your browser settings.
To opt out of Google Analytics, visit: tools.google.com/dlpage/gaoptout
6. Third-Party Service Providers
We work with trusted third-party service providers who may access your information only to perform specific tasks on our behalf:
- Payment processing
- Email delivery
- Video content delivery
- Cloud hosting and analytics
If you choose to share your activity data with third-party services, we will do so only with your explicit consent. You can stop sharing at any time through your account settings.
7. International Data Transfers
Your data is stored in the European Union. Some of our service providers are based in the United States. When we transfer personal data outside the EU, we ensure appropriate safeguards are in place, including European Commission Standard Contractual Clauses.
8. Data Retention
| Data Type | Retention Period |
|---|---|
| Account and training data | Duration of account + 30 days after deletion |
| Payment and billing records | 7 years (legal requirement) |
| Technical logs | 90 days |
| Customer support correspondence | 2 years after resolution |
9. Your Rights
Under the GDPR, you have the right to:
- Access your personal data and receive a copy
- Correct inaccurate or incomplete information
- Request deletion of your personal data
- Restrict or object to processing
- Receive your data in a portable format
- Withdraw consent at any time
- Lodge a complaint with your local data protection authority
To exercise these rights, contact us using the details below. We will respond within one month.
10. Data Security
We implement industry-standard security measures including encryption of data in transit (TLS 1.2+), secure password storage, regular security monitoring, and restricted access to personal data. However, no method of transmission or storage is 100% secure.
11. Children’s Privacy
Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and sending an email to your registered address. Your continued use of our Services after changes become effective constitutes acceptance of the updated policy.
13. Contact Us
If you have questions or wish to exercise your privacy rights, please contact us:
https://bikethe.world/contact-us/
Bike the World
Amerika Plads 3D, 2100 Copenhagen East, Denmark
CVR: DK38609130