Ride of Your Life (ROYL) – Privacy Policy

Last updated: 07 December 2025

Ride of Your Life ("ROYL", “we”, “our”, “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store and protect your data in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It applies to all visitors, customers and users of our services.

1. Purpose

We collect personal information only when reasonably necessary for our business activities — including processing bookings, communicating with customers, managing accounts, improving our services, and complying with Australian law.

2. Information we collect

  • Identity & contact information — such as name, email address, phone number, age confirmation and billing/delivery details.
  • Booking information — details of hires, purchased accessories, payment confirmation and communication history.
  • Device and usage data — anonymised analytics such as browser type, session time and approximate location (where enabled).
  • Authentication information — login email, encrypted password (via Devise), and second-factor authentication tokens once implemented.
  • Payment information — processed securely through third-party payment gateways; we do not store full credit card numbers on our servers.

3. Sensitive information

We do not intentionally collect sensitive information (e.g. health data, sexual preferences, political or religious views). However, because our services involve adult-only equipment hire, we may collect age-verification data to confirm you are over 18. This data is handled in accordance with the APPs and is never shared externally.

4. How we collect information

  • Directly from you when you create an account, make a booking, or contact us.
  • Automatically via our website when you browse, using standard cookies and analytics tools.
  • From lawful third-party services where you grant permission (e.g. payment processors verifying a transaction).

5. How we use your information

  • To process and manage your bookings and purchases.
  • To communicate with you about orders, updates, and customer support.
  • To verify your identity and protect against unauthorised access.
  • To maintain our internal records, perform audits, and meet compliance obligations.
  • To improve our platform, services, and user experience through aggregated analytics.

We do not sell, rent, or share booking details or personal information with third parties, except where required by Australian law or necessary to deliver our service (e.g. payment processors or hosting providers bound by confidentiality).

6. Data storage & security

  • All data is stored securely in a PostgreSQL database hosted on the Heroku platform (United States-based data centre).
  • Heroku provides encryption at rest and in transit (TLS 1.2+), network isolation, and continuous monitoring.
  • Access to customer data is restricted to authorised staff via Devise authentication and a planned second-factor authentication system (such as one-time codes or hardware tokens).
  • Passwords are stored as salted and hashed values; we never store plain-text passwords.
  • We maintain regular backups and apply security updates promptly to protect against vulnerabilities.

7. Data hosting & international storage

Heroku’s infrastructure is provided by Salesforce and may use data centres outside Australia (including the United States). By using ROYL, you consent to the transfer and storage of your information in these secure, privacy-compliant environments. We ensure our providers maintain safeguards consistent with the Australian Privacy Principles.

8. Cookies & analytics

  • We use cookies to maintain login sessions, remember preferences, and measure site performance.
  • You can disable cookies in your browser settings, but some features (such as booking checkout) may not function properly without them.
  • Analytics data is aggregated and anonymised — we do not track or identify individual browsing behaviour.

9. Access, correction & deletion

  • You may access, update or correct your personal information at any time through your account dashboard or by contacting us directly.
  • Upon request, we can delete or anonymise your account data unless we are legally required to retain it (e.g. tax or transaction records).
  • We will respond to all privacy-related requests within a reasonable timeframe, usually within 30 days.

10. Data retention

We retain personal information only as long as necessary for legal, accounting, or operational reasons. Booking and payment records are kept for a minimum of seven (7) years as required by Australian tax law. Once data is no longer required, it is securely deleted or anonymised.

11. Disclosure to third parties

We do not share, sell or rent booking or personal data to third parties. We may disclose limited data only to:

  • Our secure service providers (e.g., Heroku hosting, payment gateways) strictly for the purpose of delivering our service.
  • Regulatory or law-enforcement authorities when legally required (e.g., under court order or Australian law).

12. Direct marketing

We may occasionally send you product or service updates if you have opted in. You can opt out of marketing emails at any time by clicking “Unsubscribe” or updating your account preferences.

13. Minors

Our services are strictly for individuals aged 18 years and older. We do not knowingly collect or store information from minors.

14. Data breach response

In the unlikely event of a data breach involving personal information, we will promptly assess the impact and, where required under the Notifiable Data Breaches Scheme, notify affected individuals and the Office of the Australian Information Commissioner (OAIC).

15. Your rights

Under the Australian Privacy Principles, you have the right to:

  • Request access to the personal information we hold about you.
  • Request correction of inaccurate, incomplete or outdated information.
  • Withdraw consent for marketing communications.
  • Lodge a complaint if you believe we have breached your privacy rights.

16. Complaints & contact details

If you have any questions or complaints about this policy or how we handle your data, please contact us:

  • Email: [email protected]
  • Mail: ROYL Privacy Officer, PO Box 123, Sydney NSW 2000, Australia

We will investigate your complaint and respond in writing. If you are not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC).

17. Policy updates

We may update this Privacy Policy to reflect changes in our technology, operations or legal obligations. The latest version will always be published on our website with the effective date shown above.

Connecting to chat…