Account Creation & Authentication

• OAuth Authentication: RYDZ exclusively uses Google Sign-In (OAuth 2.0) for account creation and authentication
• No Password Storage: We never store or handle user passwords directly - all authentication is managed through Google's secure systems
• 2-Step Verification: Inherits Google account security settings without additional requirements from our side

Data Collection & Usage

• Essential Data: We collect only necessary information provided through Google OAuth (name, email, profile picture)
• Service Data: Ride history, payment information, and device characteristics are stored to enable core functionality
• Location Data: Collected only during active ride sessions with explicit user consent

Account Deletion Process

• Immediate Initiation: Users can delete accounts through app Settings > Account Management
• Data Retention: Financial records maintained for 7 years per tax regulations, other data purged within 30 days
• Third-Party Data: Google account remains unaffected - deletion must be managed through Google's services

Security Measures

• Encryption: All data transmissions protected with TLS 1.3+ encryption
• Access Controls: Role-based access system with biometric authentication for staff
• Regular Audits: Third-party security assessments conducted quarterly

User Rights & Controls

• Data Access: Export full account data through Profile > Data Export
• Cookie Management: Adjust tracking preferences in Settings > Privacy
• Age Restrictions: Service unavailable to users under 13 without verified parental consent

Contact & Support

For data-related inquiries or deletion requests:

• Email: support@rydzmw.com
• Postal: Data Protection Officer, Pamodzi Park, 2nd Floor, Office 20, Malawi

Note: This summary supplements our full Privacy Policy and does not replace it.