// Legal

PRIVACY POLICY

Last updated: March 31, 2026

01

WHO WE ARE

Rmaps is a motorcycle navigation and riding companion app built and operated by Wildcat Devs, based in Bengaluru, India (12.9716° N · 77.5946° E). We built Rmaps for riders, by riders — and we take your privacy as seriously as we take safety on the road.

This policy explains what data we collect, why we collect it, and exactly what we do (and don't do) with it.

02

DATA WE COLLECT

We collect only what is necessary to make Rmaps work well:

  • Account information — name, email address, and password (stored hashed) when you create an account.
  • Location data — GPS coordinates while the app is in use, to power navigation, live tracking, and ride history. We do not collect location in the background unless you explicitly enable it for live sharing.
  • Ride data — routes, distance, duration, and waypoints you record or plan inside the app.
  • Device information — device model, OS version, and app version for debugging and compatibility purposes.
  • Waitlist / beta form — name, email, city, and riding experience submitted via our beta signup form.
  • Usage data — which features you use, crash reports, and performance metrics. No keystrokes or screen recordings.
03

HOW WE USE YOUR DATA

  • To provide and improve the Rmaps service — routing, safety alerts, garage management, and group ride features.
  • To send you important product updates, beta access confirmations, and service notifications. You can opt out of non-essential emails at any time.
  • To understand how riders use the product so we can prioritise what to build next.
  • To comply with applicable Indian law (IT Act 2000, DPDP Act 2023).

What we never do: We do not sell your data. We do not use your data to serve you third-party ads. We do not build ad profiles. Ever.

04

DATA SHARING

We share your data with a minimal set of trusted infrastructure providers necessary to operate the service:

  • Cloud infrastructure — servers and databases hosted on providers such as AWS or Supabase. Your data is stored in servers located in or near India where possible.
  • Analytics (privacy-first) — we use aggregated, anonymised analytics only. No third-party tracker cookies.
  • Legal requirements — if required to do so by law or court order.

No other third parties receive your personal data.

05

LOCATION DATA

Location is the core of what Rmaps does — but we treat it with care:

  • Location is collected only while the app is open and in active use (foreground), unless you opt in to live sharing for a specific ride.
  • Live location shared with contacts is end-to-end — it is not stored on our servers beyond the duration of the ride session.
  • Ride history is stored only on your account and is visible only to you, unless you choose to share it.
  • You can delete your entire ride history at any time from the app.
06

YOUR RIGHTS

Under the Digital Personal Data Protection Act 2023 (DPDP Act), you have the right to:

  • Access the personal data we hold about you.
  • Correct any inaccurate personal data.
  • Erase your account and all associated data by writing to us or using the in-app deletion option.
  • Withdraw consent for any processing where consent is the legal basis.
  • Nominate a person to exercise these rights on your behalf in case of death or incapacity.

To exercise any of these rights, email us at privacy@rmaps.app. We will respond within 30 days.

07

DATA RETENTION

We retain your personal data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except for records we are legally required to retain (e.g. billing history).

Anonymised, aggregated data (e.g. total ride counts) may be retained indefinitely as it cannot be used to identify you.

08

SECURITY

We use industry-standard measures to protect your data: TLS encryption in transit, AES-256 at rest, hashed passwords, and role-based access controls. Beta testers' data is held in isolated environments separate from production.

No system is 100% secure. If we ever discover a breach affecting your data, we will notify you within 72 hours in accordance with applicable law.

09

CHILDREN

Rmaps is not intended for users under the age of 18. We do not knowingly collect data from minors. If you believe a minor has submitted data to us, contact us at privacy@rmaps.app and we will delete it promptly.

10

CHANGES TO THIS POLICY

We may update this policy as the product evolves. If we make material changes, we will notify you via email or an in-app notice at least 7 days before they take effect. The 'Last updated' date at the top of this page always reflects the current version.

11

CONTACT

For any privacy-related questions or requests, contact us at:

email → privacy@rmaps.app
company → Wildcat Devs
location → Bengaluru, Karnataka, India
© 2026 Rmaps · Wildcat Devs
Terms of ServiceHome