Privacy Policy

Effective date: April 18, 2026 · Last updated: July 6, 2026

Scootie ("we", "us", or "our") operates the Scootie mobile application (the "App"), an electric scooter sharing service based in Nikiti, Sithonia, Greece. This Privacy Policy explains how we collect, use, and protect your personal information.

We process your data in accordance with the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and Greek implementing Law 4624/2019.

Data controller: Scootie, AFM 147540570, Ormylia 63088, Halkidiki, Greece. Privacy contact: info@scootie.boo.

1. Information We Collect

Account Information: When you register, we collect your email address and password (stored securely with bcrypt hashing).

Location Data: While using the App, we collect your device's GPS coordinates to show nearby scooters, track active rides, and ensure scooters are parked in designated zones. Location data is collected only while the App is in use.

Payment Information: Payments are processed securely through Stripe. We do not store your credit card numbers, bank details, or other financial data on our servers. Stripe's privacy policy applies to payment processing: stripe.com/privacy.

Ride Data: We record ride start/end times, duration, route coordinates, and parking photos to provide the service, calculate charges, and ensure proper scooter parking.

Age Verification Data: Where age verification is required (riders must be 17+ under Greek Law 4784/2020), verification is performed by our identity-verification provider (Didit). Your identity document is processed by the provider; we store only the verification result (verified / not verified) and your date of birth — never the document image.

Device Information: We may collect device type, operating system version, and push notification tokens to deliver notifications and improve the App.

2. How We Use Your Information & Lawful Basis (GDPR Art. 6)

Each processing purpose below is paired with the lawful basis we rely on:

3. Biometric Data

If you enable biometric sign-in (Face ID or fingerprint), authentication is handled entirely by your device's secure hardware. We do not collect, store, or transmit any biometric data. Only a success/failure result is returned to the App.

4. Data Sharing & International Transfers

We do not sell your personal data. We share data with the following sub-processors strictly to operate the service:

Scooter IoT telemetry (GPS position, battery, lock state) is processed on our own self-hosted infrastructure within the EU — no third-party telemetry processor is used.

Where data is transferred outside the EU/EEA, we rely on the EU-U.S. Data Privacy Framework where the recipient is certified, or on Standard Contractual Clauses (SCCs) approved by the European Commission. You may request a copy of the transfer safeguards by emailing info@scootie.boo.

5. Data Retention

Different categories of data are retained for different periods, as required by their purpose and by Greek law:

You may request earlier deletion of any category not required by law. Where retention is mandated (e.g. tax records), we retain the minimum necessary and remove direct identifiers where possible.

6. Data Security

We use industry-standard security measures including HTTPS encryption, JWT token authentication, secure password hashing, and server-side input validation to protect your data.

7. Your Rights (GDPR)

As a service operating in the EU, you have the right to:

To exercise any of these rights, contact us at info@scootie.boo. We respond within 30 days as required by Art. 12(3).

8. Minimum Age

You must be at least 17 years old to use this service; riders under 18 require the consent of a parent or legal guardian. This age threshold is above the minimum age for valid GDPR consent under Greek Law 4624/2019 (Article 21, set at 15), so no additional digital-consent step is required for data processing: the service is strictly 17+.

We do not knowingly collect personal data from anyone under 17. If you believe someone under 17 has registered for the service, please contact us at info@scootie.boo and we will delete the account and associated data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by email. Continued use of the App after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your personal data:

Email: info@scootie.boo
Data Controller: Scootie
AFM (VAT): 147540570
Address: Ormylia 63088, Halkidiki, Greece

You may also lodge a complaint directly with the Greek Data Protection Authority — Hellenic DPA, Kifissias Avenue 1-3, 11523 Athens, www.dpa.gr.