Privacy policy
Updated on: 28 January 2026
We are committed to protecting your personal data.
MoFif whose address is located at in Paterna (Valencia), Calle Manya no. 24, in the Téctica Business Park, ("we", "our" or "us"), commits as the Data Controller to respecting privacy and the applicable data protection laws with respect to users ("you", "your" or "yours") of the service (the "Service", as more precisely defined in the "Definitions" section).
This privacy statement (the "Statement") describes our method of collecting and using personal data as part of your use of the Service, the website (the "Website"), and your exchanges with us and with the Operator.
The software on your device may access your information. Our products or services may contain links to other Websites of companies that have their own privacy policies. We therefore recommend that you read them carefully. This Statement applies only within the context of the Service and the Website.
You are not required to provide us with your personal data. However, if you choose not to provide it, we may not be able to provide you with our products or services or all of their features, or to answer your questions.
Summary
- Definitions:
- What information do we collect?
- Why do we process your personal data?
- Do we share your personal data?
- How do we address data quality?
- What measures are taken to protect your personal data?
- How do we use cookies?
- Which cookies do we use:
- How to manage cookie settings on your browser?
- What are your rights?
- How long do we keep your personal data?
- What access permissions are required by the Application?
- Modification of the Statement:
- Contact:
Definitions:
Application | The program downloadable for free and executable from the operating system (iOS or Android) of a smartphone or tablet. The Application allows any User of the Service to find a Bike nearby, unlock it, and follow a route suitable for cyclists, as well as to check the number of Km traveled, subscribe to the Service, contact Customer Service, and report an incident. |
Personal Data | Any information relating to an identified or identifiable natural person. This person can be identified directly (name and surname) or indirectly (postal address, telephone number, etc.), through a single piece of data or a combination of data. |
Data Controller | Legal or natural person, MoFif who determines the purpose and means of processing. |
Brand Name | Commercial operating brand of MoFif |
"We", "our" or "us" | The MoFif Data Controller designated in the heading of the Statement. |
Service | The free-floating electric-assist bicycle service offered by MoFif, as defined in the General Terms and Conditions of Use of the MugiBIKE Service to which said service is subject and forming an indivisible whole with the Statement. |
Subprocessor (option) | Natural or legal person who processes data on behalf of the Organization: Movus.
|
Processing | An operation or set of operations performed on personal data, regardless of the process used. Data processing must have a purpose, an objective for its realization.
|
What information do we collect?
We collect your personal data and other information when you fill out the various online questionnaires as part of your use of the Service and the Website, or when you answer questions that will be communicated to you by email, by phone, via the MugiBIKE Application or by any other means of communication, and when you take part in a campaign, survey, or interact with us. This includes the following cases:
- Our Applications may regularly contact our servers, for example, to check for updates, or to send us information about your use of our Services. Furthermore, we may invite you to voluntarily join service improvement or research programs, in which we collect detailed information such as your socio-professional category, gender, or your usage of our services.
- Information you have provided to us: when you create an account as part of your use of the Service, request our services, participate in campaigns or surveys, or if you interact with us, we may ask you for information such as your name, email address, phone number, postal address, username, password, comments, device-related information, age, gender, and language.
- We also retain your consents; your preferences and settings related to, for example, location data, marketing, and sharing of personal data.
- Your transactions with us: we keep a record of your purchases, downloads, the content you have provided to us, your requests, the agreements between us and you, the products and services we have offered you, payment and delivery details, as well as your interactions with us.
- Location and positioning data: location services establish the latter using satellite, mobile, Wi-Fi, or other network positioning methods. These technologies may involve sharing your location data and the mobile's unique identification number, your Wi-Fi, or other network identifiers with us. Our products can work with different platforms, applications, and services that may in turn collect your positioning data. We do not use this information to personally identify you without your consent.
- Your email address: we may process your email address if you have provided it to us via our Website. We also collect personal data through cookies and trackers on our Website and the Application.
Why do we process your personal data?
We may process your personal data to meet various needs:
- Provide the Service: we may use your personal data to provide the Service to you, maintain it, process your requests, and more generally to execute the contract between us and you, to ensure the functionality and security of our products and services, particularly the Service, to identify you for the purpose of providing the Service, as well as to prevent and investigate fraud and other malicious uses.
- Communicate with you: we may use your personal data to communicate with you, for example, to inform you that our services have changed or to send you alerts regarding our products and/or services, conduct a survey, and to contact you through our Customer Service.
- Marketing, advertising, and recommendations: we may contact you to inform you of new products or services, or promotions that may be offered to you, after obtaining your consent, or if permitted by law.
- Anonymized statistics: we may aggregate the GPS data of all users to provide statistical data on travel habits, which will be communicable to our partners. This aggregated data will be anonymized according to the conditions provided by the current personal data protection regulations.
We use your personal data with your consent or when necessary for the proper execution of the contractual relationship that binds us. We may also use your personal data when required by law or our legitimate interest, for example, to protect our customers, to maintain the security of our products and services, and to protect our rights and property.
Do we share your personal data?
We do not sell, rent, or disclose your personal data to third parties except in the cases mentioned below:
- Your consent and social media buttons: we may share your personal data if you have given your consent. Some of our products and services may allow you to share your personal data with social networks. We invite you to be vigilant and consult the personal data protection policies of these social networks to know precisely what information is collected by these sites and the purposes of using your data, particularly for advertising purposes.
- Authorized third parties: we may share your personal data with authorized third parties, processing personal data for MugiBIKE according to the points indicated in this Statement. This may include, for example, billing your network operator, or delivering personal batteries, by offering services such as Customer Service, consumer data management and analysis, surveys, commercial management, or other.
- We may conduct commercial campaigns and other communication methods in collaboration with our authorized third-party partners. To avoid duplicate and unnecessary communications, and to send you a message tailored to your needs, we may need to reconcile the data collected by MugiBIKE with those collected by the partner where permitted by law.
- These third parties authorized by MoFif are not authorized to use your personal data for any other purpose. We require them to act in accordance with this Statement and the current personal data protection regulations and to employ appropriate security measures to protect your personal data.
- International transfers of personal data: our products and services may be provided using resources and servers located in various countries worldwide. Your personal data may therefore be transferred outside the borders of the country where you use our services, including countries not within the European Community, and not having laws providing specific protection for personal data, or having different laws regarding data protection. In case of transfer to a country outside the European Economic Area, MoFif undertakes to inform users whose personal data is concerned beforehand and request their prior consent; to comply with the General Data Protection Regulation by using partners or sub-processors presenting adequate guarantees through an adequacy procedure, standard contractual clauses, or internal corporate rules.
- Mandatory disclosures: we may be required by law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement agencies in the countries where we, or third parties acting on our behalf, operate. We may also disclose and process your personal data in accordance with applicable law to defend our legitimate interests, for example, in the event of civil or criminal judicial proceedings.
- Merger and acquisitions: if we decide to sell, buy, merge, or reorganize our activities in certain countries, this may involve us having to disclose personal data to prospective or current buyers and their advisors, or to receive personal data from sellers and their advisors.
How do we address data quality?
We take all reasonable measures to ensure that the personal data we hold is up-to-date and to delete it if it proves to be erroneous or unnecessary. We will only retain your personal data as long as necessary to fulfill the objectives described in this Statement or otherwise communicated to you, unless a longer period is required by law.
We encourage you to access your account to review your personal data from time to time to help us keep it up-to-date.
What measures are taken to protect your personal data?
Confidentiality and security are crucial in the way we create and provide our products and services. We have assigned specific responsibilities to address security and privacy issues. We enforce our internal policies and guidelines through a selection of appropriate activities including proactive and reactive risk management, security and privacy engineering, training, and assessments. We take appropriate measures to address the risk of online security, physical security, data loss, and other risks, taking into account the risk represented by the processing and the nature of the data being protected.
We also limit access to our databases containing personal data to authorized personnel only who have a justified need to access this information.
How do we use cookies?
We may collect some of your information via cookies, web beacons, and other trackers to operate and improve our Website and our Application. A "cookie" is a small text file containing data that is stored on a device (computer, tablet, smartphone, etc.) when you browse a website. The different cookies we use:
- Strictly necessary cookies: these cookies allow you to navigate the Website and are essential for its proper functioning. Their deactivation will lead to difficulties in using the Site and will prevent access to certain features;
- Functionality cookies: these cookies collect information on how Users use the Website (the number of visits, the number of pages viewed, visitor activity). These cookies also allow us to identify and resolve operating problems of the Site and to improve it.
- Our Website may contain cookies from third parties (advertising agencies, analysis tool providers, etc.) allowing them to collect browsing information on your devices. Third-party cookies are subject to the privacy policies of said third parties. We hereby inform you of the purposes of these cookies and how you can manage them, to the extent that we are aware.
Which cookies do we use:
Name | Purpose | Lifespan | |
Session | Keep the user logged into their account to ensure their authenticated and secure navigation. | 7 days | |
Locale | Management of the visitor's preferred language. | 12 months | |
Stripe | Fraud prevention. | 12 months |
How to manage cookie settings on your browser?
If you do not want our Website to place cookies on your computer or mobile device, limit or easily delete them by setting your browser or your IOS or Android mobile device.
The different links allow you to adjust cookies depending on the browser used:
- Firefox: https://support.mozilla.org/fr/kb/desactiver-cookies-tiers
- Safari: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
- Google Chrome: https://support.google.com/chrome/answer/95647?hl=fr&co=GENIE.Platform=Desktop
- Microsoft: https://support.microsoft.com/fr-fr/windows/supprimer-et-g%C3%A9rer-les-cookies-168dab11-0753-043d-7c16-ede5947fc64d
For more information on deleting cookies, visit the following link: https://www.cnil.fr/fr/cookies-et-autres-traceurs/comment-se-proteger/maitriser-votre-navigateur.
Nevertheless, the deactivation of certain cookies may reduce or prevent accessibility to certain functions. We alert every new User with a banner specifying that cookies are used on our Website. It is possible to accept or refuse them at that moment. The cookie authorization banner will be displayed again at the next connection.
What are your rights?
You have the following rights regarding the personal data we use about you:
- Withdrawal of your consent (article 13-2c RGPD): you have the right to withdraw the authorization you have given us to use your personal data.
- Access (article 15 RGPD): you have the right to know the personal data we hold about you and to obtain a copy.
- Rectification (article 16 RGPD): you have the right to request that any incomplete, inaccurate, or outdated personal data about you be rectified.
- Erasure (article 17 RGPD): you have the right to request the erasure of your personal data when it is no longer necessary for the fulfillment of the purpose, if you have withdrawn your consent to the processing, or you have objected to it in accordance with the personal data protection regulations, if this processing is unlawful, or if a current legal obligation requires it.
- Restriction (article 18 RGPD): you have the right to request the restriction of the processing of personal data when you contest the accuracy of your personal data subject to processing, if the processing is unlawful and you object to the erasure of your personal data, if you deem it useful, or if you have objected to the processing, pending our verification of the legitimacy of our interests.
- Data portability (article 20 RGPD): subject to law, you have the right to obtain in a machine-readable format the personal data you have provided to us.
- Objection (article 21 RGPD): you have the right to object to the processing of personal data if it is based on the performance of a task carried out in the public interest or in the exercise of official authority, or on a legitimate interest pursued by us, for reasons relating to your particular situation. You can also object at any time to processing carried out for commercial prospecting purposes.
- Post-mortem directives (learn more): you also have the right to define instructions concerning the storage, erasure, and communication of your personal data after your death.
If you wish to exercise one of your rights, you can let us know by contacting us at the contact email address: mugibike@mugibike.eus. To ensure your request is managed as efficiently as possible, please remember:
- to indicate the processing(s) concerned by your request
- to indicate the right(s) you wish to exercise
- to provide us with any information allowing us to ensure that the author of the request is indeed the person concerned by the processing
If you are still not satisfied, you also have the right to lodge a complaint with a competent supervisory authority, namely, for France, the Commission Nationale de l’Informatique et des Libertés (CNIL).
How long do we keep your personal data?
Your data will be kept for a period that will not exceed what is necessary to fulfill the purposes set out in this Statement.
If your data is no longer necessary for the purposes set out in this Statement, it will be regularly deleted or anonymized unless it is necessary to keep it longer:
- to ensure compliance with legal, accounting, and tax retention obligations, i.e., 10 years;
- for the retention of evidence during the applicable limitation periods, i.e., 5 years;
- for commercial prospecting purposes, i.e., 3 years from the end of our contractual relationship with you or from our last contact with you.
Furthermore, if we find that your user account has not been used for more than 2 years, we will delete your personal data.
In addition, MoFif may retain certain personal data beyond the deadlines announced above in order to fulfill its legal or regulatory obligations.
What access permissions are required by the Application?
It is necessary that you grant the following authorizations to the Application to allow us to collect the data necessary for your registration and your use of the MugiBIKE Service.
- Camera: authorization required to scan the QR Code identifying the bike.
- Location: authorization required to locate you on the map (MapBox), show you the position of nearby bikes, and how to access them.
- Bluetooth: authorization required to establish and maintain the connection between the user's phone and the bike allowing the proper use of the MugiBIKE Service.
Modification of the Statement:
Our Privacy Policy is likely to evolve depending on how we process information about you. We reserve the right to modify this Policy at any time, with or without notice. However, we will ensure that you are informed of any changes by email/push message, and we will publish an update of the Policy on our Website.
This Policy, published on 23.12, was updated on 23.12.25
Contact:
If you have any questions or requests regarding this Statement or, more generally, how we process your data, you can contact us at the following email address: mugibike@mugibike.eus.
