Last updated: June 18, 2026
Effective date: June 18, 2026
1. Who we are
CycLink is operated by Cosmin Mircea, a sole developer based in the United Kingdom. For any privacy question or to exercise your rights, contact [email protected].
We are the data controller for any personal data processed through the CycLink mobile app (the "Service") under the UK GDPR and the Data Protection Act 2018.
CycLink is intended for users in the United Kingdom. If you are in the EU or EEA and use the app, the EU GDPR applies on equivalent terms.
2. Our approach
CycLink is built to minimise data collection. We do not operate any server that receives your personal data. We have no user accounts, no analytics, no advertising, no tracking pixels, and no third-party SDKs that send your data to us. The only outbound network traffic the app generates is what is technically required to display maps, run searches, and show official parking photos, described in section 3.2.
3. What the app processes
3.1 On-device processing
The following is processed on your device. It is not transmitted to any server we operate.
- Precise location (GPS), session use. Used to find nearby bicycle parking when you search and to re-center the map. The app reads your location only while you are actively using it. It is not retained beyond the active session.
- Saved parked bike location. If you choose to save where you parked, the coordinates are stored locally in secure system storage (iOS Keychain on iPhone). This happens only when you actively save a location. You can delete it at any time using "Forget my bike". Uninstalling the app also removes it.
- Photo of your parked bike (optional). If you choose to add a photo of where you parked, it is taken with your camera and stored only on your device, in the app's private storage. Before it is saved, location, device and timestamp metadata (EXIF) are stripped from the image, so that information is never written to storage. The photo is never transmitted anywhere. It is securely deleted when you replace it, when you tap "I've picked up my bike", or when you uninstall the app.
- Recent searches. If you perform searches, your recent search terms are stored locally in the same secure system storage. Uninstalling the app removes them.
Lawful basis. Where this processing constitutes processing of personal data under UK GDPR, our lawful basis is Article 6(1)(b) (performance of the service you have requested) for the core search and parking-save features, and Article 6(1)(f) (legitimate interests in providing a usable, low-friction product) for the recent-searches convenience. You can stop both at any time by revoking location permission, deleting saved data in the app, or uninstalling.
3.2 Data sent to third parties when you use the app
Some features require contacting third parties. We do not see, log, or store any of this traffic. It is sent directly from your device to the provider concerned.
- Map tiles and base map. The map view is rendered using Apple MapKit. Displaying the map sends your approximate viewport (which can reveal your approximate location) to that provider. Their privacy policy applies to that processing.
- Bicycle parking search. When you search for parking, the query and a coarse location are sent to Apple POI search. Their privacy policy applies.
- Parking location photos. Some parking locations have an official photo provided by Transport for London (TfL). When such a location is shown, the app fetches that image directly from TfL's image server (cycleassetimages.data.tfl.gov.uk) over HTTPS. This request includes your device's IP address and reveals to TfL which parking location is being viewed. We do not see or log this. TfL's privacy policy applies to that processing. (This is separate from the photo you may take of your own bike, which never leaves your device, see section 3.1.)