Cardo Privacy Policy

Last Updated: December 29, 2025

Introduction

Cardo Systems Ltd. and its group members and affiliates including Cardo Systems, Inc., Cardo International GmbH and Riser GmbH (together or separately hereto referred to as “Cardo”) consider your privacy as very important, and we take seriously our responsibility to take all commercially reasonable steps to maintain security and protect your privacy. This privacy policy describes the conditions under which Cardo uses personal information (as defined below) it collects, receives and stores about individuals in connection with the use of (i) this website (together with its portal, pages, sub-domains, content and Services: the “Website”); (ii) the Cardo Connect Mobile Application, the Cardo Update Desktop Application and the Riser Application (each of the Cardo Mobile Applications (collectively the “App”) (iii) any services we provide (e.g., support services, software updates service, etc. each together or separately the: “Services”); and (iv) products we sell or provide (“Products”). There may be additional privacy-related information relating to particular web pages that you enter. This Privacy Policy does not apply to third-party websites that may be linked or that you can access. These will have their own privacy policies.

Cardo strongly recommends that you read the Privacy Policy carefully. You are not legally obligated to provide us your information, and you hereby confirm that you do so at your own free will. By accessing or using our Website, App, Services and Products, you acknowledge the policies outlined in this Privacy Policy.

Updates to this Privacy Policy

We may review this Privacy Policy from time to time. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. If you do not agree with our changes, please discontinue accessing or otherwise using the Website, the App and any materials obtained from these sources, including the applicable Services.  Your continued use of the Website and/or App indicates your acknowledgement of any changes made to the Privacy Policy at the time of each such use.

Accurate Information

When you complete forms online or otherwise provide us with information in connection with your use of the Website, you agree to provide accurate, complete and true information. You agree not to use false or misleading name or a name that you are not authorized to use. If, in our sold discretion, we believe that any such information is untrue, inaccurate, or incomplete, or you have opted to use our Website for an ulterior purpose, we may refuse you access to our Website, App, or any applicable Services, and pursue any appropriate legal remedies.

Legal Grounds for Processing Your Personal Information

We process your personal information under the following legal basis:

• Performance of Contract. We need it to provide you with the products and services you request from us, to operate the services, provide customer support and personalized features and to protect the safety and security of the services;
• Legitimate Interests. It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the services and to protect our legal rights and interests;
• Consent. When you give us consent to do so for a specific purpose; or
• Compliance with a Legal Obligation. We need to process your data to comply with a legal obligation.

Personal Information We Collect

You may provide us with information that personally identifies you, such as your full name, address, email, phone number and other information that may be used to reasonably identify you (“personal information”). Please note you may not be able to access or use certain features of our Products and Services if you choose not to create an account or provide us with your personal information. You may provide your personal information to Cardo to register and access Cardo Community, to create an account to access the App, Services and the ‘Community’ page of our Website, or to contact us.

You must provide personal information to register and access the Cardo Community. We ask that you also provide a screen name or handle that may be viewed publicly. This is the best way to anonymize yourself to other users. You can choose if you want to display or hide your full profile to friends or the public or not at all. You will enter information to assist you in pairing swiftly by computer. If you choose to do so, you may enter information about persons you ride with for ease of pairing. The information you post publicly is accessible to Cardo.

Payment Information

You may provide your credit card number and billing information when you make a purchase on our Website and on our App. When you place an order on our Website we will share your payment information with payment processors such as Shop Pay, Paypal, Google Pay, Apple Pay and Venmo. These payment processors will use and process your payment information according to their own privacy policies.

Transactions made through the App are paid and processed through the Google Store or through the Apple App Store. If you purchase a subscription, the payment processing party (Google or Apple) will collect the payment information from you. Please note, Cardo has no access to your payment information when you make a purchase through an app store. Please review Google and Apple’s respective terms and privacy policies for more information.

App Data

You may register your account when you download the Connect Mobile Application. Registration is not mandatory. You may register by providing your name, email address, date of birth and country. You may also register via your Google or Apple account. You may delete your account at any time. The Connect Mobile Application connects to our Products (your Cardo device) through Bluetooth, and will recognize the device details (serial number, FW version, model etc.) with no further details on your identity (other than those submitted by you upon the registration to the application. The Cardo Mobile Application is downloaded to your computer and when you connect the device to your computer, Cardo may access your unique user ID, device details such as type, model, serial numbers, as well as information you may provide when registering your device and yourself as the owner (e.g. your personal roadbook if you record your trip).

The Cardo Update Desktop Application requires you to register, in order to download updated firmware versions for your device. Registration includes providing us with your following details: name, email address, country, and date of birth.

You may use the Riser App to record your GPS location, speed, accelerometer, gyroscope sensor data, and barometer (if the user’s phone has one). The Riser App uses amplitude for tracking user data. We use this data to improve the App, Website and our Services. Amplitude’s terms can be found here: https://amplitude.com/terms. The Riser App also uses Fabric, a tool provided by Google, to track and analyze user data. The Fabric Terms and Conditions are available at the following link: https://fabric.io/terms.

The Cardo Connect Mobile App has the ability to record group conversations. If users wish to record a call, other participants will be alerted of such recording in advance, to allow them to drop from the call if they do not want to be recorded. In addition, once the recording has started, a voice announcement will be presented notifying all participants in the call that ‘recording started’. Please note, Cardo disclaims any responsibility or liability for any user recordings. It is your responsibility to receive the consent of every individual who will be subject to a recording.

Information We Automatically Collect

Our servers may log and record information including IP address, browser type, date and time of your request, among other information. When you sign up to use the App, we may use a unique number or other code to identify you. We may use such information to analyze trends, diagnose problems with our servers, administer the Services and the Website, track users’ movement around the Services, identify you for the duration of a session and gather demographic information.

Cardo collects information regarding the usage of your device for statistical uses. We also collect serial number of devices to analyze certain behavior and use of the devices and the App. Please note this information is aggregated and anonymized before it is used by Cardo. We collect comments submitted on trips, sections, motorcycles, posts, likes and conversations on the Website and Apps.

When you login with your username and password to use the Cardo Community, Cardo will record thata you are present online. User information may be tracked to ensure you are authorized to access our Website and App or enable proper communication with Cardo and other member of the Cardo Community.

We may use analytical tracking technologies such as Google Analytics, Google Firebase and the Microsoft App Centre. These tools monitor activities on our Website and App on an anonymous basis and assist us with improving our Website, our App and our Services. Cardo does not use the information collected through the use of these tools in a manner that allows us to specifically identify you as an individual.

We use cookies (small, often encrypted, text files that are stored on your computer or mobile device) and similar technologies (“Cookies”) to provide you with certain functions on our Website and App and help collect data. We use Cookies to track how you use our Website and App by providing usage statistics. Cookies are also used to deliver our information (including updates) and allow account authentication to based on your browsing history and previous visits to the Website. Information supplied to us using Cookies helps us to provide a better online experience to our visitors and users and send marketing communications to them, as the case may be. We may combine the information we collect from Cookies with Personal Information that we have collected from you to learn more about how you use our Website to improve it.

We use session recording software to better understand our user’s needs and to optimize our Website and App. These services allow us to see how you navigate the Website, including how much time you spend on a specific page and which links you click. This information is only used to improve our Website and services and it is not shared with third parties for any other purpose.

We use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your device until you delete them). To make it easier for you to understand why we need them, the Cookies we use on our Website can be grouped into the following categories:

• Strictly Necessary: These Cookies are necessary for the Website to work properly. They include any essential authentication and authorization Cookies for our Website.
• Functional: These Cookies enable technical performance and allow us to remember the choices you make while browsing our Website, including any preferences you set. They also include sign-in and authentication Cookies and IDs that enable you to return without additional sign-in.
• Performance/Analytics: These Cookies allow us to collect certain information about how you navigate the Website and Services running on your device. They help us understand which areas you use and what we can do to improve them.
• Targeting: These Cookies are used to deliver relevant information related to our Website to an identified machine or other device (not a named or otherwise identifiable person) which has previously been used to visit our Website. Some of these types of Cookies on our Website are operated by third parties with our permission and are used to identify advertising sources that are effectively driving customers to our Website.

Cookies can be controlled, blocked or restricted through your web browser settings. Information on how to do this can be found within the Help section of your browser. All Cookies are browser specific. Therefore, if you use multiple browsers or devices to access websites, you will need to manage your Cookie preferences across these environments.

Find out how to manage Cookies on popular browsers: 

• Google Chrome, available at https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=en
• Microsoft Edge, available at https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy
• Mozilla Firefox, available at https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
• Microsoft Internet Explorer, available at https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
• Opera, available at https://www.opera.com/help/tutorials/security/privacy/
• Apple Safari, available at https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac

If you are using a mobile device to access the website, you will need to refer to your instruction manual or other help/settings resource to find out how you can control Cookies on your device. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.

How We Use Your Personal Information

We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:

• To provide, operate and improve our Website, App, and Services;
• To fulfill any requests and purchases you place using our Website, App and Services;
• To establish and maintain your account;
• To process your purchases;
• To communicate with you, including by sending you announcements and administrative messages;
• To personalize your experience;
• To operate and configure our Website and Apps;
• To respond to your requests and feedback;
• To provide you with marketing communications;
• To help us advertise our Website, Products and Services;
• To respond to law enforcement requests as required by applicable law, court order, or governmental regulations;
• To comply with legal obligations;
• With your consent.

We limit the information provided to service providers to that which is reasonably necessary to perform their functions, and we required them to agree to maintain the confidentiality of your information and to comply with applicable privacy legislation, including adequate level of protection of your information.

Shopify

Our Website is hosted on Shopify, which collects and processes your Personal Information to provide and improve the Website. Information you submit on the Website may be transmitted to and shared with Shopify. To learn more about how Shopify uses your personal information and any rights you may have, you can visit the Shopify Consumer Privacy Policy. Depending on where you live, you may exercise certain rights with respect to your personal information here Shopify Privacy Portal Link.

Marketing Messages

You may sign up to receive email marketing messages from Cardo. You may opt out any time by clicking the ‘unsubscribe’ button in the emails your receive. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any “Contact Us” request as well as administrative emails (for example, in connection with a details update request) that are necessary to facilitate your use of the Website or Services.

You may also choose to receive SMS/text messages from Cardo through your mobile device. You may unsubscribe at any time by replying STOP. By opting into our SMS messaging, you consent to receive mobile text alerts using automatic telephone dialing systems. Standard messaging and data may apply depending on your mobile carrier and plan. Consent to receive marketing text messages. After option out you will no longer receive SMS messages, unless you opt back in. You may receive additional messages after option out to confirm you have unsubscribed.

How We Share your Personal Information

We do not share your personal information with third parties without your consent, except as described in this Privacy Policy. Such service providers may include IT suppliers (e.g., ticketing systems suppliers), Website and/or App. servers or design suppliers, cloud vendors (e.g., CloudZone which is used as an inner-cloud environment for Cardo’s ERP and file servers), connecting tools or apps. and plugins (e.g., Crashlytics, OpenStreetMap, Mapbox, GetSentry) and the analytics provider mentioned above.

We may share your personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy. We may share your Personal Information with third party companies and individuals that provide services on our behalf or operate the website (such as professional advisors, customer support, hosting, analytics, email delivery, marketing, and database management services). These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this privacy policy and are prohibited from using or disclosing your information for any other purpose. We may also share your personal information for compliance purposes. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Links to Third Party Websites

Our Website and App may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites, mobile applications and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.

General Privacy Settings

Certain information can be viewed on your Apps and the Cardo Community. This information may include first and last name, profile picture (optional), cover image (optional), friends list and motorcycle (optional). You can control the information that you make public. For instance, although you enter your personal information when joining, for the purpose of posting or responding to information, you are free to use a handle that does not identify you to the public. Remember, any information (including personal information) that you disclose in public areas of our website, such as forums, message boards, and news groups becomes public information that others may collect, distribute and use. Please exercise caution.

The Riser App and web-based services allow you to select privacy setting when completing an activity / trip or creating a section, which will determine what information may only be seen by you, your friends, the entire Riser community or certain users groups (private, friends & public). You may set the privacy settings for activities/trips and related data, for created gateways and related data, for live tracking and for reWind (an interactive 3D map which allows you to relive a finished trip).

The Website and/or Apps use a plugin for the integration of the social network Facebook. Sharing of content from your Apps on Facebook takes place exclusively with your consent when you select the sharing function. Cardo will not share any information on social networks without the user’s explicit permission and is not responsible for such sharing of information by the user.

Children’s Privacy

Cardo is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children’s online activities. Cardo does not intentionally target its Website, Apps, Services or Products to children under the age of 16 years (“Minors”). Accordingly, we do not intend to collect personal information from anyone we know to be a Minor. Because our software does not automatically distinguish visitors who are Minors from other visitors, we require Minors to obtain the consent of a parent, guardian, teacher, or librarian to view the Website. If a parent or guardian becomes aware that his or her child has provided us with information, they should contact us. We will delete such information from our files as soon as reasonably practicable.

Security

We employ a number of administrative, technical, and physical safeguards designed to protect the personal information we collect. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website or Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website. Any transmission of personal information is at your own risk.

Data Retention

Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To decide how long to keep personal data, we consider things like:

• The amount, nature, and sensitivity of the data.
• The potential risk of harm from unauthorized use or disclosure of the data.
• The purposes for which we obtained the data.
• Whether we can achieve those purposes through other means.
• Applicable legal, accounting, or reporting requirements.

Profile

You choose your handle and what information you enter into the Website. Entering information that others can see makes it available to them. For instance, stating your name, address, telephone number, or names of friends and riding partners makes that visible to the public. Indicating your gender also makes that information accessible. If you do not wish to be identified by your name, use a handle. Advise your friends to be considerate of your needs when they make posts about you. Keep your information secure.

California’s Shine the Light Law

California Civil Code Section 1798.83 permits users of our website that are California residents to request certain information regarding our disclosure of the information you provide through the website to third parties for their direct marketing purposes. To make such a request, please contact us at the information provided below.

International Data Transfers

We, along with our affiliates, subsidiaries, and trusted third-party providers, may handle your personal information in countries outside of your own. The data privacy laws in these countries may differ from, and potentially offer less protection than, those in your home country. We implement appropriate safeguards to ensure your data is adequately protected and in accordance with applicable legal requirements when it is being transferred internationally.

Opting Out and Data Subject Rights

Certain privacy laws, provide data subjects with rights over their personal information. Depending on your jurisdiction, you may exercise certain privacy rights by following the instructions included in the sections below. Please note, this section does not apply to information that is not considered “personal information,” such as anonymized, deidentified, or aggregated information.

We will not deny goods, services, charge you different prices or rates for goods and services, or provide you with a different level or quality of goods or services if you exercise any of the rights described below.

Your Data Rights

You may have the following privacy related rights available to you if the law applicable to you provide for those:

Right to Know

The right to request what Personal Information we have collected, used, and the categories of third parties with whom we have shared your Personal Information during the past 12 months. The personal information we collect, and share is described above in the general Privacy Policy along with the length of time we retain such personal information. To access the specific personal information we have about you, submit a Request to Know via the link below. If you make a Request to Know more than twice in a 12-month period, we may require you to pay a small fee for this service.

Right To Access

The right to request a copy of the specific pieces of Personal Information we maintain about you.

Right to Correct

The right to correct Personal Information that has become outdated or is otherwise inaccurate.

Right to Data Portability

The right to request that we provide you or another entity with your Personal Information in a readily usable format, if it is technically feasible.

Right to Delete

You have the right to request that we delete any personal information about you that you have provided to us. We will permanently delete from our records any personal information that is not necessary for our business operations and direct our service providers to do the same. We consider information to be necessary for our business operations if it is used to:

• Complete an obligation to you that you have requested
• Detect and resolve issues related to security or functionality
• Comply with legal obligations
• Enable solely internal uses

Right to Opt Out

You have the right to opt out of the ‘sharing’ and ‘selling’ of your personal information, as those terms are defined in the California Consumer Privacy Act. We “share” certain personal information with third party ad networks for purposes of behavioral advertising, including: Commercial and Financial Information, Internet Activity, Online Identifiers, and Personal Identifiers. This allows us to show you ads that are more relevant to you. We use third party data analytics providers, and this may be considered a “sale” of information under the CCPA. You may opt-out of these data practices by clicking here.

Right to Limit

The right to limit how we use or disclose your personal information.

Submiting your Request and Verification Requirement

You may submit your request by emailing us at privacy@cardosystems.com or calling us at 1-800-488-0363.

To exercise your right to know, request, or delete, we may need to verify your identity to a degree of certainty based on the sensitivity of your request. As required by applicable law, we will seek to verify your identity and state of residence for each request (a “Verifiable Individual Request”). We will not fulfill your request unless you have provided sufficient information for us to reasonably verify your identity as the individual about whom we collected Personal Information. In some cases, we may have no reasonable method by which we can verify an individual 's identity. For example:

• If an individual submits a request but we have not collected any personal information about that individual, we cannot verify the request.
• If the only data we have collected about a individual is gathered through website cookies (i.e. the consumer visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.

Only you, or someone legally authorized to act on your behalf (an “Authorized Agent”), may make a request to know or delete related to your personal data. We require Authorized Agents to provide written authorization confirming they may submit a request on your behalf. You may only submit a request to know twice within a 12-month period. We endeavor to substantively respond to a Verifiable Individual Request within the timeframe required under the applicable law, unless we require an extension. If we reasonably require an extension, we will inform you of the reason and extension period.

Once we receive your request and confirm your identity, we will review your request. If necessary to verify your identity, we may ask you to provide additional information that will help us do so. We will only use that additional information in the verification process, and not for any other purpose. We may deny your request if retaining the information is proper and necessary or if an exception allowing us to retain the information applies.

Right to Appeal a Denial or to Complain

Certain US state laws provide residents the right to appeal decision where we decline to take action in response to a data request. In instances where such right applies to you, you may choose to appeal our decision within 90 days from the date of our decision. You may submit an appeal by emailing us at privacy@cardosystems.com with the subject line “Appeal Data Rights Decision”.

EEA residents have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. A list of data protection authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Summary of Data Disclosed to Third Parties

Below we have included a list of the categories of personal information we have collected and disclosed for a business purpose in the preceding twelve (12) months. These categories are defined under Cal. Civ. Code 1798.140(v)(1):

Category	Examples of Data	Recipient (by Category)	Who We Share This Data With For Targeted Ads
A:Personal Identifiers	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	Service Providers, Shipping Services, Payment Processors, Commerce Software Tools, Collaboration & Productivity Tools, and Business Operations Tool	Ad Networks
B:Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, telephone number, passport number, driver’s license or state identification card number.	Service Providers, Shipping Services, Payment Processors, Commerce Software Tools, Collaboration & Productivity Tools, and Business Operations Tool	Ad Networks
C: Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	Not shared or collected	N/A
D: Commercial Information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	Not shared or collected	N/A
E: Biometric Information	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	Not shared or collected	N/A
F: Internet or other similar network activity	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	Service Providers, Payment Processors, and Commerce Software Tools	Ad Networks and Data Analytics Providers
G: Geolocation Data	Physical location or movements.	Not shared or collected	N/A
H: Sensory Data	Audio, electronic, visual, thermal, olfactory, or similar information.	Not shared or collected	N/A
I: Professional or employment-related information	Current or past job history or performance evaluations.	Not shared or collected	N/A
J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial Information, or student disciplinary records.	Not shared or collected	N/A
K: Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	Service Providers	N/A
Sensitive Personal Information	Social Security Numbers	Not shared or collected	N/A

Commitment and Communication

We are committed to protecting your privacy. Protecting your privacy online is an evolving area, and we are constantly evolving our products, services, and practices, to meet these demands. If you have any comments or questions regarding our Privacy Policy or your personal information that we may be storing and using, please contact us at privacy@cardosystems.com

Cardo’s authorized representative for the EU is Cardo International GmbH.

Thank you for your time and cooperation.

Your Cardo Team