Privacy Policy
Last Updated: April 22, 2025
1. Introduction
At racedatabase.com ("we", "us", "our"), we are committed to safeguarding your privacy and protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, how we use it, how long we keep it, your rights, and how we keep it secure. We comply with applicable laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Children's Online Privacy Protection Act (COPPA).
2. Information We Collect
We collect the following types of information:
- Personal Data: Name, email address, phone number, and billing details when you register, subscribe, participate in events, or contact us.
- Usage Data: IP address, browser type, operating system, pages visited, timestamps, and device identifiers to optimize site performance and enhance user experience.
- Cookies & Tracking Technologies: We use cookies and similar technologies, including:
- Essential cookies for login, security, and preferences.
- Analytics cookies to track site usage and improve features.
- Marketing cookies for personalized ads and retargeting.
You can manage cookies via our cookie consent tool or your browser settings (see §8).
3. Legal Basis for Processing
We process your Personal Data based on the following legal grounds:
- Consent: When you opt-in, e.g., for newsletters or marketing communications.
- Contractual Necessity: To provide services you request, such as account creation, event registration, or payment processing.
- Legal Obligation: To comply with applicable laws, regulations, or legal requests.
- Legitimate Interests: To improve our services, secure our systems, prevent fraud, and send important service-related updates.
4. How We Use Your Information
We use your data to:
- Provide, personalize, and improve our website, services, and event-related features.
- Process registrations, payments, race results, and customer support requests.
- Send service announcements and, with your consent, newsletters or promotional offers.
- Analyze usage trends, troubleshoot technical issues, and enhance site security.
- Protect against fraud and enforce our Terms of Service.
5. Sharing & Disclosure
We prioritize your privacy and handle your data responsibly:
- No Sale: We do not sell your Personal Data.
- Service Providers & Affiliates: We share data with trusted vendors (e.g., hosting providers, payment processors, analytics tools, email services) and affiliates, all bound by strict confidentiality agreements.
- Business Transfers: In the event of a merger, acquisition, or sale, your data may be transferred to the new owner, with continued protection.
- Legal Requirements: We may disclose data if required by law, to comply with legal processes, or to protect our rights, safety, or property.
6. Data Retention
We retain Personal Data only as long as necessary for the purposes outlined in this policy:
- Account-related data is kept for up to 90 days after account closure or inactivity.
- Event registration and results data may be retained longer for historical records or user access, unless you request deletion.
- Certain records (e.g., tax or legal documentation) are kept as required by law, typically up to 7 years.
You may request deletion of your data at any time (see §11).
7. Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your experience. Below is a summary:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Enable login, site security, and user preferences | Session or up to 30 days |
| Analytics | Measure traffic, track feature usage, and improve site performance | 1-2 years |
| Marketing | Deliver personalized ads and retargeting campaigns | 1-2 years |
Management: Use our cookie consent tool at cookie-settings.racedatabase.com or adjust your browser settings to manage or decline cookies.
Do Not Track: We respect "Do Not Track" browser signals and disable non-essential tracking when enabled.
8. Data Security
We implement industry-leading security measures to protect your Personal Data, including:
- Encryption: TLS/SSL encryption for data in transit and AES-256 encryption for data at rest.
- Access Controls: Role-based access and multi-factor authentication for our systems.
- Audits: Regular security audits and penetration testing.
- Anonymization: Where possible, we anonymize data to reduce risks.
No system is 100% secure, but we strive to maintain the highest standards.
9. Data Breach Notification
In the unlikely event of a data breach affecting your Personal Data, we will:
- Notify you and relevant authorities within 72 hours, as required by GDPR and other applicable laws.
- Provide details on the breach, its impact, and steps to protect yourself.
10. International Data Transfers
Your data may be stored or processed outside your country, such as in the U.S. or EEA. We ensure compliance with data protection laws by:
- Using Standard Contractual Clauses (SCCs) approved by the European Commission.
- Adhering to approved data transfer frameworks (e.g., EU-U.S. Data Privacy Framework).
- Implementing equivalent safeguards for data processed globally.
11. Your Privacy Rights
Depending on your jurisdiction, you have the following rights:
- Access: Request a copy of your Personal Data.
- Rectification: Correct inaccurate or incomplete data.
- Erasure: Delete your data ("right to be forgotten").
- Portability: Receive your data in a structured, machine-readable format.
- Restriction/Object: Limit or object to certain processing, e.g., marketing communications.
- Withdraw Consent: Revoke consent at any time via account settings or unsubscribe links.
To exercise your rights:
- Log in to your account at racedatabase.com/settings.
- Email us at team@racedatabase.com.
We respond to requests within 30 days, or sooner if required by law.
If you're a California resident, you have additional CCPA rights, including opting out of data sharing. Contact us for details.
12. Children's Privacy
We do not knowingly collect Personal Data from children under 13, in compliance with COPPA.
If you're a parent or guardian and believe your child has provided us with data:
- Contact us at team@racedatabase.com to request deletion.
- We will promptly remove the data and terminate any associated account.
13. Regulatory & Supervisory Authorities
If you believe your privacy rights have been violated, you may lodge a complaint with your local data protection authority, such as:
- UK: Information Commissioner's Office (ICO) at ico.org.uk.
- Ireland: Data Protection Commission at dataprotection.ie.
- U.S.: Your state's Attorney General or the Federal Trade Commission (FTC).
14. Policy Updates
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted here with a new "Last Updated" date. For significant changes, we will notify you:
- Via email at least 14 days before the changes take effect.
- Through a prominent banner on our website.
15. Contact Information
For questions, data access requests, or complaints, please contact us:
- Email: team@racedatabase.com
Response Time: We aim to respond within 48 hours for inquiries and 30 days for formal requests.
Thank you for trusting racedatabase.com with your data. We are dedicated to protecting your privacy and providing a secure, transparent experience.