RACE Logo
Sign In

Privacy Policy

Last Updated: March 2026

1. Introduction & Overview

Welcome to RACE Endurance Platform (“RACE,” “we,” “us,” or “our”). We are committed to protecting the privacy and security of our users' personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and related services (collectively, the “Platform”).

RACE is an endurance sports platform that connects athletes with race organizers, facilitates event registrations, and provides tools for the endurance sports community. By using our Platform, you agree to the collection and use of information in accordance with this policy.

If you have any questions about this Privacy Policy, please contact us at privacy@race-endurance.com.

2. Information We Collect

We collect the following types of information to provide and improve our Platform:

Account Information

When you create an account, we collect your name, email address, password, and optional profile photo. You may also provide a phone number and mailing address.

Athletic Profile

To personalize your experience, you may provide details such as your date of birth, gender, athletic disciplines (running, cycling, swimming, triathlon, etc.), experience level, and race history.

Race Registration Data

When you register for events, we collect information required by the event organizer, which may include emergency contact details, medical conditions or allergies, T-shirt size, team or club affiliations, and any other information specified by the organizer.

Payment Information

Payments are processed securely through Stripe. We do not store your credit card numbers, CVV, or full payment card details on our servers. We only retain a Stripe customer ID and the last four digits of your card for reference purposes.

Device & Usage Data

We automatically collect information about your device and how you interact with our Platform, including browser type, operating system, IP address, pages visited, time spent on pages, and referring URLs.

Location Information

We collect location information only as provided in your profile (city, state, country). We do not collect real-time GPS data or track your physical location.

Communications

When you contact us for support, submit feedback, or communicate through the Platform, we retain those communications and any information you provide within them.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Platform Operation: To provide, maintain, and improve the RACE platform, including account management, authentication, and customer support.
  • Race Registrations: To process your event registrations, manage entries, and facilitate communication between you and event organizers.
  • Pre-fill Forms: To streamline your registration experience by pre-filling forms with your saved profile information.
  • Personalize Your Feed: To recommend events, content, and features tailored to your athletic interests, location, and past activity.
  • Communications: To send you important information about races you've registered for, including confirmations, updates, logistics, and post-race results.
  • Share with Organizers: To provide event organizers with registrant information solely for events you have registered for.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

4. Data Sharing & Third Parties

We share your information only in the following limited circumstances:

Payment Processing (Stripe)

We use Stripe for payment processing. Stripe is PCI DSS Level 1 certified. Your payment data is handled directly by Stripe and is subject to Stripe's Privacy Policy.

Infrastructure (Supabase)

Our backend infrastructure is powered by Supabase, which maintains SOC 2 Type II compliance. Data is stored securely with encryption at rest and in transit.

Email Service Providers

We use trusted email service providers to send transactional and marketing communications.

Event Organizers

When you register for an event, we share your name, email address, phone number, emergency contact information, and any medical conditions with the event organizer solely for that specific event.

Our Commitments:

  • We NEVER sell your personal data to anyone.
  • We NEVER share your data with advertisers or advertising networks.
  • We do not share private profiles with other athletes.

5. Data You Control

You have meaningful control over your personal data on RACE:

  • View & Edit Profile: You can view and update your personal information at any time through your account settings.
  • Public/Private Toggle: You can switch your profile between public and private at any time.
  • Delete Account: You may request deletion of your account at any time. All personal data will be permanently purged within 30 days.
  • Opt Out of Marketing: You can unsubscribe from marketing communications at any time.
  • Request Data Export: You may request a copy of your personal data in a portable format, in compliance with GDPR and CCPA requirements.
  • Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.

6. Sensitive Data

We take extra precautions with sensitive personal information:

  • Medical Information: Any medical conditions, allergies, or health-related information you provide is encrypted at rest and is only shared with event organizers for events you have registered for, strictly for safety purposes.
  • Emergency Contacts: Emergency contact details are stored securely and shared only with event organizers for the events in which you are participating.
  • Date of Birth: Your date of birth is used internally for age group classification and is never displayed publicly on your profile.
  • Mailing Address: Your address is never displayed publicly and is only used for shipping race kits or official correspondence when necessary.

7. Data Security

We implement robust technical and organizational measures to protect your data:

  • Encryption in Transit: All data transmitted between your browser and our servers is protected using HTTPS with TLS encryption.
  • Encryption at Rest: Personal data stored in our databases is encrypted using AES-256 encryption.
  • Row-Level Security (RLS): Our database implements row-level security policies to ensure users can only access their own data.
  • Payment Security: All payment processing is handled entirely by Stripe. We never store or process payment card data on our servers.
  • Regular Audits: We conduct regular security audits and vulnerability assessments of our platform.
  • Breach Notification: In the unlikely event of a data breach, we will notify affected users within 72 hours of discovery.
  • Limited Employee Access: Access to personal data is restricted to authorized personnel who require it for operational purposes.

8. Cookies & Tracking

We use a minimal set of cookies to operate our Platform:

Essential Cookies

These cookies are necessary for the Platform to function and cannot be disabled. They include authentication tokens and session identifiers.

Analytics Cookies

We use analytics cookies to understand how users interact with our Platform. You may opt out at any time.

What We Do Not Use:

  • We do NOT use advertising cookies.
  • We do NOT use tracking pixels or web beacons.
  • We do NOT participate in cross-site tracking or retargeting networks.

9. Children's Privacy

RACE is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.

Users between the ages of 13 and 17 may use RACE only with the consent and supervision of a parent or legal guardian.

10. International Data Transfers

Your data is stored on servers located in the United States. If you access RACE from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

For users in the European Union and United Kingdom, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection. You may request a copy by contacting us at privacy@race-endurance.com.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale: RACE does not sell personal information and has never sold personal information.
  • Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

12. GDPR Rights (EU/UK)

If you are located in the European Union or United Kingdom, you have the following rights under GDPR:

  • Right of Access: You have the right to obtain confirmation of whether we process your personal data and to receive a copy of that data.
  • Right to Rectification: You have the right to request correction of inaccurate personal data.
  • Right to Erasure: You have the right to request deletion of your personal data when it is no longer necessary.
  • Right to Restriction: You have the right to request that we restrict processing under certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to processing for direct marketing or where based on legitimate interests.

We will respond to all GDPR-related requests within 30 days. Contact us at privacy@race-endurance.com.

13. Data Retention

We retain your personal data in accordance with the following guidelines:

  • Active Accounts: Personal data is retained for as long as your account remains active.
  • Deleted Accounts: All personal data is permanently purged within 30 days of account deletion request.
  • Race Records: Race registration records and results may be retained for up to 7 years for historical and record-keeping purposes.
  • Payment Records: Payment transaction records are retained as required by applicable tax and financial regulations.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes:

  • We will notify you by email at least 30 days before the changes take effect.
  • We will update the “Last Updated” date at the top of this page.
  • We will provide a summary of the changes in our notification to you.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

Email: privacy@race-endurance.com

We aim to respond to all privacy-related inquiries within 30 days.

← Back to Home