Privacy Policy

Last updated: 2025-10-05 (UTC)

This Privacy Policy explains how Race Check‑In (the “Service”) collects, uses, shares, and protects personal information for racers, organizers, staff, and visitors. We power online registration, check‑in, document signing, selfie/ID capture, and QR verification for Events. Organizers configure which racer information is requested; we process that data on their behalf.

1. Roles and scope

We act as a processor for Organizer Event data, and as a controller for platform‑level accounts and the public website. This policy covers all personal data handled through the Service.

2. Information we collect

  • Account data: name, email, password (hashed), role, and organization linkage.
  • Racer profile: name, date of birth, gender, contact details, address, emergency contact, nationality, and optional fields defined by the Organizer.
  • Check‑in data: Event/format selections, dynamic field responses, timestamps, staff checklist, completion status.
  • Images: selfie and photo ID (when required). Images are resized and compressed before storage.
  • Documents & signatures: PDFs uploaded by Organizers and signed by racers; we store stamped copies and related metadata.
  • Registration records: online registration details and confirmation status. We do not store card/bank numbers on this platform.
  • Technical data: device/browser info, IP address, logs, and cookies for authentication and security.

3. How we use information

  • Provide and secure the Service (login, role‑based access, fraud prevention).
  • Operate registration, check‑in, signature capture, and QR verification.
  • Send confirmations, password resets, and critical Event notices.
  • Comply with legal obligations and enforce terms.
  • Improve reliability and usability (using aggregated/anonymous analytics where applicable).

4. Legal bases

We rely on performance of a contract, legitimate interests (security and support), consent where required (e.g., camera access, certain emails), and legal obligation, depending on jurisdiction.

5. Sharing and disclosure

  • Organizers and staff: Event data you provide is shared with the Organizer running that Event.
  • Service providers: hosting, email, storage, and logging vendors under data‑protection terms.
  • Legal and safety: where required by law or to protect rights and safety.

6. Data retention

We retain account and Event records only as long as necessary for the Service and legal/audit requirements. Organizers control retention of their Event‑specific racer data; we delete or archive upon request or when no longer needed. Images and stamped PDFs are retained with their check‑in/registration records.

7. Security

Protections include HTTPS, role‑based access, hashed passwords, input validation, and least‑privilege storage access. No online service is 100% secure—please safeguard your credentials and report suspected unauthorized use.

8. International transfers

Personal data may be processed where we or our providers operate. Where required, we use appropriate safeguards such as contractual clauses.

9. Your rights

Subject to law, you may request access, correction, deletion, restriction, or portability. For Event data, contact the Organizer first. You may withdraw consent where processing is based on consent.

10. Children

The Service is not directed to children under 13 (or local equivalent). If we learn of collection without appropriate consent, we will delete it.

11. Cookies

We use essential cookies for authentication, sessions, and security. Blocking essential cookies may prevent sign‑in.

12. Contact

For privacy inquiries or to exercise rights, contact your Event Organizer or reach platform support at support@racecheckin.com.

13. Changes

We may update this Policy and will post the latest version here with a new “Last updated” date.