Privacy Policy
Your privacy is important to us. At GrandPrixRun.com (“we,” “our,” or “us”), we are fully committed to respecting and protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and associated services. We adhere strictly to applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and are committed to maintaining transparency and accountability in all aspects of our data processing activities.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected via GrandPrixRun.com and any related services, platforms, or interactions with our team. For the purposes of data protection laws, GrandPrixRun.com is the “data controller” responsible for determining the means and purposes of processing your personal information.
2. Categories of Data Processed
We collect and process various categories of personal data, outlined as follows:
a. Usage Data: Information collected automatically as you interact with GrandPrixRun.com, including browser type and version, operating system, Internet Protocol (IP) address, device identifiers, referring URLs, session duration, and browsing behavior on the site.
b. Account Data: Data provided by you upon account registration or update, including your full name, residential or billing address, email address, telephone number, and login credentials.
c. Profile Data: Information related to your user profile, such as race or event preferences, purchase history, reviews and ratings, and behavioral insights based on site interactions.
d. Communication Data: Documentation of any correspondence exchanged with us, including support inquiries, feedback submissions, and customer service interactions.
e. Technical Data: Detailed device and system data, including hardware model, operating system version, browser settings, network carrier, and unique device identifiers.
f. Transaction Data: Payment and delivery details related to your purchases or event registrations, such as billing addresses, invoice records, and processed payment confirmations. We do not store full payment card details.
g. Preference Data: Marketing and communication preferences, language and localization settings, expressed interests in specific product types or events, and consent choices.
3. Legal Bases for Processing
We process your personal data only when we have a lawful basis to do so, including:
– Legitimate Interests: To operate and improve GrandPrixRun.com effectively and securely, including website optimization, fraud prevention, and analytics.
– Contractual Necessity: To fulfill our obligations arising from contracts with you, such as processing orders or handling bookings.
– Consent: When required by law, we rely on your express consent to offer personalized services, send marketing emails, or use cookies outside the essential category.
– Legal Obligation: To comply with legal requirements, such as financial reporting or responding to lawful regulatory requests.
4. Your Rights
As a user of GrandPrixRun.com, you have the following rights with respect to your personal data:
– Right of Access: Request a copy of your personal data being processed.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data, where permitted by law.
– Right to Restrict Processing: Request temporary suspension of data processing in specific scenarios.
– Right to Data Portability: Request a structured, commonly used, and machine-readable format of your data for transfer to another service provider.
Requests to exercise your rights can be submitted via [email protected].
5. Security Measures
We implement appropriate technical and organizational safeguards to secure your personal data. These include, but are not limited to:
– Data encryption during transmission and at rest
– Role-based access management and secure user authentication mechanisms
– Regular security audits and vulnerability assessments
– Employee data protection training and access control protocols
– Automated and manual backup systems with disaster recovery capabilities
6. International Data Transfers
Where user data is transferred outside the European Economic Area (EEA), such transfers are governed by appropriate legal safeguards, including Standard Contractual Clauses approved by the European Commission or ensured adequacy status of recipient jurisdictions. We ensure that all recipients maintain a consistent level of data protection in accordance with applicable laws.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Account data: Retained as long as your account remains active
– Transaction data: Retained for up to 7 years in accordance with accounting regulations
– Support and communication logs: Retained for up to 2 years after the last interaction
– Marketing preference data: Retained until you withdraw your consent or unsubscribe
– Usage and analytical data: Retained for up to 24 months, anonymized when feasible
Upon reaching retention limits, personal data is securely deleted or anonymized unless legal obligations require further retention.
8. Cookie Policy
GrandPrixRun.com uses cookies and similar technologies to enhance user experience, perform analytics, and serve relevant content. Cookies are categorized as follows:
– Essential Cookies: Required for basic functionality, such as account login and secure checkout
– Functional Cookies: Enhance usability, like remembering your settings or preferences
– Analytics Cookies: Help us understand user interaction patterns to improve the site
– Performance Cookies: Monitor site performance for responsiveness and uptime
9. Cookie Management and Compliance
We provide a consent management platform in compliance with GDPR and CCPA. On your first visit, you will be prompted to accept or manage cookie preferences. You can modify your consent settings at any time via the “Cookie Settings” link available on GrandPrixRun.com. Users may also disable cookies via browser settings; however, this may affect website performance or key features.
Under CCPA, California residents have the right to:
– Opt out of the sale of personal information
– Request categories and specific pieces of personal information collected
– Request deletion of personal data, subject to exceptions
We do not sell personal data in exchange for monetary compensation.
10. Children’s Privacy
GrandPrixRun.com is not directed to individuals under the age of 13, and we do not knowingly collect or solicit personal information from children. Where we become aware of such data collection, we will take prompt steps to delete the data. If you believe your child has provided us personal data without your consent, please contact us immediately at [email protected].
11. Policy Updates
We reserve the right to update this Privacy Policy at any time to reflect changes in legal obligations, technologies, or business operations. Where significant changes occur that impact your rights or data handling practices, we will attempt to notify you via email or prominent notices on our website.
12. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Your privacy is a core value at GrandPrixRun.com. We are committed to compliance with all applicable data privacy laws and are always available to assist with any privacy-related inquiries.