PRIVACY POLICY
PRIVACY POLICY
Embedded Files
# RaceControl Privacy Policy
**Effective Date:** July 25, 2025
**Last Updated:** November 9, 2025
## 1. Introduction
Welcome to RaceControl ("we," "us," "our"). We are a software development firm based in Contra Costa County, California, specializing in creating AI-augmented integration workflows, mobile applications, branding solutions, custom software features, Retrieval-Augmented Generation (RAG) systems, and automating social media content creation and posting for businesses ("Services").
We are committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you:
- Visit our website https://www.racecontrol.ai
- Use our mobile applications
- Interact with us or use our Services as a client
This policy also addresses our role concerning the data processed through the solutions we build for our clients.
Please read this Privacy Policy carefully. If you do not agree with the terms of this privacy policy, please do not access our website, mobile applications, or use our Services.
## 2. Scope of This Policy
This Privacy Policy applies to:
- Information we collect through our website (https://www.racecontrol.ai)
- Information we collect through our mobile applications available on Google Play Store and Apple App Store
- Information we collect during sales, marketing, and client engagement processes
- Information related to our direct business contacts (client representatives, vendor contacts)
This Privacy Policy does not govern the data processing practices within the applications, workflows, or systems we build for our clients. Our clients act as the "Business" (under CCPA/CPRA) or "Data Controller" for the data processed within those solutions. We typically act as a "Service Provider" or "Data Processor" for that data, processing it only according to our contractual agreements with our clients.
## 3. Information We Collect
### Information You Provide Directly:
- **Contact Information:** Name, email address, phone number, company name, job title when you fill out contact forms, request consultations, subscribe to newsletters, or communicate with us
- **Account Information:** Username, password, and profile information when you create an account in our mobile applications
- **Project Information:** Details about your business needs and project requirements when discussing potential Services
- **Communication Records:** Records and copies of your correspondence if you contact us
- **Payment Information:** Credit card details, billing address, and transaction history for subscription services (processed securely through third-party payment processors)
- **User-Generated Content:** Any content, feedback, or data you provide through our applications
### Information Collected Automatically:
**Website Data:**
- Log and Usage Data: IP address, browser type and version, pages visited, time and date of visit, time spent on pages, and other diagnostic data
- Cookies and Tracking Technologies: We use cookies, web beacons, and pixels to track website activity
**Mobile Application Data:**
- Device Information: Device type, operating system version, device identifiers (UDID, advertising ID, Android ID), mobile carrier information
- App Usage Data: Features used, time spent in app, crash reports, performance data
- Location Data: Approximate location based on IP address (precise location only with explicit permission)
- Mobile Analytics: App installation, updates, and usage patterns through Firebase Analytics and similar services
### Device Permissions (Mobile Apps):
Our mobile applications may request the following permissions:
- **Camera:** To allow photo capture for profile pictures or content creation (optional)
- **Storage:** To save files and cache data locally (required for app functionality)
- **Network Access:** To connect to our services and sync data (required)
- **Push Notifications:** To send important updates and messages (optional)
### Third-Party Services Integration:
We integrate with the following third-party services that may collect additional data:
- Google Analytics/Firebase: For app usage analytics and crash reporting
- Stripe/PayPal: For payment processing (they maintain their own privacy policies)
- Cloud Infrastructure: AWS, Google Cloud Platform, or Microsoft Azure for data storage and processing
- Customer Support: Zendesk or similar platforms for customer service interactions
### Information We Process on Behalf of Clients (as a Service Provider):
When providing Services, we may process data controlled by our clients, including:
- Business data required for integration workflows
- End-user data collected through mobile apps we develop (governed by the client's policy)
- Content provided by the client for AI model training, RAG systems, or analysis
- Social media account credentials and content for automated posting (with explicit client authorization)
- Other data types as defined in our specific client agreements
## 4. How We Use Your Information
### To Provide and Manage Our Services:
- Respond to inquiries and fulfill requests for consultations or information
- Create and manage user accounts
- Process payments and manage subscriptions
- Negotiate, enter into, and manage client agreements
- Develop, deliver, and support custom software solutions
- Provide customer support and technical assistance
### To Communicate With You:
- Send administrative information, service updates, and support messages
- Send marketing communications (with your consent where required - you can opt-out at any time)
- Send push notifications about app updates and important information (with your permission)
### To Improve Our Services:
- Understand how users interact with our website and mobile applications
- Analyze usage patterns to improve user experience
- Conduct research and analytics for internal purposes
- Debug issues and improve app performance
### For Security and Compliance:
- Maintain the security and integrity of our systems
- Prevent fraud and unauthorized access
- Comply with legal obligations and enforce our terms
- Monitor for and prevent prohibited activities
## 5. Legal Basis for Processing (GDPR)
For users in the European Economic Area, our legal bases for processing include:
- **Contract Performance:** To provide services you've requested
- **Legitimate Interests:** To improve our services, ensure security, and conduct business operations
- **Consent:** For marketing communications and optional features (you may withdraw consent at any time)
- **Legal Obligation:** To comply with applicable laws and regulations
## 6. How We Share Your Information
We do not sell your personal information, nor do we "share" it for cross-context behavioral advertising purposes (as defined under CCPA/CPRA).
We may disclose information in the following circumstances:
**With Service Providers:** Third-party vendors who perform services on our behalf, including:
- Cloud hosting providers (AWS, Google Cloud, Microsoft Azure)
- Payment processors (Stripe, PayPal)
- Analytics providers (Google Analytics, Firebase)
- Customer support platforms (Zendesk)
- Email delivery services (SendGrid, Mailchimp)
**As Directed by Clients:** Client-controlled data only as explicitly instructed by the client within our service agreement scope
**For Legal Reasons:** When required by law, subpoena, or legal process, or to protect rights, safety, and security
**Business Transfers:** In connection with mergers, acquisitions, or asset sales, subject to confidentiality arrangements
**With Your Consent:** Any other sharing will be done only with your explicit consent
## 7. Data Security
We implement comprehensive security measures including:
- Encryption of data in transit and at rest
- Regular security assessments and audits
- Access controls and authentication requirements
- Secure payment processing through PCI-compliant providers
- Employee training on data protection practices
However, no security measures are perfect, and we cannot guarantee absolute security of your data.
## 8. Data Retention
- **Account Data:** Retained while your account is active and for a reasonable period after account closure
- **Transaction Records:** Retained as required by law (typically 7 years for tax purposes)
- **Marketing Data:** Until you opt-out or we no longer have a legitimate business need
- **Client-Controlled Data:** According to our agreement terms with each client
- **Analytics Data:** Typically retained for 26 months in anonymized form
## 9. Your Privacy Rights
### California Residents (CCPA/CPRA Rights):
- **Right to Know/Access:** Request information about personal data we've collected
- **Right to Delete:** Request deletion of your personal information
- **Right to Correct:** Request correction of inaccurate personal information
- **Right to Opt-Out:** We don't sell data, so no opt-out needed for sales
- **Right to Limit Use of Sensitive Personal Information:** Request limits on sensitive data use
- **Right to Non-Discrimination:** You won't be discriminated against for exercising rights
### European Users (GDPR Rights):
- **Right of Access:** Obtain confirmation of data processing and access to your data
- **Right to Rectification:** Correct inaccurate or incomplete data
- **Right to Erasure:** Request deletion of your data under certain circumstances
- **Right to Restrict Processing:** Limit how we process your data
- **Right to Data Portability:** Receive your data in a portable format
- **Right to Object:** Object to processing based on legitimate interests
- **Right to Withdraw Consent:** Withdraw consent for consent-based processing
### Exercising Your Rights:
Contact us at info@racecontrol.ai or 925-477-0497. We'll verify your identity before processing requests and respond within the required timeframes (30 days for CCPA, 30 days for GDPR).
## 10. Children's Privacy (COPPA Compliance)
RaceControl complies with the Children's Online Privacy Protection Act (COPPA).
**Age Requirements:**
- Users must be at least 13 years old to create an account
- Users under 13 are prohibited from using our Services
- We collect date of birth during account creation for age verification purposes
**Parental Consent for Users Aged 13-17:**
- Users aged 13-17 require verifiable parental consent before account activation
- We collect parent/guardian email addresses solely for the purpose of obtaining consent
- Parents receive a secure consent link via email to approve their child's account
- Consent links expire after 7 days and can only be used once
- Parents can review, modify, or delete their child's information at any time by contacting us
**Data We Collect from Minors:**
- Date of birth (for age verification only)
- Parent/guardian email (for consent purposes only, ages 13-17)
- Standard account information (name, email, profile data)
- Usage data as described in Section 3 of this policy
**Parental Rights:**
Parents of users aged 13-17 have the right to:
- Review all personal information collected from their child
- Request deletion of their child's account and all associated data
- Refuse to allow further collection or use of their child's information
- Revoke consent at any time
**Verifiable Parental Consent Process:**
- Parent email must be different from child's email address
- Consent links are cryptographically secured with 64-character tokens
- Parents must actively click to provide consent (no passive consent)
- All consent actions are logged with timestamps for compliance verification
**Data Deletion for Minors:**
If we discover we have collected information from a child under 13 without proper consent, we will:
- Delete the account immediately
- Purge all associated personal information
- Notify the parent/guardian if contact information is available
**Client Responsibilities:**
If we process children's data on behalf of clients, the client acts as the Data Controller and is responsible for ensuring COPPA compliance within their own services.
**Contact for Parental Inquiries:**
Parents with questions or requests regarding their child's data should contact us at:
- Email: support@racecontrol.ai
- Phone: 925-477-0497
## 11. Subscription and Payment Information
For subscription services:
- Payment information is processed by third-party payment processors (Stripe, PayPal)
- We store only transaction IDs and subscription status, not full payment details
- Billing information is retained for tax and legal compliance purposes
- You can cancel subscriptions through your account settings or by contacting support
- Refund policies are outlined in our Terms of Service
## 12. International Data Transfers
**For US Users:** Data is processed and stored in the United States.
**For International Users:** Your data may be transferred to and processed in the United States. We implement appropriate safeguards including:
- Standard Contractual Clauses for EU transfers
- Adequacy decisions where applicable
- Additional security measures as required by local law
## 13. Push Notifications
Our mobile apps may send push notifications for:
- Important account updates
- Security alerts
- New feature announcements
- Marketing messages (with separate consent)
You can control notification preferences in your device settings or app preferences.
## 14. Third-Party Links and Services
Our services may contain links to third-party websites and services. This Privacy Policy doesn't apply to those third parties. We encourage you to review their privacy policies.
## 15. Changes to This Privacy Policy
We may update this Privacy Policy periodically. We'll notify you of material changes by:
- Posting the updated policy on our website and in our mobile apps
- Sending email notifications to registered users
- Displaying in-app notifications for significant changes
Continued use after changes constitutes acceptance of the updated policy.
## 16. Contact Us
**Data Protection Officer:** info@racecontrol.ai
**Phone:** 925-477-0497
**Address:** RaceControl, Contra Costa County, California
**For EU Users:** Our EU representative can be contacted at the same email address.
For privacy-related inquiries, data subject requests, or concerns about our privacy practices, please contact us using the information above.
Report abuse