(5 June 2016)
Here at Racefully we strive to be straightforward and open about our business practices and to act with integrity at all times. This is especially the case with respect to how we manage and use your personal data.
"Racefully" is the brand we trade under and a registered trade mark of Project X Ltd. The Racefully mobile app (our 'app'), our websites at raceful.ly and runselfi.es (our 'websites'), our blog at blog.raceful.ly (our 'blog') and our pages on Facebook, LinkedIn, Twitter and Instagram (our 'social media pages') are all operated by us, Project X Ltd.
your use of our app, websites, blog and social media pages (our 'Services'), and
any communications between you and us using our Services or other means, such as over the phone or by email.
We collect information, including information from which you are personally identifiable ('personal data'), when you choose to provide it to us and through your use of our Services.
We collect personal data that you provide when you: register for our Services, create a Racefully user profile, connect any of your social media accounts to our Services, connect any third party health or fitness apps, software, wearables or other devices ('trackers') to our Services, contact us with inquiries, comments or feedback, make payment for any Services that we provide on a paid-for basis, provide information through our Services about yourself (for example, in relation to your fitness goals or achievements), upload or post messages, photos or other information through our Services, or participate in any surveys or competitions that we may run.
Please note that it is possible for you to connect certain of the Services to your email and social media accounts, such as Gmail and Facebook ('third party services'). If you have consented to allow any of your third party service providers to provide personal data or other information to us, then we may collect that data or information. This information may include your name, profile picture, gender, user ID, email address, your country, your language, your time zone, the organizations and links on your profile page, the names and profile pictures of your social networking site “friends” and, if you decide that you wish to invite them to join Racefully, their contact details, so we can arrange for them to receive your invitation, together with any other information you have included in your social networking site profile. We may use that information to supplement the information we have about you and/or to provide and improve our Services.
We hope you have also seen and enjoyed our blog (blog.raceful.ly) and our social content sharing site, runselfi.es. Both our blog and runselfi.es are managed by us but we use Media Temple to host our blog and runselfi.es, and RebelMouse to manage runselfi.es. You should be aware that if you post messages, photos or other information on our blog or on runselfi.es, your personal data may also be collected or used by Media Temple and/or RebelMouse, in accordance with their privacy policies, which can be found at https://mediatemple.net/legal/privacy-policy/ and https://blog.rebelmouse.com/privacy-policy/ . Please read these policies to make sure you are comfortable with them before posting any personal information on either site. You should also note that any information which you post may be accessed at any time by other people and businesses and could be used by them for their own purposes. In short, you should only post information on publicly available sites like our blog and runselfi.es if you are happy for it to be in the public domain.
We also collect personal data automatically through your use of the Services. For example, when you download and run our app, we will be provided with a unique ID that identifies your device to our Services. In addition, in order to provide the Services, we collect information on where you are, how far you have gone, and how long you have been exercising. If you have connected trackers to our services, we will also automatically collect the data that they make available.
We currently collect only very limited data directly through our app relating in any way to your fitness, and only if you choose to provide such data. Specifically, we collect information about your weight, if you choose to set a weight-related goal on the app. We do not directly collect any other physical or fitness-related data unless you decide to include it in the free-form text entry section provided when you set other goals on the app or in any other content that you choose to post though our Services. We are however able to infer information about your fitness from our understanding of how often you exercise, the terrain and topology of where you exercise and the prevailing environmental conditions, how far you go, your pace, and, if you have provided this information, your weight. In addition, if you have connected any other fitness tracker(s) to our Services, we will collect the information provided to us by the tracker(s). As trackers become more sophisticated, it is likely that they will provide a more detailed and broader range of information, but currently many devices already monitor the number of steps you take, your cadence and your heart rate. If you have configured your tracker(s) to provide this information to us, we may use it to supplement our understanding of your fitness and to provide and improve the Services for you.
When you use our Services, we may receive or collect information about the services and devices you are using. We cannot specifically identify you personally from this information. This information may include the IP address of the device you are using to access the Services, browser type, operating system, the referring/exit web page, pages visited, location, date/time stamp, numbers of clicks, your mobile carrier, device information (including mobile phone and/or fitness device and application IDs), search terms, and cookie or other tracking information ('Non-identifiable data'). We may store this data ourselves or it may be included in databases owned and managed by our service providers. In addition, we use Google Analytics as a method of tracking site statistics and user behaviour using the Services. We use Non-identifiable data and the information provided by Google Analytics to better understand our users, their preferences and how they use our Services, and to provide and improve our Services for our users.
This section describes how your personal data may be shared on our Services and with third parties.
Our Services are intrinsically social, and therefore when you provide us with certain personal data it may be shared with other users of the Services, as well as to other social networks where you have chosen to do this. For example, if you invite a friend to join Racefully on Facebook using the Services, the content you choose to share with them on Facebook will be accessible on the Facebook platform.
When you download the app, you will be invited to create a user profile. You will need to provide your name (or nickname) and an email address, and will also be able to upload a profile picture, record and upload a short audio name tag so that other users know what you're called, and share your goals if you wish. If you sign in using a social network, we will automatically use your social network profile picture, name and email in your Racefully user profile. By default, this information will not be shared with other users, except as follows:
If you use runselfie.es or our blog to post images or other content, your user name and time of posting will be shared with anyone using this service. Please always ensure that if you post images of other people, or content relating to them, or from which they may be identified, you have their permission.
We have designed our app to give you control over how your data is shared on the app. Please select 'Settings' and then 'Privacy settings' to access these controls. You can use them to determine whether your profile, goals, run summaries, and location and fitness levels are viewable only by you, by your friends on the app, or publicly with all users of the app. Because Racefully is an inherently social app, by default, your profile picture, name/nickname and broad location (city / state level only) will be shared on the Services. Otherwise, friends would potentially be unable to find you on the app. However, you can use the app's privacy controls to limit the sharing of this data just to existing friends or to no one, and by default, none of your other data settings are set to public. However, to get the most out of the social aspects of the app, you may wish to use the app's privacy controls to change some or all of these settings to public. The choice is entirely yours.
We use service providers to perform certain services for us. For example, we currently or may in the future use service providers to host our websites and databases, manage user communications and provide user support, provide website and data analytics services, provide fraud protection and / credit risk information, and process payments. When we hire a service provider to provide such services, we may need to share access or provide them with certain personal data. However, we only do this to the extent necessary to enable them to perform their services effectively for us and require them to keep all such data secure. More information on the service providers we use is set out in the “International transfers” section below.
In order to provide the Services, we need to share certain information, including personal data, with service providers located outside the EU where data protection standards may be less rigorous. These service providers and the services they provide include: Facebook and Google (to enable user authentication on sign-on to the app), Localytics (to track usage of our app), Crashlytics (to help us diagnose technical issues), Firebase (to enable live racing), Branch (to send friend requests), Mailchimp to manage our user email database and send communications to you, Zendesk (for customer support), Typeform (for surveys), Shortstack (for promotions) and Google Analytics (to better understand how our blog and websites are used). Each of these providers are contractually bound to keep your data secure and only to use if for the purposes of enabling us to provide the Services and, in the case of Facebook and Google, in accordance with the privacy policies or notices they have shared with you in relation to your use of their services.
We may aggregate information about you with information collected from other users of our Services or from third parties and analyse it to better understand our users' demographics, interests and behaviours. We may also anonymise and aggregate this information and share it with our affiliates, agents and business partners. Such anonymised and aggregated information will not identify you personally.
When you use our websites and certain other Services we may place cookies or other tracking technologies on your device.
You can disable cookies delivered via an internet browser or set your browser to alert you when cookies are being sent to your device; however, disabling cookies may affect your ability to use certain Services or simply stop them from working. We therefore recommend that you keep cookies turned on when using our Services. For more information about cookies and how to refuse them, click here.
We believe there is a material difference between personal data that we collect automatically through your use of the Services or you provide to us in the reasonable expectation that it will be kept secure and confidential (for example, your user name and password and credit card information) and information that you provide with the intention that it should be publicly available on any of the Services, or which you send to us on an unsolicited basis. We shall therefore be entitled to reproduce, use, share and distribute any content that you post on any of our Services that are publicly available (for example, runselfi.es and our social media pages), or send to us on an unsolicitied basis (for example, new service or product ideas) without attribution or payment of compensation to you.
We cannot and will not be responsible for how any users or third parties use any personal data that you choose to make publicly available on the Services. Please therefore always carefully consider what you post publicly and ensure it is appropriate before doing so.
We do not knowingly seek or collect personal data from people under the age of thirteen. If you are under thirteen, please do not use the Services. If you are the parent or guardian of a child under the age of thirteen and have reason to believe they have provided personal data to us, please contact us at firstname.lastname@example.org. We may need to request certain information from you to verify your identity. Where we are satisfied that we have been provided personal data by a child under thirteen and you are entitled to ask us as their parent or guardian to delete such data, we will use all reasonable endeavours to do so.
We are legally obliged to take appropriate technical and organisational measures against unauthorised or unlawful processing of your personal data and against accidental loss or destruction of, or damage to, that data. The steps we take include ensuring that technical and organizational procedures and physical security measures are implemented, kept up to date and maintained to protect against unauthorised access to systems on which we store personal data and the unauthorised or accidental loss or disclosure of that data. Specifically, all our data is transmitted using SSL (secure sockets layer technology) and stored securely on Amazon’s AWS cloud. However, the internet, email and other communications services are not fully secure or error free. You should therefore take special care when deciding whether to share personal data with us or anyone else using these services.
To further protect access to your personal data, you need to set a username and password to be able to access your Racefully account. Please keep these details secure, and change your password regularly to reduce the risk of unauthorised access. You should also take care to limit access to your computer and other internet-connected devices and ensure you have logged out when you have finished using your account. Since you control use of your username and password and access to your devices, we cannot be responsible for any activities that take place using your account.
You can access your information and correct or update it through the Services.
If you have any questions about how to do this or about the data we hold about you, please contact us at email@example.com. We may need to request certain information from you to verify your identity before we disclose any personal data to you. Please note that we are unable to share data of any other user with you except if they have chosen to share it through the Services with you.
You may choose to cease using the Services and delete your profile at any time. If you delete your profile, other people will not be able to see it. Please note, however, that any other data that you have provided or which we have collected through the Services will be retained and if you made it publicly available, it will remain publicly accessible.
If you have any other comments or questions, please contact us at firstname.lastname@example.org and we will do our best to respond promptly and helpfully.