1. Who we are
RacingStatto (“we”, “us”, “our”) operates the website at racingstatto.com and provides a horse racing statistics platform (the “Service”).
For the purposes of applicable data protection law (including the UK GDPR and the EU GDPR), RacingStatto is the “data controller” of personal information you provide through the Service.
2. Information we collect
We collect the following categories of information:
- Account data — email address, name, hashed password, account role, and subscription status.
- Billing data — Stripe customer ID, subscription ID, subscription status, and the last four digits of your payment method. Full card details are held by Stripe and never by RacingStatto.
- Usage data — pages viewed, features used, and device / browser metadata (such as IP address and user-agent) captured in server logs for security and performance monitoring.
- Cookies & similar technologies — strictly necessary cookies for authentication and session management. See our Cookie Policy for details.
3. How we use your information
We use personal information to:
- provide, operate, and maintain the Service;
- authenticate you, manage your account, and keep it secure;
- process payments, manage subscriptions, and handle refunds;
- send service-related communications (e.g. billing receipts, security notices, and material changes to these terms);
- detect, investigate, and prevent fraudulent or abusive activity; and
- comply with our legal and regulatory obligations.
4. Legal basis for processing
We rely on the following legal bases:
- Contract — to provide the Service you have signed up for.
- Legitimate interests — to keep the Service secure, prevent fraud, and improve what we offer.
- Legal obligation — where we are required to process information for tax, accounting, or regulatory reasons.
- Consent — where specifically required and requested (e.g. optional marketing emails, if we ever introduce them).
6. Data retention
We keep account and billing records for the duration of your subscription and for a reasonable period afterwards to comply with legal, tax, and accounting requirements (typically up to seven years). Server logs and security records are retained for shorter periods, usually no longer than twelve months.
7. Your rights
Depending on your location, you may have the following rights in respect of your personal information:
- to access a copy of it;
- to have it corrected if inaccurate;
- to have it deleted in certain circumstances;
- to restrict or object to certain processing;
- to portability (to receive your data in a machine-readable format); and
- to lodge a complaint with a supervisory authority (in the UK, the Information Commissioner’s Office).
To exercise any of these rights, contact us at support@racingstatto.com.
8. International transfers
Some of our service providers (including Stripe and our hosting provider) process personal information outside the UK and EEA. Where this happens, we rely on transfer mechanisms approved under applicable data protection law, such as the UK International Data Transfer Agreement or Standard Contractual Clauses.
9. Children
The Service is not directed to anyone under the age of 18. Horse racing content is intended for an adult audience and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.
10. Security
We apply appropriate technical and organisational measures to protect personal information, including encrypted transport (HTTPS), hashed passwords, and access controls on our infrastructure. No system is perfectly secure, however, and you should always use a strong, unique password for your account.
11. Changes to this policy
We may update this policy from time to time. When we make a material change, we will update the “last updated” date at the top of the page and, where appropriate, notify you by email or in-app.
12. Contact
If you have any questions about this policy or how we handle your personal information, contact us at support@racingstatto.com.