RaceNode
Back to Home

Privacy Policy

Effective Date: January 25, 2026

Last Updated: January 25, 2026

This Privacy Policy explains how WBLT Engineering ("we", "us", "our") collects, uses, and protects your personal data when you use the RaceNode platform ("Service"), in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

WBLT Engineering
SASU - French registered company
SIREN: 993 956 028
Email: contact@racenode.com
Website: https://www.racenode.com

2. Data We Collect and Purpose

2.1 Account and Organization Data

  • What we collect: Organization name, user name, email address, password (encrypted)
  • Purpose: Account creation and authentication
  • Legal basis: Contract performance (GDPR Art. 6(1)(b))

2.2 Billing Data

  • What we collect: Billing information processed by Stripe (payment provider)
  • Purpose: Payment processing and invoicing
  • Legal basis: Contract performance (GDPR Art. 6(1)(b)) and legal obligation (GDPR Art. 6(1)(c))

2.3 Service Usage Data

  • What we collect: Team member data, events, vehicles, logistics information you enter into the Service
  • Purpose: Provide the Service functionalities
  • Legal basis: Contract performance (GDPR Art. 6(1)(b))

2.4 Technical Data

  • What we collect: IP address, browser type, login timestamps
  • Purpose: Security, fraud prevention, service improvement
  • Legal basis: Legitimate interests (GDPR Art. 6(1)(f))

3. Data Sharing and International Transfers

We share data with the following service providers:

  • Supabase Inc. (USA): Database hosting and authentication
  • Stripe (USA): Payment processing
  • Cloudflare (USA): Security and CDN services

All transfers outside the European Economic Area (EEA) are protected by Standard Contractual Clauses (SCCs) approved by the European Commission.

We do not sell or rent your personal data.

4. Data Retention

  • Active account data: Duration of subscription
  • Billing records: 10 years (French legal requirement)
  • Technical logs: 90 days

After cancellation, modules remain accessible in read-only mode for 6 months, then data is deleted (except billing records retained for legal compliance).

5. Data Security

We implement appropriate security measures including:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)
  • Role-based access controls
  • Daily encrypted backups
  • Data breach notification within 72 hours as required by GDPR

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data (Art. 15)
  • Rectification: Correct inaccurate data (Art. 16)
  • Erasure: Request deletion of your data (Art. 17, subject to legal obligations)
  • Restriction: Limit processing in certain circumstances (Art. 18)
  • Data portability: Receive your data in structured format (Art. 20)
  • Object: Object to processing based on legitimate interests (Art. 21)
  • Lodge a complaint: File a complaint with the CNIL (French data protection authority)

CNIL Contact:
Website: https://www.cnil.fr
Address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France

7. How to Exercise Your Rights

To exercise your rights, contact us at:
Email: contact@racenode.com
Subject: "GDPR Request - [Your Request]"

We will respond within 30 days.

8. Changes to This Policy

We may update this Privacy Policy. Material changes will be notified via email to registered account holders.

By using RaceNode, you acknowledge that you have read and understood this Privacy Policy.

Return to RaceNode