Privacy Policy

We collect information you provide directly when you create an account, register for an event, or contact us. This includes:

• Identity data: full name, date of birth, gender, nationality, IC/passport number
• Contact data: email address, phone number
• Health data: blood type, medical conditions (used solely for race-day safety)
• Emergency contact details
• Payment data: transaction references only — we do not store card numbers or banking credentials
• Usage data: pages visited, events browsed, registration history
• Device data: IP address, browser type, operating system (collected automatically)

RaceHub uses your personal data to operate and improve the platform. Specifically, we use your data to:

• Process event registrations and payments
• Share necessary participant data with event organisers for race-day administration
• Send race confirmations, bib assignments, and results notifications
• Issue digital finisher certificates
• Respond to support enquiries
• Detect and prevent fraud
• Comply with legal obligations under Malaysian law (PDPA 2010)

We share your personal data only as necessary and never sell it to third parties.

We share data with:

• Event organisers — to manage race registrations, bibs, check-in, and results
• Billplz (payment processor) — to process registration payments securely
• Resend (email service) — to send transactional emails
• Infrastructure providers — for hosting and database services under strict data processing agreements
• Law enforcement or regulators — only when required by law

We implement industry-standard security measures to protect your personal data, including encrypted data transmission (HTTPS/TLS), hashed passwords using bcrypt, database access controls, and regular security reviews.

No method of electronic storage is 100% secure. We encourage you to use a strong, unique password for your RaceHub account and to notify us immediately if you suspect unauthorised access.

We retain your account data for as long as your account is active. Registration records are retained for 7 years for accounting and legal compliance purposes.

Health and emergency contact data is retained only for the duration of an event plus 90 days. You may request early deletion by contacting us.

Under the Personal Data Protection Act 2010 (Malaysia), you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Withdraw consent for optional data uses (e.g. marketing)
• Request deletion of your account and associated data (subject to legal retention requirements)
• Lodge a complaint with the Personal Data Protection Commissioner

RaceHub uses essential cookies to keep you logged in and maintain session security. We do not use advertising or tracking cookies.

You can disable cookies in your browser settings, but this may affect site functionality including the ability to stay logged in.

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes at least 14 days before they take effect.

Continued use of RaceHub after changes take effect constitutes acceptance of the updated policy.