Legal

Privacy Policy

How 4ACE collects, uses, and protects personal data.

Last updated June 10, 2026

This Privacy Policy explains how 4ACE ("4ACE", "we", "us", or "our") collects, uses, shares, and protects personal data when you use our websites, products, and services.

This is draft v1 legal copy and should be reviewed before production reliance.

Who We Are

4ACE provides motorsport and racing technology tools for teams, drivers, engineers, and related users. For personal data we decide how to process, 4ACE is the controller.

Data We Collect

We collect data you provide directly, data created through product use, and data from trusted third-party services.

Contact Data

If you contact us, we may collect:

  • name
  • email address
  • message content
  • related communication metadata

Account Data

If you create or use an account, we may collect:

  • name
  • email address
  • authentication identifiers
  • team and membership details
  • role and permission details

If you sign in with Google, Google may share profile and email data needed to authenticate your account.

Payment Data

If you buy credits or top up an account, payment processing is handled through Stripe. We may receive transaction metadata such as purchase amount, currency, status, customer identifiers, and payment-related records. We do not intentionally store full payment card numbers.

Product Data

When you use 4ACE, we may process customer and product data such as:

  • team, driver, racing, setup, and vehicle-related information
  • uploaded files or imported data
  • analysis, notes, configuration, and workflow data
  • organization, project, or workspace records

Telemetry and Diagnostics

We may collect technical and usage data to operate, secure, debug, and improve the service. This may include:

  • device, browser, and session metadata
  • page URL, page title, user action metadata, and performance data where enabled
  • OpenTelemetry traces, logs, metrics, and web vitals
  • error reports through services such as Sentry
  • privacy-focused analytics through services such as Umami

Sentry is intended to be configured with default PII collection disabled. Analytics behavior depends on final production configuration, so we avoid stronger cookie, IP, or anonymization claims here.

How We Use Data

We use data to:

  • provide, secure, and maintain 4ACE
  • authenticate users and manage accounts
  • process credit purchases and payment records
  • support team collaboration and permissions
  • respond to support and contact requests
  • monitor reliability, performance, and security
  • improve features and product experience
  • comply with legal, tax, accounting, fraud prevention, and dispute obligations

Depending on your location and context, we process personal data because:

  • processing is needed to provide the service or take requested pre-contract steps
  • we have legitimate interests in operating, improving, securing, and supporting 4ACE
  • processing is needed to comply with legal obligations
  • you gave consent, where required

Sharing Data

We may share data with service providers that help us operate 4ACE, such as hosting, authentication, payment, logging, analytics, email, and support providers. Examples may include Google, Stripe, Sentry, Umami, hosting providers, and database or infrastructure providers. Final subprocessors should be verified before publishing a definitive list.

We may also share data if required by law, to protect rights and safety, during business transfers, or with your organization where team or account administration requires it.

Retention

We keep personal data only as long as needed for the purposes described above, unless law, accounting, tax, fraud prevention, dispute, or security needs require longer retention.

Account deletion is designed to anonymize user records and delete sessions and memberships. It may not remove every legal, payment, team, audit, or backup record where retention is needed or technically limited.

Security

We use technical and organizational measures designed to protect personal data. No system is fully secure. You are responsible for keeping account credentials safe and limiting access to your team workspace.

International Transfers

We may process and store data in countries other than your own. Where required, we use appropriate safeguards for international transfers.

Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or export personal data. You may also have rights to withdraw consent or complain to a regulator.

To request help, contact us through the contact options available on 4ACE.

Children

4ACE is not intended for children under the age required by applicable law. Do not use 4ACE if you are not old enough to consent or if you lack required permission from a parent, guardian, team, or organization.

Changes

We may update this Privacy Policy as the service changes. Material changes may be announced through the website, product, or other reasonable channels.

Contact

Questions about this Privacy Policy can be sent through the 4ACE contact form or other published contact channels.