Privacy Policy

1. Who We Are

RacePrep AI ("we", "us", "our") is a motorsport performance coaching platform operated by Lukas Puchinger. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Swiss data protection law (nDSG).

2. Data We Collect

We collect the following data when you use RacePrep AI:

Account data: Email address, name, and profile photo (from Google OAuth or email signup).

Driver profile data: Racing category, experience level, age, height, weight, fitness level, training preferences, injuries, and notes you provide during onboarding.

Usage data: Training plans generated, workout logs, nutrition logs, and benchmark results.

Payment data: Processed by Stripe. We store your Stripe customer ID but never your card details.

Wearable data: If you connect Strava, Garmin, or WHOOP, we import training and recovery data via their APIs.

3. How We Use Your Data

We use your data to:

Generate personalized training plans using AI (Anthropic Claude API). Your driver profile data is sent to Anthropic's API to generate your plan. Anthropic does not use this data to train their models.

Track your training progress, manage your subscription, send you relevant notifications and emails, and improve our service.

4. Data Storage & Security

Your data is stored in Supabase (PostgreSQL) in the EU region. All data is encrypted in transit (TLS) and at rest. Row-level security ensures you can only access your own data. We do not sell your data to third parties.

5. Third-Party Services

We use the following third-party services that may process your data:

Supabase (database & auth, EU region) — Anthropic (AI plan generation, US) — Stripe (payments, PCI-compliant) — Vercel (hosting, edge network) — Google (OAuth authentication).

6. Your Rights (GDPR)

You have the right to:

Access your personal data — Request correction of inaccurate data — Request deletion of your data — Export your data in a portable format — Withdraw consent at any time — Lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at the email below.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we delete all associated personal data within 30 days. Anonymized, aggregated data may be retained for service improvement.

8. Cookies

We use essential cookies for authentication (Supabase session tokens). We do not use advertising cookies or third-party tracking cookies.

9. Contact

For privacy-related inquiries, contact: lukas@puchinger.eu