Privacy Policy

Last updated: 23.11.2025

1. General Information

This Privacy Policy sets out the rules for processing and protecting personal data provided by Users in connection with the use of the STEAM Racing Future program and the Racing Future Academy website.

The Data Controller makes every effort to ensure respect for the privacy of Users using the service and protection of personal data provided in accordance with applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - GDPR).

2. Data Controller

The personal data controller is:

  • Racing Future Polska Sp. z o.o.
  • Address: Jana Karola Chodkiewicza 3/70, 02-593 Warsaw, Poland
  • Tel.: +48 574 231 002
  • KRS: 0001171394
  • NIP: 5223335303
  • REGON: 541769411

For matters regarding personal data processing, you can contact the Controller at: filip@myracingfuture.com

3. Scope of Data Collected

In connection with the use of the STEAM Racing Future program and the website, the Controller may process the following categories of personal data:

  • Identification data: first name, last name
  • Contact data: email address, phone number
  • School/institution data: school name, position held at the school
  • Program participation data: information about program registration, correspondence related to the program
  • Technical data: IP address, browser type, operating system, date and time of visit

4. Purposes and Legal Basis for Data Processing

Personal data is processed for the following purposes:

  • Implementation of the STEAM Racing Future program - processing data for school registration/participation in the educational program and contact regarding organizational and informational matters related to the program (legal basis: Art. 6(1)(b) GDPR - performance of a contract or taking steps prior to entering into a contract)
  • Sending marketing information - processing data for sending information about educational programs, events, and offers (legal basis: Art. 6(1)(a) GDPR - consent of the data subject)
  • Conducting statistics and analyses - processing data for statistical and analytical purposes (legal basis: Art. 6(1)(f) GDPR - legitimate interest of the controller)
  • Ensuring security - processing data to ensure service security and prevent abuse (legal basis: Art. 6(1)(f) GDPR - legitimate interest of the controller)

5. Data Sharing and Entrustment

Personal data may be shared with the following categories of recipients:

  • IT service providers supporting the operation of the service (hosting, email services)
  • Marketing service providers (in case of consent to marketing)
  • State authorities based on applicable legal provisions

Data will not be shared or sold to third parties for commercial purposes. All data recipients are obliged to maintain confidentiality and comply with personal data protection regulations.

6. Data Retention Period

Personal data will be stored for the period:

  • Necessary to achieve the purposes for which they were collected (implementation of the educational program)
  • Required by law (e.g., tax, accounting regulations)
  • Until withdrawal of consent for data processing for marketing purposes

After the retention period expires, data will be permanently deleted or anonymized.

7. Data Security

The Controller applies appropriate technical and organizational measures ensuring protection of processed personal data, in particular:

  • Connection encryption (SSL/TLS)
  • Restricting access to data only to authorized persons
  • Regular data backups
  • Security monitoring of IT systems
  • Application of anti-spam security measures

8. Right to Access, Rectification, and Deletion of Data

Each data subject has the right to:

  • Access to data - right to obtain information about processed personal data
  • Rectification of data - right to request correction of incorrect data
  • Deletion of data - right to request deletion of data (right to be forgotten)
  • Restriction of processing - right to request restriction of data processing
  • Data portability - right to receive data in a structured format
  • Objection - right to object to data processing
  • Withdrawal of consent - right to withdraw consent to data processing at any time

Exercise of the above rights occurs upon request submitted to: filip@myracingfuture.com or by phone: +48 574 231 002.

9. Right to Lodge a Complaint

Each data subject has the right to lodge a complaint with the supervisory authority (President of the Personal Data Protection Office) if they consider that the processing of personal data violates GDPR provisions.

Contact to UODO:

  • Personal Data Protection Office
  • ul. Stawki 2, 00-193 Warsaw, Poland
  • Tel.: +48 22 531 03 00
  • E-mail: kancelaria@uodo.gov.pl

10. Cookies and Technical Data

The website uses cookies and other tracking technologies for:

  • Ensuring proper operation of the service
  • Website traffic analysis
  • Content personalization

The User can change browser settings regarding cookies at any time. Disabling cookies may affect website functionality.

Detailed information about cookies used can be found in browser settings.

11. Changes to the Privacy Policy

The Controller reserves the right to make changes to this Privacy Policy. Users will be informed of any changes by publishing an updated version of the Policy on the website.

For questions regarding personal data processing, please contact:

  • E-mail: filip@myracingfuture.com
  • Phone: +48 574 231 002