Privacy Policy

Last updated: November 27, 2025

Legal Documents

Privacy PolicyTerms of ServiceCookie PolicyDisclaimerImpressum

1. Introduction

Welcome to Race to AGI ("we," "our," or "us"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.racetoagi.org (the "Website").

We comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

[COMPANY NAME]
[ADDRESS]
[CITY, COUNTRY]
Email: dinanjanagunaratne@gmail.com

3. Information We Collect

We collect the following types of information:

3.1 Information You Provide

  • Account information: Email address, name, and profile data when you create an account
  • Authentication data: Information from OAuth providers (Google, X/Twitter) when you sign in
  • User-generated content: Comments, ratings, and narrative subscriptions
  • Communications: Messages you send to us via email or contact forms

3.2 Information Collected Automatically

  • Device information: IP address, browser type, operating system
  • Usage data: Pages visited, time spent, click patterns, referral sources
  • Cookies and tracking technologies: See our Cookie Policy for details

3.3 Information from Third Parties

  • OAuth providers: Profile information from Google or X when you authenticate
  • Analytics services: Aggregated usage data from Google Analytics

4. How We Use Your Information

We use your information for the following purposes:

  • To provide and maintain our services
  • To personalize your experience and content recommendations
  • To send notifications about narratives you subscribe to
  • To analyze usage patterns and improve our website
  • To communicate with you about updates and changes
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

5. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

  • Consent: For analytics cookies and marketing communications
  • Contract: To provide services you've requested (account, subscriptions)
  • Legitimate Interest: For security, fraud prevention, and service improvement
  • Legal Obligation: To comply with applicable laws and regulations

6. Third-Party Services

We share data with the following third-party services:

  • Google Analytics: Website analytics (with IP anonymization)
  • Google OAuth / X OAuth: Authentication services
  • MongoDB Atlas: Database hosting (data stored securely)
  • Vercel: Website hosting and deployment
  • OpenAI: AI-powered features (narrative detection, analysis)

Each third party has their own privacy policy governing their use of data.

7. Data Retention

We retain your personal data for:

  • Account data: Until you delete your account
  • Usage data: 26 months (Google Analytics default)
  • Comments and ratings: Until you delete them or your account
  • Server logs: 90 days

8. Your Rights

Under GDPR and CCPA, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ('right to be forgotten')
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a portable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Revoke consent at any time
  • Non-Discrimination (CCPA): We will not discriminate for exercising your rights

To exercise these rights, contact us at dinanjanagunaratne@gmail.com.

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for certain countries
  • Data Processing Agreements with all service providers

10. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication with OAuth 2.0
  • Regular security assessments
  • Access controls and audit logging

11. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Website after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at:

Email: dinanjanagunaratne@gmail.com
Address: [ADDRESS]

You also have the right to lodge a complaint with your local data protection authority.

View all legal documents