RaceAlly
Request Beta Access
Trust

Security at RaceAlly

Here is how we protect your data — described from what is actually built today, not a wish list. If something is on the roadmap rather than shipped, we say so.

RaceAlly is not SOC 2 certified — that is a roadmap item, not a claim we make today. No system is perfectly secure; we design so that a single failure exposes as little as possible.

Append-only consent & audit records

Consent and sensitive actions are written to append-only records, versioned to the policy in force at the time. We add new records rather than editing or deleting history, so an operator can always reconstruct who agreed to what, and when.

Role-based access control

Protected actions run behind a server-side role check — the request is verified against the account’s role before anything happens. Access is decided on the server, not hidden in the browser.

Rate limiting on sensitive endpoints

Requests to sensitive endpoints are rate limited to blunt scraping, brute force, and abuse. Limits are applied server-side and tuned per route.

Error monitoring & structured logging

Errors on both the product and this marketing site are captured by Sentry, and important server actions emit structured logs. Problems are seen quickly, with enough context to fix them — without logging the contents of your private data.

Encrypted transport

All traffic is served over HTTPS (TLS). Data moving between your browser and RaceAlly is encrypted in transit.

Managed authentication

Sign-in is handled by Clerk, a dedicated authentication provider, rather than homegrown password storage. Payments, when fan support goes live, are handled exclusively by Stripe so card numbers never touch our servers.

One-email data deletion

You can ask us to delete your data by emailing Chase@FarrisFactory.com. We honor deletion requests for everyone, regardless of where you live, and for young racers under the stricter rules in our Youth Racer & Guardian Policy.

Private-beta gate

RaceAlly is invite-only during the private beta. We roll out in waves so we can watch how every new surface behaves before it reaches more people.

Reporting a security issue

Found something that looks wrong? Email Chase@FarrisFactory.com with the details and steps to reproduce. We read every report and respond as fast as a small team honestly can.

For how we collect, use, and retain data, see our Privacy Policy.