This page explains how the league site handles retention, erasure, and anonymization across the main data types used by Racing League Manager.
The system does not apply one delete rule to every record. Some data can be removed. Some data should be anonymized. Some data must be retained because it supports finance, audit, contract, or competition integrity obligations.
Core rule
When a privacy request is received, the operator should delete or anonymize direct personal data where that can be done without breaking required business, accounting, audit, or competition records.
Data classes and normal handling
| Data class | Typical purpose | Normal retention posture | Delete or anonymize approach | US transfer exposure |
|---|---|---|---|---|
| WordPress account and profile fields | account access and security | retained while the account is active | delete or update when the account is closed, except where another lawful basis applies | primary hosting, backups, support access |
| Driver profile data | map user accounts to league identity | retained while the driver participates or records remain operationally relevant | direct identifiers can be anonymized while preserving competition records | primary hosting, backups |
| Registration payloads | approvals and onboarding evidence | retained through the relevant season and longer if disputes require it | sensitive free-text fields may be redacted; core workflow metadata may remain | primary hosting, backups |
| Organization memberships and permissions | control dashboard access and organization authority | retained while active and for historical access traceability | personal linkage can be reduced after departure where feasible | primary hosting, backups |
| Entry assignments | show who was assigned to which car and race | retained as competition-history records | usually retained; direct linkage may remain where needed for integrity history | primary hosting, backups |
| Contracts and signatures | driver-employment and organization records | retained for contract history, dispute handling, and financial context | signatures and some metadata may be redacted; contract record usually remains | primary hosting, backups |
| Mailbox messages and notifications | platform communications | retained while operationally useful | can usually be deleted or reduced sooner than finance/audit records | primary hosting, backups, email processors where used |
| Sponsorship records | sponsorship operations and relationship history | retained through season and relationship history needs | some free-text metadata may be redacted; core records may remain | primary hosting, backups |
| Driver finance records | personal earnings/accounting history | retained for accounting and audit purposes | normally retained; direct profile fields may be anonymized instead | primary hosting, backups |
| Organization finance records | team accounting and audit trail | retained for accounting and audit purposes | normally retained; not deleted merely because a user leaves | primary hosting, backups |
| Results, stats, and standings | competition history and public record | retained as competition-history records | normally retained; direct user linkage may be minimized where practical | primary hosting, backups |
| Audit records | security, governance, and operational traceability | retained for accountability and incident review | normally retained; direct identifiers may be reduced only where appropriate | primary hosting, backups |
| Uploaded media | profile, branding, and number assets | retained while in active use | delete when no longer required and not needed in a retained record | primary hosting, backups, CDN/storage if used |
What a privacy erasure request does in practice
- remove plugin-owned user metadata
- remove plugin-managed profile assets where applicable
- delete mailbox messages and notifications tied to the user mailbox
- anonymize direct driver-profile identifiers where deleting the record outright would break competition history
- redact some registration and contract metadata fields
The platform does not promise that every record will be hard-deleted.
- finance records may need to be retained for accounting reasons
- audit records may need to remain for accountability and abuse investigations
- contract history may need to remain for dispute and operational history
- results, standings, and entry history are part of the integrity of league competition records
Your privacy rights
- access your data
- correct inaccurate data
- request deletion or anonymization
- restrict some processing
- object to some legitimate-interest processing
- complain to a supervisory authority
How to submit a request
Use the contact or support route published by the live site operator.
The operator should verify the request, determine the scope, and then use WordPress privacy tooling plus any required manual follow-up for records that need selective anonymization instead of full deletion.
Internal review requirement
This retention schedule should be reviewed when the site adds a new data class, processor, or workflow.