Menu Close
Close
0 items - € 0,00 0
0 items - € 0,00 0

1. Introduction

THE GRID RUN (website url address: [https://thegridrun.com/) appreciates your business and trust. We are a Belgium/EU-based event organizer providing a checkpoint-based roadtrip/rally experience (“It’s a rally, not a race.”). This Privacy Policy explains how we collect, use, store, and share personal data in connection with our websites, registrations, ticketing, communications, and event operations.

By using our website, registering, purchasing a ticket, participating in the event, joining our communication channels, or otherwise interacting with us, you acknowledge that you have read and understood this Privacy Policy.

Controller:
Nick Vermeyen
Company number / VAT: BE0802.231.372
Email: info@thegridrun.com

2. Data Collected

Data Storage Location

We are a Belgium/EU-based organization. Our primary systems are hosted in [country/EEA] and, where possible, within the European Economic Area (EEA). Some of our service providers may process data outside the EEA. Where international transfers occur, we rely on appropriate safeguards such as an EU adequacy decision (where applicable) and/or Standard Contractual Clauses (SCCs) and additional technical/organizational measures.

Hosting provider: [Provider name + location]
Ticketing/payment providers: [Provider name(s)]
Email/CRM provider: [Provider name(s)]

Registration Data

If you register for the event or create an account (if applicable), we may store:

  • Name, email address, phone number
  • Role (driver / passenger / crew / sponsor guest)
  • Emergency contact (name + phone number)
  • Vehicle information (e.g., make/model, license plate) where necessary for operations and parking/security
  • Rooming preferences (e.g., single room add-on, roommate info)
  • Dietary preferences/allergies only if you provide them voluntarily
    You may request access to, correction of, or deletion of your data (see Section 9). Certain data may be retained where required for legal, safety, accounting, or dispute-resolution purposes.
Purchase & Payment Data

When you purchase tickets/add-ons, we process:

  • Order details (tickets, add-ons, amounts, currency, discount codes)
  • Payment status, transaction references, invoicing details
    Important: payment card details are typically processed directly by our payment provider and are not stored by us.
Event Operations Data (Checkpoints / Attendance / Safety)

To run the event safely and in a controlled manner, we may collect and store:

  • Check-in and attendance records (e.g., QR check-ins at start/hubs/checkpoints)
  • Pod allocation and operational notes (e.g., timing windows, support escalation notes)
  • Communications required for event control (messages relevant to operations/safety)
Support & Communications Data

If you contact us (email, forms, DM, helpdesk):

  • We store your contact details and the contents of your request
  • We may keep an internal record of our responses for quality, evidence, and dispute handling
Media (Photo/Video/Audio)

During the event we may capture photos/videos/audio for:

  • Event documentation (recaps, aftermovie, community content)
  • Sponsor deliverables and reporting
    This may include footage where participants, vehicles, license plates, or voices appear.

If you do not want to appear in close-up promotional content, you can contact us in advance at [privacy@…] and/or identify yourself at check-in. We will take reasonable measures, but cannot guarantee complete exclusion from all background or crowd footage.

Comments (if enabled)

When you leave comments on our website, we may collect the data shown in the comments form, and also the IP address and browser user agent string to help spam detection.

Contact Form

Information submitted through the contact form is sent to our company email and/or ticketing/helpdesk system. These submissions are kept for customer service and operational purposes and are not sold to third parties.

Analytics

We may use analytics tools (e.g., [Google Analytics 4 / Plausible / Matomo]) to understand website usage. Where legally required, we request consent before setting non-essential cookies or similar tracking technologies. You can manage your preferences via our cookie banner/settings (see Section 4).

Cases for Using the Personal Data

We use your personal information in the following cases:

  • Processing registrations, tickets, add-ons, and participation logistics
  • Identity verification during check-in and event participation
  • Safety operations (emergency contact, support handling, controlled flow)
  • Coordinating hotels, dinners, shuttles, venues, and experiences
  • Providing customer support and responding to inquiries
  • Preventing fraud, misuse, chargebacks, and enforcing event rules (where proportionate)
  • Producing and delivering event media and sponsor deliverables
  • Improving our services, operations, and communications
  • Complying with legal and accounting obligations

3. Embedded Content

Pages on this site may include embedded content (e.g., YouTube, Instagram, TikTok). Embedded content from other websites behaves in the same way as if you visited the other website.

These websites may collect data about you, use cookies, embed third-party tracking, and monitor your interaction with that embedded content—especially if you have an account and are logged in to that platform. We do not control these third-party technologies. Where required, we will request consent before enabling non-essential embedded tracking.

Below is a list of services we may use:

  • YouTube
  • Instagram
  • TikTok
  • Google Maps
  • Other social or media platforms as applicable

4. Cookies

This site uses cookies—small text files placed on your device—to make the website work, improve user experience, and (where enabled) measure traffic. Under EU/Belgian rules, strictly necessary cookies may be used without consent, while non-essential cookies (analytics/marketing/social) generally require prior consent.

You can change cookie preferences at any time via [Cookie Settings link].

Necessary Cookies (all site visitors)

Examples (adjust to your actual setup):

  • Session cookie (e.g., PHPSESSID or equivalent) to keep the site functioning
  • Security / load-balancing cookies (e.g., Cloudflare or similar)
  • Consent preference cookie (stores your cookie choices)
Additional Cookies (logged-in users / ticket portal users, if applicable)

Examples (adjust to your actual setup):

  • Authentication cookies to keep you logged in
  • Preference cookies (language, interface settings)

Note: The exact cookies depend on the technologies you use. Maintain an up-to-date cookie list in your cookie banner/tool.

5. Who Has Access To Your Data

Depending on operational need, access may be granted to:

  • Core organizers and system administrators
  • Event operations staff (check-in, route control, participant manager)
  • Finance/admin staff (invoicing, refunds, accounting)
  • Media team (photo/video processing and delivery)
  • Sponsor/activation team (only where necessary for contracted deliverables)
    All access is granted on a need-to-know basis and is logged/controlled where appropriate.

6. Third Party Access to Your Data

We do not sell your personal data. We share limited data with third parties only when necessary to provide the services you expect or to run the event safely and professionally.

Examples of third parties:

  • Ticketing platform
  • Payment provider
  • Email service provider / CRM
  • Hosting provider
  • Analytics provider
  • Hotels/venues/catering
  • Shuttle/transport providers
  • Experience partners
  • Photo/video contractors
  • Security/support partners
Sponsor Activations / Lead Capture

If you voluntarily participate in sponsor activations (e.g., you scan a sponsor QR code, enter a giveaway, fill in a sponsor form), your data may be shared with that sponsor. In that case, the sponsor may act as a separate controller and will process your data under its own privacy policy. We recommend you read the sponsor’s privacy notice at the moment you submit your data.

7. How Long We Retain Your Data For

We retain personal data only as long as necessary for the purposes described above:

  • Ticketing, registrations, operational participant lists: kept for the period necessary to run the event, provide post-event support, and manage disputes/chargebacks.
  • Accounting and invoicing data: retained as required by applicable tax and accounting laws.
  • Support communications: retained as long as needed to handle your request and maintain evidence in case of disputes.
  • Media content: retained for portfolio/documentation and event history, unless you successfully object or request deletion where applicable and feasible (see Section 9).
  • Special category data (e.g., medical info): if provided, retained only as long as strictly necessary (typically until the end of the event + short safety buffer), unless required for legal claims.

You can request deletion where applicable; however, we cannot erase data we are obliged to keep for legal, accounting, safety, or security purposes.

8. Security Measures

We use appropriate technical and organizational measures to protect your data, including:

  • SSL/HTTPS encryption
  • Access controls and role-based permissions
  • Data minimization and need-to-know access
  • Vendor due diligence and processor agreements where required
  • Backups and security monitoring where appropriate

In case of a personal data breach, we will take steps to contain it and assess whether notifications are required under GDPR.

9. Your Data Rights

General Rights

If you have registered, purchased tickets, or interacted with us, you may have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion (where applicable)
  • Request restriction of processing
  • Object to processing based on legitimate interests (where applicable)
  • Request data portability (where applicable)
  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us at: info@thegridrun.com. We may request reasonable proof of identity to protect your data.

Right to Lodge a Complaint

If you believe your data has been processed unlawfully, you can lodge a complaint with the Belgian supervisory authority:
Belgian Data Protection Authority (GBA/APD)
Drukpersstraat 35, 1000 Brussels, Belgium
Email: contact@apd-gba.be
Phone: +32 (0)2 274 48 00

10. Third Party Websites

We may link to third-party websites or services. These third parties are not controlled by us. We encourage you to review their privacy policies. To the extent permitted by applicable law, we are not responsible for the privacy practices of third-party websites.

Social media links or icons do not share your data with those platforms unless you click them or otherwise interact with those features.

11. Release of Your Data for Legal Purposes

We may disclose your personal data if we believe in good faith that such disclosure is necessary to:

  • comply with a legal obligation, court order, or lawful request by competent authorities;
  • protect our rights, property, or safety, the safety of participants, or the public;
  • prevent or investigate fraud, security issues, or violations of our terms/rules;
  • establish, exercise, or defend legal claims.

Where legally permitted and appropriate, we may notify you of such requests. We disclose only the data that is reasonably necessary for the relevant purpose.

Cart0
Cart0