Privacy Notice

Important information and who we are

Pacer Ventures Limited is the controller and is responsible for your personal data (Pacer, we, us or our in this notice).

If you have any questions about this privacy notice, please contact us using the details set out below.

Contact details

Our full details are:

• Full name of legal entity: Pacer Ventures Limited
  
• Email address: hello@pacertrain.com

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues.

Changes to the privacy notice and your duty to inform us of changes

We keep our privacy notice under regular review.

This version was last updated on 15th April 2026. It may change and, if it does, those changes will be posted on this page and notified to you when you next start the App or log onto your account. The new notice may be displayed on-screen and you may be required to read and acknowledge the changes to continue your use of the App or the Services.

Third party links and sites

Our App and Services may, from time to time, contain links to and from the websites of third parties, such as Apple Health, Strava and Garmin. Please note that these websites (and any services accessible through them) are controlled by those third parties and are not covered by this privacy notice. You should review their own privacy notices to understand how they use your personal data before you submit any personal data to these websites or use these services.

The data we collect about you

We collect, use, store and transfer different kinds of personal data about you.

We do not intentionally collect most special categories of personal data about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, or trade union membership). However, we do process limited special category data in the following circumstances:

Health data. Where you choose to connect your Strava or Garmin account, we import training data that may include heart rate, training load, and other physiological metrics. This constitutes health data under the UK GDPR. We process this data on the basis of your explicit consent (Article 6(1)(a) and Article 9(2)(a) UK GDPR), which we obtain before importing any connected data. You may withdraw this consent at any time by disconnecting your Strava or Garmin account.

Optional health-related profile information. You may choose to provide additional information relevant to finding suitable training partners, such as pre- or post-natal status or disability-related considerations. Where provided, this is special category data processed on the basis of your explicit consent (Article 6(1)(a) and Article 9(2)(a) UK GDPR). These fields are strictly optional and you can remove this information from your profile at any time.

Biometric data. We use Onfido, a third-party identity verification provider acting as our processor, to verify your identity at registration. This involves facial recognition matching against your uploaded identity document, which constitutes biometric data processed for identification purposes. We obtain your explicit consent (Article 6(1)(a) and Article 9(2)(a) UK GDPR) before initiating this process.

We will collect data relating to criminal offences through any measures we take to secure and protect our App and users. Further details can be found at Criminal offence data.

How is your personal data collected?

We collect your personal data in the following way:

• Registration. We collect your Identity Data and Contact Data when you register your account with us.
• Communications. When you communicate with us via email, telephone or chat we collect your Contact Data. If you contact us through the App using the chat function, we also collect Device and Cookies Data to operate our chat function and respond to your messages. If the communication relates to an error or problem you are having with the App or one of our Services, we will also collect Usage Data for diagnosis and improvement.
• Information you generate when using our App and Services. Each time you access and use our App and Services we collect Content, Device, Cookies, Personalisation and Usage Data.We collect Content Data where you upload it to the App. We collect Device, Cookies,Personalisation and Usage Data by using cookies and other similar technologies. Please see our cookie notice [LINK] for further details.
• Information we collect through monitoring the use of our App, Sites and Services. Each time you access and use our App and Services we collect information about that access and use, being Device, Content, Cookies, and Usage Data.
• Additional information we otherwise collect through our App, Sites and Services where we have your consent to do so. Where you provide your consent, we collect your Location Data on an ongoing basis while you have the App installed on your device as there are parts of our Service that we can only provide if we have location information.
• Direct Marketing. We collect and record Direct Marketing Data when we add you to our marketing database, you request to change your direct marketing preferences, or you interact with our direct marketing communications Connected Data. We collect Connected Data when you choose to connect your connected device to your account.
• Social Media Data. We collect Social Media Data when you choose to connect your social media account to your account.
• Information we receive from third parties. We will receive personal data about you from the third parties set out below:
  
  • Device and Cookies Data from the following parties:
    
    • Cloud and application infrastructure providers, being Google Ireland Limited (Firebase Authentication, Firestore, Cloud Functions and Cloud Messaging) based in Ireland, and 650 Industries, Inc. (trading as Expo) based in the USA (push notification delivery and over-the-air updates).
      
  • Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Apple Distribution International Limited based inside the EU (App Store distribution and in-app purchases), Google Ireland Limited based inside the EU (Google Play distribution and in-app purchases), and Resend (Plus Five Five, Inc.) based outside the UK/EU in the USA (transactional email delivery).

Cookies

We use cookies (small files placed on your device) and other tracking technologies on the App and in our direct marketing emails to improve your experience and our development of the App and our Services.

How we use your personal data

We will only use your personal data when we have a lawful basis to do so. Our lawful basis for each purpose for which we use your personal data is specified below. Most commonly we will use your personal data in the following circumstances:

• Consent. Where you have freely consented before the processing in a specific, informed and unambiguous indication of what you want. You can withdraw your consent at any time via your Account, using our cookie banner or contacting us (see Your legal rights below).
• Performance of a contract. Where we need to process your personal data to perform a contract with you or where you ask us to take steps before we enter into a contract with you.Where we rely on performance of a contract and you do not provide the necessary information, we will be unable to perform your contract.
• Legitimate interests. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
• Legal obligation. Where we need to use your personal data to comply with a legal or regulatory obligation. Where we rely on legal obligation and you do not provide the necessary information, we may be unable to fulfil a right you have or comply with our obligations to you, or we may need to take additional steps, such as informing law enforcement or a public authority or applying for a court order.

Delivery and improvement of our App and Services

‍

Account management and profiling

‍

Direct marketing

‍

Troubleshooting, improvement and security

‍

Rights and obligations

‍

Cookies and personalisation

‍

Special category data

‍

Other communications

‍

Personal data sharing

‍

Business contacts

‍

Automated decision making and profiling

We do not make decisions based solely on automated processing or profiling that produce legal effects concerning you (or have similarly significant effects).

Criminal offence data

We do not intentionally collect criminal offence data about you. However, we may process data relating to criminal offences in monitoring the use of our App for security purposes, where we suspect you may have committed a crime, such as attempting to circumvent the security of the App or Services. In such circumstances we will provide that information to law enforcement and/or use it to establish, exercise or defend a legal claim. In those circumstances, according to the type of activity and purpose, we will rely on legitimate interests (protecting our business, employees and other users) and legal obligation (where required by legal, judicial or law enforcement to disclose or process that information).

Disclosures of your personal data

We may share your personal data with the following external third parties:

• Your Appstore Provider and mobile network operator to allow you to install the App.
• Service providers acting as processors who provide IT and system administration services, including:
  
  • Google Cloud / Firebase (cloud hosting, database, authentication, and analytics infrastructure, based in the United States);
  • Onfido (identity verification, including biometric facial recognition matching against uploaded identity documents, based in the United Kingdom);
  • Loops.so (email communications and marketing, based in the United States);
  • Expo / EAS (push notification delivery, based in the United States);
  • Strava and Garmin (connected fitness data platforms, where you choose to link your account — note that Strava and Garmin act as independent controllers in respect of data held on their own platforms; they act as data sources from which we import data with your consent).
  • Other processors may include providers of customer service support, data storage, and analysis.
• Our professional advisors acting as controllers including lawyers, auditors, insurers and consultants who provide legal, accounting, insurance and similar services.
• Third party partners where you have expressly subscribed to receive marketing from or with them [where applicable].
• Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
• HM Revenue and Customs, regulators, law enforcement, public authorities or other third parties acting as controllers based in the UK where necessary to exercise our rights or comply with a legal obligation.

International transfers

Whenever we transfer your personal data out of the UK/EEA we ensure a similar degree of protection is afforded to it by ensuring at least one appropriate safeguard is implemented.

Please contact us using the contact details above if you want further information on the specific mechanism used by us when transferring your personal data out of the UK/EEA.

In particular, personal data is transferred to the United States for processing by our infrastructure, email, and push notification providers. These transfers are protected by Standard Contractual Clauses approved by the UK Information Commissioner.

Data security

All information you provide to us is stored on our secure servers and located in the UK/EEA. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our App or Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Once we have received your information, we will use strict procedures and security features to protect your personal data from loss, unauthorised use or access.

Our Service includes social networking. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users. We have put in place procedures to detect and respond to personal data breaches and notify you and any applicable regulator when we are legally required to do so.

Data retention

By law we have to keep basic information about our customers (including Contact, Identity, Security and Transaction Data) for six years after they cease being customers for tax and other purposes.

In some circumstances you can ask us to delete your data: see Your legal rights below for further information.

Once we no longer have a legal right to hold your personal data, we will delete or, in some circumstances, we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

If you do not use the App for a period of 12 months then we will treat the account as expired and will delete your personal data.

Account + Data Deletion

You can request deletion of your PACER account and the data associated with it at any time, directly from inside the app.

How to delete your account from the app

1. Open the PACER app and sign in.
2. Open the **Profile** tab (bottom navigation).
3. Press on the Profile Settings option
4. Tap **Delete account**.
5. Read the consequences screen and tap **Continue**.
6. Optionally select a reason for leaving, then tap **Delete my account**.
7. Confirm in the dialog. Your account is then immediately scheduled for deletion and you are signed out.

If you own a club that has other members, or you organise a future event with other participants, you will be asked to either transfer ownership to another member or delete that club/event before your account deletion can be scheduled. The app guides you through this.

‍
How to delete your account if you cannot access the app

If you have lost access to your account (for example, you no longer have access to your sign-in email), contact us at **support@pacertrain.com** from the email address associated with your PACER account, using the subject line"Account deletion request". We will process your request within 30 days.

What happens immediately

As soon as you confirm deletion:

• Your profile is hidden - it stops appearing in matching, discovery, search, and to other users in clubs or events.
• All of your matches and the entire chat history associated with them are permanently deleted from our chat database. This is not reversible, even if you later restore your account.
• Your registered push notification devices are removed, so we stop sending notifications to your devices.
• You are signed out of the app on this device.

The 30-day grace period

For 30 days after you request deletion, your account is held in a deactivated state but not yet permanently erased. During this window:

• You can restore your account simply by signing back in with the same email address in the PACER app. Your profile, sport preferences, integrations, club memberships, and event participations are restored.
• Restored accounts **do not** recover matches or chat history — those were permanently deleted at the moment you requested deletion (see above).

What is permanently deleted after 30 days

When the 30-day grace period ends, your account is hard-deleted by an
automated scheduled job. The following data is permanently erased and is no longer recoverable:

• Your user profile (name, profile photos, bio, gender, date of birth, sport preferences, fitness level, location).
• Your sign-in credentials (your Firebase Authentication user record).
• Your club memberships, event participations, partnerships, training-partner preferences, and any other records linked to your user ID in our database.
• Any connected third-party integration tokens (for example, Strava).
• Any remaining matches or chats that may have been created during the grace period.

What we retain after deletion, and why

After your account is permanently erased we retain a small, internal auditrecord containing only:

• Your former user identifier
• The date you requested deletion
• The deletion reason you selected (if any)
• Aggregate counts of matches, clubs, and events removed
• The date the deletion was completed

‍

We keep this record to comply with legal obligations, to investigate fraud or abuse, and to demonstrate to regulators that deletion requests were honoured. It does not contain your profile content, messages, photos, contact details, or location.

Separate from this flow

Accounts that have not been used for 12 months are also automatically deleted, as described under "Data retention" above. That process deletes the same categories of data as the 30-day purge described here.

Your legal rights

You have the following rights under data protection laws in relation to your personal data.

• Access. Request access to and/or a copy of the personal data we process about you (commonly known as a data subject access request). This enables you to check that we are lawfully processing it. [Request access to your personal data.]
• Correction. Request correction of any incomplete or inaccurate data we hold about you. (We may need to verify the accuracy of the new data you provide to us.) [Request correction of your personal data.]
• Deletion. Request us to delete or remove personal data where there is no good reason for us continuing to process it. You also can ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we have processed your information unlawfully or where we need to erase your personal data to comply with law. (In some cases, we may need to continue to retain some of your personal data where required by law. If these apply, we will notify you at the time of our response.) [Request erasure of your personal data.]
• Objection. Object to us processing your personal data where (a) we are relying on legitimate interests as the lawful basis and you feel the processing impacts on your fundamental rights and freedoms, or (b) the processing is for direct marketing purposes. In some cases, we may refuse your objection if we can demonstrate that we have compellinglegitimate grounds to continue processing your information which override your rights and freedoms. [Object to processing of your personal data.]
• Restriction. Request that we restrict or suspend our processing of your personal data:
  
  • if you want us to establish the data's accuracy;
  • where our use of the data is unlawful, but you do not want us to erase it;
  • where we no longer require it, but you need us to hold onto it to establish, exercise or defend legal claims; or
  • you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.[Request restriction of processing your personal data.]
• Data portability. Request we transfer certain of your personal data to you or your chosen third party in a structured, commonly used, machine-readable format. This right only applies to information processed by automated means that we process on the lawful bases of consent or performance of a contract. [Request transfer of your personal data.]
• Withdraw consent. Withdraw your consent at any time where we are relying on consent to process your personal data. Please know that this does not affect the lawfulness of any processing carried out before you withdraw your consent, and after withdrawal, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. [Right to withdraw consent.]
• Complain to the UK data protection regulator. If you are unhappy with how we process your personal data, you should contact us first using the details below in line with our complaints procedure so that we have the chance to put it right. However, you also have the right to make a complaint to the ICO at any time.

You can exercise any of these rights at any time by contacting us at support@pacertrain.com.

You can also use the [Cookies banner] to give or withdraw your consent to or disable our processing of your Cookies Data, or your Account or your local device settings to give or withdraw your consent to or disable our processing of your Location Data.

Description of categories of personal data

• Identity Data: first name, last name, gender, title, date of birth and Profile Data.
• Contact Data: first name, last name, contact address, email address and telephone numbers, your communication preferences and copies of the communications between you and us.
• Profile Data: your email address, username and password.
• Transaction Data: billing address, payment card details, history of your payments.
• Device Data: the type of device you use, your unique device identifier, mobile network information, your mobile operating system, the type of mobile browser you use and IP address.
• Content Data: information that you store in the App, being profile information (sport, pace, goals), event posts, direct messages, training preferences, Strava-synced activity data, profile photos, match history and club memberships.
• Usage Data: logs and detail of your use of our Apps and Services, being the dates and times on which you download, access and update the App and our Services, any error or debugging information; the resources that you access; and the actions we and you take in relation to them and Cookies Data.
• Security Data: information we collect about your use of the App, our Services and our Sites in order to ensure your and our other users' safety and security, being Usage Data, Cookies Data and the information provided to us by our payment processing provider.
• Cookies Data: the information collected through the cookies and similar technologies listed in our Cookies Notice available here [LINK].
• Direct Marketing Data: your direct marketing preferences, consents for receiving direct marketing from us and/or our third parties and the history of the direct marketing communications we have sent to you.
• Location Data: your current location as disclosed by GPS technology WiFi connections, your IP address or other technology for the time period where you have permitted us to collect it.
• Connected Data: information stored on your Device that you permit the App to connect to, being Contacts lists, Strava and Garmin activity data including heart rate, physiological metrics, pace, distance and training history.
• Social Media Data: your social media account information.
• Feedback Data: your feedback and survey responses.