Try free Demo Login Order

Privacy Policy for MOM System

Last updated: 26th November 2025

This Privacy Policy explains how we process personal data when you use the MOM System (the “App”) and the website www.mom-system.com (the “Website”).

We take data protection seriously and process your personal data in accordance with the EU General Data Protection Regulation (“GDPR”) and applicable Swiss data protection law.

1. Data Controller

The controller responsible for the processing of your personal data is:

RGMMC Group
Stadelistrasse 5
7317 Valens
Switzerland
Registration number: CHE288113437

Email: info@mom-system.com

If you have any questions about this Privacy Policy or about how we process your data, you can contact us at the above details.

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  • Visitors to www.mom-system.com, and
  • Users of the MOM System App, in particular race organizers and participants whose data is entered into event registration / sign-up forms.

3. What personal data we process

We process the personal data that is entered into the MOM System in connection with motorsport race events as well as data generated when you access our Website.

3.1 Data entered into event registration forms

When organizers create events and participants sign up, the following categories of data may be processed (depending on the specific form and event):

  • Identification data (e.g. first name, last name)
  • Contact data (e.g. email address, phone number, country)
  • Event-related data (e.g. race category, team, vehicle details, licence number or similar information required for participation)
  • Other information requested by the organizer that is necessary for the planning and execution of the event.

These data are entered either by the event organizer or directly by the participants (or their representatives, e.g. legal guardians).

3.2 Technical data when using the Website / App

When you access our Website or App, we may process in particular:

  • IP address
  • Date and time of request
  • URL accessed
  • HTTP status code
  • Browser type and version
  • Operating system and interface

These data are typically stored in log files on the server for security and operational purposes.

4. Purposes and legal basis of processing

We process personal data only where we have a valid legal basis under the GDPR.

4.1 Organizing and managing events

We use the data entered into the event registration forms to:

  • Create and manage events
  • Register participants for events
  • Communicate with organizers and participants about events (e.g. confirmations, changes, cancellations, race-related information)
  • Create start lists, result lists and similar event documentation
  • Fulfil our contractual obligations towards event organizers and participants

Legal basis (Art. 6(1) GDPR):

  • Performance of a contract or steps taken prior to entering into a contract (Art. 6(1)(b) GDPR), where we process data to handle registrations and participation in events; and
  • Legitimate interests (Art. 6(1)(f) GDPR), where we process data to ensure proper organization, documentation and security of the events and our services.

4.2 Operation and security of the Website and App

We process technical data and log files to:

  • Ensure the secure and stable operation of our Website and App
  • Detect and prevent misuse or attacks
  • Perform basic performance and error monitoring

Legal basis:

Legitimate interests (Art. 6(1)(f) GDPR) in ensuring IT security and the proper functioning of our services.

4.3 Communication

If you contact us by email or via a contact form, we process your data to handle your enquiry.

Legal basis:

  • Legitimate interests (Art. 6(1)(f) GDPR) in responding to enquiries, or
  • Performance of a contract (Art. 6(1)(b) GDPR) where the enquiry relates to an existing contractual relationship.

4.4 No use for unrelated marketing without consent

We do not use the event registration data for unrelated marketing purposes without a separate legal basis or your consent. If we intend to use your data for direct marketing, we will inform you separately and, where required, request your prior consent (Art. 6(1)(a) GDPR).

5. Data retention

We store personal data from event registration forms for up to one (1) year after the relevant event or registration, unless we are legally obliged to retain it for a longer period or need it to establish, exercise or defend legal claims.

After this period, personal data is either deleted or irreversibly anonymised.

Technical and log data may be stored for a shorter period (typically a few weeks or months), unless a security incident or other legal necessity requires longer storage.

6. Cookies and similar technologies

6.1 Session cookie (PHPSESSID or similar)

Our Website and App use only technically necessary cookies. In particular, we use a session cookie (commonly named PHPSESSID or a similar identifier) to:

  • Maintain your session while you navigate through the Website/App
  • Ensure that certain functions (e.g. login, form submission) work correctly

This cookie:

  • Is a first-party cookie
  • Does not track you across other websites
  • Is stored only for the duration of your session and is typically deleted when you close your browser

Because this cookie is strictly necessary for the operation of the Website and App, it is used without requiring your prior consent. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR) in providing a functional and secure service.

6.2 No tracking / analytics cookies

We do not use any analytics, tracking or advertising cookies (e.g. Google Analytics, Meta Pixel, etc.) on www.mom-system.com or in the MOM System.

You can configure your browser to block cookies. However, if you block the session cookie, some features of the Website or App may not function properly.

7. Recipients and data sharing

We share personal data only where necessary and on the basis of a legal justification.

Possible recipients include:

  • Event organizers: Organizers who use the MOM System to manage events have access to the data related to their events in order to organize and run them.
  • Service providers (processors): We may engage IT hosting, maintenance or support providers who process personal data on our behalf and under our instructions. These providers are contractually bound to confidentiality and data protection (Art. 28 GDPR).
  • Authorities and courts: Where required by law or necessary to protect our rights, we may disclose data to public authorities, regulators or courts.

We do not sell or rent your personal data to third parties.

8. International data transfers

RGMMC Group is based in Switzerland. Switzerland is recognised by the European Commission as providing an adequate level of data protection, meaning that transfers of personal data from the EU / EEA to Switzerland are generally permitted under the GDPR.

If, in exceptional cases, we use service providers outside Switzerland or the EU/EEA, we will ensure that appropriate safeguards are in place (e.g. standard contractual clauses approved by the European Commission) or that another legal basis for the transfer exists.

9. Your rights under the GDPR

If you are in the EU/EEA or the GDPR applies to you, you have the following rights in relation to your personal data, subject to the conditions and limitations set out in the GDPR:

  • Right of access (Art. 15 GDPR): You can request information about whether we process your personal data and obtain a copy of that data.
  • Right to rectification (Art. 16 GDPR): You can request that inaccurate or incomplete personal data be corrected.
  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR): You can request the deletion of your personal data, for example if it is no longer needed for the purposes for which it was collected.
  • Right to restriction of processing (Art. 18 GDPR): You can request that we restrict the processing of your data in certain circumstances.
  • Right to data portability (Art. 20 GDPR): You can request that we provide certain data in a structured, commonly used and machine-readable format, or transfer it to another controller.
  • Right to object (Art. 21 GDPR): You have the right to object to processing based on our legitimate interests, on grounds relating to your particular situation. Where we process data for direct marketing, you may object at any time.
  • Right to withdraw consent (Art. 7(3) GDPR): If processing is based on your consent, you may withdraw that consent at any time with effect for the future.

To exercise your rights, please contact us using the contact details set out in Section 1. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU/EEA Member State of your habitual residence, your place of work or the place of the alleged infringement.

10. Data deletion on request

In addition to automatic deletion after one year (see Section 5), you may request deletion of your personal data at any time, provided there is no legal obligation or overriding legitimate interest that requires us to retain it.

To request deletion (or to exercise any other rights), please contact us via email at info@mom-system.com. We may need to verify your identity before processing your request.

11. Data security

We take appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures are reviewed and improved regularly in line with technological developments.

However, no method of transmission over the internet or method of electronic storage is entirely risk-free, so we cannot guarantee absolute security.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example if we introduce new features or if legal requirements change. The current version is always available at www.mom-system.com.

If we make significant changes, we will inform you in an appropriate manner (for example via the Website or within the App).