Pacer Terms of Service and Privacy: https://www.mypacer.com/termsofservice/
Pacer for Teams Admin Terms of Service: https://www.mypacer.com/teams/terms_of_service
Briefly describe the service you provide to Customers.
- Pacer for Teams is a platform for creating and managing online virtual fitness challenges. The Pacer for Teams platform allows challenge administrators the ability to publish fitness challenges and manage participants.
- Participants use the Pacer app (for Android or iOS) to join challenges, record their fitness data (steps, distance, calories, active time) and automatically upload that data to their fitness challenges.
Does the supply involve the processing of personal data of any of our customers, employees, or third parties managed by the Organization?
- Yes, the services in question require the processing of data that is considered personal data for participants and challenge administrators.
- Personal data includes email addresses and smartphone device identifiers.
What are you doing with the steps and names data, what are you using it for, how is the data processed?
- We store the data on our servers and display it in-app based on a User's permission.
- Any API Integration with Apple Health or another 3rd party app or wearable requires explicit consent by the User.
- In regards to a User's Email & Name, we do not share it anywhere. If a User contacts Pacer Support, their email would be used to track the case in the Zendesk customer service platform.
What is the physical location of the personal data? Where is it stored? Ex. Stored on paper, locally e.g. database or document on a user’s PC, on a cloud provider, on a USB stick.
- On a User's device, though we don't have direct access to it.
- All additional data is stored on Amazon Cloud Services in the United States at two different Data Centers.
- We follow the industry-standard practice of database management.
In the light of the GDPR, are you responsible for data processing, subcontractor, or other within the scope of the services in question?
- We are responsible for data processing.
Who are the owners of the data you process?
- Pacer for Teams administrators owns the data related to their Pacer for Teams organization and challenge.
- Participants own their own account data.
Do you access, consult, or export the aforementioned personal data to your IT systems or applications?
- In order to deliver our services, the aforementioned data are stored/processed on our cloud services, which are based in the US.
Are the personal data referred to above treated anonymous (i.e. do not allow the identification of a singular person)? In what molds is it processed?
- No. The personal data referred to above are not anonymous.
What kind of technical and organizational security measures are in place for the processing activity?
- Data itself is not encrypted in storage, but access to databases is encrypted.
- All API access uses https encryption.