Privacy Policy

Effective date: May 2, 2026

1. Who We Are

MotoLink ("MotoLink", "we", "us", or "our") operates the website and platform at motolink.com. This Privacy Policy explains how we handle information you provide or that we collect when you use our services.

2. Information We Collect

  • Account data — name, email address, password (hashed with bcrypt, never stored in plaintext), and role (rider or brand).
  • Profile data — race numbers, class, racing series, location (state/region), bio, bike details, social media handles, and race results you choose to add.
  • Usage data — pages visited, profile view counts, and search queries, used to improve the platform.
  • Communications — messages sent through our contact form.

3. How We Use Your Information

  • To operate and maintain your account and profile.
  • To match riders with relevant sponsorship opportunities.
  • To send transactional emails (account confirmation, application updates).
  • To detect and prevent fraud, abuse, or security incidents.
  • To improve platform features based on aggregated usage patterns.

We do not sell your personal data to third parties.

4. Data Sharing

Rider profiles are visible to logged-in brand accounts so they can evaluate sponsorship applicants. You control which fields appear on your public profile. We share data with the following service providers solely to operate the platform:

  • Neon (PostgreSQL) — database hosting
  • Vercel — application hosting and CDN
  • Upstash (Redis) — rate limiting

5. Cookies

We use a single session cookie issued by NextAuth.js to keep you logged in. We do not use advertising or tracking cookies. You can clear this cookie at any time through your browser settings, which will log you out.

6. Data Retention

We retain your account data for as long as your account is active. You may request deletion of your account and associated data at any time by emailing us at privacy@motolink.com. Backups may retain data for up to 30 days after deletion.

7. Security

Passwords are hashed using bcrypt (cost factor 12) and never stored or transmitted in plaintext. All traffic is encrypted via HTTPS. We implement rate limiting on authentication endpoints to prevent brute-force attacks.

8. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, or delete your personal data. To exercise these rights, contact us at privacy@motolink.com. We will respond within 30 days.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be notified via email or a prominent notice on the platform at least 14 days before they take effect. Continued use of MotoLink after that date constitutes acceptance.

10. Contact

Questions about this policy? Email privacy@motolink.com or use our contact form.