Privacy Policy

1. Scope

This policy describes our practices for personal information and certain non-personal data. If you use PlayrbookGA on behalf of a school, club, or employer, that organization’s policies may also apply; you should direct institutional questions to your administrator.

2. Information we collect

2.1 You provide directly

• Account & profile: name, email address, password (stored securely), organization or team name where applicable, and preferences you set in the product.
• Billing: payment-related details are processed by our payment partners (e.g., Stripe); we typically receive limited billing metadata (e.g., last four digits, subscription status), not full card numbers stored on our servers.
• Support & communications: messages you send us, including email or in-product support content.

2.2 Customer Data you upload

You may upload game or performance data (for example, CSV files) and related files. That data may include player or personnel identifiers present in your files. You control what you upload and are responsible for lawful collection and use under team, league, or institutional rules.

2.3 Automatically collected

• Device & usage: IP address, browser type, device identifiers, approximate location derived from IP, pages viewed, and feature usage to operate and improve the Services and security.
• Cookies & similar technologies: we use cookies or local storage for session management, preferences, analytics on our marketing site, and fraud prevention. You can control cookies through browser settings.

3. How we use information

We use information to:

• Provide, maintain, and improve the Services (including mapping, dashboards, and analytics features);
• Create and manage your account, authenticate users, and process subscriptions;
• Send transactional messages (e.g., verification, receipts, security alerts) and, where permitted, product updates;
• Detect, prevent, and respond to abuse, fraud, or security incidents;
• Comply with law and enforce our Terms; and
• Generate aggregated or de-identified insights that do not identify you, for analytics and product improvement.

4. Legal bases (EEA/UK users)

Where GDPR applies, we process personal data on the basis of: performance of a contract, legitimate interests (e.g., securing the Services, improving features, fraud prevention—balanced against your rights), consent where required (e.g., certain marketing cookies), and legal obligation.

5. Sharing & disclosure

We do not sell your personal information. We may share information with:

• Service providers who assist us (hosting, email, payments, analytics), bound by confidentiality and processing terms;
• Professional advisers where required (lawyers, auditors); and
• Authorities when required by law, legal process, or to protect rights, safety, and security.

If we are involved in a merger, acquisition, or asset sale, we will provide notice and treat your information consistently with this Policy and applicable law.

6. International transfers

We may process information in the United States and other countries where we or our providers operate. Where we transfer personal data from the EEA, UK, or Switzerland, we use appropriate safeguards (such as Standard Contractual Clauses) as required by law.

7. Retention

We retain information as long as your account is active or as needed to provide the Services, comply with law, resolve disputes, and enforce agreements. Customer Data may be deleted or anonymized when you delete content or close your account, subject to backup and legal retention periods.

8. Security

We implement technical and organizational measures designed to protect information (including encryption in transit where appropriate, access controls, and monitoring). No method of transmission over the Internet is 100% secure; we cannot guarantee absolute security.

9. Your rights & choices

Depending on your location, you may have rights to access, correct, delete, or export personal information; object to or restrict certain processing; withdraw consent where processing is consent-based; and lodge a complaint with a supervisory authority. To exercise rights, contact us through your account or our published contact methods. We may verify your request as permitted by law.

California (CCPA/CPRA): California residents may have additional rights (e.g., to know categories of personal information collected, to delete, to opt out of “sale” or “sharing” for cross-context behavioral advertising—we do not sell personal information in the traditional sense). You may designate an authorized agent where allowed by law.

10. Children

The Services are not directed to children under 13 (or the age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps.

11. Third-party links

Our site may link to third-party websites. We are not responsible for their privacy practices; please review their policies.

12. Changes to this Policy

We may update this Privacy Policy from time to time. We will post the new version and change the “Last updated” date. Material changes may be communicated by email or in-product notice where appropriate.

13. Contact

For privacy questions or requests, contact us through the support options in your PlayrbookGA account or via the contact method published on our website. For data protection inquiries in the EU/UK, you may also contact our representative if we publish one.