Privacy Policy

We collect information you provide directly:

• Account data: email address, name, password (bcrypt-hashed), country, plan tier
• Google OAuth data: if you sign in with Google, we receive your Google account email and name — no password is stored
• Newsletter subscription: email address and an unsubscribe token if you opt in to the weekly digest
• Usage data: predictions made, matches viewed, features used, daily prediction count
• Payment data: processed entirely by PayPal — we store only the PayPal subscription/order ID and status, never card details

We also collect data automatically:

• IP address and approximate location (country-level, used for rate limiting and geo-detection)
• Browser type and device information
• Pages visited and session activity

We use your data to:

• Provide and improve the Service and its prediction models
• Authenticate your account (email/password or Google OAuth) and maintain sessions via JWT
• Process subscription payments through PayPal
• Send transactional emails (password reset, account confirmations) via Resend
• Send the weekly digest email if you opted in (see Section 3)
• Enforce daily prediction limits by plan tier
• Comply with legal obligations

We do not use your data for advertising profiling, behavioural targeting, or sell it to third parties.

We send two types of emails:

• Transactional emails (always sent): password reset links, account-related notifications. These are necessary to operate the Service and cannot be opted out while your account is active.
• Weekly digest (opt-in only): "Ivy's Top Picks This Week" — 3 upcoming match predictions sent once a week. You can subscribe during registration or by contacting us, and unsubscribe at any time via the one-click link in every digest email.

All emails are sent from noreply@footballpredictor.app via Resend. We never share your email address with marketing partners.

We share data only with the following third-party processors, under data processing agreements:

• PayPal — payment processing; subject to PayPal's Privacy Policy
• Resend — transactional and digest email delivery
• Vercel — frontend hosting and CDN
• Railway — backend API hosting
• Google — OAuth login (only if you choose to sign in with Google)

We will disclose data if required by law or to protect our legal rights, and will notify you where permitted to do so.

We use the following cookies and browser storage:

• auth-token (HTTP-only cookie, essential) — stores your refresh token to keep you signed in across sessions
• ivy-theme (localStorage, preference) — remembers your dark/light theme choice

We do not use third-party advertising trackers or behavioural analytics cookies. There are no Google Analytics, Meta Pixel, or similar trackers on this Service.

We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where required by law (e.g., billing records may be retained for up to 7 years per tax regulations).

Newsletter subscriber data (email + unsubscribe token) is retained until you unsubscribe. Unsubscribed records are soft-deleted (unsubscribed_at timestamp set) and purged within 90 days.

If you are located in the EU/EEA or UK, you have the right to:

• Access — request a copy of your personal data
• Rectification — correct inaccurate data
• Erasure — request deletion of your data ("right to be forgotten")
• Portability — receive your data in a machine-readable format
• Objection — object to processing based on legitimate interests
• Restriction — request restriction of processing
• Withdraw consent — unsubscribe from the newsletter at any time

To exercise any of these rights, email privacy@footballpredictor.app. We respond within 30 days.

We protect your data using industry-standard measures:

• HTTPS/TLS encryption for all data in transit
• Bcrypt password hashing (passwords are never stored in plaintext)
• JWT access tokens stored in memory only (not localStorage) to mitigate XSS
• Refresh tokens stored in HTTP-only cookies
• Redis-based rate limiting on sensitive endpoints

No system is 100% secure. If you discover a vulnerability, please disclose it responsibly to security@footballpredictor.app.

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us immediately at privacy@footballpredictor.app.