๐ Privacy at a Glance
We collect only what's needed to run your facility on Sportango. We never sell your data. We never take hidden fees from your payment volume. Your members' data belongs to your facility. You can export or delete it anytime. We're GDPR and CCPA compliant.
Sportango, Inc. ("Sportango," "we," "us," or "our") operates the sportango.com website and the Sportango platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our platform.
1. Information We Collect
1.1 Information You Provide
We collect information you provide directly when you create an account, set up a facility, register as a member, or contact us. This includes:
- Account information: Name, email address, phone number, password
- Facility information: Facility name, address, court configurations, operating hours
- Member profiles: Name, contact information, sport ratings (NTRP, UTR, DUPR), fitness assessments
- Payment information: Processed securely via Stripe โ we never store card numbers
- Communication data: Messages, support tickets, feedback
1.2 Information Collected Automatically
- Usage data: Features used, pages visited, booking patterns, session duration
- Device information: Browser type, operating system, device identifiers
- Log data: IP addresses, access timestamps, referring URLs
| Data Category | Examples | Purpose | Retention |
|---|---|---|---|
| Account | Name, email, phone | Authentication, communication | Duration of account |
| Facility | Name, courts, settings | Platform configuration | Duration of subscription |
| Booking | Reservations, attendance | Service delivery, analytics | 3 years after creation |
| Payment | Transaction records | Billing, financial reporting | 7 years (legal requirement) |
| Fitness/Ratings | NTRP, UTR, assessments | Member development tracking | Duration of membership |
| Analytics | Usage patterns, clicks | Product improvement | 24 months |
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Sportango platform
- Process bookings, enrollments, and payments
- Send transactional communications (confirmations, reminders, receipts)
- Provide customer support and respond to inquiries
- Generate analytics and reports for facility operators
- Track member ratings and development across sports
- Detect fraud and ensure platform security
- Comply with legal obligations
We never use your data to show advertising. We never sell your personal information. We never share member data between facilities without explicit consent.
3. Information Sharing
We share your information only in these limited circumstances:
- With your facility: Member data is accessible to the facility administrators, coaches, and trainers you're associated with
- Payment processor (Stripe): To process payments securely via Stripe Connect
- Authentication provider (Kinde): To manage secure sign-in and access control
- Cloud infrastructure (Google Cloud): To host and deliver the platform
- Analytics (PostHog): Anonymized usage data for product improvement
- Legal compliance: When required by law, subpoena, or court order
Your facility owns its data. Sportango is a data processor, not a data controller, for member information. You can export all your data at any time in standard formats (CSV, JSON). If you cancel your subscription, we retain your data for 90 days before permanent deletion โ unless you request immediate deletion.
4. Data Storage & Transfer
Your data is stored on Google Cloud Platform servers located in the United States. We employ industry-standard encryption both in transit (TLS 1.3) and at rest (AES-256). For international users, data transfers are protected under Standard Contractual Clauses (SCCs) for GDPR compliance.
5. Your Rights
Depending on your location, you have rights regarding your personal information:
| Right | Description | GDPR | CCPA |
|---|---|---|---|
| Access | Request a copy of your personal data | โ | โ |
| Correction | Update inaccurate information | โ | โ |
| Deletion | Request erasure of your data | โ | โ |
| Portability | Export your data in machine-readable format | โ | โ |
| Restriction | Limit processing of your data | โ | โ |
| Objection | Object to certain processing activities | โ | โ |
| Non-discrimination | No penalty for exercising your rights | โ | โ |
To exercise any of these rights, contact us at privacy@sportango.com. We respond to all requests within 30 days.
6. Cookies & Tracking
We use cookies and similar technologies for authentication, preferences, and analytics. We use PostHog (privacy-first, cookieless analytics) and Google Analytics 4. You can manage cookie preferences through your browser settings or our cookie banner.
7. Children's Privacy
Sportango is designed for use by facility operators, staff, and adult members. When facilities manage accounts for minors (under 18), parental consent is required per COPPA requirements. Minors' data receives enhanced protections including restricted visibility and additional access controls.
8. Data Security
We implement comprehensive security measures including:
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for data at rest
- PCI-DSS Level 1 compliance via Stripe (no card data stored)
- Multi-factor authentication via Kinde
- Role-based access control (RBAC) at facility and sport level
- Regular security audits and penetration testing
- SOC 2 Type II certification (in progress)
9. Changes to This Policy
We may update this Privacy Policy periodically. When we make material changes, we will notify you by email and update the "Last Updated" date. Continued use of Sportango after changes constitutes acceptance of the updated policy.
10. Contact Us
For privacy-related questions, data requests, or concerns:
- Email: privacy@sportango.com
- Mail: Sportango, Inc., Attn: Privacy, Austin, TX 78701
- Response time: Within 30 days for all formal requests