Introduction

Welcome to Playmakers Edge ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our sports analytics and data platform.

This Privacy Policy applies to all users of our website, mobile applications, and services (collectively, the "Services"). By using our Services, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Categories of Personal Information (CCPA)

In the past 12 months, we have collected the following categories:

Information You Provide Directly

• Identifiers: Real name, email address, username, account credentials
• Commercial Information: Purchase history, subscription details, credit usage
• Financial Information: Payment card details, billing address (tokenized via Stripe)
• Internet Activity: Browsing history within our platform, interaction with features
• Geolocation Data: Approximate location based on IP address (for compliance)
• Professional Information: Optional profile details you provide
• Communications: Support tickets, feedback, survey responses

Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers, mobile network information
• Usage Data: Pages visited, features used, time spent, click patterns, search queries
• Analytics Data: Performance metrics, error logs, usage patterns, session recordings (anonymized)
• Cookies and Similar Technologies: Session cookies, preference cookies, analytics cookies (see Cookie Policy)
• Inferences: User preferences and interests drawn from usage patterns

Sources of Information

• Direct Interactions: Account registration, purchases, support communications
• Automated Technologies: Cookies, pixels, server logs, analytics tools
• Third-Party Services:
  • Google OAuth (authentication)
  • Stripe (payment processing)
  • Google Analytics (usage analytics)
  • Sports Data APIs (CFBD, ESPN - no personal data)

Sensitive Personal Information

We do NOT collect:

• Social Security numbers
• Driver's license numbers
• Biometric data
• Health information
• Precise geolocation
• Racial or ethnic origin
• Religious beliefs

How We Use Your Information

Purposes of Collection and Use

We process your personal information for the following business purposes:

Service Operations

• Platform Functionality: Providing access to sports analytics, simulations, and data tools
• Account Management: Creating, maintaining, and securing your account
• Payment Processing: Managing subscriptions, credit purchases, and billing
• Customer Support: Responding to inquiries, resolving issues, providing assistance

Security and Compliance

• Age Verification: Ensuring users meet minimum age requirements (18+ generally, 21+ where required)
• Geo-Compliance: Verifying location for regulatory compliance
• Fraud Prevention: Detecting and preventing unauthorized access or fraudulent transactions
• AML/KYC Compliance: Meeting anti-money laundering and know-your-customer obligations
• Legal Obligations: Complying with laws, regulations, and legal processes

Analytics and Improvements

• Usage Analytics: Understanding how users interact with our platform
• Performance Monitoring: Identifying and fixing technical issues
• Product Development: Improving existing features and developing new ones
• Personalization: Customizing your experience based on preferences

Marketing and Communications

• Service Communications: Sending essential updates about your account or service
• Marketing Messages: With consent, sending promotional content (opt-out available)
• Survey and Feedback: Requesting input to improve our services

Legal Basis for Processing (GDPR)

For EU/UK users, we rely on the following legal bases:

• Contract Performance: Processing necessary to provide our services
• Legal Obligations: Processing required by law
• Legitimate Interests: Analytics, security, fraud prevention, and service improvements
• Consent: Marketing communications and optional features
• Vital Interests: Protecting health and safety in emergency situations

Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

• Service Providers:
  • Stripe (payment processing)
  • Google Cloud (hosting and infrastructure)
  • SendGrid (email communications)
  • Google Analytics (usage analytics)
• Legal Requirements: When required by law, court order, or governmental request
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Consent: With your explicit consent for specific purposes

Data Retention

We apply the principle of data minimization and retain information only as long as necessary:

Retention Periods

Data Type	Retention Period
Account Data	Active duration plus 90 days after account closure
Transaction Records	7 years (legal/tax requirements)
Usage Analytics	24 months
Marketing Data	6 months after last interaction (unless consent renewed)
Support Communications	3 years
Security Logs	12 months
Cookies	See Cookie Policy for specific durations

Retention Criteria

We determine retention periods based on:

• Legal and regulatory requirements
• Contractual obligations
• Legitimate business needs
• User consent and preferences

Deletion and Anonymization

After retention periods expire, we either:

• Permanently delete the data
• Anonymize it for statistical purposes
• Archive it securely if required by law

Your Rights (GDPR/CCPA)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a portable format
• Object: Object to certain processing activities
• Restrict: Request restriction of processing
• Withdraw Consent: Withdraw previously given consent

California Residents (CCPA)

California residents have additional rights including:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell data)
• Right to non-discrimination for exercising privacy rights

EU/UK Residents (GDPR)

EU and UK residents have rights under GDPR including:

• Right to lodge a complaint with supervisory authorities
• Right to know the legal basis for processing
• Right to be informed of automated decision-making

Data Security

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

• Encryption: End-to-end encryption for data in transit (TLS 1.3) and at rest (AES-256)
• Tokenization: Payment information tokenized through PCI-compliant processors
• Access Controls: Role-based access control (RBAC) with principle of least privilege
• Multi-Factor Authentication: Required for all user accounts
• Infrastructure Security: Cloud infrastructure with SOC 2 compliance

Operational Security

• Security Testing: Regular vulnerability assessments and penetration testing
• Monitoring: 24/7 security monitoring and intrusion detection
• Incident Response: Documented incident response and breach notification procedures
• Patch Management: Regular security updates and infrastructure patching
• Disaster Recovery: Automated backups and tested recovery procedures

Organizational Measures

• Employee Training: Regular data protection and security awareness training
• Background Checks: Security screening for employees with data access
• Confidentiality Agreements: All staff bound by strict confidentiality obligations
• Vendor Management: Security assessments for all third-party processors
• Security Audits: Annual third-party security assessments and certifications

Age Verification and Responsible Use

Minimum Age Requirements

• General Use: Users must be at least 18 years old
• Betting-Related Features: Users must be 21+ in jurisdictions where sports betting is regulated
• Verification: We may verify age through third-party services to ensure compliance

Responsible Gambling Support

While we provide analytics and not direct betting services, we support responsible gambling:

• Links to problem gambling resources
• Self-exclusion options upon request
• Usage monitoring for concerning patterns
• Cooperation with responsible gambling organizations

Sports Betting Compliance

Jurisdictional Requirements

While Playmakers Edge does not facilitate sports betting, we recognize that our analytics may be used by individuals who engage in legal sports wagering. We implement the following measures:

• Geo-Verification: We verify user location to ensure compliance with local laws
• Age Verification: Strict 18+ requirement (21+ in certain jurisdictions)
• Restricted Access: We block access from jurisdictions where sports analytics services may be prohibited
• Compliance Monitoring: Regular reviews of changing regulations across jurisdictions

Responsible Gaming Support

Although we are not a gambling operator, we support responsible gaming practices:

• Educational resources about responsible sports wagering
• Links to problem gambling helplines and resources
• Option to self-exclude from our services
• No promotion of illegal gambling activities
• Clear disclaimers that past performance does not guarantee future results

Data Use Restrictions

We explicitly prohibit:

• Use of our data for illegal gambling activities
• Sharing of data with unlicensed gambling operators
• Creation of automated betting systems using our APIs
• Any activity that violates local gambling laws

Children's Privacy

Our service is strictly prohibited for users under 18 years of age. We do not knowingly collect personal information from minors. If we discover a user is under 18, we will:

• Immediately terminate the account
• Delete all associated personal information
• Notify relevant authorities if required

Automated Decision-Making and Profiling

Analytics and AI Usage

We use automated systems for:

• Performance Analytics: Analyzing player and team statistics
• Simulation Models: Running game simulations based on data
• Usage Patterns: Understanding platform usage for improvements
• Fraud Detection: Identifying potentially fraudulent activity

Your Rights Regarding Automated Processing

Under GDPR, you have the right to:

• Request human review of automated decisions
• Object to profiling for marketing purposes
• Understand the logic behind automated decisions
• Opt-out of certain automated processing

Our automated systems do NOT make decisions about:

• Account eligibility or termination
• Pricing or credit limits
• Legal or similarly significant effects

International Data Transfers

Transfer Mechanisms

Your data may be transferred to and processed in the United States. We ensure appropriate safeguards through:

• EU-U.S. Data Privacy Framework: For transfers from EU/UK to U.S.
• Standard Contractual Clauses: With third-party processors
• Adequacy Decisions: Where applicable
• Your Consent: For certain optional transfers

Data Localization

We store data in the following locations:

• Primary servers: United States (Google Cloud)
• Backup systems: Multiple geographic regions
• CDN caching: Global distribution for performance

Contact Information

For privacy-related inquiries or to exercise your rights:

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or prominent notice on our platform. Your continued use after changes constitutes acceptance.

Cookies and Tracking

Please see our separate Cookie Policy for detailed information about our use of cookies and similar technologies.

Legal Basis for Processing (GDPR)

We process personal data based on:

• Contract: To provide our services under our Terms of Service
• Legitimate Interests: For analytics, security, and service improvement
• Consent: For marketing communications and optional features
• Legal Obligations: To comply with applicable laws

How to Exercise Your Rights

Submitting Requests

You can exercise your privacy rights through:

1. Self-Service Portal: Access your account dashboard for immediate actions:
   • Download your data
   • Update personal information
   • Manage consent preferences
   • Delete your account
2. Email Requests: Send detailed requests to:
   • General: privacy@playmakersedge.com
   • GDPR: gdpr@playmakersedge.com
   • CCPA: ccpa@playmakersedge.com
3. Toll-Free Number: 1-800-XXX-XXXX (CCPA requests)

Request Requirements

To process your request, we need:

• Your account email or username
• Specific description of your request
• Identity verification (we may ask additional questions)
• Authorized agent documentation (if applicable)

Response Timeline

• Acknowledgment: Within 3 business days
• Initial Response: Within 30 days
• Complex Requests: Up to 90 days with notice
• Appeals: Available if request denied

No Discrimination

We will not discriminate against you for exercising your privacy rights, including:

• Denying services
• Charging different prices
• Providing different service levels
• Suggesting you'll receive different treatment

Financial Incentives (CCPA)

We do not currently offer financial incentives tied to personal data collection. If we introduce loyalty programs or similar incentives in the future, we will:

• Clearly explain the terms
• Describe how personal data relates to the program
• Provide opt-in consent mechanisms
• Allow withdrawal at any time