← Back to Home

Privacy Policy

Last updated: March 2026

1. Who We Are

FootballPro ("we", "our", "us"), owned and operated by Phaino Labs Ltd, is a club management platform for football academies and grassroots clubs. We act as the data processor for most data processes, while the club remains the data controller. Phaino Labs Ltd accepts no liability for how individual clubs process or handle this data.

2. What Data We Collect

We collect the following categories of personal data:

  • Account Information: Name, email address, phone number
  • Player Data: Name, date of birth, gender, medical notes, allergies, emergency contacts
  • Guardian Data: Name, email, phone, relationship to player
  • Usage Data: Attendance records, session participation, wellbeing check-ins
  • Technical Data: IP address, browser type, device information

3. Children's Data

We process data of children under 16 for the purposes of club management, safeguarding, and welfare. This data is collected with the consent of a parent or guardian. We take particular care to protect children's data and limit access to authorised club staff only.

4. How We Use Your Data

  • Managing player registration and team assignments
  • Tracking attendance and session scheduling
  • Processing payments and invoicing
  • Safeguarding and wellbeing monitoring
  • Communication between clubs, coaches, and parents
  • Generating reports and analytics for club management

5. Legal Basis for Processing

  • Consent: For processing children's data, photo consent, medical data
  • Contract: To provide the club management service
  • Legitimate Interest: For safeguarding, security, and platform improvement
  • Legal Obligation: For safeguarding duties and financial records

6. Data Sharing and Subprocessors

We do not sell your personal data. Data is shared only with trusted third-party service providers (subprocessors) necessary to provide the Service:

  • Your Club: Authorised administrators, coaches, and staff within your organisation.
  • Payment Processing: We use Stripe to process all payments. Stripe is a PCI-DSS certified payment processor. When you make a payment, your payment details are provided directly to Stripe, and FootballPro does not store your full credit card information.
  • Infrastructure: Hosting providers (Vercel, Railway) and Authentication services (Supabase) for secure service delivery and data storage.

7. Cookies and Analytics

We use cookies and similar tracking technologies to provide, secure, and improve our Service. These include strictly necessary cookies for authentication and session management, as well as performance cookies to understand how our platform is used.

8. Data Retention

  • Active Accounts: We retain your personal data for as long as your account is active.
  • Deleted Accounts: Upon request, or upon termination of your organisation's subscription, all personal data is permanently deleted or anonymised within 30 days.
  • Financial Records: Invoices, billing history, and payment records are retained for up to 7 years to comply with tax and accounting laws.
  • Audit Logs: Non-personally identifiable system and security logs are retained for up to 2 years.

9. Your Rights (GDPR)

Under the UK GDPR, you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate personal data.
  • Erasure: Request deletion of your personal data ("Right to be Forgotten").
  • Data Portability: Receive your data in a machine-readable format.
  • Object: Object to processing based on legitimate interest.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, use the data management tools in your account settings, or contact your club administrator (the Data Controller). For requests related to data where FootballPro is the Data Controller, contact us directly.

10. Security and Limitation of Liability

We implement robust technical and organisational security measures to protect your data. This includes encryption in transit (HTTPS/TLS) and at rest, row-level security (RLS) in our databases to strictly isolate tenant data, and regular security audits.

While we strive to provide the utmost security, no system is impenetrable. Phaino Labs Ltd (owners of FootballPro) shall not be held liable for any data breaches, loss of data, or unauthorised access to personal data, to the fullest extent permitted by law.

11. Contact Us

For privacy-related enquiries, or to contact our Data Protection Officer, please email us at support@footballpro.app