SR.Studio
Back to home

Privacy Policy

Last updated: [EFFECTIVE_DATE]

This Privacy Policy explains what information SportsRatings.Studio (“we,” “us,” or “our”) collects when you use our website and services (the “Service”), how we use and share that information, and the choices you have. By using the Service, you agree to this Policy.

1. Who we are

SportsRatings.Studio is a peer-rating tool for sports teams. The data controller for this Service is SportsRatings.Studio. You can reach us at [CONTACT_EMAIL_TBD].

2. Information we collect

2.1 Information you provide when you sign in

We use Google as our sole sign-in method. When you sign in, Google shares your email address with us, and we create an account record with a unique identifier. We do not receive your Google profile photo or your full name from Google unless you choose to provide them separately in the Service.

2.2 Information you choose to add to your profile

  • Display name.
  • Profile avatar (optional).
  • Optional biometric fields: height, weight, age, and gender. Each of these has an independent visibility toggle so you control whether teammates can see it.

2.3 Information you create in the Service

  • Teams you create or join, and your role on each team.
  • Player records, which may describe people who do not have an account on the Service (see Section 3).
  • Peer ratings you submit about other team members.
  • Game scores, box-score statistics, and schedule entries.
  • A team home-court address, if provided. Address text is sent to a third-party geocoder to resolve coordinates.

2.4 Technical information

  • Standard server logs (IP address, user agent, timestamps) generated by our hosting provider.
  • Strictly-necessary authentication cookies set by our auth provider to keep you signed in. We do not use advertising or analytics cookies, and we do not run third-party trackers on the Service today.
  • Local browser storage for non-personal UI preferences such as theme and sidebar state.

3. Information about people who are not users

The Service allows team organizers, coaches, and captains to add player records to a roster for people who may not have a SportsRatings.Studio account. A player record can include the person’s name, position, game statistics, and ratings submitted by other team members.

If you add a player record, you represent that you have the authority to do so under the rules of your team or league, and (where the player is a minor) that you have appropriate parental or guardian consent.

If you are a non-user and a player record about you exists on this Service, you may contact us at [CONTACT_EMAIL_TBD] to request access, correction, or removal.

4. How we use information

  • To create and operate your account and your team memberships.
  • To display rosters, ratings, statistics, and schedules within the teams you belong to.
  • To send transactional team-invitation emails when a teammate invites you.
  • To resolve a home-court address into map coordinates when you provide one.
  • To secure the Service, prevent abuse, and comply with legal obligations.

We do not sell your personal information. We do not use your information for advertising. We do not run analytics or behavioral tracking on the Service today; if that changes, we will update this Policy.

5. How we share information

5.1 Within your team

Information you contribute is scoped to the team(s) you belong to. Optional biometric profile fields are gated by the per-field visibility toggles you set. Database row-level security enforces team scoping at the data layer.

5.2 Service providers (subprocessors)

We share information with the following providers strictly to operate the Service:

  • Supabase — database, authentication, file storage, and hosting.
  • Google — OAuth sign-in. Google sees the fact that you sign in to our Service.
  • Resend — delivery of transactional team invitation emails. The recipient’s email address is shared with Resend for delivery.
  • Photon (Komoot) — geocoding home-court addresses. The address text is transmitted to Photon to look up coordinates; no account information is sent.

5.3 Legal and safety

We may disclose information when we believe in good faith that disclosure is required by law, necessary to protect the rights, property, or safety of users or the public, or to enforce our Terms.

5.4 Business transfers

If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality protections.

6. Data retention

We retain your account information and content for as long as your account is active. If you request account deletion, we will delete or anonymize your personal information within a reasonable period, except where we must retain it to comply with legal obligations, resolve disputes, or enforce our agreements. Standard backup rotation applies to our hosting provider’s backups.

7. Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise any of these rights, email us at [CONTACT_EMAIL_TBD]. We currently handle these requests manually; we plan to add self-serve account deletion and data export to the Service.

You may withdraw consent for optional profile fields at any time by editing your profile or toggling visibility off.

8. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Player records describing minors should only be added with verifiable parental or guardian consent. If you believe a child under 13 has provided us with personal information without such consent, please contact us and we will delete it.

9. International transfers

The Service is hosted in [HOSTING_REGION_TBD]. If you access the Service from another region, your information may be transferred to, processed in, and stored in the hosting region. We rely on appropriate safeguards for any cross-border transfers as required by applicable law.

10. Security

We use industry-standard safeguards including encryption in transit, OAuth-based authentication, and database row-level security. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

11. Changes to this Policy

We may update this Policy from time to time. When we do, we will update the “Last updated” date at the top of this page, and we will provide a more prominent notice for material changes. Your continued use of the Service after a change takes effect constitutes acceptance of the updated Policy.

12. Contact us

Questions, requests, or complaints about this Policy or our data practices: [CONTACT_EMAIL_TBD].