Privacy Policy

Grassroots Coaching ("we", "our", "us") is a team management platform designed for grassroots football coaches. We provide tools for squad management, match day operations, training planning, and team communication. Our platform is accessible at grassrootscoaching.app. All our staff who work on developing this app are active grassroots coaches here in Ireland and have an active Garda Vetting and Child Safeguarding licence approved by the FAI.

2.1 Information You Provide

• • Account information: Name, email address, and password when you register
• • Profile information: Coaching experience, coaching levels, age groups, display name
• • Team information: Team name, club badge, team colours, player details (names, positions, stats)
• • Payment information: Processed securely by Stripe; we do not store your card details
• • Communications: Messages sent through our live chat feature

2.2 Information Collected Automatically

• • Usage data: Pages visited, features used, button clicks, and time spent on sections
• • Device information: Browser type, screen size, and operating system
• • Scroll and interaction data: Scroll depth, section views for improving user experience

We use your information to:

• • Provide and maintain our team management services
• • Process subscriptions and payments through Stripe
• • Send important account notifications and updates via email
• • Personalise your coaching dashboard and team experience
• • Improve our platform based on usage patterns and feedback
• • Provide AI-powered live chat support
• • Prevent fraud and ensure platform security

We use browser local storage to enhance your experience. You can manage your cookie preferences at any time using the cookie settings button on our website. A complete list of all cookies and local storage items used is shown in the table below.

All items are classified as Essential and are required for the website to function correctly. We do not currently deploy third-party analytics or marketing tracking cookies. Should this change in the future, we will update this policy and request your consent via the cookie banner.

We use the following trusted third-party services to operate our platform:

• • Stripe - Payment processing for subscriptions. Stripe processes your payment information directly and securely. We never see or store your full card details.
• • OpenAI - Powers our AI live chat assistant. Chat messages are sent to OpenAI API for processing. No personal account data is shared.
• • Resend - Email delivery service for account notifications, password resets, and team communications.

We take the security of your data seriously. Measures we employ include:

• • Passwords are hashed using industry-standard bcrypt encryption
• • All data is transmitted over HTTPS with TLS encryption
• • Authentication tokens expire and require periodic re-authentication
• • Payment data is handled entirely by PCI-DSS compliant Stripe
• • Access to admin functions is restricted by role-based permissions

We retain your personal data for as long as your account is active or as needed to provide our services. If you delete your account, we will remove your personal information within 30 days, except where we are required to retain certain data for legal or regulatory purposes. Onboarding progress saved in local storage is automatically cleared upon successful registration.

You have rights over your personal data. Specific rights and how they apply depend on where you live — we honour those granted by the EU & UK General Data Protection Regulation (GDPR), the Irish Data Protection Act 2018, the California Consumer Privacy Act (CCPA / CPRA), and equivalent laws elsewhere. Subject to applicable law, these typically include:

• • Access: Request a copy of the personal data we hold about you
• • Correction: Request correction of inaccurate or incomplete data
• • Deletion: Request deletion of your personal data ("right to be forgotten")
• • Portability: Request your data in a portable, machine-readable format
• • Objection / restriction: Object to or restrict our processing of your data for certain purposes
• • Withdraw consent: Withdraw cookie or marketing consent at any time via the cookie settings button
• • Do Not Sell or Share (CCPA): We do not sell your personal information and do not share it for cross-context behavioural advertising

To exercise any of these rights, contact us at the email address in section 11. We will respond within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

If you are in the EU, UK, or Ireland and believe we have not handled your data properly, you have the right to lodge a complaint with your local supervisory authority. Our lead supervisory authority is the Irish Data Protection Commission (www.dataprotection.ie).

Our platform is intended for use by coaches aged 18 and over. While coaches may manage teams that include players under 18, we do not knowingly collect personal information directly from children. Player data entered by coaches is the responsibility of the coach and should be managed in accordance with applicable data protection laws and with appropriate parental consent where required.

All our staff who work on developing this app are active grassroots coaches here in Ireland and have an active Garda Vetting and Child Safeguarding licence approved by the FAI.

We may update this privacy policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any material changes by posting the updated policy on this page and updating the Last updated date above. We encourage you to review this policy periodically.

If you have any questions about this Privacy Policy, your data, or wish to exercise any of your rights, please contact us at the email address provided below.