1
Data Controller
The data controller responsible for your personal data is:
footballtrading.app
An educational platform for sports exchange trading courses and simulation tools.
Data Protection Contact: privacy@footballtrading.app
Back to Home
Privacy Policy
Your privacy matters to us. This policy explains how we collect, use, and protect your personal information when you use footballtrading.app.
Last updated: May 22, 2026
2
Information We Collect
Information You Provide
- Account Information — Full name, email address, and password when you register for an account.
- Profile Data — Any additional information you choose to add to your profile.
- Communication Data — Messages you send to our support team or feedback you provide.
Information Generated Through Use
- Purchase History — Records of courses and subscriptions you have purchased.
- Quiz Results — Answers, scores, and completion times for assessments taken on the platform.
- Simulator Usage — Interaction data from the football trading simulator, including simulated positions and outcomes.
- Certificate Records — Details of certificates issued upon course completion.
Information Collected Automatically
- Device Information — Browser type, operating system, device type, and screen resolution.
- Usage Data — Pages visited, time spent on the platform, and interaction patterns.
- IP Address — Collected for security, fraud prevention, and approximate geolocation purposes.
3
Legal Basis for Processing
We process your personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):
Contract Performance
Processing necessary to provide the services you purchased — including account creation, course access, simulator functionality, and certificate issuance.
Legitimate Interest
Processing for platform analytics, security monitoring, fraud prevention, and improving our educational content and user experience.
Consent
Processing based on your explicit consent — such as receiving marketing communications or newsletters. You may withdraw consent at any time.
Legal Obligation
Processing required to comply with applicable laws, such as tax record keeping and responding to lawful government requests.
4
Payment Information
We do not store your payment card details.
All payment transactions are processed securely by Paddle.com Market Ltd, which acts as our Merchant of Record. Paddle is a PCI DSS Level 1 compliant payment processor.
When you make a purchase, your payment information (credit card number, billing address) is transmitted directly to Paddle over encrypted connections. We only receive confirmation of payment status, transaction identifiers, and the email address associated with the purchase.
For details on how Paddle handles your payment data, please review Paddle's Privacy Policy.
5
Third-Party Data Sharing
We share your personal data only with trusted third-party service providers who assist in operating our platform. We do not sell, rent, or trade your personal data to third parties for marketing purposes.
Paddle.com Market Ltd
Payment processing, invoicing, and tax compliance
Data shared: Name, email, purchase details
Vercel Inc.
Website hosting and infrastructure
Data shared: IP address, request logs
Bunny.net
Video content delivery (CDN and streaming)
Data shared: IP address, video access tokens
Resend
Transactional email delivery (verification, password reset)
Data shared: Email address, name
Google (OAuth)
Optional social login authentication
Data shared: Only when you choose to sign in with Google
6
Cookies & Tracking
We use a minimal set of cookies necessary for the platform to function:
| Cookie | Purpose | Duration |
|---|---|---|
| session-token | Authentication session | Session / 30 days |
| csrf-token | Cross-site request forgery protection | Session |
| locale | Language preference | 1 year |
| theme | Dark/light mode preference | 1 year |
We use Vercel Analytics for privacy-friendly, anonymous website analytics. Vercel Analytics does not use cookies and does not collect personally identifiable information.
7
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:
- Account Data — Retained for the lifetime of your account. Upon account deletion, your personal data will be removed within 30 days, except where retention is required by law.
- Purchase Records — Retained for a minimum of 7 years to comply with tax and accounting regulations.
- Quiz and Simulator Data — Retained while your account is active. Deleted upon account removal.
- Server Logs — Automatically deleted after 90 days.
- Certificate Records — Retained indefinitely to support public verification of issued certificates, even after account deletion.
8
Your Data Protection Rights
Under the GDPR and applicable data protection laws, you have the following rights regarding your personal data:
Right of Access (Art. 15)
You can request a copy of all personal data we hold about you.
Right to Rectification (Art. 16)
You can request correction of inaccurate or incomplete personal data.
Right to Erasure (Art. 17)
You can request deletion of your personal data, subject to legal retention requirements.
Right to Data Portability (Art. 20)
You can request your data in a structured, machine-readable format for transfer to another service.
Right to Restrict Processing (Art. 18)
You can request that we limit how we use your data in certain circumstances.
Right to Object (Art. 21)
You can object to processing of your data based on legitimate interests or for direct marketing.
Right to Withdraw Consent
Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at privacy@footballtrading.app. We will respond to your request within 30 days.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.
9
Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption in Transit — All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS).
- Encryption at Rest — Sensitive data stored in our database is encrypted at rest.
- Password Hashing — User passwords are hashed using industry-standard bcrypt algorithms and are never stored in plaintext.
- Access Controls — Access to personal data is restricted to authorized personnel on a need-to-know basis.
- Regular Audits — We regularly review and update our security practices to address emerging threats.
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We encourage you to use a strong, unique password for your account.
10
Children's Privacy
Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly.
11
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will notify registered users via email and update the “Last updated” date at the top of this page.
We encourage you to review this policy periodically to stay informed about how we are protecting your data.
12
Contact Us
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
Privacy Inquiries
privacy@footballtrading.appGeneral Support
support@footballtrading.appWebsite
footballtrading.appRelated policies: