Last updated: March 2026
DataSports ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://datasports.co (the "Site").
Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.
This policy is designed to comply with the General Data Protection Regulation (GDPR), the ePrivacy Directive, and other applicable data protection laws. The data controller responsible for your personal data is DataSports, reachable at privacy@datasports.co.
When you create an account on our Site, we collect information that you voluntarily provide, including:
When you visit our Site, we automatically collect certain technical and behavioural information, including:
We use cookies and similar technologies (pixels, local storage) to collect and store information when you interact with our Site. For full details on the categories of cookies we use and how to manage your preferences, see Section 5 below.
We process your personal data for the following purposes:
Under the GDPR, we rely on the following legal bases when processing your personal data:
We rely on your freely given, specific, informed, and unambiguous consent for:
You may withdraw your consent at any time via the Cookie Settings panel accessible from the cookie consent banner or from the footer of our Site. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
We rely on our legitimate interests for:
We have conducted balancing tests to ensure that our legitimate interests do not override your fundamental rights and freedoms.
We process data as necessary to perform our contract with you for:
Cookies are small text files placed on your device by our Site. We categorise the cookies we use as follows:
These cookies are strictly necessary for the Site to function and cannot be switched off. They include session identifiers, authentication tokens, cookie consent preferences, and CSRF protection tokens. Because they are essential, no consent is required under the ePrivacy Directive.
We use Google Analytics 4 (GA4) to collect anonymised usage statistics. GA4 cookies (e.g., _ga, _ga_*) measure page views, session duration, bounce rates, and user journeys. IP anonymisation is enabled by default in GA4. These cookies are only set after you provide consent via our cookie consent banner.
Google AdSense places cookies to serve advertisements relevant to your interests and to limit the number of times you see an ad. These cookies may track your browsing activity across other websites that also use Google's advertising network. Advertising cookies are only set after you provide consent via our cookie consent banner.
You can manage your cookie preferences at any time by clicking the "Cookie Settings" link in our cookie consent banner or in the Site footer. You can also configure your browser to block or delete cookies, although this may affect Site functionality.
We share personal data with the following third-party processors, each of whom processes data on our behalf under a Data Processing Agreement (DPA):
| Processor | Purpose | Privacy Policy |
|---|---|---|
| Stripe | Payment processing and subscription billing | stripe.com/privacy |
| Google Analytics | Website analytics and usage measurement | policies.google.com/privacy |
| Google AdSense | Advertising and ad personalisation | policies.google.com/privacy |
| Vercel | Website hosting and edge delivery | vercel.com/legal/privacy-policy |
| Neon | Serverless PostgreSQL database hosting | neon.tech/privacy |
| OpenAI | AI-assisted content generation (articles and entity descriptions) | openai.com/policies/privacy-policy |
Some of our third-party processors are based in the United States, including Neon (database hosting) and Vercel (website hosting). When personal data is transferred from the European Economic Area (EEA) or the United Kingdom to the United States, we ensure appropriate safeguards are in place.
These transfers are protected by EU Standard Contractual Clauses (SCCs) as approved by the European Commission, or by the EU-U.S. Data Privacy Framework where the recipient is certified. We review these safeguards regularly to ensure continued compliance.
We retain your personal data only for as long as necessary to fulfil the purposes described in this policy. Specific retention periods are as follows:
| Data Category | Retention Period |
|---|---|
| Account data (name, email, preferences) | Until you delete your account |
| Analytics data (GA4) | 26 months from collection |
| Session data (authentication tokens) | 30 days after session expiry |
| Cookie consent records | 1 year from the date consent is given |
After the applicable retention period expires, data is securely deleted or anonymised so that it can no longer be associated with you.
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the GDPR:
To exercise any of these rights, please email us at privacy@datasports.co. We will respond to your request within 30 days.
You also have the right to withdraw consent at any time for any processing based on consent (such as analytics and advertising cookies). You can withdraw cookie consent by clicking "Cookie Settings" in the cookie consent banner or in the Site footer. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority in the EU/EEA Member State of your habitual residence, place of work, or place of the alleged infringement.
We use administrative, technical, and physical security measures to protect your personal information. These include encryption of data in transit (TLS/SSL), encryption of data at rest, access controls, and regular security reviews. While we have taken reasonable steps to secure the information you provide, please be aware that no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against interception or misuse.
Our Site is not intended for children under 16 years of age, in accordance with the GDPR's requirements for children's consent. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information as promptly as possible. If you believe a child under 16 has provided us with personal data, please contact us at privacy@datasports.co.
We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. For significant changes, we may also notify you by email or through a prominent notice on the Site. We encourage you to review this page periodically.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: