Privacy Policy

BallonRank (“we”, “us”) is the data controller for personal data processed through the BallonRank platform. We operate in the United Kingdom and South Africa and are committed to compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the South African Protection of Personal Information Act (POPIA).

Account Information: When you register, we collect your name, email address, password (hashed by our auth provider), and role (Player, Parent, Coach, or Scout).

Player Profile Data: If you submit a player profile, we collect personal details including name, date of birth, physical measurements, club/academy affiliation, region, and profile image.

Performance Data: Match statistics, physical benchmarks, scout evaluations, and highlight video links submitted to the platform.

Usage Data (with consent): If you allow analytics cookies, we collect anonymised usage events (page views, feature interactions) via our analytics processor to improve the product.

Payment Data: If you subscribe to a paid tier, we collect a subscription identifier and billing metadata. Card details are handled entirely by Stripe — we never see or store them.

Technical Data: IP address, user-agent string, and approximate request origin — used for security, rate-limiting, abuse detection, and error reporting. IP addresses are truncated or hashed where feasible and not used to track you across sessions.

Push Subscription Data: If you enable push notifications, we store the browser-provided push endpoint and encryption keys so we can deliver alerts. These can be revoked at any time from your browser or device settings and we remove stale subscriptions automatically.

We process personal data on the following lawful bases:

• Contract: to provide the service you sign up for.
• Legitimate interest: to secure the platform, prevent fraud, and maintain rankings.
• Consent: for analytics cookies and for processing the data of players under 16.
• Legal obligation: where we must retain records for tax, accounting, or regulatory reasons.

• Create and maintain player profiles and rankings
• Calculate composite scores and star ratings
• Enable verified scouts to discover talent
• Send notifications about profile updates, rankings, and scout activity
• Verify player identities and submitted statistics
• Provide subscription billing and account support
• Improve the platform via aggregated, anonymised usage analytics (with consent)

Player profiles marked as published are visible to all authenticated users and appear in public rankings. This includes name, position, age group, region, club, rankings, and statistics.

We use the following trusted processors to run the platform. Each is bound by data processing agreements:

• Supabase — authentication and database hosting (EU region).
• Vercel — application hosting and content delivery (global edge, with US infrastructure; covered by EU-US Data Privacy Framework).
• Stripe — subscription payments (card data handled entirely by Stripe).
• Brevo — transactional email delivery (EU region).
• PostHog (EU) — product analytics, only if you have granted analytics consent.
• Sentry — error monitoring (no personal data intentionally sent).
• Cloudflare Turnstile — bot mitigation for sign-up and contact forms.
• Upstash — short-lived rate-limit state keyed by hashed IP, to prevent abuse.
• Google / Apple / Mozilla push services — used only when you opt in to push notifications; they deliver the alert to your device from our server without seeing its contents.

We do not sell personal data. Anonymised, aggregated data may be used for research, partnership, or marketing purposes.

BallonRank serves youth football players aged 11–19. The threshold for parental consent depends on where the player is based:

• United Kingdom (England, Wales, Scotland, Northern Ireland): parental consent is required for players under 16, in line with UK-GDPR Art. 8 and the UK Data Protection Act 2018. We chose 16 (above the 13-year statutory minimum) given the contact-rich nature of a scouting platform.
• South Africa: parental consent is required for players under 18, in line with POPIA §35 (consent of a competent person).

When a profile is submitted for a minor, we require the parent or guardian’s email address and an explicit consent confirmation. We record the timestamp of that consent. If a player’s date of birth is later corrected and pushes them into the minor threshold, we re-collect parental consent before the change is saved.

A parent or guardian may withdraw consent, request erasure, or export their child’s data at any time by contacting us or using the tools on the Privacy & Data settings page.

For the full set of measures we take to protect under-18s — including contact rules for scouts, our moderation queue, and reporting routes — see the Safeguarding page.

We use industry-standard security measures: TLS everywhere, secure authentication with password hashing and OAuth via Supabase, role-based access controls, application-level security headers (CSP, HSTS, frame-denial), and regular dependency updates. Admin actions are audit-logged.

You have the right to access, rectify, erase, restrict, port, and object to processing of your personal data. You can:

• Export all data we hold on you as a JSON file
• Permanently delete your account and all associated data
• Update your profile and notification preferences
• Withdraw analytics consent at any time

Most of these actions are self-service on the Privacy & Data settings page. For anything else, email hello@ballonrank.comwith “Privacy Request” in the subject line. We respond within 30 days.

If you are unhappy with how we handle your data, you may complain to your supervisory authority — the Information Commissioner’s Office (UK) or the Information Regulator (South Africa).

We use three categories of cookies and local storage:

• Necessary: authentication, session, CSRF, and your consent preferences. Always on — required for the site to function.
• Analytics (optional): PostHog analytics cookies, only loaded after you opt in.
• Functionality (optional): reserved for future UX-enhancement features. Currently unused.

You can change your choices at any time via the “Manage cookie preferences” link in the footer.

We hold personal data only for as long as we have a clear reason to:

• Account & player profile data: for as long as your account is active.
• Dormant accounts: accounts with no sign-in for 24 months are flagged for anonymisation. We email you first and give you 30 days to log back in. If the account remains dormant, we anonymise it — your player profile, rankings, and identifying data are removed, and you will no longer be able to sign in.
• Account deletion requests: processed immediately. Your profile, evaluations you authored, watchlists, shortlists, and similar records are removed at once. Backups roll over within 30 days.
• Notifications: read notifications are auto-deleted after 180 days; unread ones after 365 days.
• Profile views: we record an event each time a player profile is viewed (with the viewer’s account ID when signed in) so we can show a “views this week” counter and the weekly recap email. Individual view records are deleted after 365 days.
• Direct messages: kept while the conversation has at least one participant. When the last participant leaves or deletes their account, the conversation and its messages are removed.
• Push subscriptions: stored only while you have notifications enabled, and removed automatically when your browser/device reports the subscription as expired.
• Audit and security logs: retained for up to 12 months for abuse detection and incident response.
• Payment records: billing metadata is retained for up to 7 years to meet UK tax-record obligations.

Where we’re legally required to keep records longer (e.g. safeguarding referrals shared with statutory bodies), we’ll retain only the minimum needed and tell you why on request.

BallonRank computes composite scores, star ratings, and leaderboard positions algorithmically from the performance data we hold (match statistics, physical benchmarks, scout evaluations).

Under UK GDPR Article 22 / POPIA §71, you have the right not to be subject to a solely automated decision that produces a legal effect or similarly significant effect. Our rankings do not produce such effects: they are sporting and recreational ratings, not eligibility decisions for employment, education, credit, insurance, or any regulated outcome. Selection decisions made by clubs or scouts who use the platform are made by humans, not by us.

Verifiers and coaches sit in the loop on the data that feeds the rankings — match statistics require coach confirmation, and physical benchmarks can be flagged for verification. If you believe a ranking is wrong, you can correct underlying data on the Edit profile page, or email hello@ballonrank.com to request a manual review.

We host the database and core application infrastructure in the European Union (Supabase EU, Brevo EU, PostHog EU). Some of our processors operate from, or transfer data to, the United States or other regions outside the UK / EEA / South Africa:

• Vercel — application hosting on a global edge network, with US infrastructure.
• Stripe — payments processing operates internationally.
• Sentry — error monitoring (US).
• Cloudflare Turnstile — bot mitigation operates on a global edge network.

Where personal data leaves the UK or EEA, we rely on one or more of the following safeguards: the UK Data Protection Adequacy Regulations, the EU–US Data Privacy Framework (and its UK Extension) where the recipient is certified, or the UK International Data Transfer Agreement (IDTA) / EU Standard Contractual Clauses (SCCs). Where personal data of South African users is transferred outside South Africa, we rely on the conditions of POPIA §72 — recipient subject to a binding agreement that provides equivalent protection, or transfer necessary to perform the contract with you.

You can request a summary of the safeguards in place for any specific processor by emailing hello@ballonrank.com.