Balla StatsBalla Stats

Privacy Policy

Your privacy matters to us. This policy explains how Balla Stats collects, uses, and protects your personal information.

Last Updated: December 19, 2025Effective: October 12, 2025

Quick Navigation

Information We CollectHow We Use InformationLegal Basis (GDPR)Data SharingYour RightsData SecurityData RetentionCookies & TrackingChildren's PrivacyInternational TransfersChanges to PolicyContact Us
1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, password
  • Profile Information: Avatar/photo, preferences, notification settings
  • Player Information: Player names, positions, jersey numbers, statistics
  • Group & Team Information: Group names, team details, match data
  • Payment Information: Billing details processed securely by Stripe (we do not store full credit card numbers)
  • Communications: Feedback, support requests, emails

1.2 Information Automatically Collected

  • Usage Data: Pages viewed, features used, time spent on platform
  • Device Information: Browser type, operating system, IP address
  • Cookies & Tracking: Session cookies, analytics cookies (with your consent)
  • Performance Data: Error logs, crash reports (via Sentry)
2. How We Use Your Information

2.1 Service Provision

  • • Create and manage your account
  • • Process match statistics
  • • Enable real-time tracking
  • • Manage subscriptions
  • • Provide customer support

2.2 Communication

  • • Service notifications
  • • Support responses
  • • Marketing (with consent)
  • • Platform updates

2.3 Analytics

  • • Improve features
  • • Monitor performance
  • • Research & development
  • • Aggregate statistics
3. Legal Basis for Processing (GDPR)

We process your personal data based on:

Contract Performance

Processing necessary to provide our services

Consent

You have given explicit consent (e.g., marketing emails)

Legitimate Interests

Our business interests that don't override your rights

Legal Obligation

Compliance with applicable laws

4. Data Sharing & Third Parties

4.1 Service Providers

We share data with trusted third-party services:

Cloud Infrastructure:Database hosting, authentication, and website delivery
Payment Processing:Secure payment handling (PCI-DSS compliant)
Application Monitoring:Error tracking and performance monitoring
Communications:Email delivery services

4.2 Data Not Sold

We do not sell your personal data to third parties.

4.3 Legal Requirements

We may disclose data if required by law, court order, or government request.

5. Your GDPR Rights

If you are in the European Union, you have the following rights:

Article 15

Right to Access

Request a copy of all your personal data. Use the "Download My Data" feature in your account settings.

Article 16

Right to Rectification

Correct inaccurate or incomplete personal data in your account settings.

Article 17

Right to Erasure

Request deletion of your account and all associated data. Available in account settings.

Article 20

Right to Data Portability

Export your data in JSON or CSV format for transfer to another service.

Article 21

Right to Object

Object to processing of your data for direct marketing purposes.

Article 7

Right to Withdraw Consent

Withdraw consent for marketing emails or analytics cookies at any time.

Right to Lodge a Complaint: You may file a complaint with your local data protection authority if you believe we have violated your rights.

6. Data Security

We implement industry-standard security measures:

Encryption

All data transmitted over HTTPS (TLS 1.3)

Password Security

Passwords securely hashed using industry-standard algorithms

Two-Factor Authentication

Optional 2FA for enhanced security

Access Controls

Role-based permissions (OWNER, ADMIN, MEMBER, VIEWER)

Database Security

Row-level security policies protect your data

Monitoring

Real-time error tracking and security monitoring

7. Data Retention
Active AccountsData retained while your account is active
Deleted AccountsData permanently deleted within 30 days (grace period)
BackupsBackup retention for 90 days
Legal RequirementsSome data may be retained longer if required by law
Anonymized DataAggregate statistics (non-identifiable) may be retained indefinitely
8. Cookies & Tracking

8.1 Essential Cookies

Required for platform functionality (authentication, sessions). Cannot be disabled.

8.2 Analytics Cookies

Google Analytics 4 for usage analytics. You can opt-out via cookie banner.

8.3 Managing Cookies

Control cookie preferences via the cookie banner or browser settings.

9. Children's Privacy

Balla Stats is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction, including the United States. We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your data.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email or in-app notification. Continued use after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions or to exercise your rights, contact us at: support@ballastats.com