Privacy Policy

Last updated: February 2026

1. Introduction

FutureElite ("we", "our", or "us") is committed to protecting the privacy of our users and particularly the young athletes whose data is managed through our platform. FutureElite is designed for use by parents and guardians to track their child's athletic development. This Privacy Policy explains what data we collect, how we store and protect it, and what rights you have over your data. By using FutureElite, you agree to the collection and use of information in accordance with this policy.

2. Data We Collect

FutureElite collects and processes the following categories of data:

Account Information

  • Username and email address (for login and account recovery)
  • Password (stored only as an irreversible cryptographic hash, never in plain text)
  • Date of birth (to determine whether parental consent is required)
  • Parental consent status and timestamp (for users under 18)
  • Account creation date

Player Data

The following data is entered voluntarily by the account holder to track a player's development:

  • Player name, date of birth, height, weight, and playing position
  • Match data (opponents, scores, goals, assists, minutes played, notes)
  • Physical measurements (height and weight history for growth tracking)
  • Physical performance metrics (speed, agility, endurance, strength data)
  • Achievements and awards
  • Club history and training camp attendance
  • Player photographs
  • Highlight reel links (YouTube or social media URLs)
  • Reference contacts (names, roles, and contact details of coaches or scouts, collected only with their explicit consent)
  • Contact email address (for inclusion in player profiles shared at your discretion)

3. How We Store Your Data

Your Data, Your Control

FutureElite stores your player data in two locations to provide a reliable and responsive experience:

Server-Side Storage

Your account information and player data are stored on secure servers hosted by Render (our hosting provider) within their infrastructure. This server-side storage enables core features such as generating PDF reports, maintaining your data across sessions, and ensuring your data is not lost if you clear your browser or switch devices. All data is transmitted to and from our servers using HTTPS encryption.

Local Device Storage

A copy of your player data is also cached locally on your device using your browser's built-in storage (IndexedDB). This local copy enables faster page loading and allows limited offline access. The local copy is synchronised with the server when a connection is available. You can clear this local data at any time by clearing your browser data or using the app's "Clear Data" function. Clearing local data does not delete your data from the server — to fully delete your data, use the account deletion feature described in Section 9.

PDF Reports

When you generate a PDF report, the report is created temporarily on the server and immediately sent to you for download. PDF files are not stored permanently on our servers.

4. Legal Basis for Processing

We process your data on the following legal bases:

  • Contract: Processing is necessary to provide you with the FutureElite service you have signed up for
  • Consent: For analytics cookies (see Section 7) and for processing data of minors, we rely on explicit consent which can be withdrawn at any time
  • Legitimate Interest: For security measures such as rate limiting, account lockout, and fraud prevention

5. Data Sharing

We do not sell, rent, or trade your personal data. Your data is only shared in the following limited circumstances:

  • PDF Export: When you generate and export a PDF report, you control who receives it. We do not distribute reports on your behalf.
  • Payment Processing: If you subscribe, payment is handled by Stripe. We send Stripe only the minimum data required (your user identifier). We never see or store your credit card details. Stripe's privacy policy governs their handling of payment data.
  • Email Services: We use third-party email providers (SendGrid or SMTP) solely to send account-related emails such as email verification and password reset links. Only your email address and the message content are shared with the email provider.
  • Analytics: If you consent to analytics cookies, anonymised usage data is shared with Google Analytics (see Section 7).
  • Hosting Provider: Our servers are hosted by Render. As our infrastructure provider, Render has access to server resources but does not access or process your player data independently.

We do not create public profiles, make player data searchable by others, or enable direct messaging between users.

6. Children's Privacy

Protecting Young Athletes

FutureElite is designed for use by parents and guardians on behalf of young athletes. We take the protection of children's data very seriously.

We comply with applicable child privacy regulations including COPPA (Children's Online Privacy Protection Act) and GDPR provisions for children's data (Article 8). Our safeguards include:

  • Age Verification: Date of birth is required at registration to identify users under 18
  • Parental Consent: Users under 18 must confirm parental or guardian consent before creating an account. The consent status and timestamp are recorded.
  • No Direct Collection from Children: The app is operated by parents and guardians — we do not allow children to create accounts or enter data independently
  • No Child-Directed Advertising: We do not serve targeted advertising of any kind
  • No Public Profiles: Player data is never made publicly accessible or searchable
  • No Messaging: There is no messaging, chat, or direct communication feature between users
  • Parental Control: The parent or guardian account holder has full control over all data and can view, edit, export, or delete it at any time

7. Cookies & Analytics

FutureElite uses cookies in the following ways:

Essential Cookies

We use strictly necessary cookies to maintain your login session and protect against cross-site request forgery (CSRF). These cookies are required for the application to function and cannot be disabled.

Analytics Cookies (Requires Your Consent)

We use Google Analytics 4 (GA4) to understand how our application is used in aggregate, such as which pages are visited most frequently and general usage patterns. This helps us improve the service.

Analytics cookies are disabled by default and are only activated if you explicitly consent via the cookie consent banner provided by Cookiebot. We use Google Consent Mode v2 to ensure that no analytics data is collected or transmitted until you grant consent. You can change your cookie preferences at any time using the Cookie Settings link in the footer of every page.

When analytics cookies are enabled, the following protections are in place:

  • IP addresses are anonymised before processing
  • Advertising features and ad personalisation are disabled
  • Ads data redaction is enabled
  • No player data, names, or personal information is sent to Google Analytics
  • Only aggregated usage patterns (page views, session duration) are collected

We do not use tracking pixels, retargeting, or any other third-party analytics or advertising services.

8. Data Retention

We retain your data as follows:

  • Account and player data: Retained on our servers for as long as your account is active. You can delete your account and all associated data at any time (see Section 9).
  • Local device data: Retained in your browser's storage until you clear it or uninstall the application. This is a cache and can be cleared without affecting your server-side data.
  • PDF reports: Generated temporarily and not retained on our servers after download.
  • Email verification and password reset tokens: Automatically expire after 24 hours and 1 hour respectively.
  • Security logs: Login attempts and security events are logged for a limited period to protect against abuse.

9. Your Rights

Under GDPR and other applicable data protection laws, you have the following rights:

  • Right of Access: View all data stored in your account at any time through the application
  • Right to Rectification: Edit or update any data you have entered at any time
  • Right to Erasure: Delete your account and all associated data permanently using the "Delete Account" function in Settings. This removes all player data, matches, measurements, achievements, photos, and references from our servers. This action is irreversible.
  • Right to Data Portability: Export all your data at any time using the export function (available as an Excel spreadsheet or PDF report)
  • Right to Withdraw Consent: Withdraw consent for analytics cookies at any time via Cookie Settings, or withdraw parental consent by deleting the account
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe your data is being processed unlawfully

To exercise any of these rights or for any data protection queries, please contact us using the details in Section 12.

10. Subscription & Payment Data

If you subscribe to FutureElite, payment processing is handled entirely by Stripe. We do not see, collect, or store your credit card number, bank details, or other payment credentials. The only subscription-related data we store is:

  • Subscription status (active, cancelled, etc.)
  • Subscription plan type (monthly, annual)
  • Billing period dates

Stripe's handling of your payment data is governed by Stripe's Privacy Policy.

11. Security

We implement the following security measures to protect your data:

  • All data is transmitted using HTTPS (TLS) encryption
  • Passwords are hashed using industry-standard one-way cryptographic algorithms and are never stored or logged in plain text
  • Session-based authentication with secure cookie flags
  • CSRF (Cross-Site Request Forgery) protection on all form submissions and API requests
  • Rate limiting on authentication endpoints to prevent brute-force attacks
  • Automatic account lockout after multiple failed login attempts
  • Content Security Policy headers to prevent cross-site scripting
  • File upload validation (type verification, format checking) to prevent malicious uploads

While we take extensive measures to protect your data, no method of electronic storage or transmission is completely secure. We encourage you to use a strong, unique password and to keep your login credentials confidential.

12. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how your data is handled, please contact us at:

Email: support@futureelite.pro

For privacy-specific requests, please include "Privacy Request" in the subject line. We aim to respond to all privacy requests within 30 days.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the updated Privacy Policy on this page and updating the "Last updated" date. For significant changes that affect how we process children's data, we will make reasonable efforts to notify account holders via email. We encourage you to review this Privacy Policy periodically.

← Back to Home