Privacy Policy

_Last updated: 2026-05-09_

This Privacy Policy explains how Affiliate League ("we", "us", "our") collects, uses, and shares information about you when you use affiliateleague.net and related services (the "Service").

If you have questions about this policy, email admin@affiliateleague.net.

Information We Collect

We collect information you give us directly when you use the Service:

Account information — name, email address, phone number, and password (when you sign up as a captain or athlete).
Team and gym information — team name, home gym, athlete roster details (when you create or join a team).
Affiliate gym information — gym name, owner contact info, business address, and website (when a gym applies to become an Affiliate League partner).
Payment information — processed entirely by Stripe. We do not store your full card number; we store only Stripe's payment ID for our records.
Lead capture information — email, role (captain/athlete/gym owner/curious), and optional city, when you submit our notification form.
Match results and scores — workout times and rankings during your participation in a season.
Communications — emails you send us and our responses.

We also automatically collect limited technical information when you visit the Service:

IP address, browser type, device type, and pages viewed (standard server logs).
Cookies set by Stripe for payment processing and by our analytics providers (see "Analytics & Cookies" below).

How We Use Information

We use the information we collect to:

Operate the Service (create accounts, register teams, schedule matches, record scores, process payments, send confirmation emails).
Send transactional emails (registration confirmations, season alerts, invite links).
Send optional marketing emails to people who opt in via our lead capture form.
Respond to your support requests.
Detect and prevent fraud, abuse, and security incidents.
Comply with legal obligations.

Analytics & Cookies

We use Facebook Pixel to measure the effectiveness of our advertising and to build retargeting audiences. The Facebook Pixel sets cookies in your browser and sends information about your visit to Meta. You can opt out of Facebook ad personalization in your Facebook ad preferences.

We may add additional analytics tools in the future and will update this policy when we do.

We share information only with the third parties we need to operate the Service:

Stripe — processes all payments. Stripe's privacy policy.
Stripe Connect — when an affiliate gym signs up, we create a Stripe Express account on their behalf so they can receive payouts. Their information is shared directly with Stripe.
Supabase — our database and authentication provider, which stores all account and league data on our behalf. Supabase's privacy policy.
Resend — sends our transactional emails. Resend's privacy policy.
Vercel — hosts the Service. Vercel's privacy policy.
Meta (Facebook) — receives anonymized event data via the Facebook Pixel for advertising measurement and retargeting.

We do not sell your personal information.

We may disclose information if required by law (subpoena, court order) or to protect our rights, property, or safety.

Your Rights

Depending on where you live, you may have the right to:

Access the personal information we hold about you.
Correct inaccurate information.
Request deletion of your information (subject to legal retention requirements — for example, we must retain payment records for tax purposes).
Opt out of marketing emails (every marketing email includes an unsubscribe link).
Object to or restrict certain processing.

To exercise any of these rights, email admin@affiliateleague.net. We will respond within 30 days.

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we have collected and the right to request deletion. We do not sell personal information.

EU/UK residents have rights under the General Data Protection Regulation (GDPR), including the right to data portability. The legal basis for our processing is your consent (for marketing emails) and the performance of a contract (for everything else necessary to operate the Service).

Data Retention

We retain your information for as long as your account is active or as needed to operate the Service. After account deletion, we retain limited records (payment history, audit logs) for up to 7 years to comply with tax and legal obligations.

Children

The Service is not directed to children under 13. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, contact us and we will delete it promptly.

Athletes under 18 must have parental consent to participate.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, if you have an account, send you an email notifying you of the change. Your continued use of the Service after changes take effect means you accept the updated policy.

Contact

Questions about this policy or your information:

Affiliate League

admin@affiliateleague.net

_This Privacy Policy is provided as a starting template. Review with qualified legal counsel before relying on it for compliance in your jurisdiction._