DirectKick
← BackDirectKick

Privacy Policy

Last updated: March 14, 2026

This Privacy Policy explains how DirectKick ("we," "us," or "our") collects, uses, and protects information when you use our youth sports coaching platform (the "Service"). We are committed to protecting the privacy of our users, especially the children whose information may be entered into the platform by their coaches.

1. Information We Collect

Coach Account Data

When you create an account, we collect your email address, name, display name (optional), and a 4-digit PIN (stored in hashed form). This information is provided directly by you during registration.

Team and Player Data

Coaches enter team information (team name, age group, gender, season, game format) and player information (names, jersey numbers, positions, availability notes). This data is entered by adult coaches, not by the players themselves.

Parent and Guardian Contact Data

Coaches may enter parent or guardian names, email addresses, and phone numbers for the purpose of team communication. This data is entered by coaches who represent that they have appropriate consent to do so.

Game and Practice Data

The Service stores schedules, game scores, practice plans, game plans, live game events (goals, notes, clock events), player performance notes, development goals, and coaching analyses.

Photos and Media

Coaches may upload photos during games and practices. These photos may contain images of minor children. Photos are stored in our cloud storage and are accessible only to authorized team members.

Voice and Audio Recordings

Coaches may record voice notes during games and practices. Audio recordings are stored in our cloud storage and are accessible only to the coach who created them. You are responsible for compliance with applicable recording consent laws, including state laws that may require the consent of all parties being recorded.

Communication Data

Team chat messages, announcements, and AI coaching conversations are stored to provide the communication features of the Service.

Usage and Technical Data

We collect anonymized usage data through Google Analytics, including page views, device type, and general location. We may also collect technical error data through Sentry (when enabled) to improve the Service.

2. Children's Privacy (COPPA Compliance)

DirectKick does not knowingly collect personal information directly from children under 13 years of age.

  • Children do not create accounts on DirectKick and do not interact with the platform directly.
  • Player information (names, jersey numbers, positions) is entered by adult coaches, not by the children themselves.
  • Coaches represent and warrant that they have obtained appropriate consent from parents or legal guardians before entering player information into the Service.
  • Photos uploaded by coaches during games may include images of minors. Coaches are responsible for obtaining appropriate consent before uploading such photos.
  • Parents or guardians may request access to, correction of, or deletion of their child's information by contacting us at privacy@directkick.app or by asking their team's coach to update or remove the information.
  • If we learn that we have collected personal information from a child under 13 without appropriate consent, we will take steps to delete that information as quickly as possible.

3. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the coaching platform
  • Generate AI-powered game plans, practice suggestions, and coaching advice (team data is sent to our AI provider for processing)
  • Enable real-time team communication and live game broadcasting
  • Track player development and team performance over time
  • Send service-related notifications and updates
  • Improve the Service, fix bugs, and monitor for errors
  • Analyze usage patterns to enhance the user experience

4. Third-Party Services

We use the following third-party services to operate the platform:

  • Supabase — Database hosting, user authentication, file storage, and real-time features
  • Anthropic (Claude API) — AI-powered coaching features. Team context data (roster, schedule, results) may be sent via API calls to generate suggestions. Data processing is subject to Anthropic's data usage policies.
  • Google Analytics — Anonymized website usage metrics
  • Sentry (when enabled) — Error tracking and monitoring with technical context
  • Google Maps Platform — Address autocomplete and location services for event venues
  • Railway — Application hosting

We do not sell personal information to third parties. We do not share personal information for advertising purposes.

5. Data Storage and Security

  • Data is stored in cloud-hosted PostgreSQL databases with row-level security (RLS), ensuring coaches can only access their own team data
  • PINs are hashed before storage and are never stored in plain text
  • All data is transmitted over HTTPS encryption
  • Data is primarily stored and processed in the United States
  • We implement industry-standard security measures to protect your data, but no method of electronic storage is 100% secure
  • For offline functionality, team data may be cached locally on your device using browser storage (IndexedDB). This data remains on your device and is not shared with third parties

6. Data Retention and Deletion

We retain your data for as long as your account is active or as needed to provide the Service. Specific retention periods:

  • Account and team data — Retained while your account is active
  • Deleted account data — Purged within 30 days of a valid deletion request, except where retention is required by law
  • Analytics data — Retained per Google Analytics defaults (up to 26 months)
  • Error logs — Retained for up to 90 days via Sentry
  • AI conversations — Stored as part of your team data and deleted with your account. Data sent to our AI provider (Anthropic) for processing is not retained by Anthropic beyond the API request

You may request deletion of your account and associated data at any time by contacting us at privacy@directkick.app.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate data
  • Deletion — Request deletion of your personal data
  • Portability — Request your data in a portable format
  • Restriction — Request that we restrict processing of your data

California Residents (CCPA): You have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information (we do not sell personal information). We will respond to verified consumer requests within 45 days.

To exercise any of your privacy rights, contact us at privacy@directkick.app. We will respond to all valid requests within 30 days.

8. Cookies and Tracking

We use cookies and similar technologies for authentication, preferences, and analytics. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through an in-app notice. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at: privacy@directkick.app