strAightredBack to site

Privacy Policy

Last updated: March 2026

What we collect

  • Email address - if you choose to sign up for access to the Consensus XI or Injury Tracker pages. We store this in our database (hosted on Supabase) and use it solely to identify returning users. We collect your email on the basis of your consent when you enter it.
  • Admin session cookie - if you log in as an admin, we set a single HttpOnly cookie to maintain your session. This cookie is strictly functional (not used for tracking), expires after 8 hours, and is only set for admin users.
  • localStorage - we store preferences (such as your email gate status and team filters) in your browser's local storage. This data never leaves your device.

Lawful basis for processing

  • Consent - we collect your email address only when you voluntarily enter it. You can withdraw consent at any time by deleting your data (see below).

How we use your data

  • Email addresses are used only to gate access to premium pages and to contact you about the service if necessary.
  • We do not sell, share, or rent your data to third parties.
  • We do not send marketing emails unless you explicitly opt in to a future newsletter.

Third-party services

  • Supabase - hosts our database (email addresses and prediction data). Data is stored in Supabase's cloud infrastructure.
  • Vercel - hosts the website. Standard server logs may be kept by Vercel per their privacy policy.
  • Premier League Fantasy API - we fetch publicly available squad data, fixture schedules, and player availability information from the official Premier League Fantasy API to power our features. No user data is sent to this API.

Data sources

We aggregate publicly available predicted lineup data from third-party websites including Fantasy Football Scout, RotoWire, FPL.team, and others. This data is fetched from publicly accessible web pages and presented with full attribution and links to the original sources. No personal data is collected as part of this process.

International data transfers

Our service providers (Supabase, Vercel) may store and process data in the United States and other countries. These providers maintain appropriate safeguards for international transfers in accordance with applicable data protection laws.

Your rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access - request a copy of any data we hold about you.
  • Deletion - request that we delete your email and any associated data.
  • Rectification - request correction of inaccurate data.
  • Portability - request your data in a standard format.
  • Withdraw consent - you can withdraw your consent for email processing at any time.

To exercise any of these rights, email us at info@straightred.ai, or use the self-service deletion option below.

How to delete your data

You can delete all data we hold about you in two ways:

  • Self-service - visit the footer of any page and click “Manage your data”. Enter the email address you signed up with and we will delete it immediately from our database.
  • Email us - send a request to info@straightred.ai and we will process your deletion within 72 hours.

Once deleted, your email is permanently removed from our database. You will need to re-enter your email if you wish to access gated pages again.

Data retention

We retain email addresses for as long as your account is active. Prediction data is kept indefinitely for historical accuracy tracking. You can request deletion at any time.

Jurisdiction

This site is operated from the United Kingdom. By using this site, you acknowledge that your data may be processed in the United Kingdom and other countries where our service providers operate.

Changes

We may update this policy from time to time. Material changes will be noted on this page with an updated date.