PRIVACY POLICY

1. Introduction

Golazo ("we," "our," or "the Service") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our FIFA World Cup 2026 prediction pool platform.

2. Information We Collect

We collect minimal information necessary to provide our Service:

• Account Information: Email address and display name when you create an account
• Predictions: Your pool picks and predictions for World Cup matches
• Pool Membership: Information about which pools you create or join
• Usage Data: Basic analytics about how you interact with the Service (page views, features used)

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Authenticate your account and secure your data
• Display your predictions and standings within your pools
• Send important service notifications (password resets, deadline reminders)
• Improve and optimize the Service

4. Information Sharing

We do not sell your personal information.

Your information may be shared in limited circumstances:

• Within Pools: Your display name and predictions are visible to other members of pools you join
• Service Providers: We use third-party services for hosting (Vercel), database (Neon), and email (Resend) that process data on our behalf
• Legal Requirements: If required by law or to protect our rights

5. Data Security

We implement appropriate security measures to protect your data:

• Passwords are hashed using industry-standard algorithms (bcrypt)
• All data transmission is encrypted via HTTPS
• Database access is restricted and secured
• Session tokens are securely generated and managed

6. Cookies and Local Storage

We use:

• Session Cookies: To keep you logged in and maintain your session
• Local Storage: To store preferences and improve performance

We do not use tracking cookies or third-party advertising cookies.

7. Your Rights

You have the right to:

• Access your personal data
• Update or correct your account information
• Delete your account and associated data
• Export your predictions data

To exercise these rights, visit your Account settings or contact us.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal information within 30 days, except where we need to retain it for legal purposes.

9. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

10. Third-Party Services

Our Service uses the following third-party providers:

• Vercel: Hosting and deployment
• Neon: PostgreSQL database
• Resend: Transactional email

Each provider has their own privacy policy governing their handling of data.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or your data, please contact the site administrator.