P1P
Player One PageSign in

Privacy Policy

Last Updated: February 26, 2026

1. Introduction

Player One Page ("we", "us", "our", or "Company") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at playeronepage.com and related services (collectively, the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

We reserve the right to modify this Privacy Policy at any time. We will notify you of any changes by updating the "Last Updated" date at the top of this Privacy Policy. Your continued use of the Service after any modifications indicates your acceptance of the updated Privacy Policy.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using the Service:

  • Account Information: Name, email address, password (encrypted), school/organization affiliation, and role (athlete or recruiter/coach)
  • Profile Information (Athletes): Athletic statistics, sport, position, graduation year, height, weight, location (city/state), GPA, test scores, biographical information, profile photo, and social media links
  • Multimedia Content: Photos, videos, and links to external video platforms (YouTube, Vimeo, Hudl) showcasing athletic performance
  • Verification Information (Recruiters): For non-.edu email recruiters, we collect detailed reasons for account verification to confirm legitimacy
  • Payment Information: When you subscribe to paid features, our payment processor (Stripe) collects payment card information and billing details
  • Communications: Messages, emails, and other communications you send to us or through the Service

2.2 Information Collected Automatically

When you access the Service, we automatically collect certain information:

  • Usage Data: Pages viewed, features used, time spent on pages, links clicked, and search queries
  • Device Information: Browser type, operating system, device type, IP address, and unique device identifiers
  • Authentication Data: Login timestamps, session tokens, and authentication status
  • Cookies and Tracking: We use cookies, session storage, and similar technologies to maintain your session, remember your preferences, and analyze Service usage

2.3 Information from Third Parties

We may receive information about you from third-party services you connect to your account:

  • Social Media: If you link social media profiles (Twitter, Instagram), we may access publicly available information from those platforms
  • Video Platforms: Metadata from embedded videos (YouTube, Vimeo, Hudl) may be collected when you add them to your profile

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Maintain the Service: Create and manage your account, display athlete profiles to recruiters, facilitate connections between athletes and recruiters
  • Process Transactions: Process subscription payments, manage billing, and provide receipts
  • Authentication and Security: Verify your identity, prevent fraud, detect unauthorized access, and enforce our Terms and Conditions
  • Transactional Communications: Send essential service-related emails including password resets, payment confirmations and failure notices, subscription cancellation confirmations, account verification requests, recruiter verification approvals and rejections, parent/guardian verification requests, trainer approval notifications, coach contact request notifications, and administrative alerts. These emails are necessary for service operation and cannot be opted out of.
  • Marketing Communications: Send promotional emails such as welcome messages and profile publication notifications. You may opt out of marketing emails at any time (see Section 7.1). We include RFC 8058-compliant one-click unsubscribe functionality in all marketing emails.
  • AI-Powered Analysis: If you opt to use AI Analysis, process a compressed summary of your profile data through OpenAI's API to generate recruiting feedback and recommendations. This is entirely optional and user-initiated.
  • Improve the Service: Analyze usage patterns, troubleshoot technical issues, develop new features, and enhance user experience
  • Verification and Compliance: Verify recruiter accounts, especially for non-.edu email addresses, to maintain platform integrity
  • Legal Compliance: Comply with legal obligations, respond to legal requests, and protect our rights and the rights of others

4. How We Share Your Information

4.1 Public Information

Athlete Profiles: If you are an athlete with a published profile, your profile information (including name, photos, videos, statistics, and contact information) is visible to verified recruiters and coaches using the Service. Your profile may also be accessible via direct links and QR codes that you share.

4.2 Service Providers and Third-Party Integrations

We share information with trusted third-party service providers who help us operate the Service:

  • Stripe (Payment Processing): We use Stripe to process subscription payments. Stripe collects and processes your payment information according to their privacy policy. We do not store full credit card numbers on our servers.
    View Stripe's Privacy Policy
  • Resend (Email Service): We use Resend to send both transactional and marketing emails. For transactional emails, Resend processes your email address and name to deliver service-essential messages such as password resets, payment confirmations, subscription cancellation notices, verification status updates, parent verification requests, and coach contact notifications. For marketing emails (welcome messages and profile publication notifications), Resend also processes your email address and name. Emails may contain your name, athlete names, profile URLs, dashboard links, password reset links, and coach contact information as necessary for each email's purpose.
    View Resend's Privacy Policy
  • ESPN (Sports Data): We display live sports scores, standings, news, schedules, play-by-play data, team rosters, and team statistics sourced from ESPN's publicly available API. No user personal information is transmitted to ESPN. This data is read-only and cached temporarily in server memory to improve performance. ESPN data is displayed on our Pro Stuff page, team profiles, and My Teams intel feed.
  • U.S. Department of Education College Scorecard (School Data): We use the College Scorecard API to display school information including institution names, locations, admissions rates, completion rates, costs, post-graduation earnings, and academic program offerings. Only search parameters (such as school name and state) are sent to this API — no personally identifiable information is transmitted. Results are cached in server memory and school detail snapshots are stored in our database for performance purposes.
    View the U.S. Department of Education Privacy Policy
  • Mux (Video Hosting): We use Mux for hosting athlete and trainer highlight and game film videos. When you upload a video, the video file is transmitted directly to Mux's servers and stored with a unique asset and playback identifier. No personally identifiable information (such as your name or email) is sent to Mux — only the video file data. Each athlete and trainer account is limited to 3 video uploads.
    View Mux's Privacy Policy
  • OpenAI (AI Profile Analysis): We offer an optional AI-powered profile analysis feature for subscribed athletes. When you choose to use this feature, a compressed summary of your athlete profile data is transmitted to OpenAI's API for processing. The data sent includes: sport, position, graduation year, school, GPA, athletic statistics, and profile completeness metrics. We do NOT send the following to OpenAI: your name, email address, phone number, photos, videos, payment information, passwords, or direct contact details. The data is transmitted via encrypted HTTPS connection. OpenAI processes this data solely to generate the analysis response and, per their API data usage policy, does not use API inputs to train their models. You can choose not to use this feature at any time. Use of AI Analysis is entirely optional and requires an active subscription.
    View OpenAI's Privacy Policy
  • Database and Hosting: We use secure cloud hosting services to store your data. All data is encrypted in transit and at rest.
  • Analytics: We may use analytics services to understand how users interact with the Service and improve performance.

4.3 Business Transfers

If Player One Page is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

4.4 Legal Requirements and Safety

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders, search warrants)
  • Requests from law enforcement or government authorities
  • Situations involving potential threats to safety or security
  • Protection of our rights, property, or safety, or that of our users

4.5 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4.6 Email Communications

We send the following types of email communications:

Transactional Emails (required for service operation, cannot be opted out of):

  • Password reset links
  • Payment confirmations and payment failure notices
  • Subscription cancellation confirmations and end-of-subscription notices
  • Account verification requests (for recruiter and coach accounts)
  • Verification approval and rejection notifications
  • Parent/guardian verification requests (for users under 18)
  • Trainer account approval notifications
  • Coach contact request notifications
  • Administrative notifications

Marketing Emails (optional, can be opted out of):

  • Welcome messages for new users
  • Profile publication notifications

How to manage your email preferences:

  • Marketing emails include a one-click unsubscribe link in every message, compliant with RFC 8058
  • You can also manage your marketing email preferences from your Account Settings page
  • Marketing opt-out is processed immediately via a secure, token-verified unsubscribe mechanism
  • Opting out of marketing emails does not affect transactional emails, which are necessary for account security and service operation

Information contained in emails: Our emails may include your name, athlete names, profile URLs, dashboard links, password reset URLs, coach contact information (name, email, phone, school), payment amounts, and subscription dates as necessary for each communication's purpose.

All emails are sent through our email service provider, Resend. See Section 4.2 for details.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS. Passwords are hashed using bcrypt before storage.
  • Access Controls: We restrict access to personal information to authorized personnel only
  • Secure Authentication: We use NextAuth.js for secure session management with JWT tokens
  • Account Protection: We implement failed login attempt tracking and temporary account locking to prevent unauthorized access
  • Regular Security Updates: We keep our software and dependencies up to date with security patches

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide you with the Service and maintain your account
  • Comply with legal obligations (tax records, transaction history)
  • Resolve disputes and enforce our agreements
  • Detect and prevent fraud or abuse

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or compliance purposes. Backup copies may persist for up to 90 days.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 General Rights

  • Access: You can access and review your account information at any time through your account settings
  • Correction: You can update or correct your profile information through your account settings
  • Deletion: You can request deletion of your account by contacting us at support@playeronepage.com
  • Data Portability: You can request a copy of your data in a machine-readable format
  • Opt-Out of Marketing: You can unsubscribe from marketing emails using the one-click unsubscribe link included in every marketing email, or through your Account Settings page. Unsubscribe requests are processed immediately using a secure token-verified mechanism. Please note that transactional emails (password resets, payment confirmations, verification notifications, etc.) cannot be opted out of, as they are essential to your use of the Service.

7.2 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, disclose, and sell
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

7.3 European Residents (GDPR)

IMPORTANT NOTICE FOR EU RESIDENTS: This Service is operated from and intended for users in the United States. We do not actively target or market to individuals in the European Union, European Economic Area, or United Kingdom. Our Service is not designed to comply with the General Data Protection Regulation (GDPR) or UK GDPR. By accessing or using this Service from the EU/EEA/UK, you acknowledge that we may not be able to fulfill all GDPR rights and obligations. We recommend EU/EEA/UK residents not use this Service.

If you are in the European Economic Area (EEA) and choose to use the Service despite the above notice, you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise any of these rights, please contact us at support@playeronepage.com. We will respond to your request within 30 days.

8. Children's Privacy

Our Service is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13 without parental consent.

For Users Under 18: If you are between 13 and 18 years old, you should review this Privacy Policy with your parent or guardian to ensure you both understand how we collect, use, and share your information.

If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child under 13, please contact us immediately at support@playeronepage.com.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Maintain your login session, remember your preferences, and enable core functionality
  • Analytics: Understand how users interact with the Service and identify areas for improvement
  • Security: Detect and prevent fraudulent activity and unauthorized access

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of the Service, particularly account-related functions.

Types of Cookies We Use:

  • Session Cookies: Temporary cookies that expire when you close your browser
  • Persistent Cookies: Cookies that remain on your device for a set period (up to 30 days) to remember your login and preferences
  • Authentication Tokens: JWT tokens used to maintain your authenticated session securely

10. Third-Party Links and Services

The Service may contain links to third-party websites, services, and platforms, including:

  • Social media platforms (Twitter, Instagram)
  • Video hosting services (YouTube, Vimeo, Hudl, Mux)
  • Sports data providers (ESPN) for live scores, standings, and news
  • U.S. Department of Education College Scorecard API for school information
  • OpenAI for AI-powered profile analysis (optional feature)
  • External athletic websites

We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies before providing any personal information to them. When you embed content from third-party platforms (like YouTube videos), those platforms may collect information about you according to their own privacy policies.

Sports and School Data Accuracy: Live scores, standings, schedules, and other sports data displayed on the Service are sourced from third-party providers and are provided for informational purposes only. We do not guarantee the accuracy, completeness, or timeliness of this data. School information from the College Scorecard API reflects data published by the U.S. Department of Education and may not reflect the most current information from individual institutions. You should verify all important information independently.

11. International Data Transfers

Your information may be transferred to, and maintained on, servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

If you are located outside the United States and choose to use the Service, you consent to the transfer of your information to the United States and its processing in accordance with this Privacy Policy and U.S. law. We will take appropriate measures to ensure your data receives adequate protection.

12. Do Not Track Signals

Some web browsers have a "Do Not Track" feature that signals to websites you visit that you do not want your online activity tracked. Currently, our Service does not respond to Do Not Track signals due to the lack of industry standards for compliance.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last Updated" date at the top of this Privacy Policy
  • Notify you via email for material changes that significantly affect your rights
  • Post a notice on the Service for significant changes

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@playeronepage.com

Website: www.playeronepage.com

We will respond to your inquiry within 30 days.

Privacy Policy Summary

What we collect: Account information, profile data, athletic statistics, payment information (via Stripe), and usage data

How we use it: To provide the Service, process payments, verify accounts, send transactional emails, and improve user experience

Who we share with: Published athlete profiles are visible to verified recruiters; payment data with Stripe; email data with Resend; video files with Mux; compressed profile data with OpenAI (only when you opt to use AI Analysis); no user data shared with ESPN or College Scorecard (read-only public data); data may be shared for legal compliance

Your rights: Access, correct, delete your data; opt-out of marketing; request data portability