Privacy Policy

Version v1 · 2026-05-16

Who we are

FixtureFlow ("we", "us") is a scheduling tool sold to local sports clubs. This policy explains how we process personal data when your club uses FixtureFlow.

Your club is the data controller for its members' data. FixtureFlow is the data processor — we host and process the data on the club's behalf under a Data Processing Agreement.

What data we collect

  • Member profile: name, email, phone (optional), photo (optional), playing grade/level, gender (optional).
  • Login: username (= email for members), password hash (bcrypt). We never store plaintext passwords.
  • Play history: which sessions a member checked in to, the matches they played, RSVPs to upcoming sessions.
  • Auth cookies: a signed session cookie (httpOnly, SameSite=Lax, 7-day TTL) and an optional "remember-me" cookie for the RSVP page.

We do not use third-party analytics, advertising, or tracking pixels.

Why we process it (lawful basis)

  • Contract — running sessions, generating fair fixtures, recording check-ins, sending nobody emails. This is essential for the service.
  • Consent — for members with their own login, accepted on first sign-in. The club admin attests they have a lawful basis (typically the member's prior consent or legitimate interest as part of club membership) when adding a member who doesn't yet have a login.

Where data lives

All FixtureFlow data is stored in the EU. We run two deployments: AWS Ireland (eu-west-1) and Fly.io Frankfurt (fra). No personal data leaves the EU.

Sub-processors: Amazon Web Services (EU regions only), Fly.io (EU regions only), Let's Encrypt (certificate authority — no personal data shared). A current list is maintained in our public sub-processor register.

How long we keep it

  • Sessions — auto-deleted after 5 days (only the 6 most-recent are kept per club).
  • RSVPs — retained for 18 months, then deleted.
  • Member rows — kept until the member or their admin deletes them, or until 24 months of inactivity (then auto-anonymised).
  • Audit logs — 24 months.

Your rights

  • Access & portability — download all data we hold about you from My profile → Download my data (machine-readable JSON).
  • Rectification — edit your email + photo any time from My profile; ask your club admin to fix your name/grade.
  • Erasure — ask your club admin to delete you, or click Take a break — pause my account on your profile. Deletion removes all your personal data, including match history references.
  • Restriction — same "pause my account" button stops processing your data without deleting it.
  • Object — we don't do marketing or profiling, but if you want to stop processing for any reason, contact your club admin.
  • Complaint — you have the right to lodge a complaint with the supervisory authority in your EU country.

Breach notification

If we suspect a personal data breach, we notify the affected club admins without undue delay and, where required, the relevant supervisory authority within 72 hours.

Contact

Privacy questions: ask your club admin. They escalate to the FixtureFlow operator on your behalf.

Read our Terms of Service →