Privacy Policy

Last updated: March 18, 2026

1. Introduction

TheStats.ai ("we", "our", or "us") operates the TheStats.ai platform, a sports league management system. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored securely using industry-standard hashing). League administrators may also provide organization details such as organization name and contact information.

League & Game Data

We collect and store league data including team names, player names, jersey numbers, game scores, player statistics, and scheduling information that you provide through the platform.

Third-Party Integrations

If you connect a YouTube channel for livestreaming, we store an encrypted OAuth refresh token and your channel name to facilitate broadcast creation on your behalf. We do not access or store your YouTube videos, subscribers, or other channel data beyond what is necessary for livestreaming.

Push Notifications

If you opt in to push notifications, we store your browser push subscription endpoint (a URL generated by your browser). This is not linked to any user account and is used solely to deliver game and league notifications.

Automatically Collected Information

We may collect standard server logs including IP addresses, browser type, and access times for security and performance monitoring purposes.

3. How We Use Your Information

  • To provide and maintain the league management platform
  • To display game statistics, standings, and leaderboards
  • To send push notifications about game results and league updates (with your consent)
  • To facilitate YouTube livestreaming of games (when connected by an admin)
  • To authenticate users and protect accounts
  • To improve and optimize the platform

4. Data Sharing

We do not sell your personal information. We may share data in the following circumstances:

  • Public League Pages: League names, team names, player names, game scores, and statistics may be publicly visible if the league administrator enables public access.
  • YouTube: When an admin initiates a livestream, we interact with YouTube's API to create and manage broadcasts on the connected channel.
  • Service Providers: We use AWS for hosting and Google Cloud for OCR image processing. These providers process data on our behalf under their respective privacy policies.
  • Legal Requirements: We may disclose information if required by law or to protect our rights.

5. Data Security

We implement industry-standard security measures including encrypted data transmission (HTTPS), hashed passwords, encrypted OAuth tokens (AES-256-GCM), and secure cloud infrastructure (AWS).

6. Data Retention

We retain your data for as long as your account is active. League and game data is retained as long as the league exists on the platform. You may request deletion of your account and associated data by contacting us.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Opt out of push notifications at any time
  • Disconnect third-party integrations (e.g., YouTube) at any time

8. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a revised date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at [email protected].