Privacy Policy

IGF.live is a free fantasy golf platform. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our website and services.

By creating an account or using IGF.live, you agree to this policy. If you have questions, contact us.

1. Information We Collect

Information you provide

• Account information: name, email address, and display name. Authentication is handled securely by our identity provider (Supabase Auth).
• Profile data: avatar image and display preferences
• Activity data: draft picks, league memberships, scores, pre-rankings, and chat messages
• Communications: messages you send us via our contact form

Information collected automatically

• Device data: IP address, browser type, device type, and operating system
• Usage data: pages visited, time spent, and features used
• Cookies: essential session cookies required for the site to function. See our Cookie Policy.

2. How We Use Your Information

• Operate the platform: manage your account, process drafts, calculate scores, and maintain leaderboards
• Communicate with you: send draft reminders, tournament notifications, and league messages
• Improve the platform: analyze aggregated usage patterns to fix bugs and develop new features
• Security: detect fraud, prevent abuse, and protect accounts

3. Information Sharing

We do not sell your personal information. We do not serve advertisements or share data with ad networks. We share data only with:

• Service providers: Supabase (authentication and database), DigitalOcean (hosting), and DataGolf (golfer statistics)
• Law enforcement: only when legally required with valid legal process
• League members: your display name, avatar, scores, and draft history are visible to members of leagues you join

4. Data Retention

• Active accounts: data retained as long as your account is active
• Deleted accounts: personal data purged within 30 days; anonymized aggregate data may be retained for historical leaderboards
• Server logs: 90 days, then auto-deleted

5. Your Rights

Depending on where you live, you may have the following rights:

• Access: request a copy of all personal data we hold about you
• Correction: update or correct inaccurate data via your Settings page
• Deletion: request deletion of your account and personal data
• Data portability: request your data in a portable format
• Non-discrimination: we will not treat you differently for exercising your rights

Submit requests via our contact form. We will respond within 45 days.

6. Security

Authentication is handled by Supabase Auth with industry-standard password hashing. All data is encrypted in transit (TLS). JWT tokens are stored in HTTP-only, Secure cookies. We use parameterized database queries, CSRF protection, and rate limiting on authentication endpoints.

7. Children's Privacy

IGF.live is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it promptly.

8. Do Not Sell My Personal Information

We do not sell personal information as defined by the California Consumer Privacy Act (CCPA/CPRA). We do not serve advertisements or share data with ad networks.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email or by posting a notice on the site. Your continued use after changes constitutes acceptance.

10. Contact Us

For privacy questions or data requests, please use our contact form.