Gridiron.io Logo
Gridiron.io

Legal

Privacy Policy

Last updated: April 2, 2026

1. Introduction

Gridiron.io (“we,” “us,” or “our”) operates the website at sleeperdynasty.com (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using Gridiron.io, you agree to the practices described here.

2. Information We Collect

Account Information

When you create an account via email/password or Google OAuth, we collect your email address, display name, and any profile information provided through authentication. For Google sign-in, we receive only the information Google makes available based on your Google account privacy settings.

Sleeper Data

You provide your Sleeper username to connect your dynasty league(s). We retrieve league data, roster information, matchup history, transaction history, and player data via the public Sleeper API. This data is sourced from Sleeper's publicly accessible endpoints — we do not access your Sleeper account credentials.

AI Chat History

We store your AI chat messages and session history in order to provide conversation continuity across sessions. Chat content may include trade proposals, player analysis requests, and strategic notes you share with the AI assistant.

Preferences and Plans (Paid Tiers)

On paid tiers, we store user preferences and strategic plan content that you generate or provide to personalize your AI experience.

Usage Data

We track daily AI message usage counts to enforce tier-based rate limits. We also log general service activity such as league connections and feature usage for abuse prevention and product improvement.

Feedback

If you submit feedback through the app, we store the message content along with your user ID and submission timestamp.

Analytics

We use Vercel Analytics and Vercel Speed Insights, which collect anonymized, aggregated data about page views and performance. This data does not identify individual users and is not used for cross-site tracking or advertising.

3. How We Use Your Information

  • To create and manage your account and authenticate your identity.
  • To provide the core features of the Service, including AI chat analysis, roster rankings, trade tools, and league dashboards.
  • To personalize AI responses using your league data, preferences, and chat history.
  • To enforce tier-based feature access and daily AI message limits.
  • To send you transactional emails related to your account (e.g., sign-in links, account notices).
  • To send you marketing emails about new features, updates, tips, and promotions related to Gridiron.io. You may opt out of marketing emails at any time via the unsubscribe link included in every marketing email.
  • To improve the Service, fix bugs, and develop new features using aggregated usage insights.
  • To detect and prevent abuse, fraud, and unauthorized access.

4. Third-Party Services

We rely on the following third-party services to operate Gridiron.io. Each has its own privacy policy that governs their handling of data.

Supabase

We use Supabase for database storage and user authentication. Your account data, league data, chat history, and all other stored information resides in Supabase's PostgreSQL infrastructure. Supabase Privacy Policy

Google (Gemini AI & OAuth)

AI chat responses are powered by Google Gemini. Your chat messages and relevant league context are sent to Google's Gemini API to generate responses. We also use Google OAuth for sign-in. Google Privacy Policy

Sleeper

We retrieve fantasy football data via Sleeper's public API using the Sleeper username you provide. We are not affiliated with or endorsed by Sleeper. Sleeper Privacy Policy

FantasyCalc

We retrieve publicly available dynasty trade values from FantasyCalc to power trade analysis features. No personal data is shared with FantasyCalc.

Vercel

The frontend is hosted on Vercel. Vercel Analytics and Speed Insights collect anonymized, aggregated performance and usage data. Vercel Privacy Policy

5. Email Communications

By creating an account, you agree to receive transactional emails necessary to operate your account (e.g., magic link sign-in emails, important account notices). You cannot opt out of strictly transactional emails while maintaining an active account.

We may also send you marketing emails about new features, product updates, tips, and promotions. Every marketing email will include an unsubscribe link. You may opt out at any time by clicking that link. Opting out of marketing emails will not affect your ability to use the Service.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account or request deletion, we will remove your personal information from our active databases within a reasonable time. Some data may persist in backups for a limited period before being purged. League data retrieved from the Sleeper public API is non-personal and may be retained for analytical purposes.

7. Your Rights

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate personal data.
  • Deletion — request deletion of your account and associated personal data.
  • Opt-out of marketing — unsubscribe from marketing emails at any time via the link in any marketing email or by contacting us.

To exercise any of these rights, email us at [email protected].

8. Children's Privacy

Gridiron.io is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected data from a child under 13, we will take steps to delete that information promptly.

9. Data Security

We implement reasonable technical and organizational measures to protect your data, including Row Level Security (RLS) policies in our database so users can only access their own data. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. For material changes, we may also notify you by email. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

11. Contact

If you have questions or concerns about this Privacy Policy, please contact us at: [email protected]