We process personal data under the following legal bases:

• Contract performance — to create and run your member account (sign-in, membership entitlement, and processing your membership payment through Stripe). Without this data we cannot provide the account you signed up for.
• Consent — for analytics (Google Analytics and Vercel Web Analytics), which load only if you opt in via our cookie consent banner; for the weekly email newsletter; and for the optional location details you may add to your profile.
• Legitimate interest — for operating core site functionality such as storing your preferences in local storage, preventing duplicate votes and abuse, responding to your contact-form enquiries, keeping security/audit records, and displaying publicly-available information about footballers and the journalists/accounts breaking transfer links. (The tlv and tl_session cookies are exempt from consent under the ePrivacy "strictly necessary" exemption; the underlying processing relies on our legitimate interest in preventing abuse and on contract performance for the signed-in session.)
• Legal obligation — for retaining donation/transaction records for the period required by financial and tax law, and for keeping a suppression record of newsletter unsubscribes.

We use a cookie consent banner to obtain your permission before loading any non-essential cookies. Analytics cookies are only activated if you consent. For a detailed breakdown of every cookie and local storage item, please see our Cookie Policy.

Analytics run only with your consent. If you decline, no analytics scripts are loaded and no interaction events are recorded. You can change or withdraw your choice at any time from the cookie banner or the footer link.

With your consent, we use the following two services to understand how visitors use our website so we can improve it and report aggregate audience figures to sponsors. Both record page views and a small set of non-identifying in-app interaction events (for example: a vote, opening a player card, opening a source-link preview, changing the view or kit). We do not attach your name, email, or account to these events, and we do not store your IP address or browser user-agent against them.

• Google Analytics 4 — Google's analytics product. It sets the _ga cookies, may infer coarse, aggregate audience attributes such as approximate location and (where Google can determine them) age/gender bands, and sends data to Google. Retention is up to 14 months. See Google's Privacy Policy.
• Vercel Web Analytics & Speed Insights — our hosting provider's privacy-focused analytics and performance telemetry. These are cookieless, do not track or identify individuals, and report only anonymous, aggregated figures.

Any approximate location shown in these tools is derived by the provider at request time for aggregate reporting; we do not separately store your IP address.

We are based in the United States, and most of the third-party providers we use — Google (Firebase storage and authentication, Google Analytics), Vercel (hosting and analytics), Stripe (payments), and Resend (email) — process data on servers in the United States. If you access the site from the United Kingdom, the European Economic Area, or another region with data-transfer rules, your personal data is transferred to and processed in the United States.

Where we transfer personal data out of the UK or EEA, we rely on appropriate safeguards — including the EU–US and UK–US Data Privacy Framework where the provider is certified, and the European Commission's Standard Contractual Clauses (with the UK Addendum) where it is not. You can request details of the safeguards in place by contacting us at support@toffeelinks.app.

We do not currently display third-party advertising or run any advertising measurement. If we add sponsored banners in future, any measurement (for example whether a banner was shown or clicked) would be reported in aggregate through the consented analytics services described above, would load only with your analytics consent, and would not build a behavioural profile of you for ad targeting. We will update this policy before any such feature goes live.

Our website uses the following third-party services:

• Google Firebase / Google Cloud — database storage and account authentication
• Stripe — secure payment processing
• Vercel — website hosting and privacy-focused analytics (analytics requires consent)
• Google Analytics 4 — website usage analytics (consent required)
• Resend — sends your sign-in "magic link" and, if you opt in, the newsletter; receives your email address and the email content. (Contact-form notifications are sent separately through Google Firebase's email extension.)
• X (Twitter) — tweet previews and source-account profile photos load directly from X's servers in your browser, which means your IP address is shared with X when those images load
• SportMonks — football data and player photos used to populate cards
• Apple — if you use Apple's "Hide My Email" at checkout, the relay address Apple provides becomes your account email
• Anthropic — an AI service we use only in our internal admin tools (to triage tweets and enrich football data); it does not process site-visitor data
• Better Stack — receives our server logs for monitoring; these are designed to exclude personal data

Each of these services has its own privacy policy governing how it handles data.

We retain data for only as long as necessary:

• Member account — kept while your account exists; you can ask us to delete it at any time (see "Your Rights" below)
• Membership / donation records — kept for as long as financial and tax law requires (generally around 6–7 years). If you ask us to delete your account, we keep these transaction records but strip your personal identifiers from them, as the law permits
• Contact form submissions — kept while we handle your enquiry and deleted on request
• Newsletter — kept while you are subscribed; after you unsubscribe we keep only a one-way hashed record of your email so we can honour your choice
• Voting data — public vote counts are kept for the life of the transfer link. The pseudonymous per-vote records used for abuse prevention (the hashed IP, and your account id for source votes) are kept for up to one year
• Local storage data — stays on your device until you clear it via your browser settings
• Analytics data — Google Analytics is retained per Google's settings (up to 14 months); Vercel Web Analytics retains aggregate data per our Vercel plan and stores no per-user records

When we delete your data, copies may persist in our encrypted backups for up to about 30 days before they are overwritten in the normal backup cycle.

If you are in the EU or UK, you have the following rights:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your personal data
• Right to restrict processing — request that we limit how we use your data
• Right to data portability — request your data in a machine-readable format
• Right to object — object to processing based on legitimate interest
• Right to withdraw consent — withdraw analytics consent at any time using the "Cookie settings" link in the site footer, which re-opens the consent banner so you can change your choice as easily as you gave it
• Right to lodge a complaint — if you are in the UK you may complain to the Information Commissioner's Office (ico.org.uk); if you are in the EU, to your national data protection authority. We'd appreciate the chance to resolve your concern first.

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.

To exercise any of these rights — including asking for a copy of your data or deleting your account — please contact us through our contact form or email support@toffeelinks.app. We verify the request comes from you, then action it without undue delay and within one month (we will tell you if a complex request needs longer). When you ask us to delete your account we remove your profile, sign-in, votes, saved line-ups and contact messages, and we strip the personal identifiers from the transaction records we are legally required to keep.

If you are a resident of California (under the CCPA as amended by the CPRA) or of another U.S. state with a comprehensive privacy law — such as Virginia, Colorado, Connecticut, Oregon, Texas, or others — you may have the right to:

• Know what personal information we collect and how it is used
• Access a copy of your personal information
• Correct inaccurate personal information
• Request deletion of your personal information
• Opt out of the sale or sharing of personal information, targeted advertising, and profiling
• Limit the use of sensitive personal information
• Appeal a denial of your request, and not be discriminated against for exercising your rights

We do not sell or share your personal information as those terms are defined under U.S. state laws, we do not use it for targeted advertising or profiling, and we do not knowingly process sensitive personal information for these purposes. We honour Global Privacy Control (GPC) and similar opt-out preference signals. To exercise any right, contact us at support@toffeelinks.app or via our contact page; we will respond within the timeframe your state's law requires (45 days in California, extendable as permitted).

Our core content includes information about footballers (names, photos, career statistics) and about the journalists and social-media accounts that break transfer links (their public handle, display name, follower count, profile photo, and a reliability rating from our members). This information is drawn from publicly available sources — primarily SportMonks and public posts on X — and we process it under our legitimate interest in running a football-news and commentary service.

If you are featured in this content and wish to object to our processing or request a correction, please contact us at support@toffeelinks.app and we will review your request.