Back

Privacy Policy

Last updated: 28 March 2026

1. Who We Are

OffsideFPL is an independent companion app for Fantasy Premier League. We are not affiliated with the Football Association Premier League Limited. This policy explains how we collect, use, and protect your personal data when you use OffsideFPL.

2. Data We Collect

Account information

When you sign in via Google, Facebook, or X (Twitter), we receive and store your name, email address, and profile image from your OAuth provider. We also store authentication tokens to keep you signed in. We never store your password — authentication is handled entirely by your chosen provider.

FPL data

We fetch publicly available data from the FPL API, including league standings, gameweek scores, entry history, and team information. This data is associated with your FPL entry ID within your OffsideFPL league. For details on how the Premier League handles your FPL data, see the Premier League Privacy Policy.

League & game data

We store your league memberships, roles (admin, member), offside game results, nominations, drink submissions (text notes), and notification history.

Media uploads

If you choose to upload photos or videos as part of a drink submission, the media is stored in AWS S3 in the UK (London, eu-west-2 region). Media is visible only to members of the league it was submitted to. Uploaded media is automatically deleted after the retention period set by your league admin (7 days, 30 days, or at season end). You may delete your uploaded media at any time from the drink submission screen.

Push notifications

If you opt in to push notifications, we store your browser push endpoint URL, encryption keys, and user-agent string to deliver notifications to your device.

3. Data We Do Not Collect

  • Passwords (OAuth only)
  • Payment or financial information
  • Location data
  • Analytics or tracking data (no Google Analytics, no third-party trackers)
  • Contacts or phone data

4. How We Use Your Data

  • To authenticate your account and maintain your session
  • To display FPL scores, standings, and league data within the app
  • To run the offside game (nominations, results, drink tracking)
  • To send push notifications you have opted in to
  • To respond to support requests

We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. Cookies & Local Storage

We use a single session cookie to keep you signed in. We do not use advertising or tracking cookies. A small localStorage flag is used to remember if you have dismissed the app install prompt.

6. Third-Party Services

  • OAuth providers (Google, Facebook, X) — handle authentication. Their own privacy policies apply to data they collect.
  • FPL API (Premier League) — we fetch publicly available league and score data. See the Premier League Privacy Policy.
  • Web Push— notifications are delivered via your browser's built-in push service (e.g. Google FCM for Chrome, Mozilla Push for Firefox).
  • AWS S3— optional drink submission media (photos and videos) is stored in Amazon S3 in the UK (eu-west-2). Media is encrypted at rest and access is restricted via short-lived signed URLs.

7. Data Storage & Security

Your data is stored in a cloud-hosted PostgreSQL database. All connections use HTTPS/TLS encryption in transit. OAuth tokens are stored securely on the server and are never exposed to the browser.

8. Data Retention & Deletion

Your data is retained for as long as your account is active. You can delete your account at any time from the Danger Zone section in Account settings. Deleting your account permanently removes your profile, league memberships, and associated data.

Uploaded media (photos and videos) is automatically deleted based on your league's retention setting (7 days, 30 days, or season end). You may also delete your uploads manually at any time.

9. Children

OffsideFPL is intended for users aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, please contact us and we will remove it.

10. Changes to This Policy

We may update this policy from time to time. Changes will be reflected on this page with an updated date. Continued use of the app after changes constitutes acceptance of the revised policy.

11. Contact

Questions about your data? Contact us at [email protected] or reach out on Discord and X.