Privacy Policy

Last updated: January 19, 2026

1. Introduction

Sideline Captions (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our website, application, and related services (collectively, the “Service”).

By using the Service, you consent to the practices described in this Policy.

2. Information We Collect

2.1 Contact and Support Information

When you contact us or request support, we collect information such as your name, email address, message content, and related details to respond to your inquiry.

2.2 Purchase and License Information

When you purchase a Sideline Captions license, we collect:

  • Email address
  • License key and referral code (if applicable)
  • Payment details provided via Stripe (we do not store credit card numbers)
  • Transaction identifiers, amount, and receipt URLs

2.3 Usage and Analytics Data

We automatically collect certain data to improve performance and reliability, including:

  • Application performance metrics (e.g., number of images processed, success/failure rates)
  • Basic technical data such as browser type, operating system, and app version
  • Website analytics through Google Analytics (aggregated and anonymized)

2.4 Caption and Metadata Processing

To deliver and maintain high-quality captioning results, we may temporarily retain certain user-submitted information (including captions, metadata, and limited image previews) solely for service functionality, debugging, and quality assurance. This data is never sold or used for advertising or model training purposes and is removed after a limited period of operational necessity.

2.5 Sideline Live Gallery Data

When you use Sideline Live, we collect and store:

  • Gallery metadata (name, description, creation date, settings)
  • Images uploaded via FTP (full-resolution files and thumbnails)
  • Image metadata (EXIF data, filename, upload timestamp)
  • FTP credentials (username and encrypted password)
  • FTP session logs (connection times, IP addresses, upload activity)
  • Gallery access logs (views, downloads, visitor IP addresses)
  • Gallery passwords (encrypted)

2.6 Payment and Transaction Data (Sideline Live Sales)

When you enable payment features in Sideline Live to sell images to customers, we collect and process:

  • Photographer Data: Email address, Stripe Connect account ID, payout status, and transaction history
  • Customer Data: Email address, name (if provided), purchase history, and order details
  • Transaction Metadata: Order ID, transaction amount, platform fees, Stripe fees, payment status, timestamps, and receipt URLs
  • Financial Information (via Stripe): Customer payment information (credit card details, billing address) is collected and processed directly by Stripe. We never receive or store full credit card numbers, bank account details, or other sensitive financial information

All payment processing is handled through Stripe Connect. Photographers must create a Stripe Connect account to receive payouts, and all sensitive financial data (bank accounts, tax IDs, etc.) is stored exclusively by Stripe, not by Sideline Captions.

2.7 Roster Database Access

When you use the code replacements service, we collect:

  • Email address for authentication
  • Search queries and team selections
  • Downloaded code replacement files (for rate limiting and analytics)
  • Access timestamps and usage patterns

Note: The roster data itself (player names, numbers, positions) is publicly available information. We do not collect or store any personal information about the athletes beyond what is publicly available.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve the Service
  • Process your purchase and deliver license information
  • Authenticate users and prevent fraud
  • Respond to customer inquiries and support requests
  • Analyze trends and usage for product improvement
  • Store and serve gallery images via Sideline Live
  • Generate thumbnails and optimized versions of gallery images
  • Monitor FTP activity to prevent abuse and ensure service reliability
  • Provide access to generate code replacement files
  • Track gallery views and downloads for analytics
  • Process payments for image sales through Sideline Live
  • Calculate and distribute platform fees and payouts to photographers
  • Facilitate customer purchases and deliver digital downloads
  • Send transactional emails related to purchases (order confirmations, download links, receipts)
  • Maintain transaction records for tax and legal compliance
  • Enforce rate limits and prevent service abuse
  • Comply with legal and regulatory obligations

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) or the United Kingdom, we rely on the following legal bases:

  • Performance of a contract (to provide access to purchased software)
  • Legitimate interests (to improve and maintain the Service)
  • Consent (for analytics and cookies)
  • Legal obligations (to comply with applicable law or enforce agreements)

5. Third-Party Services

We use trusted third parties to process and store data securely:

5.1 Stripe and Stripe Connect

Handles all payment transactions for subscription purchases and Sideline Live image sales. When you use payment features in Sideline Live:

  • Photographers: Must create a Stripe Connect account to receive payouts. Stripe collects and stores your bank account information, tax identification, and other financial details directly. We never receive or store this sensitive information.
  • Customers: Payment information (credit card details, billing addresses) is processed and stored by Stripe. Sideline never receives full card details or other sensitive financial information.
  • Payout Processing: Stripe controls the payout schedule (typically 3-9 business days) and transfers funds directly to photographers' bank accounts.

Stripe is PCI-DSS Level 1 certified and maintains industry-leading security standards. Stripe Privacy Policy | Stripe Connect Terms

5.2 Google Gemini

We use Google's Gemini API to generate captions from user-provided content. Data sent to Google Gemini is processed in accordance with their privacy policy and is not used to train their models. Google Gemini API Terms | Google Privacy Policy

5.3 OpenAI

We use the OpenAI API to generate captions from user-provided content. Data sent to OpenAI is processed in accordance with their privacy policy and is not used to train their models. OpenAI Privacy Policy

5.4 Google Analytics and Meta Pixel

Used for website analytics and traffic attribution. Data is aggregated and not used for direct advertising. Google Privacy Policy | Meta Privacy Policy

5.5 Supabase

Stores license, analytics, gallery metadata, and transaction data in secure cloud infrastructure. Supabase Privacy Policy

5.6 Resend

Sends transactional emails like license keys, download links, gallery notifications, order confirmations, order download links, and purchase receipts. Resend Privacy Policy

5.7 DigitalOcean

Provides cloud-based VPS servers and web hosting. DigitalOcean Privacy Policy

6. Data Retention

We retain data only as long as necessary for operational or legal purposes. Examples include:

  • License and payment records: Retained indefinitely for proof of purchase and support.
  • Analytics and diagnostic data: Retained for up to 12 months and aggregated for performance monitoring.
  • User-submitted caption data: Temporarily stored for up to 30 days to ensure reliable caption generation and service quality, then automatically deleted.
  • Transaction and sales data: Retained indefinitely for tax compliance, financial reporting, and dispute resolution. This includes order details, payment amounts, platform fees, and payout records.
  • Sideline Live gallery images: Retained as long as your subscription is active and you choose to keep them. Deleted galleries are permanently removed immediately upon deletion. If your subscription is cancelled, galleries are deleted after 30 days. If your subscription lapses due to payment failure, galleries are deleted after 30 days unless reactivated.
  • FTP session logs: Retained for up to 90 days for security and troubleshooting purposes.
  • Gallery access logs: Retained for up to 90 days for analytics and security.
  • Customer purchase information: Email addresses and order history for customers who purchase images through Sideline Live are retained for up to 7 years for tax and legal compliance.
  • Support correspondence: Retained up to 90 days for issue resolution.

7. Data Sharing and Disclosure

We do not sell or rent personal data. We may disclose limited information only:

  • To service providers and partners who perform services on our behalf (such as Stripe for payment processing)
  • To comply with legal obligations or government requests
  • To enforce our Terms of Service or protect our rights, property, or safety
  • In connection with payment processing: We share transaction data with Stripe to facilitate payments and payouts
  • With photographers: When a customer purchases an image, we share the customer's email address and order details with the photographer for fulfillment and customer service purposes

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure that appropriate safeguards are in place when transferring your personal data internationally, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Reliance on our service providers' compliance with applicable data protection frameworks
  • Adequacy decisions by the European Commission where applicable

By using our Service, you understand that your information may be transferred internationally as described above.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for analytics and site functionality:

  • Performance cookies: Help us analyze site usage and improve performance.
  • Functional cookies: Maintain preferences and login sessions.
  • Security cookies: Used by Google reCAPTCHA to prevent spam and abuse.

You can control cookies through your browser settings. Disabling cookies may affect site functionality.

Do Not Track Signals: Our Service does not currently respond to "Do Not Track" (DNT) signals from web browsers. We may adopt a DNT standard if one is established in the future.

10. Data Security

We use reasonable administrative, technical, and physical safeguards to protect personal information, including:

  • Encrypted transmission of data over HTTPS/TLS
  • Encrypted storage of FTP passwords
  • Encrypted storage of gallery passwords
  • All payment processing handled through PCI-DSS Level 1 certified Stripe infrastructure
  • We never store credit card numbers, CVV codes, or full bank account details
  • Stripe Connect securely stores all sensitive financial information (bank accounts, tax IDs) outside of our systems
  • Regular security updates and patches to server infrastructure
  • Access controls and authentication for all administrative functions

While we strive to protect your data, no method of transmission over the Internet is entirely secure, and we cannot guarantee absolute protection. You are responsible for maintaining the security of your FTP credentials, gallery passwords, license keys, and Stripe Connect account credentials.

Security Breach Notification: In the event of a data breach that compromises your personal information, we will notify affected users within 72 hours of discovering the breach via email to the address associated with your account. We will also notify relevant supervisory authorities as required by applicable law.

11. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements)
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing that requires it (without affecting prior lawful processing)

To exercise these rights, contact us via our website’s contact form. We will respond within 30 days.

Supervisory Authority: If you are located in the EEA or UK, you have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data appropriately.

Automated Decision-Making: We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

12. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect data from children. If you believe a child has provided personal data, contact us and we will remove it promptly.

13. Additional Information for Specific Features

13.1 Sideline Live Gallery Sharing

When you share a Sideline Live gallery link:

  • Anyone with the gallery link and password can view and download images
  • We log IP addresses of gallery visitors for security and analytics purposes
  • Gallery viewing data is associated with your account, not with individual viewers
  • You control who has access by managing gallery passwords and links
  • Deleted galleries and their viewing logs are immediately and permanently removed upon gallery deletion

13.2 Payment Processing for Image Sales

When photographers enable payment features in Sideline Live:

  • Customer Data: When a customer purchases an image, we collect their email address, name (if provided), and order details. This information is shared with the photographer for order fulfillment.
  • Payment Information: All payment card data is collected and processed directly by Stripe. We never see or store full credit card numbers, CVV codes, or other sensitive payment information.
  • Photographer Payouts: We store transaction metadata (amounts, fees, payout status) but do not have access to photographers' bank account details, which are stored exclusively by Stripe.
  • Transaction History: Both photographers and customers can view their transaction history through their respective accounts or Stripe Dashboard.
  • Tax Reporting: Photographers are responsible for their own tax reporting. We do not issue 1099 forms unless legally required based on transaction volume thresholds.

13.3 Stripe Connect Accounts

When you create a Stripe Connect account to receive payouts:

  • Stripe collects and stores your banking information, tax identification number, date of birth, address, and other identity verification details
  • This information is stored exclusively by Stripe and is not accessible to Sideline Captions
  • We only receive a Stripe Connect account ID that links your Sideline Captions account to your Stripe account
  • Your relationship with Stripe is governed by Stripe's Terms of Service and Privacy Policy
  • You can manage your Stripe account information directly through the Stripe Dashboard

14. Changes to This Policy

We may update this Privacy Policy periodically. Updates take effect immediately upon posting, as indicated by the “Last updated” date above. Continued use of the Service constitutes acceptance of the revised Policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: