Trust & Privacy
This page is maintained by the FootDraw team to answer common security and privacy questions about the app. It is editable project content, not an independent certification.
Accounts & Authentication
Sign-in is handled by our managed authentication provider. Passwords are never stored by FootDraw; sessions use signed tokens stored in your browser. Google sign-in is supported.
Your Data
FootDraw stores the data you create — teams, players, matches, ratings, polls and optional Telegram links — in a managed Postgres database. Row-level security policies scope reads and writes to the teams you belong to.
Sharing
Public match share links expose only the match summary needed to render the share page. Private team data stays scoped to team members.
Subprocessors & Integrations
FootDraw uses third-party services to operate: hosting and backend (Lovable Cloud / Supabase), transactional email (Resend), and Telegram for optional group notifications. Data shared with Telegram is limited to what you choose to send.
Retention & Deletion
You can delete players, matches, polls and other content at any time from the app. To request full account deletion, contact the team owner or reach out via the contact channel below.
Security Contact
To report a security concern, contact the team that maintains your FootDraw workspace, or open an issue with the maintainers.
Shared Responsibility
Lovable provides the underlying platform (hosting, managed database, authentication). The FootDraw team is responsible for the application code and content shown here. Customers are responsible for keeping their own credentials safe.