Trust & Privacy

This page is maintained by the FootDraw team to answer common security and privacy questions about the app. It is editable project content, not an independent certification.

Accounts & Authentication

Sign-in is handled by our managed authentication provider. Passwords are never stored by FootDraw; sessions use signed tokens stored in your browser. Google sign-in is supported.

Your Data

FootDraw stores the data you create — teams, players, matches, ratings, polls and optional Telegram links — in a managed Postgres database. Row-level security policies scope reads and writes to the teams you belong to.

Sharing

Public match share links expose only the match summary needed to render the share page. Private team data stays scoped to team members.

Subprocessors & Integrations

FootDraw uses third-party services to operate: hosting and backend (Lovable Cloud / Supabase), transactional email (Resend), and Telegram for optional group notifications. Data shared with Telegram is limited to what you choose to send.

Retention & Deletion

You can delete players, matches, polls and other content at any time from the app. To request full account deletion, contact the team owner or reach out via the contact channel below.

Security Contact

To report a security concern, contact the team that maintains your FootDraw workspace, or open an issue with the maintainers.

Shared Responsibility

Lovable provides the underlying platform (hosting, managed database, authentication). The FootDraw team is responsible for the application code and content shown here. Customers are responsible for keeping their own credentials safe.