Privacy Policy

Effective Date: April 4, 2026

1. Introduction

KalkuloSport ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our platform at kalkulosport.com. By using the Service, you consent to the practices described in this policy.

2. Information We Collect

Account Information

When you register, we collect your name, email address, and authentication credentials via our OAuth provider (Manus).

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers, CVV codes, or full payment details. We only store your Stripe Customer ID and Subscription ID to manage your account.

Usage Data

We collect information about your interactions with the Service, including prediction queries, leagues viewed, and features used. This data is used to improve the Service and personalize your experience.

Technical Data

We automatically collect IP address, browser type, device type, and session data for security and performance monitoring purposes.

3. How We Use Your Information

To provide, maintain, and improve the Service
To process payments and manage your subscription
To send you weekly prediction digest emails (if you opt in)
To send transactional emails (subscription confirmations, trial expiry notices)
To detect and prevent fraud, abuse, and security incidents
To comply with legal obligations
To analyze usage patterns and improve our prediction models

4. Data Sharing

We do not sell your personal data. We share data only with:

Stripe — for payment processing. Stripe's privacy policy applies to data shared with them.
Hostinger — for email delivery of weekly alerts and transactional emails.
RapidAPI / SofaScore — sports fixture data is fetched from this provider; no personal data is shared.
Legal authorities — when required by law, court order, or to protect our rights.

5. Data Retention

We retain your account data for as long as your account is active. Prediction history is retained for 12 months. Payment records are retained for 7 years as required by financial regulations. You may request deletion of your account and associated data at any time by contacting us.

6. Your Rights (GDPR / LGPD)

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal data we hold about you
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your personal data ("right to be forgotten")
Portability: Request your data in a machine-readable format
Objection: Object to processing of your data for marketing purposes
Opt-out: Unsubscribe from email alerts at any time via the Alerts Settings page

To exercise any of these rights, contact us at [email protected].

7. Cookies

We use essential session cookies to maintain your login state. These cookies are strictly necessary for the Service to function and cannot be disabled. We do not use advertising cookies or third-party tracking cookies. Session cookies are deleted when you log out or when your session expires.

8. Security

We implement industry-standard security measures including HTTPS/TLS encryption, HTTP security headers (HSTS, X-Frame-Options, CSP), rate limiting, and secure cookie flags (HttpOnly, SameSite, Secure). Payment data is handled exclusively by Stripe's PCI-DSS compliant infrastructure.

9. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Your continued use of the Service after changes take effect constitutes your acceptance of the revised policy.

11. Contact

For privacy-related questions or data requests, contact our Data Protection contact at: [email protected]