Privacy Policy

1. Who we are

Build Your Playbook is operated by Schuman Enterprise LLC("we", "us", "our"), the data controller responsible for personal data processed through this service. For any privacy-related inquiry, reach us via our Contact page.

2. Data we collect

• Account data: email address, password hash, display name.
• Content you create: formations, plays, playbooks, call sheets, team settings, uploaded logos.
• Usage data: pages visited, features used, error logs, device and browser identifiers, IP address.
• Support communications: messages you send us.
• Membership status: whether you are a Founding Member and the associated transaction reference.

Payment card details are collected directly by our payment processor (Paddle) and are never stored on our servers.

3. Why we use your data

• To create and maintain your account (legal basis: performance of a contract).
• To deliver, sync, and back up your playbook content (contract).
• To process purchases and provide membership benefits (contract).
• To prevent fraud, abuse, and secure the service (legitimate interests).
• To improve features and fix bugs (legitimate interests).
• To respond to support requests (contract / legitimate interests).
• To comply with legal obligations such as tax and accounting (legal obligation).

4. Who we share data with

• Paddle.com Market Limited — our Merchant of Record. Paddle handles all payments, billing, tax compliance, invoicing, refunds, and chargebacks.
• Hosting and database providers — to store your account and content securely.
• Email and analytics providers — to send service-related messages and understand product usage.
• Professional advisers — legal and accounting professionals where necessary.
• Authorities — where required by law or to protect our rights.

We do not sell your personal data.

5. International transfers

Your data may be processed in countries outside your own, including the United States. Where required, we rely on Standard Contractual Clauses or equivalent safeguards approved by relevant data protection authorities.

6. Retention

We keep account and content data for as long as your account is active. If you delete your account we remove your content within 30 days, except where we must retain certain records (e.g. transaction history) to meet legal or tax obligations. Backup copies are purged on a rolling basis.

7. Your rights

Depending on where you live, you may have the right to access, correct, delete, port, or restrict the processing of your personal data, to object to processing, or to withdraw consent. EEA/UK residents may also lodge a complaint with their local supervisory authority. To exercise any right, contact us — we respond within one month.

8. Security

We use appropriate technical and organisational measures including encryption in transit, hashed credentials, role-based access controls, and regular dependency updates to protect your data. No system is perfectly secure; please use a strong unique password.

9. Cookies

We use only essential cookies and local storage required to keep you signed in and remember your preferences. We do not currently use marketing cookies.

10. Changes

We may update this notice from time to time. Material changes will be communicated via email or in-app notice.