Back to MFA

Privacy Policy

Version 1.0.0 · Last updated: June 2026

1. Who we are

My Football Analysis (“MFA”, “we”) operates the My Football Analysis web application. We are established in the Netherlands.

2. Who this applies to

MFA may be used by users worldwide. We apply the EU General Data Protection Regulation (GDPR), as implemented in the Netherlands (AVG), as our baseline standard for personal data processing.

3. Personal data we collect

  • Account: email address, first and last name, role (player or coach).
  • Team: football club/team name, team membership, jersey number, preferred foot and position where provided.
  • Performance: skill ratings (self, peer, coach), match lineups, goals, assists, match scores, and coach match ratings linked to your account.
  • Technical: authentication and session data via our hosting provider (Supabase).

4. How we use your data

  • To provide team dashboards, reviews, match planning, and related coaching features.
  • To display aggregated or individual performance information within your team.
  • To maintain security, prevent abuse, and comply with legal obligations.

5. Who can see your information

  • Ratings may be visible to teammates and coaches within the same team context.
  • Peer reviewers are not shown as named authors to other users in anonymous review flows.
  • Users outside your team should not access your team’s rating data when access controls are correctly configured.
  • Ratings are subjective and intended for development purposes only — not as objective performance guarantees.

6. Legal bases (GDPR)

We rely on contract (providing the service you sign up for) and, where applicable, legitimate interests in operating and improving MFA. Where required, we obtain your consent at signup (Terms, Privacy, and age confirmation).

7. Retention

We keep your data while your account is active. When you delete your account via Profile, we remove your personal data from live systems. Residual copies may remain in encrypted backups for a limited period before automatic deletion, consistent with our hosting provider’s practices.

8. Your rights

Under GDPR/AVG you may have the right to access, correct, delete, restrict, or object to processing of your personal data, and to lodge a complaint with your supervisory authority (in the Netherlands: Autoriteit Persoonsgegevens).

Self-service deletion: use Delete account on your Profile page.

For other GDPR/AVG rights, you may lodge a complaint with your supervisory authority (in the Netherlands: Autoriteit Persoonsgegevens).

9. Children

MFA is not intended for users under 16. We do not knowingly collect data from children under 16 without appropriate parental authority.

10. International transfers

Your data may be processed by subprocessors (including Supabase) in the EU or other countries. Where required, appropriate safeguards such as Standard Contractual Clauses apply.

11. Future paid features

If we introduce paid subscriptions, we may process billing data through a payment processor. We will update this policy before collecting payment information.

12. Changes

We may update this Privacy Policy. The version number at the top will change when we do. Significant changes may require renewed acceptance at login or signup.

See also our Terms & Conditions.