Privacy Policy

FPL Companion is an independent tool for Fantasy Premier League players. It is not affiliated with, endorsed by, or connected to the Premier League or Fantasy Premier League. This policy explains what data we collect and why.

When you create an account we store:

• Your email address — to sign you in and send account emails (verification, password resets).
• A hashed password — if you sign up with email and password. We never store your password in plain text.
• A Google account identifier — if you choose to sign in with Google. We receive your email and Google user ID; we do not receive your Google password.
• Your FPL manager ID — only if you choose to link it, so we can show your team, leagues and history. This is a public FPL identifier and is optional.
• Squad drafts and planner data you create in the app.

We do not ask for your name, date of birth, address, or payment details. Donations (if you choose to make one) are handled entirely by a third-party donation platform — we never see your card details.

• Essential cookies. A session cookie keeps you signed in. A short-lived cookie protects the Google sign-in flow from cross-site request forgery. These are required for the app to work and are set only when you log in.
• Local storage (on your device).Your theme preference, cookie choice, and planner drafts are saved in your browser's local storage. This data never leaves your device.
• Advertising. If we enable ads in future, an advertising provider may set cookies. We will only do so after you accept non-essential cookies.

We use your data solely to operate the app: to authenticate you, show your FPL team and leagues, remember your preferences, and send account-related emails. We do not sell your data or use it for advertising profiling.

We rely on a small number of service providers:

• Neon — hosts our database (where your account data lives).
• Vercel — hosts and serves the application.
• Resend — sends transactional emails (verification, password resets).
• Google — provides optional sign-in.
• The official Fantasy Premier League API — we read public team, league and player data from it.

Each provider processes data only as needed to deliver its service.

You can, at any time:

• Access and update your email and linked FPL ID from the Settings page.
• Delete your account from Settings. This permanently erases your account and all associated data (squads, tokens, linked accounts).

If you are in the UK or EU, you have rights under the UK GDPR / GDPR including access, rectification, erasure, and the right to complain to your data protection authority.

We keep your account data while your account is active. When you delete your account, the data is removed immediately. Email verification and password-reset tokens are single-use and expire automatically.

FPL Companion is not directed at children under 13, and we do not knowingly collect data from them.

We may update this policy as the app evolves. We will update the date at the top when we do.

Questions about your data or this policy? Get in touch via the project's contact channel.