ATH Insider LLC ("ATH Insider," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy describes how we collect, use, store, and protect information when you use the ATH Insider platform and related services (the "Services").
By using the Services, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Services.
We do not sell your personal data. ATH Insider does not sell, rent, or trade your personal information to third parties for advertising or marketing purposes.
This policy applies to all users of the Services, including athletes, agents, coaches, family members, and institutional subscribers.
When you use the Services, you may provide:
When you access the Services, we may automatically collect:
Payment transactions are processed entirely by Stripe, Inc. ATH Insider does not collect, store, or have access to your payment card numbers, bank account information, or other sensitive financial data. Stripe's handling of your payment data is governed by Stripe's Privacy Policy.
We use the information we collect to:
We do not use your personal data to serve third-party advertisements.
We take data security seriously and have implemented technical safeguards to protect your information.
All sensitive personally identifiable information (PII) fields — including names, email addresses, home states, and other personal profile data — are encrypted using AES-256-GCM encryption before being stored in our database. This means that even in the event of a database breach, your personal data is not stored in plain text.
Technical detail: ATH Insider uses AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode) for all sensitive PII fields stored in our Supabase database. Encryption and decryption occur at the application layer before any data is written to or read from storage.
Our platform is hosted on Vercel's infrastructure. Our database is managed by Supabase, which implements row-level security, encrypted connections, and SOC 2 Type II compliant infrastructure. All data in transit is encrypted using TLS 1.2 or higher.
Access to user data within ATH Insider systems is restricted to authorized personnel on a need-to-know basis. We implement authentication and authorization controls to limit internal data access.
No system is perfectly secure. While we use industry-standard safeguards, we cannot guarantee the absolute security of your information. In the event of a data breach that materially affects your rights, we will notify you as required by applicable law.
We do not sell your personal data. We share information only in the following limited circumstances:
We work with the following third-party service providers who access data only as necessary to perform services on our behalf:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database hosting and authentication | Encrypted user profile and evaluation data |
| Stripe | Payment processing | Email address, subscription status |
| Vercel | Platform hosting and deployment | Server-level request logs |
| Resend | Transactional email delivery | Email address, message content |
Each of these providers is bound by their own privacy policies and, where applicable, data processing agreements. We do not authorize them to use your data for their own marketing purposes.
We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that such disclosure is necessary to protect the rights, property, or safety of ATH Insider, our users, or the public.
In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred to the acquiring entity, subject to the same privacy protections described in this policy.
We retain your personal data for as long as your account is active or as needed to provide the Services.
Saved athlete profiles and evaluation data associated with inactive accounts will be retained for 24 months after the last recorded activity, after which they may be deleted or anonymized.
If you request deletion of your account and personal data, we will honor that request within 30 days, subject to any legal obligation to retain certain records (such as payment transaction records required for tax or fraud prevention purposes).
To request deletion of your data, contact us at info@athinsider.com with subject line "Data Deletion Request."
ATH Insider uses cookies and similar local storage technologies to operate the platform and maintain your session state. Specifically:
We do not use third-party advertising cookies, tracking pixels, or behavioral advertising technologies. We do not participate in cross-site tracking networks.
Most browsers allow you to control or disable cookies through browser settings. Disabling session cookies may prevent you from logging in or using certain features of the Services.
The Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent.
Users between the ages of 13 and 17 may use the Services with the involvement and consent of a parent or legal guardian, who agrees to these Terms and this Privacy Policy on their behalf.
If you believe a child under 13 has provided personal information to us without parental consent, please contact us immediately at info@athinsider.com and we will take steps to delete that information.
Depending on your jurisdiction, you may have certain rights with respect to your personal data:
To exercise any of these rights, contact us at info@athinsider.com. We will respond within 30 days. We may need to verify your identity before processing your request.
ATH Insider does not discriminate against users who exercise their privacy rights.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will update the effective date at the top of this policy and, where appropriate, notify you by email.
Your continued use of the Services after the updated policy takes effect constitutes your acceptance of the revised policy. We encourage you to review this page periodically.
This Privacy Policy is governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law provisions.
Any disputes arising from this Privacy Policy are subject to the dispute resolution provisions in our Terms of Service, including binding arbitration under AAA Commercial Rules.
If you have questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:
ATH Insider LLC
Email: info@athinsider.com
Delaware registered · Operating in Pennsylvania