Privacy Policy

Last Updated: April 25, 2026

This Privacy Policy explains how Draft Optics ("Draft Optics," "we," "us," or "our") collects, uses, stores, and discloses information when you use our website, dashboard, browser extension, and related services (the "Service").

By using the Service, you acknowledge this Privacy Policy.

1. Information We Collect
We collect the following categories of information:

- Account information: email address and account identifiers provided through Supabase authentication.
- Subscription and billing metadata: subscription status, Stripe customer ID, and Stripe subscription ID needed to manage paid access.
- Extension auth bridge data: a short-lived first-party cookie (`do_ext_auth`) and extension-local auth tokens used to connect your web login to the browser extension.
- DFS profile linkage data: your platform username(s) for supported providers (for example Underdog, DraftKings, Drafters).
- Draft and analytics data: draft IDs, picks, contest metadata, player IDs, ADP snapshots, and related derived metrics needed to power portfolio analytics and live overlays.
- Settings and preferences: overlay settings and dashboard preferences.
- Support communications: information you submit when you contact us.

2. Information We Do Not Intentionally Collect
- We do not ask for or store your third-party DFS account passwords.
- We do not intentionally collect full payment card numbers on our own servers (Stripe processes payment details).
- We do not currently run third-party behavioral analytics SDKs such as Google Analytics or Mixpanel in the product.

3. Cookies and Local Storage
We use essential technical storage mechanisms to run the Service, including:
- Authentication/session cookies and tokens;
- A first-party auth bridge cookie used to sync your signed-in state to the extension;
- Browser extension local storage and cache entries for draft sync, settings, and performance.

We do not use these mechanisms to serve third-party ad targeting.

4. How We Use Information
We use collected information to:
- Provide, maintain, and secure the Service;
- Authenticate users and operate extension-to-dashboard connectivity;
- Process subscriptions, payments, and billing lifecycle events;
- Sync draft data and generate portfolio analytics and overlay features;
- Diagnose bugs, prevent abuse, and enforce our Terms;
- Respond to support and account requests;
- Comply with legal obligations.

5. How We Share Information
We do not sell your personal information for money.

We may share information:
- With infrastructure processors that provide core service functions, including Supabase (authentication/database) and Stripe (billing);
- With service providers that help us operate, secure, or support the Service;
- If required by law, legal process, or valid governmental request;
- To enforce rights, prevent fraud/abuse, or protect users and the Service;
- In connection with a merger, acquisition, financing, or asset transfer.

6. Data Retention
We retain information for as long as reasonably necessary to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and maintain legitimate business records.

Retention periods vary by data type. Some cached extension data may remain locally in your browser until removed by normal cache eviction, extension reset, or uninstallation.

7. Data Security
We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, or alteration. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Your Rights and Choices
You may email draftoptics@gmail.com to request any of the following, subject to verification and legal exceptions:
- Access to the personal information associated with your account;
- Correction of inaccurate account/profile data we control;
- Deletion of your Draft Optics account and associated data stored in our systems;
- Cancellation of paid subscription renewals.

We may ask for information needed to verify that the request is from the account owner (or an authorized agent where permitted by law).

9. California Privacy Rights
If and to the extent California privacy law applies to Draft Optics, California residents may have additional rights under the CCPA/CPRA, including rights to know, delete, and correct personal information, subject to statutory exceptions.

Draft Optics does not sell personal information for monetary consideration and does not share personal information for cross-context behavioral advertising as those terms are used under CCPA/CPRA.

To submit a California privacy request, email draftoptics@gmail.com.

10. California Notice at Collection
At or before collection, California residents are entitled to notice of categories of personal information collected and purposes of use. Draft Optics collects and uses the categories described in Section 1 of this Privacy Policy for the business and commercial purposes described in Section 4.

We retain each category of personal information for as long as reasonably necessary to provide the Service and for the retention purposes described in Section 6.

11. California "Shine the Light" Notice
California Civil Code Section 1798.83 allows California residents to request certain information regarding disclosure of personal information to third parties for their direct marketing purposes. Draft Optics does not disclose personal information to third parties for their direct marketing purposes.

12. Children's Privacy
The Service is not directed to children under 13 (or higher age where required by local law), and we do not knowingly collect personal information from children.

13. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last Updated" date indicates when changes were made. Continued use of the Service after updates means you accept the revised policy.

14. Contact
For privacy questions or requests, contact: draftoptics@gmail.com