KICKLOOM
▌ LEGAL

Privacy Policy

Last updated: February 17, 2026

This Privacy Policy explains what data KickLoom collects, why, and how we protect it. We try to be honest about this and to collect the minimum we need to run the Service.

1. Data we collect

  • Account data — name, email, hashed password, subscription tier. Collected when you register or upgrade.
  • Payment metadata — Paystack transaction references and status. We never see your card number or bank details — those live with Paystack only.
  • Usage data — request logs (IP, user-agent, path, timestamp) kept for up to 30 days for security and debugging.
  • Prediction inputs you submit — fixtures you paste into the Quick AI Predictions form (VIP). Stored only long enough to return the response, not retained beyond that.

2. How we use it

  • To authenticate you and provide the Service.
  • To process VIP payments via Paystack.
  • To send transactional emails (verification, password reset, billing confirmations).
  • To detect abuse and prevent fraud.
  • To generate aggregated, non-personal usage statistics.

3. Who we share it with

We share only what is strictly necessary, with these processors:

  • Paystack — payment processing (PCI-DSS certified).
  • OpenAI — text generation for AI predictions. Submitted fixtures may pass through OpenAI's API for inference. We don't send personally identifying information in those prompts.
  • API-Football — sports data lookups. No personal data is sent.
  • Our hosting provider — for application + database storage.

We do not sell your data to advertisers and we do not run third-party ad networks on KickLoom.

4. Security

Passwords are stored using BCrypt with a per-user salt and a high work factor. Sessions use signed JWT tokens. The site is served over HTTPS. We rotate secrets and patch dependencies on a regular schedule.

5. Retention

  • Account data: kept while your account is active, deleted within 30 days of account closure.
  • Billing records: kept for 7 years for tax/accounting purposes (as required by law).
  • Request logs: 30 days.

6. Your rights

Depending on where you live, you have the right to: access your data, correct it, export it, ask us to delete it, and object to certain uses. Email privacy@kickloom.com with your request — we respond within 30 days.

7. Cookies

KickLoom uses a single first-party token stored inlocalStorageto keep you logged in. We do not use third-party tracking cookies or analytics scripts that profile you across sites.

8. Children

KickLoom is not directed at children under 18. We do not knowingly collect data from anyone under 18.

9. Changes

If we make material changes to this policy, we'll post them here and, where appropriate, email you.

10. Contact

Email privacy@kickloom.com for any privacy questions or data-subject requests.