FC TactixFC Tactix
Features
For CoachesFor ClubsPricingLibrary
Sign inStart free

Privacy Policy

Last updated: April 16, 2026

1. Overview

This Privacy Policy explains how NEXTON INTERACTIVE LIMITED trading as FC Tactix collects, uses, shares, and protects personal data when you use FC Tactix, our websites, applications, AI features, support channels, and related services.

This policy should be read together with our Terms of Service, our Cookie Policy, and, for organizational customers using the Service to process team, player, club, or other customer content, our Data Processing Addendum.

2. Who We Are and Our Roles

NEXTON INTERACTIVE LIMITED is the operator of FC Tactix. We act as a data controller for our own business and platform operations, including account administration, subscription and billing administration, security, fraud prevention, support, legal compliance, direct marketing preferences, and service analytics where permitted.

When a club, academy, school, team, coach, analyst, educator, or other organization uses FC Tactix to upload or manage player records, evaluations, plans, sessions, photos, health-related workflows, or other customer content, that organization is typically the controller for that customer content and we act as its processor or service provider. The Data Processing Addendum governs that relationship unless a separate written agreement says otherwise.

3. Age, Children, and Minor Player Records

FC Tactix is available only to users who are at least 13 years old. If you are under the age of majority in your jurisdiction, you may use the Service only with the involvement and permission of a parent, guardian, school, club, or other authorized adult organization representative.

FC Tactix is marketed primarily to coaches, analysts, clubs, academies, schools, educators, and other users who are 16 or older or adults in their jurisdiction. Children under 13 may not create accounts directly.

Minor player data may still be managed through adult staff accounts when a club, academy, school, coach, or other authorized adult user has the required lawful basis, permissions, notices, and authority to upload and use that information. Customers are responsible for determining whether they are permitted to upload children's data and for limiting access to authorized staff.

If we learn that a direct account was created for a child under 13, we may disable that account and take steps appropriate to the circumstances.

4. Personal Data We Collect

  • Account and identity data - Name, email address, password hash, profile image, account identifiers, authentication provider details, security settings, and login or session metadata.
  • Club, team, and workspace data - Club names, team names, rosters, roles, permissions, invitations, workspace membership, collaboration room data, and organizational settings.
  • Player and athlete records - Names, positions, jersey numbers, dates of birth if uploaded, squad assignments, evaluations, development plans, notes, training or performance records, photos, and related customer content.
  • Sensitive health data - Injury status, injury episodes, rehabilitation progress, expected return dates, return-to-training and return-to-play information, and notes that reveal physical or mental health status.
  • AI feature data - Prompts, supporting context, AI outputs, and related usage metadata for tactics, session planning, evaluation, performance, communication, or other AI-enabled workflows.
  • Billing and subscription data - Subscription tier, cadence, customer identifiers, order identifiers, subscription status, renewal or end dates, billing contact data, and related merchant-of-record records from Polar.
  • Communications and support data - Support requests, feedback, launch-update subscriptions, marketing consent records, unsubscribe status, suppression status, and message-delivery metadata.
  • Technical, cookie, and device data - IP address, browser and device metadata, route names, diagnostics, optional analytics data if you consent, and browser storage or cookie preference records.

5. How We Collect Personal Data

We collect personal data in several ways, including:

  • Directly from you when you sign up, log in, purchase a subscription, contact us, request support, use AI tools, create content, or change settings.
  • From your organization or other authorized adult users who add you or upload player, guardian, health, or team records into the Service.
  • From third-party identity, billing, collaboration, hosting, monitoring, AI, and email-delivery providers that support the Service.
  • Automatically from your browser, device, and use of the Service, including logs, diagnostics, cookies, local storage, and analytics if you consent.

6. How We Use Personal Data

We use personal data to deliver the Service, run customer workflows, secure the platform, communicate with users, and operate our business. Depending on the context and applicable law, our legal bases may include performance of a contract, legitimate interests, consent, and compliance with legal obligations.

  • Provide and secure the Service, including authentication, account management, exports, sharing, billing, and support.
  • Operate club, team, coach, analyst, educator, and player workflows, including evaluations, planning, collaboration, and reporting.
  • Run injury, availability, rehabilitation, return-to-training, and return-to-play workflows chosen by customers.
  • Provide AI features and generate responses, drafts, suggestions, or analysis when users invoke those tools.
  • Send transactional messages such as verification, password reset, security notices, receipts, billing messages, and service updates.
  • Send opt-in marketing communications, launch updates, product news, or offers where permitted by law and where you have subscribed or otherwise consented.
  • Monitor performance, detect abuse or failures, troubleshoot incidents, enforce our terms, and comply with law.

7. Sensitive Health Data

Some customer workflows in FC Tactix can involve sensitive health data, not just a generic availability flag. For example, customers may use the Service to record injury status, injury episodes, rehabilitation progress, expected return dates, return-to-training or return-to-play tracking, and notes that reveal physical or mental health status.

We process this information only to support the customer workflows chosen by the customer, such as player availability management, welfare tracking, rehabilitation administration, training and squad planning, reporting, and player development context. We do not use customer health data to provide consumer advertising or behavioral profiling.

FC Tactix is not a medical device, healthcare provider, emergency service, or clinical records system. AI outputs are not medical advice and must not be used as a substitute for clinical judgment, diagnosis, treatment, or emergency response.

Customers are responsible for determining their lawful basis for sensitive health-data processing, providing required notices, obtaining any permissions or consents required by law, limiting uploads to relevant and necessary information, and restricting internal access to authorized staff with a legitimate need to know.

8. AI Features

FC Tactix includes AI-powered tools across tactics, planning, evaluation, performance, and communication workflows. When you use an AI feature, the prompt, surrounding context, and resulting output may be processed by OpenAI and related service infrastructure to generate the requested response.

Depending on the feature and what you choose to submit, AI processing can include player details, session notes, evaluations, club context, guardian information, or health- related content. You should not submit unnecessary sensitive data to AI tools.

If you choose to use AI features with player, minor, guardian, or health-related data, you remain responsible for ensuring you have the lawful basis, permissions, notices, and authority required by applicable law. Details about our supporting providers are available on our Subprocessors page and in the Data Processing Addendum.

9. How We Share Personal Data

We may share personal data in the following circumstances:

  • With service providers and subprocessors that help us host, secure, monitor, bill, collaborate, and operate the Service.
  • With your organization, team administrators, or other users who are authorized to access the relevant workspace, content, club, or player records.
  • With payment, identity, collaboration, AI, or email vendors when you use the related features.
  • If required to comply with law, enforce our terms, protect the Service, investigate abuse, or respond to valid legal process.
  • In connection with a reorganization, financing, merger, sale, or similar transaction, subject to appropriate confidentiality and legal safeguards.

A current public provider list is available on our Subprocessors page. The providers currently disclosed there are:

  • Neon - Managed PostgreSQL database hosting for account records, saved content, club data, and operational application data.
  • Vercel - Application hosting, content delivery, blob storage used by some uploads and exports, and optional Vercel Analytics when you consent.
  • OpenAI - AI processing when you use AI coaching tools across the platform.
  • Liveblocks - Real-time collaboration infrastructure for shared board presence, room state, and live co-editing features.
  • Sentry - Operational error monitoring and performance diagnostics used to detect and troubleshoot failures.
  • Resend - Transactional and opt-in marketing email delivery for verification, password reset, account communications, launch updates, and product announcements.
  • Polar - Subscription checkout, billing, customer portal, and related subscription records.
  • Google OAuth - Optional social sign-in provider if you choose to authenticate with Google.

10. International Transfers

We and our providers may process personal data outside Kenya, including in the United States and other countries where our hosting, AI, billing, monitoring, collaboration, identity, and email vendors operate. Those countries may have data-protection laws that differ from the laws in your home jurisdiction.

Where applicable, we use contractual, technical, and organizational safeguards intended to protect transferred personal data. Organizational customer transfers are also addressed in the Data Processing Addendum.

11. Marketing and Communications

We send transactional and service messages when necessary to run the Service, including verification, password reset, billing, security, subscription, and operational notices.

We may also send launch updates, product news, and other marketing communications where permitted by law and where you have joined a waitlist, requested updates, opted in, or otherwise given permission for those messages. Marketing emails include an unsubscribe method, and you may also contact us at contact@fctactix.com to object to direct marketing.

12. Retention

We keep personal data for as long as reasonably necessary for the purposes described in this policy, including to provide the Service, maintain records, comply with law, resolve disputes, enforce agreements, and protect the platform.

Retention periods vary depending on the type of data, the account or workspace status, and legal or operational requirements. Deletion from the live product does not always mean immediate removal from temporary files, caches, logs, generated exports, or backups, which may persist for a period of time until ordinary deletion or overwrite cycles run.

For organizational customer content, deletion and return terms are described more specifically in the Data Processing Addendum.

13. Your Rights

Depending on your location and the role in which we process your data, you may have some or all of the following rights:

  • Access - Ask whether we process your personal data and request a copy of relevant information.
  • Correction - Ask us to correct inaccurate or incomplete personal data.
  • Deletion - Ask us to delete personal data where the law gives you that right.
  • Restriction or objection - Ask us to restrict certain processing, object to processing based on legitimate interests where applicable, or object to direct marketing at any time.
  • Portability - Request a machine-readable export of data you provided to us where portability rights apply.
  • Withdraw consent - Withdraw consent for optional processing, such as analytics choices or marketing consent, without affecting earlier lawful use.
  • Complaint - Lodge a complaint with the Office of the Data Protection Commissioner in Kenya or another competent regulator where applicable.

If we process data only as a processor for an organizational customer, we may direct your request to that customer because it controls the relevant customer content.

14. U.S. State Privacy Rights Where Applicable

If a U.S. state privacy law applies to your relationship with us, you may have additional rights such as access, deletion, correction, portability, and appeal rights. We do not sell personal information, and we do not use personal information for cross-context behavioral advertising.

15. Public Sharing and Visibility

If you create a share link, the linked content can be accessed by anyone who has the URL. We do not include supported share-link pages in our sitemap and we apply noindex signals to those pages, but we cannot prevent recipients, search tools, screenshots, exports, or third parties from redistributing or capturing content once it has been shared.

You must not publicly publish or share health information, children's data, guardian data, or other confidential or sensitive content unless you are clearly authorized to do so.

16. Security

We use measures designed to help protect the Service and the data stored in it, including HTTPS or TLS in transit, authentication safeguards, optional two-factor authentication, role-based access controls for club workflows, private-access file flows, and operational monitoring for security and reliability. No online service can guarantee absolute security.

17. Cookies and Local Storage

We use essential cookies for authentication and security, optional analytics when you consent, and browser storage for preferences and client-side functionality. See our Cookie Policy for details.

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the Service, our providers, legal requirements, or our data practices. When we do, we will update the date at the top of this page and, where appropriate, provide additional notice.

19. Contact

For privacy questions, complaints, or rights requests, contact NEXTON INTERACTIVE LIMITED at contact@fctactix.com.

P.O BOX 632, 00618 - RUARAKA, NAIROBI, KENYA

If you are not satisfied with our response, you may complain to the Office of the Data Protection Commissioner in Kenya or another regulator with authority over your complaint where applicable.

FC TactixFC Tactix
The connected football coaching platform. Plan sessions, build drills, manage teams, develop players, visualize tactics.
Product
Tactics Board3D PitchAnimation TimelineAI ToolsSession PlannerDrill EditorTeam ManagementPlayer DevelopmentClub WorkspaceExport & Sharing
Explore
Tactical LibraryFormations guideSession plansTraining drillsYouTube tutorialsBlog
For
Academy coachesFirst-team staffFederationsContent creatorsAgenciesSession Planner SoftwareTactics Board Software
Company
AboutPricingFAQContactCareersOpen FC TactixSecurity
© 2026 FC Tactix. All rights reserved.
Privacy PolicyTerms of ServiceData Processing AddendumSubprocessorsCookie Policy