xogridmaker
Sign in

Privacy Policy

Last updated: May 29, 2026

Kerry Software, LLC ("XO Gridmaker," "we," "us") cares about your privacy. This policy explains what we collect, why, and how it's protected.

What we collect

  • Account info: email address and (optionally) a display name, used to sign you in and identify your playbooks.
  • Content you create: formations, plays, playbooks, and related metadata.
  • Technical data: standard server logs (IP, user agent, timestamps) generated when you use the Service.
  • Product usage (first-party): the pages you visit, your session ID, device class (mobile/tablet/desktop), referring URL, the landing page you arrived on, and the standard UTM parameters (source, medium, campaign, content, term) on first visit, plus aggregate time-on-site. We use this to understand which features get used, to size the product to actual usage, and to measure which marketing campaigns brought you here. It is collected by us, stored in our own database, and never shared with an analytics vendor.
  • Ad-platform click IDs:if you arrive from an advertisement, the click identifier the platform attaches to the link (Meta's fbclid, Google's gclid, TikTok's ttclid, and the equivalents for Bing, LinkedIn, and X). We use these to attribute signups back to the specific ad and market that drove them.
  • Approximate location: we look up your IP address against a local copy of the MaxMind GeoLite2 database to derive country, region (state/province), and city. The IP itself is not stored. We use approximate location to understand which markets respond to which campaigns.
  • Error reports: when something goes wrong in your browser, we send the error stack and the page URL to Sentry to help us fix it. Errors include the same technical data above but no playbook content.
  • Billing: if you subscribe to a paid plan, your payment details are collected by Stripe — we never see your card number. Stripe shares your customer ID, email, and subscription status with us so we can grant access to paid features.
  • Contact form: messages you send us through the contact form, which are delivered to our inbox via an email provider (Resend).
  • Tutorial progress:if you start a guided tour in the Learning Center, we save which tutorial you're on, the current step, the sport variant active when you started, and whether you completed or dismissed it. This is so the tour can resume where you left off and never auto-prompt you twice. It's stored only on our own servers, scoped to your account.
  • Edit history:when a play or playbook is edited, we save a snapshot along with the editor's name, the time of the edit, and (optionally) a note left by the editor. Team coaches can review this history and restore prior versions. Deleted plays are kept in a 30-day trash before being permanently removed.
  • Referral records:when you send another coach a copy of your playbook and they claim it, we record the link between your account and theirs along with the date so we can credit your account if a referral reward is in effect. Each recipient can only generate one such record. We don't share the record with anyone outside our system, and you can ask us to delete it at any time.
  • Coach AI chat history:when you chat with Coach Cal we store your messages and Cal's replies on our servers, organized per playbook. This is what lets Cal keep working on a long answer if you close the chat window and pick up the result when you return, and it lets the same conversation appear when you sign in on another device. Only you (and our database administrators acting for support / debugging) can read your conversation. You can wipe the history for a given playbook at any time with the trash icon at the top of the chat panel — that deletes the rows on our servers, not just on your device.
  • Coach AI image attachments:Coach Cal accepts photo attachments (e.g. a snapshot of a play sheet, wristcoach, or whiteboard) so Cal can read what's drawn and help you import plays. Images you attach are sent in-flight to Anthropic (see the sub-processors list below) to interpret their content and are notstored on our servers. Cal sees each image only on the turn it was attached; we don't retain a copy afterward. The chat history row keeps your typed text plus a “[image attached]” placeholder but no image bytes. Image uploads are capped at 10 per coach per calendar month.
  • Cancellation feedback (optional):when a paid subscriber clicks “Manage billing”, we show an optional text box where they can tell us why they’re leaving (or what isn’t working). Anything typed there is stored on our servers and read by the site admin so we can improve the product. Skipping it stores nothing. We also record whatever cancellation reason Stripe’s billing portal captures (a category and any comment you choose to leave there) so we have one place to read both.
  • Coach AI feedback (opt-in): if you accept the one-time prompt the first time you use Coach AI, we log the topicof any question Coach AI had to answer from general football knowledge instead of our seeded playbook (e.g. “Tampa 2 defense”), along with your question text and the playbook context (sport variant, sanctioning body, age division). We use this to decide which topics to add to the knowledge base next. You can opt out at any time by asking Coach AI to update your preference.
  • Team chat:if your playbook has team messaging turned on, every message you post (text, sender, and timestamp) is stored so other members can read it. The owner of a playbook can disable messaging or clear all history at any time. While you're typing, a brief “is typing…” signal is broadcast to other members in the same chat — that signal is not stored. You can edit or delete your own message within 15 minutes of posting; after that, only the playbook's coaches can remove it. Deleted messages leave a tombstone (“this message has been deleted”) so the chronology stays intact.

Inside the iOS / Android app:detailed in-app product-usage event tracking and error reporting are turned off. The native app collects the account info, content, and standard server logs above, plus: a per-install identifier together with your device platform, app version, and the dates the app was installed and last opened — linked to your account — so we can measure how many people install and actively use the apps; and, if you allow notifications, a per-device push token used only to deliver the notifications you'd expect (practice and game reminders, play updates, and team messages). You can turn notifications off at any time in your device settings, and the token is removed when you sign out.

What we don't do

We don't run advertising trackers or behavioral profiling. We don't sell your data. We don't share your content with anyone except the people you explicitly share it with.

How it's stored

Your data is stored in Supabase, which encrypts data at rest (AES-256) and in transit (TLS). Passwords are hashed — we never see or store them in plain text. Access is limited to what's required to operate the Service.

Sub-processors

We rely on the following service providers to run the Service:

  • Supabase — database, authentication, and storage
  • Google Cloud Platform — application hosting (our Next.js server runs on Cloud Run in the us-central1 region, where all user requests are processed)
  • Resend — transactional email (contact form, team notifications, daily digest of playbook activity)
  • Stripe — payment processing for paid plans
  • Firebase Cloud Messaging (Google) — delivers push notifications to the Android app. We send Google a per-device messaging token and the notification text; Google does not retain the message beyond delivering it
  • Apple Push Notification service (APNs) — delivers push notifications to the iOS app. We send Apple a per-device token and the notification text; Apple does not retain the message beyond delivering it
  • Sentry — browser and server error reporting (web only)
  • Reddit — when we run ads on Reddit, the Reddit Ads pixel loads on our site to count page visits and signups from ad clicks. This lets us see which ads work without uploading any personally identifying information. The pixel is suppressed for EU/UK visitors who have not accepted tracking.
  • Apple — if you choose “Sign in with Apple,” Apple authenticates you and shares your email and name with us
  • Google — if you choose “Sign in with Google,” Google authenticates you and shares your email, name, and profile photo with us
  • Google Maps Platform — if your team uses the calendar venue autocomplete, the address text you type is sent to Google to return matching places
  • OpenAI — only if you opt into the Coach AI tier, in which case the play descriptions you submit are sent to OpenAI to generate suggestions and to produce search embeddings for the Coach AI knowledge base
  • Anthropic — only if you opt into the Coach AI tier and the site administrator has selected Claude as the active provider, in which case your Coach AI chat messages (and any images you attach) are sent to Anthropic to generate responses. Images are processed in-flight and not retained by us; Anthropic's retention is governed by their API terms.
  • MaxMind — we download a copy of their free GeoLite2 IP-to-city database to our server and look up your IP locally. Your IP is never sent to MaxMind.

EU/UK visitors

XO Gridmaker is offered to coaches in the United States. If you visit from the European Union, the European Economic Area, or the United Kingdom, we ask for your consent before collecting any of the campaign-attribution data above (UTM parameters, referrer, ad click IDs, region, city, and landing page). Until you choose “Accept all,” we record only what is strictly necessary to operate the Service: your session ID, the page path, device class, and country. Your choice is remembered for one year and can be changed by clearing your cookies for our domain.

Your rights

You can access, export, or delete your account and content at any time. To delete your account, sign in and use the “Delete account” option on your account page — this immediately removes your auth record and cascades to your playbooks, plays, formations, and usage data. For anything else, reach us through the contact page.

Children's privacy

XO Gridmaker is intended for coaches and adults. We don't knowingly collect personal information from children under 13. Players invited to a playbook sign in with their email to view it; only individual play links (e.g. a single play shared by URL) can be viewed without an account.

Changes

If this policy changes materially, we'll announce it in-product or by email before the change takes effect.

Contact

Questions? Use the contact page.