Privacy Policy

Last Updated: March 3, 2026

Introduction

Welcome to GridIron Duels LLC ("GridIron Duels," "we," "our," or "us"), a limited liability company registered in the State of Montana. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, including when you make purchases.

By using GridIron Duels, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please discontinue use of our services immediately.

Information We Collect

Account Information

We collect personal information that you voluntarily provide to us when you register, including:

  • Email address: Used for account creation, authentication, receipts, and service communications
  • Username: Your chosen display name visible to other players
  • Password: Securely hashed and stored for account security
  • Profile picture: Optionally uploaded or imported from Google OAuth
  • OAuth information: If you sign up using Google, we receive your email and basic profile information

Payment & Transaction Information

When you make a purchase, we collect and store the following:

  • Transaction records: Amount paid, package purchased, date and time, Stripe session reference ID
  • Coin balance and history: Current Coin balance, full coin transaction history (purchases, rewards, spending)
  • Purchased items: Which cosmetics and Battle Pass seasons you have purchased

What We Do Not Store

We do not store your full credit card number, CVV, or billing address. All payment processing is handled by Stripe, which stores payment details in accordance with their own security standards and privacy policy. We only receive a session reference ID and the transaction outcome.

Game & Progression Data

  • Game history: Games played, draft picks, scores, win/loss records
  • Progression: XP, level, Battle Pass tier progress, challenge progress
  • Achievements: Unlocked achievements and dates
  • Cosmetics: Which items you own and which are equipped

Automatically Collected Information

When you access our website, we automatically collect certain information about your device and usage:

  • Log data: IP address, browser type, operating system, pages visited, time and date of visits
  • Device information: Device type, unique device identifiers, mobile network information
  • Cookies and tracking technologies: Session cookies, authentication tokens, preference cookies

How We Use Your Information

We use the information we collect for the following purposes:

Account Management

Create and manage your account, authenticate your identity, and provide access to our services.

Payment Processing & Receipts

Process your purchases, credit Coins to your account, send purchase receipt emails, and maintain your transaction history.

Game Functionality

Enable gameplay features, match you with opponents, track game history, calculate scores, award XP and rewards, and maintain leaderboards.

Communication

Send you account-related emails, purchase receipts, password reset links, important service announcements, and respond to your inquiries.

Fraud Prevention

Detect and prevent fraudulent purchases, chargebacks, and other payment fraud or abuse of virtual currency systems.

Improvement and Analytics

Analyze usage patterns, improve our services, fix bugs, develop new features, and optimize user experience.

Legal Compliance

Comply with legal obligations, respond to legal requests, maintain financial records as required by law, and protect our legal rights.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following situations:

  • With other users: Your username, level, cosmetics, and game statistics are visible to other players during and after games
  • With Stripe: We share your email address and purchase details with Stripe to process payments. Stripe may retain this data per their own privacy policy
  • Service providers: We may share data with third-party vendors who perform services on our behalf (hosting, analytics, email delivery)
  • Legal requirements: We may disclose information if required by law, court order, or government request, including financial transaction records
  • Business transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred
  • With your consent: We may share your information for any other purpose with your explicit consent

Third-Party Services

Our website integrates with the following third-party services:

Stripe

Used to process real-money purchases of Coin packages. Stripe receives your payment details and email address. We do not store full card details. Subject to Stripe's Privacy Policy.

Google OAuth

For optional account creation and authentication. Subject to Google's Privacy Policy.

Google AdSense

For displaying advertisements when enabled. Google may use cookies to serve ads based on your visits. You can opt out at Google Ad Settings.

Sleeper API

For retrieving NFL player statistics and roster information. No personal data is shared with Sleeper.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. Cookies are small data files stored on your device. You can instruct your browser to refuse all cookies or indicate when a cookie is being sent.

Types of Cookies We Use:

  • Essential Cookies: Required for authentication and basic site functionality
  • Preference Cookies: Remember your settings and preferences
  • Session Cookies: Keep you logged in during your visit
  • Analytics Cookies: Help us understand how you use our website

Data Security

We implement appropriate technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • • Encryption of passwords using industry-standard bcrypt hashing
  • • HTTPS encryption for all data transmission
  • • Secure session management with encrypted cookies
  • • Payment processing delegated entirely to Stripe — we never handle raw card data
  • • Regular security updates and vulnerability assessments
  • • Access controls limiting who can view personal information

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

Data Retention

We retain your personal information for as long as necessary to provide you with our services and as described in this Privacy Policy:

  • Account data: Retained until you delete your account
  • Transaction and payment records: Retained for a minimum of 7 years as required for financial and legal compliance, even after account deletion
  • Game history: Retained until account deletion, may persist in anonymized form for statistical purposes
  • Backups: Data may persist in encrypted backups for up to 90 days after deletion

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

Right to Access

Request a copy of the personal information we hold about you, including your transaction history.

Right to Correction

Request correction of inaccurate or incomplete information.

Right to Deletion

Request deletion of your personal information (subject to certain exceptions, including our obligation to retain financial records).

Right to Object

Object to processing of your personal information for certain purposes.

Right to Portability

Request transfer of your data to another service provider.

To exercise any of these rights, please contact us at the email below.

Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. Purchase features are only available to users 18 or older (or with parental consent). If you are a parent or guardian and believe your child has provided us with personal information or made a purchase without authorization, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For changes that materially affect how we handle payment or financial data, we will make reasonable efforts to notify users via email.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, our data practices, or your transaction history, please contact us:

Legal Entity: GridIron Duels LLC

State of Formation: Montana, USA

Email: admin@gridiron-duels.com

Discord: Join our community server for support