We process personal data under the following legal bases:

• Consent — for analytics (Google Analytics and Vercel Web Analytics), which load only if you opt in via our cookie consent banner
• Legitimate interest — for operating core site functionality such as storing your preferences in local storage and preventing duplicate votes. (The tlv cookie that supports vote de-duplication is exempt from consent under the ePrivacy "strictly necessary" exemption; the underlying processing relies on our legitimate interest in preventing abuse.)
• Contract performance — for processing donations through Stripe
• Legal obligation — for retaining donation/transaction records for the period required by financial and tax law

We use a cookie consent banner to obtain your permission before loading any non-essential cookies. Analytics cookies are only activated if you consent. For a detailed breakdown of every cookie and local storage item, please see our Cookie Policy.

Analytics run only with your consent. If you decline, no analytics scripts are loaded and no interaction events are recorded. You can change or withdraw your choice at any time from the cookie banner or the footer link.

With your consent, we use the following two services to understand how visitors use our website so we can improve it and report aggregate audience figures to sponsors. Both record page views and a small set of non-identifying in-app interaction events (for example: a vote, opening a player card, opening a source-link preview, changing the view or kit). We do not attach your name, email, or account to these events, and we do not store your IP address or browser user-agent against them.

• Google Analytics 4 — Google's analytics product. It sets the _ga cookies, may infer coarse, aggregate audience attributes such as approximate location and (where Google can determine them) age/gender bands, and sends data to Google. Retention is up to 14 months. See Google's Privacy Policy.
• Vercel Web Analytics & Speed Insights — our hosting provider's privacy-focused analytics and performance telemetry. These are cookieless, do not track or identify individuals, and report only anonymous, aggregated figures.

Any approximate location shown in these tools is derived by the provider at request time for aggregate reporting; we do not separately store your IP address.

We are based in the United States, and the third-party providers we use — Google (Google Analytics, and Firebase for data storage and authentication), Vercel (website hosting and analytics), and Stripe (payments) — also process data on servers in the United States. If you access the site from the United Kingdom, the European Economic Area, or another region with data-transfer rules, your personal data is transferred to and processed in the United States.

Where we transfer personal data out of the UK or EEA, we rely on appropriate safeguards — including the EU–US and UK–US Data Privacy Framework where the provider is certified, and the European Commission's Standard Contractual Clauses (with the UK Addendum) where it is not. Google, Vercel, and Stripe each offer these mechanisms. You can request details of the safeguards in place by contacting us at support@toffeelinks.app.

We do not currently display third-party advertising or run any advertising measurement. If we add sponsored banners in future, any measurement (for example whether a banner was shown or clicked) would be reported in aggregate through the consented analytics services described above, would load only with your analytics consent, and would not build a behavioural profile of you for ad targeting. We will update this policy before any such feature goes live.

Our website uses the following third-party services:

• Google Analytics 4 — for website usage analytics (consent required)
• Firebase — for data storage and authentication
• Stripe — for secure payment processing
• Vercel — for website hosting and privacy-focused analytics (consent required)
• Google Fonts — for loading the Material Symbols icon font

Each of these services has their own privacy policy governing how they handle your data.

We retain data for only as long as necessary:

• Contact form submissions — retained until your enquiry is resolved, then deleted within 12 months
• Donation records — retained for the duration of your subscription plus 7 years for financial record-keeping
• Voting data — aggregated counts retained for the life of the transfer link; no personal data is stored
• Local storage data — stays on your device until you clear it via your browser settings
• Analytics data — Google Analytics is retained per Google's settings (up to 14 months); Vercel Web Analytics retains aggregate data per your Vercel plan and stores no per-user records

If you are in the EU or UK, you have the following rights:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your personal data
• Right to restrict processing — request that we limit how we use your data
• Right to data portability — request your data in a machine-readable format
• Right to object — object to processing based on legitimate interest
• Right to withdraw consent — withdraw analytics consent at any time using the "Cookie settings" link in the site footer, which re-opens the consent banner so you can change your choice as easily as you gave it
• Right to lodge a complaint — if you are in the UK you may complain to the Information Commissioner's Office (ico.org.uk); if you are in the EU, to your national data protection authority. We'd appreciate the chance to resolve your concern first.

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.

To exercise any of these rights, please contact us through our contact form. We respond without undue delay and within one month, and will tell you if a complex request needs longer.

If you are a resident of California (under the CCPA as amended by the CPRA) or of another U.S. state with a comprehensive privacy law — such as Virginia, Colorado, Connecticut, Oregon, Texas, or others — you may have the right to:

• Know what personal information we collect and how it is used
• Access a copy of your personal information
• Correct inaccurate personal information
• Request deletion of your personal information
• Opt out of the sale or sharing of personal information, targeted advertising, and profiling
• Limit the use of sensitive personal information
• Appeal a denial of your request, and not be discriminated against for exercising your rights

We do not sell or share your personal information as those terms are defined under U.S. state laws, we do not use it for targeted advertising or profiling, and we do not knowingly process sensitive personal information for these purposes. We honour Global Privacy Control (GPC) and similar opt-out preference signals. To exercise any right, contact us at support@toffeelinks.app or via our contact page; we will respond within the timeframe your state's law requires (45 days in California, extendable as permitted).